urlscan.io logo urlscan.io
SecurityTrails logo

one-time-offer.com Open in urlscan Pro
34.248.213.251  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://banners.wlservices.fr/jump-454
Effective URL: https://one-time-offer.com/sol9/damart_fr/sb717430/promo.asp?sid=1d232d22693f04974c6fcbc524c42813&ci=C6D626B696269A11D1C071...
Submission: On November 18 via api from BE — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 9 domains to perform 56 HTTP transactions. The main IP is 34.248.213.251, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is one-time-offer.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on May 19th 2020. Valid for: 2 years.
This is the only time one-time-offer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3.251.38.196 16509 (AMAZON-02)
2 8 34.248.213.251 16509 (AMAZON-02)
31 143.204.101.153 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
3 2600:9000:215... 16509 (AMAZON-02)
7 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.51.253.105 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
56 11
1    3.251.38.196 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-251-38-196.eu-west-1.compute.amazonaws.com
banners.wlservices.fr
8    34.248.213.251 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-213-251.eu-west-1.compute.amazonaws.com
one-time-offer.com
31    143.204.101.153 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-153.fra50.r.cloudfront.net
d3dh5c7rwzliwm.cloudfront.net
3    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2600:9000:2156:2600:14:9586:a100:21 (United States)

ASN16509 (AMAZON-02, US)
dkdrawii0zqtg.cloudfront.net
7    2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
1    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    52.51.253.105 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-253-105.eu-west-1.compute.amazonaws.com
analytics.member-center.com
1    2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
Domain Requested by
31 d3dh5c7rwzliwm.cloudfront.net one-time-offer.com
d3dh5c7rwzliwm.cloudfront.net
8 one-time-offer.com 2 redirects banners.wlservices.fr
one-time-offer.com
d3dh5c7rwzliwm.cloudfront.net
7 cdn.cookielaw.org d3dh5c7rwzliwm.cloudfront.net
cdn.cookielaw.org
3 dkdrawii0zqtg.cloudfront.net one-time-offer.com
dkdrawii0zqtg.cloudfront.net
3 fonts.googleapis.com one-time-offer.com
d3dh5c7rwzliwm.cloudfront.net
1 geolocation.onetrust.com cdn.cookielaw.org
1 analytics.member-center.com www.googletagmanager.com
1 www.googletagmanager.com d3dh5c7rwzliwm.cloudfront.net
1 fonts.gstatic.com fonts.googleapis.com
1 banners.wlservices.fr
56 10

This site contains links to these domains. Also see Links.

Domain
www.remisesetreductions.fr
d3dh5c7rwzliwm.cloudfront.net
webloyalty.com
onetrust.com
Subject Issuer Validity Valid
wlservices.fr
Amazon		 2021-08-10 -
2022-09-08		 a year crt.sh
one-time-offer.com
Entrust Certification Authority - L1K		 2020-05-19 -
2022-01-25		 2 years crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2021-06-01 -
2022-05-31		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
member-center.com
Amazon		 2021-01-13 -
2022-02-10		 a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2021-02-12 -
2022-02-11		 a year crt.sh

This page contains 1 frames:

Primary Page: https://one-time-offer.com/sol9/damart_fr/sb717430/promo.asp?sid=1d232d22693f04974c6fcbc524c42813&ci=C6D626B696269A11D1C0712120A110E13BB797D7F76717AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DF121F1B171E131017131ED46651435352594A4D5449E52D232B2422293A3F3D34FE4047555345545C4A425&infoid=1d232d22693f04974c6fcbc524c42813
Frame ID: 8F885613005809C45E37A49497DB1407
Requests: 56 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Remises & RéductionsFR_RR_ARROW_Voucher4fr_rr_sellpageMockup_updates_v5_arrowfr_rr_sellpageMockup_updates_v5_arrowFR_Cashback_iconFR_MMB_iconFR_Coupon_iconfr_rr_sellpageMockup_updates_v5_arrowBack ButtonFilter Button

Page URL History Show full URLs

  1. https://banners.wlservices.fr/jump-454 Page URL
  2. https://one-time-offer.com/sg/gateway.aspx?v=C343736373&p=A2D2B2F21242BE77B7D7F706E72FC3D323B393239F16D... HTTP 302
    https://one-time-offer.com/sol9/damart_fr/sb717430/promo.asp?sid=1d232d22693f04974c6fcbc524c42813&ci=C6... Page URL

Page Statistics

56
Requests

96 %
HTTPS

60 %
IPv6

9
Domains

10
Subdomains

11
IPs

3
Countries

554 kB
Transfer

1542 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://banners.wlservices.fr/jump-454 Page URL
  2. https://one-time-offer.com/sg/gateway.aspx?v=C343736373&p=A2D2B2F21242BE77B7D7F706E72FC3D323B393239F16D6060727&cl=0776 HTTP 302
    https://one-time-offer.com/sol9/damart_fr/sb717430/promo.asp?sid=1d232d22693f04974c6fcbc524c42813&ci=C6D626B696269A11D1C0712120A110E13BB797D7F76717AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DF121F1B171E131017131ED46651435352594A4D5449E52D232B2422293A3F3D34FE4047555345545C4A425&infoid=1d232d22693f04974c6fcbc524c42813 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53
  • https://one-time-offer.com/common/xt_recMilestone.asp HTTP 0
  • http://d3dh5c7rwzliwm.cloudfront.net/ALL/images/spacer.gif
Request Chain 54
  • https://one-time-offer.com/common/xt_recMilestone.asp HTTP 302
  • https://d3dh5c7rwzliwm.cloudfront.net/ALL/images/spacer.gif

56 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
jump-454
banners.wlservices.fr/ 		181 B
300 B 		Document
General
Check archive.org
Download Go to
Full URL
https://banners.wlservices.fr/jump-454
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.251.38.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-251-38-196.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9

Response headers

date
Thu, 18 Nov 2021 17:19:36 GMT
content-type
text/html; charset=UTF-8
content-length
174
server
Apache
vary
Accept-Encoding
content-encoding
gzip
Primary Request promo.asp
one-time-offer.com/sol9/damart_fr/sb717430/
Redirect Chain
  • https://one-time-offer.com/sg/gateway.aspx?v=C343736373&p=A2D2B2F21242BE77B7D7F706E72FC3D323B393239F16D6060727&cl=0776
  • https://one-time-offer.com/sol9/damart_fr/sb717430/promo.asp?sid=1d232d22693f04974c6fcbc524c42813&ci=C6D626B696269A11D1C0712120A110E13BB797D7F76717AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A7...
67 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://one-time-offer.com/sol9/damart_fr/sb717430/promo.asp?sid=1d232d22693f04974c6fcbc524c42813&ci=C6D626B696269A11D1C0712120A110E13BB797D7F76717AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DF121F1B171E131017131ED46651435352594A4D5449E52D232B2422293A3F3D34FE4047555345545C4A425&infoid=1d232d22693f04974c6fcbc524c42813
Requested by
Host: banners.wlservices.fr
URL: https://banners.wlservices.fr/jump-454
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.213.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-213-251.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
2690badc31814d3c7cc38d5bd1e34f514e04abd2dbe0bfa601ee4347ea82a30f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://banners.wlservices.fr/jump-454

Response headers

date
Thu, 18 Nov 2021 17:19:36 GMT
content-type
text/html
content-length
23955
cache-control
private
content-encoding
gzip
vary
Accept-Encoding
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET

Redirect headers

date
Thu, 18 Nov 2021 17:19:36 GMT
content-type
text/html; charset=utf-8
content-length
1128
cache-control
private
location
/sol9/damart_fr/sb717430/promo.asp?sid=1d232d22693f04974c6fcbc524c42813&ci=C6D626B696269A11D1C0712120A110E13BB797D7F76717AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DF121F1B171E131017131ED46651435352594A4D5449E52D232B2422293A3F3D34FE4047555345545C4A425&infoid=1d232d22693f04974c6fcbc524c42813
server
Microsoft-IIS/8.5
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
FR_RR_KAPPA_PROMO_RWD_cookies_wrapper.js
d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/ 		18 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/FR_RR_KAPPA_PROMO_RWD_cookies_wrapper.js
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/damart_fr/sb717430/promo.asp?sid=1d232d22693f04974c6fcbc524c42813&ci=C6D626B696269A11D1C0712120A110E13BB797D7F76717AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DF121F1B171E131017131ED46651435352594A4D5449E52D232B2422293A3F3D34FE4047555345545C4A425&infoid=1d232d22693f04974c6fcbc524c42813
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.153 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-153.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e0e4e394c54bada549ba929376c448dbcf2f1a5e8ebb20b03485743da1f04b2f

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
UPjlEMT8fKuQoqzSWy.xjYKDTsUNIr3D
Content-Encoding
gzip
ETag
W/"bb493f2e85414779c2d32d21a4d5594c"
Age
52938
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
x-amz-meta-user
gsokate
Last-Modified
Mon, 05 Apr 2021 05:58:09 GMT
Server
AmazonS3
Date
Thu, 18 Nov 2021 02:37:19 GMT
Vary
Accept-Encoding
Content-Type
text/javascript
Via
1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
2WIfBTzBRxlKM7p70sENZZ9Glo94gL7jC1FOKJsjPOms1MTa6Ukfzw==
style_REY2_428_3DS_desktop-template-05.css
d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/ 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/style_REY2_428_3DS_desktop-template-05.css
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/damart_fr/sb717430/promo.asp?sid=1d232d22693f04974c6fcbc524c42813&ci=C6D626B696269A11D1C0712120A110E13BB797D7F76717AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DF121F1B171E131017131ED46651435352594A4D5449E52D232B2422293A3F3D34FE4047555345545C4A425&infoid=1d232d22693f04974c6fcbc524c42813
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.153 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-153.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
10a17911fe0de7c92b489f71755a2f7d4c9fae6b3b326b2d2acab0a7402165e6

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
iXItT.r3B_HdlmuzLdQfdaFEwYSFDIVt
Content-Encoding
gzip
ETag
W/"db329029d4eafcb79b412e0f7fb9d6b9"
Age
44828
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
x-amz-meta-user
kbajwa
Last-Modified
Fri, 17 Sep 2021 09:19:35 GMT
Server
AmazonS3
Date
Thu, 18 Nov 2021 04:52:29 GMT
Vary
Accept-Encoding
Content-Type
text/css
Via
1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
nMAKbQrdNwmg1Zp_abkd1o2IALobk_WjXU01mCKodSL88F1ByrDRVg==
css
fonts.googleapis.com/ 		10 KB
819 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,800
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/damart_fr/sb717430/promo.asp?sid=1d232d22693f04974c6fcbc524c42813&ci=C6D626B696269A11D1C0712120A110E13BB797D7F76717AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DF121F1B171E131017131ED46651435352594A4D5449E52D232B2422293A3F3D34FE4047555345545C4A425&infoid=1d232d22693f04974c6fcbc524c42813
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4e9187ce99f6871a91e57bea12068ac166269a35f14e1c4c69ac85203502c2fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 18 Nov 2021 16:24:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 18 Nov 2021 17:19:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 18 Nov 2021 17:19:36 GMT
css
fonts.googleapis.com/ 		1 KB
927 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Paytone+One
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/damart_fr/sb717430/promo.asp?sid=1d232d22693f04974c6fcbc524c42813&ci=C6D626B696269A11D1C0712120A110E13BB797D7F76717AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DF121F1B171E131017131ED46651435352594A4D5449E52D232B2422293A3F3D34FE4047555345545C4A425&infoid=1d232d22693f04974c6fcbc524c42813
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab5365562797d4cb63c04ed8fac0399746471d2c6c5d7b26a219cfebc6a15068
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 18 Nov 2021 16:43:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 18 Nov 2021 17:19:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 18 Nov 2021 17:19:36 GMT
Oxanium.css
dkdrawii0zqtg.cloudfront.net/Oxanium/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dkdrawii0zqtg.cloudfront.net/Oxanium/Oxanium.css
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/damart_fr/sb717430/promo.asp?sid=1d232d22693f04974c6fcbc524c42813&ci=C6D626B696269A11D1C0712120A110E13BB797D7F76717AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DF121F1B171E131017131ED46651435352594A4D5449E52D232B2422293A3F3D34FE4047555345545C4A425&infoid=1d232d22693f04974c6fcbc524c42813
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:2600:14:9586:a100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
57dfc7637aef7db2b5b68775b512f8fce25575d803f4af4e87260118938186d4

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 05:46:03 GMT
via
1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
last-modified
Mon, 11 Jan 2021 15:01:38 GMT
server
AmazonS3
age
41614
etag
"e60cbab4e2b902891d27b2cd1c5fcb7d"
x-cache
Hit from cloudfront
x-amz-version-id
Jt7AsrgWb3slIlimj7CQkX7TLYpJPz75
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
text/css
content-length
1823
x-amz-meta-user
aparatore
x-amz-cf-id
YuVzKQBUmSFxU3pPSFynNm_2zqFlm8gBRm98ke8V2BzwBnzlL6izHA==
fr_validation.js
one-time-offer.com/scripts/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://one-time-offer.com/scripts/fr_validation.js
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/damart_fr/sb717430/promo.asp?sid=1d232d22693f04974c6fcbc524c42813&ci=C6D626B696269A11D1C0712120A110E13BB797D7F76717AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DF121F1B171E131017131ED46651435352594A4D5449E52D232B2422293A3F3D34FE4047555345545C4A425&infoid=1d232d22693f04974c6fcbc524c42813
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.213.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-213-251.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
b214c7b862a0e50798c53344af7e709b24b85b0cd30a7a6b753c2e86dfed2554

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/sol9/damart_fr/sb717430/promo.asp?sid=1d232d22693f04974c6fcbc524c42813&ci=C6D626B696269A11D1C0712120A110E13BB797D7F76717AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DF121F1B171E131017131ED46651435352594A4D5449E52D232B2422293A3F3D34FE4047555345545C4A425&infoid=1d232d22693f04974c6fcbc524c42813
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 17:19:36 GMT
content-encoding
gzip
etag
"0263d5297b2d11:0"
last-modified
Fri, 20 May 2016 12:58:36 GMT
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
2913
solicitations.js
one-time-offer.com/scripts/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://one-time-offer.com/scripts/solicitations.js
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/damart_fr/sb717430/promo.asp?sid=1d232d22693f04974c6fcbc524c42813&ci=C6D626B696269A11D1C0712120A110E13BB797D7F76717AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DF121F1B171E131017131ED46651435352594A4D5449E52D232B2422293A3F3D34FE4047555345545C4A425&infoid=1d232d22693f04974c6fcbc524c42813
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.213.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-213-251.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
ae581f6b1c675a860395cda9dfb2963ed3cfbdfa14e10bf8a0ddc3245e4debbd

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/sol9/damart_fr/sb717430/promo.asp?sid=1d232d22693f04974c6fcbc524c42813&ci=C6D626B696269A11D1C0712120A110E13BB797D7F76717AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DF121F1B171E131017131ED46651435352594A4D5449E52D232B2422293A3F3D34FE4047555345545C4A425&infoid=1d232d22693f04974c6fcbc524c42813
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 17:19:36 GMT
content-encoding
gzip
etag
"8064976f23aed71:0"
last-modified
Mon, 20 Sep 2021 13:28:45 GMT
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
5661
promo_flow.js
one-time-offer.com/scripts/ 		17 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://one-time-offer.com/scripts/promo_flow.js
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/damart_fr/sb717430/promo.asp?sid=1d232d22693f04974c6fcbc524c42813&ci=C6D626B696269A11D1C0712120A110E13BB797D7F76717AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DF121F1B171E131017131ED46651435352594A4D5449E52D232B2422293A3F3D34FE4047555345545C4A425&infoid=1d232d22693f04974c6fcbc524c42813
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.213.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-213-251.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
7ca9827b9cb830e35c510501de1ad37e7ebedd8c8cb388a925253a64f95bee15

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/sol9/damart_fr/sb717430/promo.asp?sid=1d232d22693f04974c6fcbc524c42813&ci=C6D626B696269A11D1C0712120A110E13BB797D7F76717AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DF121F1B171E131017131ED46651435352594A4D5449E52D232B2422293A3F3D34FE4047555345545C4A425&infoid=1d232d22693f04974c6fcbc524c42813
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 17:19:36 GMT
content-encoding
gzip
etag
"0e5593923aed71:0"
last-modified
Mon, 20 Sep 2021 13:27:14 GMT
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
2740
countryCode.js
d3dh5c7rwzliwm.cloudfront.net/ALL/JS/ 		266 B
813 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/ALL/JS/countryCode.js
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/damart_fr/sb717430/promo.asp?sid=1d232d22693f04974c6fcbc524c42813&ci=C6D626B696269A11D1C0712120A110E13BB797D7F76717AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DF121F1B171E131017131ED46651435352594A4D5449E52D232B2422293A3F3D34FE4047555345545C4A425&infoid=1d232d22693f04974c6fcbc524c42813
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.153 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-153.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8380a1fbd46042955f25aade9894cd66babe9f4c444af66bbfb3fadadec74913

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
hJeSIGv5pXXyyKYreNWGJPLdd.bjVqsC
Via
1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
Last-Modified
Wed, 13 Feb 2019 14:14:18 GMT
Server
AmazonS3
Age
54577
ETag
"683ec31106c6b7258f17d8e4099090d2"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Date
Thu, 18 Nov 2021 02:10:00 GMT
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Length
266
x-amz-meta-user
wgarrido
X-Amz-Cf-Id
J6n34Hz8u72D4Q5BxHnVnHH4lkQcGImlP5bJEdQPG7zQwXDh4lphgg==
jquery-1.4.2.min.js
d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/ 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/jquery-1.4.2.min.js
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/damart_fr/sb717430/promo.asp?sid=1d232d22693f04974c6fcbc524c42813&ci=C6D626B696269A11D1C0712120A110E13BB797D7F76717AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DF121F1B171E131017131ED46651435352594A4D5449E52D232B2422293A3F3D34FE4047555345545C4A425&infoid=1d232d22693f04974c6fcbc524c42813
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.153 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-153.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1adeb9b7455c164e01a88173d356742be2a4b5dc4977f0f64fee5b5d4b38e0b3

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
L2DvUgs5paiYR8R6q.gze5i_hvR889T7
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Mon, 29 Feb 2016 09:54:16 GMT
Server
AmazonS3
Age
41805
ETag
W/"a8a2a48ddaa95527c6d3db763e2b7809"
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Via
1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
Connection
keep-alive
Date
Thu, 18 Nov 2021 05:42:52 GMT
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
iJAket9fwavc-mQVB7Q9TGIgLyIWZvmWfIHFGtYUZPUwgvCPt_wztQ==
jquery-ui-1.8.2.custom.min.js
d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/ 		204 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/jquery-ui-1.8.2.custom.min.js
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/damart_fr/sb717430/promo.asp?sid=1d232d22693f04974c6fcbc524c42813&ci=C6D626B696269A11D1C0712120A110E13BB797D7F76717AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DF121F1B171E131017131ED46651435352594A4D5449E52D232B2422293A3F3D34FE4047555345545C4A425&infoid=1d232d22693f04974c6fcbc524c42813
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.153 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-153.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b6e7eff529efa6de4490a438b12f1f64f4c909b85516191405cf725f539be117

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
TIm7w0TXrACS8x4kx0h4b5m1QUXkNlkD
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Wed, 09 Mar 2016 13:51:59 GMT
Server
AmazonS3
Age
43077
ETag
W/"84d5c35fd13637738a036ed11be2a154"
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
Connection
keep-alive
Date
Thu, 18 Nov 2021 05:21:40 GMT
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
r6zsIXVMgJS_0ZQkueNMrCuSL2QU5NhCBQK7lRCBu8fB_Oa5mPzIDQ==
jquery.autotab-1.1b.js
d3dh5c7rwzliwm.cloudfront.net/FR/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/FR/js/jquery.autotab-1.1b.js
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/damart_fr/sb717430/promo.asp?sid=1d232d22693f04974c6fcbc524c42813&ci=C6D626B696269A11D1C0712120A110E13BB797D7F76717AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DF121F1B171E131017131ED46651435352594A4D5449E52D232B2422293A3F3D34FE4047555345545C4A425&infoid=1d232d22693f04974c6fcbc524c42813
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.153 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-153.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
52295428f1d4d23a3a2e279cc1dacf9b9869b08004da91fb219ac01f48e86938

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
84TczmOBEGkseG2zq3iic.24ZqSUYyTu
Content-Encoding
gzip
ETag
W/"ef37b11d0b73e90b623e6be842e0d7a9"
Age
46461
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
x-amz-meta-user
aparatore
Last-Modified
Wed, 15 May 2019 07:06:30 GMT
Server
AmazonS3
Date
Thu, 18 Nov 2021 04:25:16 GMT
Vary
Accept-Encoding
Content-Type
text/javascript
Via
1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
IFSCHa_ciijkFP80dw78YzkSO0F0ZGdTvHYRvGu4QTHrEdICVWpjRg==
LabelFloat.js
d3dh5c7rwzliwm.cloudfront.net/UK/Templates/Js/ 		330 B
850 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/UK/Templates/Js/LabelFloat.js
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/damart_fr/sb717430/promo.asp?sid=1d232d22693f04974c6fcbc524c42813&ci=C6D626B696269A11D1C0712120A110E13BB797D7F76717AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DF121F1B171E131017131ED46651435352594A4D5449E52D232B2422293A3F3D34FE4047555345545C4A425&infoid=1d232d22693f04974c6fcbc524c42813
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.153 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-153.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ebae3291f840fc32c3d128bbe9518706dc5c14dd704949984d802d28a8c20d0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 18 Nov 2021 02:38:12 GMT
Via
1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
Last-Modified
Mon, 10 Apr 2017 08:13:14 GMT
Server
AmazonS3
Age
52885
ETag
"8e7aeed06a461c2046ae2262ffde03d5"
X-Cache
Hit from cloudfront
x-amz-version-id
ijL6OI7v1PwiFDg9m2risraTCsyBP598
Connection
keep-alive
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
330
X-Amz-Cf-Id
AGc-DGvKBqsg3D6tsAuEPBO9G7XsKGQRsLBVQ4WbA6b5Ef_y6IAUag==
FR_interactions-3DS-detect.js
one-time-offer.com/sol9/damart_fr/sb717430/ 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://one-time-offer.com/sol9/damart_fr/sb717430/FR_interactions-3DS-detect.js
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/damart_fr/sb717430/promo.asp?sid=1d232d22693f04974c6fcbc524c42813&ci=C6D626B696269A11D1C0712120A110E13BB797D7F76717AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DF121F1B171E131017131ED46651435352594A4D5449E52D232B2422293A3F3D34FE4047555345545C4A425&infoid=1d232d22693f04974c6fcbc524c42813
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.213.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-213-251.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
4b7a665bf6b3908da1f66a6483da8c52431e61e124a1588fb83835b1ef194d64

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/sol9/damart_fr/sb717430/promo.asp?sid=1d232d22693f04974c6fcbc524c42813&ci=C6D626B696269A11D1C0712120A110E13BB797D7F76717AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DF121F1B171E131017131ED46651435352594A4D5449E52D232B2422293A3F3D34FE4047555345545C4A425&infoid=1d232d22693f04974c6fcbc524c42813
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 17:19:36 GMT
content-encoding
gzip
etag
"806b5852f66cd71:0"
last-modified
Tue, 29 Jun 2021 14:52:03 GMT
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
11348
leavers.js
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/ZETER/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/ZETER/js/leavers.js
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/damart_fr/sb717430/promo.asp?sid=1d232d22693f04974c6fcbc524c42813&ci=C6D626B696269A11D1C0712120A110E13BB797D7F76717AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DF121F1B171E131017131ED46651435352594A4D5449E52D232B2422293A3F3D34FE4047555345545C4A425&infoid=1d232d22693f04974c6fcbc524c42813
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.153 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-153.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
11e5db674677ffa051c40868035e9dfeb2603527c14e68d5586e6466af0cc27c

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 18 Nov 2021 04:37:49 GMT
Content-Encoding
gzip
Age
45708
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
x-amz-meta-user
ymarchand
Last-Modified
Thu, 04 Oct 2018 07:14:55 GMT
Server
AmazonS3
ETag
W/"ee4a0db13c3da6956218b3a7891607a6"
Vary
Accept-Encoding
x-amz-version-id
in7W4mBFWew9Mao9xiNSyP6Xa5.RcTPA
Via
1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA50-C1
Content-Type
text/javascript
X-Amz-Cf-Id
KxOGf0Vdw4bSpgZ_XMQRxzxAnM8jpy6aA6oiIh6Uh6bfzOmwjwLKgQ==
style_KAPA.css
d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/ 		13 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/style_KAPA.css
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/damart_fr/sb717430/promo.asp?sid=1d232d22693f04974c6fcbc524c42813&ci=C6D626B696269A11D1C0712120A110E13BB797D7F76717AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DF121F1B171E131017131ED46651435352594A4D5449E52D232B2422293A3F3D34FE4047555345545C4A425&infoid=1d232d22693f04974c6fcbc524c42813
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.153 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-153.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0c42ff05e2e248efed2b86bd41594a56dcdcdb3207082312856d569482a34b5a

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
XFvUlSVHRjhsrjZ0yK7B_1KP2FxKydeb
Content-Encoding
gzip
ETag
W/"19fc800428d4724f3b59737412fdd08e"
Age
46782
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
x-amz-meta-user
kbajwa
Last-Modified
Thu, 20 May 2021 09:26:02 GMT
Server
AmazonS3
Date
Thu, 18 Nov 2021 04:19:55 GMT
Vary
Accept-Encoding
Content-Type
text/css
Via
1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
ukdr97ggQ1OJ8neSvQET4kgfglEkm-TAcdocsO4YSUFjbNM2rEeMcg==
ga_cookie_fr.js
d3dh5c7rwzliwm.cloudfront.net/FR/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/FR/js/ga_cookie_fr.js
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/damart_fr/sb717430/promo.asp?sid=1d232d22693f04974c6fcbc524c42813&ci=C6D626B696269A11D1C0712120A110E13BB797D7F76717AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DF121F1B171E131017131ED46651435352594A4D5449E52D232B2422293A3F3D34FE4047555345545C4A425&infoid=1d232d22693f04974c6fcbc524c42813
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.153 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-153.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a04e6c9a58e4f7de825fd103326e0f00a6b3b2634233c9b68870894cba763290

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
TJJs3QE_t.qOnxTyxStktSfCVvTOxy3x
Content-Encoding
gzip
ETag
W/"4f4f821662fbd06d10a7a6de6d2f6985"
Age
43593
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
x-amz-meta-user
gsokate
Last-Modified
Mon, 19 Jul 2021 11:34:21 GMT
Server
AmazonS3
Date
Thu, 18 Nov 2021 05:13:04 GMT
Vary
Accept-Encoding
Content-Type
text/javascript
Via
1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
vTGJq6FQqf7JDgI51JTUjRlGs4JZMZ1LXKYZIe9vmkdcdfj1WL6g_w==
analytics_cookie_FR_RR.js
d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/ 		262 B
808 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/analytics_cookie_FR_RR.js
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/damart_fr/sb717430/promo.asp?sid=1d232d22693f04974c6fcbc524c42813&ci=C6D626B696269A11D1C0712120A110E13BB797D7F76717AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DF121F1B171E131017131ED46651435352594A4D5449E52D232B2422293A3F3D34FE4047555345545C4A425&infoid=1d232d22693f04974c6fcbc524c42813
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.153 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-153.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0cede639efd6c1d520bce74b3c1f5cbbccf57522abdad7c95e56025b82f986f0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 18 Nov 2021 05:26:04 GMT
Via
1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
Last-Modified
Thu, 01 Apr 2021 13:49:58 GMT
Server
AmazonS3
Age
42813
ETag
"91923f128eb53ad36311b76a321757c2"
X-Cache
Hit from cloudfront
x-amz-version-id
wVJEc7mOuiOFVscNSlWqDosAcuqgRfb6
Connection
keep-alive
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
262
x-amz-meta-user
gsokate
X-Amz-Cf-Id
yPw2AS8S83uXLzXv4Kp09sXz_J1ENtU9ANqiBaRqpGO7d1vu1XGmhA==
damart_zetaBiz_TTB.png
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/modalDC/v2/img/TTB/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/modalDC/v2/img/TTB/damart_zetaBiz_TTB.png
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/damart_fr/sb717430/promo.asp?sid=1d232d22693f04974c6fcbc524c42813&ci=C6D626B696269A11D1C0712120A110E13BB797D7F76717AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DF121F1B171E131017131ED46651435352594A4D5449E52D232B2422293A3F3D34FE4047555345545C4A425&infoid=1d232d22693f04974c6fcbc524c42813
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.153 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-153.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
87a0d6b72d1f25e73a511f1c7d63a96a48b3b34736e8b95e367a628faea4625b

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 18 Nov 2021 08:15:05 GMT
Via
1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
Last-Modified
Wed, 01 Aug 2018 08:20:31 GMT
Server
AmazonS3
Age
32672
ETag
"958341209796bdb18905bae26a37dbdf"
X-Cache
Hit from cloudfront
x-amz-version-id
cnMB9Z7lJyqlyntJfBIm8OZDCGRiOdM8
Connection
keep-alive
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
43650
x-amz-meta-user
ntambe
X-Amz-Cf-Id
y1nYoKNOHR1f05hCXLuVFKXOJBmC47gv7PtWmJ4AUN5W19C3pAfJpA==
CCgoldBG_nolines.png
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/ZETABIS/img/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/ZETABIS/img/CCgoldBG_nolines.png
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/damart_fr/sb717430/promo.asp?sid=1d232d22693f04974c6fcbc524c42813&ci=C6D626B696269A11D1C0712120A110E13BB797D7F76717AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DF121F1B171E131017131ED46651435352594A4D5449E52D232B2422293A3F3D34FE4047555345545C4A425&infoid=1d232d22693f04974c6fcbc524c42813
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.153 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-153.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2b38ad3bc616f69332f3ecca87016bbfe66c77ec1a31b68dece47776e0a4bb39

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
TlJj4CazOH62IHi7YjR2.8FCQmt2Wnxo
Via
1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
Last-Modified
Mon, 11 Jan 2021 08:11:42 GMT
Server
AmazonS3
Age
48753
ETag
"4ccf1c0909d1d808868817d8ea1c1325"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Date
Thu, 18 Nov 2021 03:47:04 GMT
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Length
22276
x-amz-meta-user
aparatore
X-Amz-Cf-Id
G8Ly2KdV7UUzefLl8kd36wjU7gyfVBt0DQnIDDJrmVDMEUXKAVZl3Q==
logo_RR_DoubleClic.png
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/modalDC/v2/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/modalDC/v2/img/logo_RR_DoubleClic.png
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/damart_fr/sb717430/promo.asp?sid=1d232d22693f04974c6fcbc524c42813&ci=C6D626B696269A11D1C0712120A110E13BB797D7F76717AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DF121F1B171E131017131ED46651435352594A4D5449E52D232B2422293A3F3D34FE4047555345545C4A425&infoid=1d232d22693f04974c6fcbc524c42813
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.153 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-153.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4104c36d9a497be97630c8ed0576708bfc1381b2ff6a92aa7a41e17122390083

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
yU.38jbX0Db8bW5Bcosai9Kwl9OXAGIU
Via
1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
Last-Modified
Fri, 09 Sep 2016 08:31:54 GMT
Server
AmazonS3
Age
44334
ETag
"7fc0f32c7a54d89729ef528c55b0a314"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Date
Thu, 18 Nov 2021 05:00:43 GMT
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Length
7963
X-Amz-Cf-Id
IZ8yaChjvpYAk6xjXXEkOh2O0amNEE0u7tmebZoCUQ_s2UZm6fGBdA==
mdp_info.png
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/img/ 		346 B
860 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/img/mdp_info.png
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/damart_fr/sb717430/promo.asp?sid=1d232d22693f04974c6fcbc524c42813&ci=C6D626B696269A11D1C0712120A110E13BB797D7F76717AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DF121F1B171E131017131ED46651435352594A4D5449E52D232B2422293A3F3D34FE4047555345545C4A425&infoid=1d232d22693f04974c6fcbc524c42813
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.153 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-153.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
124a3d038c149d31ffa54e6c6e680d5cfccf1935d90562a5085fbfeb1c02a334

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 18 Nov 2021 03:27:59 GMT
Via
1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)
Last-Modified
Thu, 22 Oct 2015 07:20:28 GMT
Server
AmazonS3
Age
49897
ETag
"68c514ae5f431a73795154b2d19c17eb"
X-Cache
Hit from cloudfront
x-amz-version-id
LKFRulTcNBjSQVNkYEoc0dWx4zWzEs4A
Connection
keep-alive
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
346
X-Amz-Cf-Id
DeO7nsrFDxRWpZeHZ9hzn3HVfE_mSaVYcxjlP311MefvCjQnbwsq2Q==
tracker_cookie.js
d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/tracker_cookie.js
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/damart_fr/sb717430/promo.asp?sid=1d232d22693f04974c6fcbc524c42813&ci=C6D626B696269A11D1C0712120A110E13BB797D7F76717AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DF121F1B171E131017131ED46651435352594A4D5449E52D232B2422293A3F3D34FE4047555345545C4A425&infoid=1d232d22693f04974c6fcbc524c42813
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.153 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-153.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0096dde1ba0a47d8ac4b1f3faae7013cce83adfb255f7fc35cea8a9ce119f119

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 18 Nov 2021 05:46:04 GMT
Content-Encoding
gzip
Age
41613
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
x-amz-meta-user
gsokate
Last-Modified
Thu, 11 Nov 2021 12:50:17 GMT
Server
AmazonS3
ETag
W/"0ce392ecfcdc737281597174dc972471"
Vary
Accept-Encoding
x-amz-version-id
x16ylNPOBmKTkGpmph9L.ove_5gI4IV5
Via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA50-C1
Content-Type
text/javascript
X-Amz-Cf-Id
cLXYqZOyFWm63muqpcDFPcV6QPIiteTPxbm-2kwjP0Ag2UQT-qeabQ==
FIX_FR_RR_428_REY2_3DS_0520.js
d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/ 		597 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/FIX_FR_RR_428_REY2_3DS_0520.js
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/damart_fr/sb717430/promo.asp?sid=1d232d22693f04974c6fcbc524c42813&ci=C6D626B696269A11D1C0712120A110E13BB797D7F76717AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DF121F1B171E131017131ED46651435352594A4D5449E52D232B2422293A3F3D34FE4047555345545C4A425&infoid=1d232d22693f04974c6fcbc524c42813
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.153 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-153.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8571d74f55eff7ea2c94150a0607f7e8f0a2403da66f238f7c89f4822ae7f9b8

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 18 Nov 2021 05:46:04 GMT
Via
1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)
Last-Modified
Mon, 04 Oct 2021 13:38:37 GMT
Server
AmazonS3
Age
41613
ETag
"8c1dd793a0627e839732ee61b0383499"
X-Cache
Hit from cloudfront
x-amz-version-id
p6TghjpTZorApap7LTJwGt3tTRDxpOxU
Connection
keep-alive
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
597
x-amz-meta-user
ymarchand
X-Amz-Cf-Id
UnM8Cgd9wKX28KzlTHMCdqgupYJwKfpVn4tQsWixWBK2K_7u87yFkA==
milestone_tracking.js
d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/milestone_tracking.js
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/damart_fr/sb717430/promo.asp?sid=1d232d22693f04974c6fcbc524c42813&ci=C6D626B696269A11D1C0712120A110E13BB797D7F76717AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DF121F1B171E131017131ED46651435352594A4D5449E52D232B2422293A3F3D34FE4047555345545C4A425&infoid=1d232d22693f04974c6fcbc524c42813
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.153 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-153.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c28d2287ba25f531f52f96d00895c8d04ecebb1ed5ae5849b5c2b088c2ea7f82

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 18 Nov 2021 01:44:25 GMT
Content-Encoding
gzip
Age
56112
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
x-amz-meta-user
kbajwa
Last-Modified
Wed, 23 Jun 2021 09:48:10 GMT
Server
AmazonS3
ETag
W/"b9168af0c5cf07f58ea7ea1c82eff881"
Vary
Accept-Encoding
x-amz-version-id
oF5VVWcAGofDUUwE7pHM0yPp6Y2DZ0Sl
Via
1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA50-C1
Content-Type
text/javascript
X-Amz-Cf-Id
QE8yK5VFLCCyrgl54ZlyUYApYXmHNzl4cLrxVoPdFMG_UbFypVcWXA==
FR_resize-boxes.js
d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/FR_resize-boxes.js
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/damart_fr/sb717430/promo.asp?sid=1d232d22693f04974c6fcbc524c42813&ci=C6D626B696269A11D1C0712120A110E13BB797D7F76717AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DF121F1B171E131017131ED46651435352594A4D5449E52D232B2422293A3F3D34FE4047555345545C4A425&infoid=1d232d22693f04974c6fcbc524c42813
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.153 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-153.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c19badd2e95becdb5b490d89efe6e57d8d6f903121f22d86efbafc117c49870e

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 18 Nov 2021 04:21:05 GMT
Content-Encoding
gzip
Age
46712
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
x-amz-meta-user
kbajwa
Last-Modified
Mon, 04 Oct 2021 11:31:12 GMT
Server
AmazonS3
ETag
W/"b6891efad76d60fd53a2a9f0af3f9f5f"
Vary
Accept-Encoding
x-amz-version-id
kIMhMlGnl6VJWfv8OTYNVRecmZEv1yw4
Via
1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA50-C1
Content-Type
text/javascript
X-Amz-Cf-Id
NI9R5_hNOdWHXXSLFZ_JmVaspIrnWRd-HbYZweMhXr8n9ZmaOozqWA==
FIX_WORDING_KAPPA_435.js
d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/ 		44 B
591 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/FIX_WORDING_KAPPA_435.js
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/damart_fr/sb717430/promo.asp?sid=1d232d22693f04974c6fcbc524c42813&ci=C6D626B696269A11D1C0712120A110E13BB797D7F76717AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DF121F1B171E131017131ED46651435352594A4D5449E52D232B2422293A3F3D34FE4047555345545C4A425&infoid=1d232d22693f04974c6fcbc524c42813
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.153 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-153.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8174f782feed11dbaf66bd035300d24623814e61f1500ac6b73a00895ec1bd3

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
4C1M7yG4avbtj.dUlHYDkx29dPRCpxCA
Via
1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
Last-Modified
Thu, 14 Jan 2021 07:38:51 GMT
Server
AmazonS3
Age
52938
ETag
"c14211e92b5d54952e8119bf7d6b5a54"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Date
Thu, 18 Nov 2021 02:37:19 GMT
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Length
44
x-amz-meta-user
aparatore
X-Amz-Cf-Id
GUdZKScHKK7dKtLvx5SZvFvHLWCNYIOJ78a_7nMsMv423Y_pBPQk2g==
FIX_WORDING_KAPPA_435.css
d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/ 		163 B
701 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/FIX_WORDING_KAPPA_435.css
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/damart_fr/sb717430/promo.asp?sid=1d232d22693f04974c6fcbc524c42813&ci=C6D626B696269A11D1C0712120A110E13BB797D7F76717AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DF121F1B171E131017131ED46651435352594A4D5449E52D232B2422293A3F3D34FE4047555345545C4A425&infoid=1d232d22693f04974c6fcbc524c42813
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.153 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-153.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1c3651c48dc8ee266374f9e3e555ab44225199712db261b303156c5d2d62d609

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
B8kjDTDLhl2t.1R.RdbELd_ksfT.e0TD
Via
1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
Last-Modified
Mon, 31 May 2021 09:47:22 GMT
Server
AmazonS3
Age
41367
ETag
"4038b68d9fd0e6c102df86826bc03ad4"
X-Cache
Hit from cloudfront
Content-Type
text/css
Connection
keep-alive
Date
Thu, 18 Nov 2021 05:50:10 GMT
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Length
163
x-amz-meta-user
disune
X-Amz-Cf-Id
2iSw4EYmsbmf8o-lqwyQCrBapjeiCifn2it--NApujQW0Pf_MvkDSQ==
FR_RR_KAPPA_PROMO_RWD_cookies.css
d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/FR_RR_KAPPA_PROMO_RWD_cookies.css
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/damart_fr/sb717430/promo.asp?sid=1d232d22693f04974c6fcbc524c42813&ci=C6D626B696269A11D1C0712120A110E13BB797D7F76717AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DF121F1B171E131017131ED46651435352594A4D5449E52D232B2422293A3F3D34FE4047555345545C4A425&infoid=1d232d22693f04974c6fcbc524c42813
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.153 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-153.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e6f0978189cc569303e3f98accc039dbb600bf11f6377b110a1c6d88ce7db7ae

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
iIlgXU8LHfcpGGgHjp9MOTChN0oVRvrx
Content-Encoding
gzip
ETag
W/"73d8e9734478bb3088df3849c3d9cb89"
Age
52938
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
x-amz-meta-user
gsokate
Last-Modified
Tue, 04 May 2021 09:55:43 GMT
Server
AmazonS3
Date
Thu, 18 Nov 2021 02:37:19 GMT
Vary
Accept-Encoding
Content-Type
text/css
Via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
-_8xum099XNARWz8vlVcfmVEOOUNUGgMwVUIUhgbWEA-rQ6rRvM2pA==
OtAutoBlock.js
cdn.cookielaw.org/consent/fcc01ff5-636a-461e-8941-bd653a7fe10d/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/fcc01ff5-636a-461e-8941-bd653a7fe10d/OtAutoBlock.js
Requested by
Host: d3dh5c7rwzliwm.cloudfront.net
URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/FR_RR_KAPPA_PROMO_RWD_cookies_wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c30ba96503f1de9a792a9e725155b852434607e956eb5b6e8997013dfb653091
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 18 Nov 2021 17:19:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
iVcbIayDAoC1oama2voL9w==
age
13189
vary
Accept-Encoding
content-length
1474
x-ms-lease-status
unlocked
last-modified
Thu, 15 Jul 2021 08:22:45 GMT
server
cloudflare
etag
0x8D94769B9383812
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
385f64ab-601e-0124-0f15-b607fd000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6b02dd5f9bbe3763-MXP
expires
Thu, 18 Nov 2021 21:19:36 GMT
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: d3dh5c7rwzliwm.cloudfront.net
URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/FR_RR_KAPPA_PROMO_RWD_cookies_wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b19d7b02efa2e63180e064f2801718bccb6fd3c2c307ee41110e21e2e4ad390
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 18 Nov 2021 17:19:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Lh0CEVPkmGuwf4KyqdKdhw==
age
12572
vary
Accept-Encoding
content-length
6403
x-ms-lease-status
unlocked
last-modified
Wed, 17 Nov 2021 07:57:28 GMT
server
cloudflare
etag
0x8D9A99FE69AC5E2
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1bd16d3d-f01e-0084-6098-db8ece000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6b02dd5f9bc33763-MXP
script_cvv_bb_3DS_global_V4_FR.js
d3dh5c7rwzliwm.cloudfront.net/ALL/JS/ 		39 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/ALL/JS/script_cvv_bb_3DS_global_V4_FR.js
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/damart_fr/sb717430/promo.asp?sid=1d232d22693f04974c6fcbc524c42813&ci=C6D626B696269A11D1C0712120A110E13BB797D7F76717AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DF121F1B171E131017131ED46651435352594A4D5449E52D232B2422293A3F3D34FE4047555345545C4A425&infoid=1d232d22693f04974c6fcbc524c42813
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.153 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-153.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c3a179b475d6172f19fae44a7b0b55b329206f3ab364cf0e66a2d840bb548dee

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
7YifSdOezTy50z3MY7KDBrKP6ce97M3C
Content-Encoding
gzip
ETag
W/"3dbc87474988fb420396b287537aa26c"
Age
45591
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
x-amz-meta-user
ymarchand
Last-Modified
Wed, 26 May 2021 13:15:17 GMT
Server
AmazonS3
Date
Thu, 18 Nov 2021 04:39:46 GMT
Vary
Accept-Encoding
Content-Type
text/javascript
Via
1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
k6keb8Sg9AM_IvIpTwjDgVGGU5quPjjD1vtPMnDaN6IQm1v1o76jkg==
fleche.png
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/img/ 		165 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/img/fleche.png
Requested by
Host: d3dh5c7rwzliwm.cloudfront.net
URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/style_REY2_428_3DS_desktop-template-05.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.153 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-153.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cf8612d7c0fb3fc90d91d896fc4ff6409e159611c1ed079a334645c977af0670

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/style_REY2_428_3DS_desktop-template-05.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
H16EQssbPPddOYVe7DwcZybv7.ktAvKj
Via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
Last-Modified
Thu, 04 Aug 2016 06:29:28 GMT
Server
AmazonS3
Age
52886
ETag
"7f4eb8719c5b81a2c81f81fd1120e909"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Date
Thu, 18 Nov 2021 02:38:11 GMT
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Length
165
X-Amz-Cf-Id
AY8Z2QNvaezyz99D6RVtwzSvJv45x2gkQpVcH--rft7vpI3d-D44Gg==
round_left.png
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/modalDC/v2/img/ 		288 B
828 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/modalDC/v2/img/round_left.png
Requested by
Host: d3dh5c7rwzliwm.cloudfront.net
URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/style_KAPA.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.153 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-153.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4654da0fb6b121c04d5943a7365c6cd6bcbff0f4e9b7f20261bb136d39dddd86

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/style_KAPA.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
52Jq3Y9FYGXnUbVoINJOCzkPs8ktRHMh
Via
1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)
Last-Modified
Wed, 12 May 2021 14:07:06 GMT
Server
AmazonS3
Age
53439
ETag
"367efb880f245df06cd614e17fd3f955"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Date
Thu, 18 Nov 2021 02:28:58 GMT
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Length
288
x-amz-meta-user
ngandhi
X-Amz-Cf-Id
6rcaGSFFNKI3J0zFgQwFDw0CkEvaqMTpqf0DKf2BGLJ9CZZh3PqQCA==
round_right.png
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/modalDC/v2/img/ 		278 B
818 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/modalDC/v2/img/round_right.png
Requested by
Host: d3dh5c7rwzliwm.cloudfront.net
URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/style_KAPA.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.153 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-153.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
077081403676ca25396e6fbe5cce7155e7d63e83903868b91695a9d5cf8a15ce

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/style_KAPA.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 18 Nov 2021 03:22:22 GMT
Via
1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
Last-Modified
Wed, 12 May 2021 14:07:04 GMT
Server
AmazonS3
Age
50235
ETag
"fb752cf8eac72d694dea5b6928834164"
X-Cache
Hit from cloudfront
x-amz-version-id
O2dNpEjvoqERy4hXgKJKImWcQbKzRIjN
Connection
keep-alive
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
278
x-amz-meta-user
ngandhi
X-Amz-Cf-Id
Ymgm5obDltp0IuP-DriW93PbOxyAX0TlruhwUwOAW3mGVm8Rpfe8tA==
card.jpg
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/ZETABIS/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/ZETABIS/img/card.jpg
Requested by
Host: d3dh5c7rwzliwm.cloudfront.net
URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/style_REY2_428_3DS_desktop-template-05.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.153 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-153.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cec4205899ad0e0c3874cdfce2eb2577bc38a99422da5cc951c4014d66532226

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/style_REY2_428_3DS_desktop-template-05.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 18 Nov 2021 05:46:05 GMT
Via
1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
Last-Modified
Mon, 10 May 2021 06:59:35 GMT
Server
AmazonS3
Age
41612
ETag
"4fe3d1fbeb039955a75d473adbf6cbce"
X-Cache
Hit from cloudfront
x-amz-version-id
UiM4cS9jJ8wdA2dpxycB5ivEL_i0yyby
Connection
keep-alive
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
2614
x-amz-meta-user
ymarchand
X-Amz-Cf-Id
_IDkbavVyBwydSj9YKIRbxpdPCxokhybPPDm38rxDtIYOixezxsDyQ==
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://one-time-offer.com
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 13:52:02 GMT
x-content-type-options
nosniff
age
530854
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 12 Nov 2022 13:52:02 GMT
Oxanium-Medium.woff2
dkdrawii0zqtg.cloudfront.net/Oxanium/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dkdrawii0zqtg.cloudfront.net/Oxanium/Oxanium-Medium.woff2
Requested by
Host: dkdrawii0zqtg.cloudfront.net
URL: https://dkdrawii0zqtg.cloudfront.net/Oxanium/Oxanium.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:2600:14:9586:a100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
86b1ccf63235b047380c389b74b118665df079b40706b9360a11f420ec62dceb

Request headers

Referer
https://dkdrawii0zqtg.cloudfront.net/Oxanium/Oxanium.css
Origin
https://one-time-offer.com
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:34:24 GMT
via
1.1 e6d97713eb9b65f883e0f86b833878dd.cloudfront.net (CloudFront)
age
45913
x-cache
Hit from cloudfront
content-length
12808
x-amz-meta-user
aparatore
last-modified
Mon, 11 Jan 2021 14:59:49 GMT
server
AmazonS3
etag
"caf9fc1e7fec26b96984b826d6eb5e7c"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, POST
x-amz-version-id
RkDR4xitytH2CMza8MwbVPvedJPoZPAM
access-control-allow-origin
*
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/font-woff2
x-amz-cf-id
SmAGBtZcBDEwrOIbDkCB5i4Dmgfn9Jomy0vJf4BaNYSBp69-oQaQJQ==
Oxanium-Bold.woff2
dkdrawii0zqtg.cloudfront.net/Oxanium/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dkdrawii0zqtg.cloudfront.net/Oxanium/Oxanium-Bold.woff2
Requested by
Host: dkdrawii0zqtg.cloudfront.net
URL: https://dkdrawii0zqtg.cloudfront.net/Oxanium/Oxanium.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:2600:14:9586:a100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fd85536f1b59127421f184b4c8b186bb991fabe6c9d314ebb9a5bbaf11d8aed2

Request headers

Referer
https://dkdrawii0zqtg.cloudfront.net/Oxanium/Oxanium.css
Origin
https://one-time-offer.com
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
eiGvopmXv.2ZAUZzPcQbcLQ8LtpUwpff
via
1.1 e6d97713eb9b65f883e0f86b833878dd.cloudfront.net (CloudFront)
etag
"b5fe7985255d606213a15c9c06904c17"
age
47973
x-cache
Hit from cloudfront
content-length
12476
x-amz-meta-user
aparatore
last-modified
Mon, 11 Jan 2021 14:59:50 GMT
server
AmazonS3
date
Thu, 18 Nov 2021 04:00:04 GMT
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, POST
content-type
application/font-woff2
access-control-allow-origin
*
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
3WajiDNpioqDqB-Q0PklBuR_lq_lJ3zdrnWkSCgm2dbXCI2EALKP5A==
Clicktale_FR.js
d3dh5c7rwzliwm.cloudfront.net/FR/js/ 		209 B
757 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/FR/js/Clicktale_FR.js
Requested by
Host: d3dh5c7rwzliwm.cloudfront.net
URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/tracker_cookie.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.153 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-153.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cc24527c156532b8a3f9ee65ea20dec14f9ea769d765033a51b24d855bb4038c

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
9qSqGm8P7p6Rz_pkW4Rh_2HBy1PqGQ98
Via
1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
Last-Modified
Thu, 04 Feb 2021 15:38:34 GMT
Server
AmazonS3
Age
40771
ETag
"6e1a68de54fba21ee7d2a84bb9a5e03e"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Date
Thu, 18 Nov 2021 06:00:06 GMT
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Length
209
x-amz-meta-user
ymarchand
X-Amz-Cf-Id
U6kTtVfQk-pPLb-qXmcww0lZykpD5PRcoW6Wd3iXVyWe1OaokZCJ9g==
xt_rta_info.asp
one-time-offer.com/common/ 		79 B
270 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://one-time-offer.com/common/xt_rta_info.asp?ccType=Unknown+Type&bin=0
Requested by
Host: d3dh5c7rwzliwm.cloudfront.net
URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/jquery-1.4.2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.213.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-213-251.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
1bce75f9438e0406ca18e08ef0070eda72016893f42ef7aca2e347ab77dd1329

Request headers

Accept
application/json, text/javascript, */*
Referer
https://one-time-offer.com/sol9/damart_fr/sb717430/promo.asp?sid=1d232d22693f04974c6fcbc524c42813&ci=C6D626B696269A11D1C0712120A110E13BB797D7F76717AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DF121F1B171E131017131ED46651435352594A4D5449E52D232B2422293A3F3D34FE4047555345545C4A425&infoid=1d232d22693f04974c6fcbc524c42813
X-Requested-With
XMLHttpRequest
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 18 Nov 2021 17:19:36 GMT
cache-control
private
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET
content-length
79
content-type
application/json; charset=utf-8
css2
fonts.googleapis.com/ 		1 KB
480 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:wght@400;700&display=swap
Requested by
Host: d3dh5c7rwzliwm.cloudfront.net
URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/FR_RR_KAPPA_PROMO_RWD_cookies.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7ad3ff657f32032ef8efa653730c135bd6aab764db571b1de66d295ec10c81ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://d3dh5c7rwzliwm.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 18 Nov 2021 16:30:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 18 Nov 2021 17:19:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 18 Nov 2021 17:19:36 GMT
gtm.js
www.googletagmanager.com/ 		262 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W5XHZJF
Requested by
Host: d3dh5c7rwzliwm.cloudfront.net
URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/js/ga_cookie_fr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c1d11767720b3f8ffdaeff1c70c77e282066e07bdffc12d88b27480676780501
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 17:19:36 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62170
x-xss-protection
0
last-modified
Thu, 18 Nov 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 18 Nov 2021 17:19:36 GMT
scanning.gif
d3dh5c7rwzliwm.cloudfront.net/UK/Templates/CCScan/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/UK/Templates/CCScan/scanning.gif
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/damart_fr/sb717430/promo.asp?sid=1d232d22693f04974c6fcbc524c42813&ci=C6D626B696269A11D1C0712120A110E13BB797D7F76717AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DF121F1B171E131017131ED46651435352594A4D5449E52D232B2422293A3F3D34FE4047555345545C4A425&infoid=1d232d22693f04974c6fcbc524c42813
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.153 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-153.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
667fbd73600f9931eb3ab39292833c7ed9182385858d5004d1e93132daa3bb5b

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
P5X8e32szzZRuYav0b9HEo6Tqj_nFIPW
Via
1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
Last-Modified
Wed, 30 Mar 2016 13:29:50 GMT
Server
AmazonS3
Age
48031
ETag
"123876a2d2f4e3cf7cb8ce35eb5f1383"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Date
Thu, 18 Nov 2021 03:59:06 GMT
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Length
46809
X-Amz-Cf-Id
x0EG1iJSss5GI7LJe6stlhTISosila5-f4zNbdH7tyb7Imj2Sf_rVw==
FR_RR_logo_voucher_0044_damart.png
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/modalDC/v2/img/header/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/modalDC/v2/img/header/FR_RR_logo_voucher_0044_damart.png
Requested by
Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/damart_fr/sb717430/promo.asp?sid=1d232d22693f04974c6fcbc524c42813&ci=C6D626B696269A11D1C0712120A110E13BB797D7F76717AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DF121F1B171E131017131ED46651435352594A4D5449E52D232B2422293A3F3D34FE4047555345545C4A425&infoid=1d232d22693f04974c6fcbc524c42813
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.153 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-153.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
db2761fcc5d150bb8a9230995b75cc9911967932b49129383c7275f6239365e4

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 18 Nov 2021 07:28:12 GMT
Via
1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
Last-Modified
Thu, 15 Sep 2016 12:48:03 GMT
Server
AmazonS3
Age
35485
ETag
"0dd316feae783cac21747700fb547fff"
X-Cache
Hit from cloudfront
x-amz-version-id
02jHcNLjbTY_PtwSLxLYwYpR8DXguW7Q
Connection
keep-alive
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
2302
X-Amz-Cf-Id
lOlme9vpvAdKM72ZWaQ6wEcFIiNF6-qRmE6OYCwRYW02uzWiP-qZQQ==
fcc01ff5-636a-461e-8941-bd653a7fe10d.json
cdn.cookielaw.org/consent/fcc01ff5-636a-461e-8941-bd653a7fe10d/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/fcc01ff5-636a-461e-8941-bd653a7fe10d/fcc01ff5-636a-461e-8941-bd653a7fe10d.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
943a12f8d6daafb119e543994b543f46e17a29e97df35167216de42102ab546f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 18 Nov 2021 17:19:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
t5t40AmLJzHwWn0nRUuiRg==
age
517
vary
Accept-Encoding
content-length
1505
x-ms-lease-status
unlocked
last-modified
Thu, 15 Jul 2021 08:22:44 GMT
server
cloudflare
etag
0x8D94769B8A727C8
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
e0c2af38-601e-0142-5015-b6b5a7000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6b02dd60fc490e0e-MXP
expires
Thu, 18 Nov 2021 21:19:37 GMT
LambdaWLAnalytics
analytics.member-center.com/lambda/ 		79 B
154 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.member-center.com/lambda/LambdaWLAnalytics?WLUMID=undefined&PID=27400
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5XHZJF
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.253.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-253-105.eu-west-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
173dca22aed758a683176f3e3d9ccc10964a100628a575ebc2b467eb4620359d

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 17:19:37 GMT
server
awselb/2.0
content-length
79
content-type
application/javascript
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		190 B
398 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
726d69f35e4220ac81e2dac4b57076b2e3eed60c9fbabd3221a914abc8e400da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 17:19:37 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6b02dd620eaef927-MXP
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.16.0/ 		374 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.16.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
353bcd41d11cc5a2bcb6763c269e41ac785c06ace29ac10053bb7c0fa3bf1ecf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 18 Nov 2021 17:19:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
dGCXlveaBvO7BI0nfZKP+g==
age
2661093
vary
Accept-Encoding
content-length
85065
x-ms-lease-status
unlocked
last-modified
Thu, 06 May 2021 19:31:04 GMT
server
cloudflare
etag
0x8D910C57D52F14C
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e5ddc35e-701e-0156-066c-c476c3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6b02dd627abe3763-MXP
fr.json
cdn.cookielaw.org/consent/fcc01ff5-636a-461e-8941-bd653a7fe10d/b50097ae-2b29-4c1e-ac3c-9dfac67cc172/ 		48 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/fcc01ff5-636a-461e-8941-bd653a7fe10d/b50097ae-2b29-4c1e-ac3c-9dfac67cc172/fr.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.16.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b80826c55b0d331392995f79a267770e779b98d4cca0d7124e78ec60cf304f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 18 Nov 2021 17:19:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
content-md5
Xiashj9IKKW7GQT5tOkWvA==
vary
Accept-Encoding
content-length
13180
x-ms-lease-status
unlocked
last-modified
Thu, 15 Jul 2021 08:22:53 GMT
server
cloudflare
etag
0x8D94769BDE98160
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
0e1627d0-201e-00e0-71a0-dc3e6e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6b02dd6359260e0e-MXP
expires
Thu, 18 Nov 2021 21:19:37 GMT
otFlat.json
cdn.cookielaw.org/scripttemplates/6.16.0/assets/ 		12 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.16.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.16.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb1fa7363d6e4772f7c49d67f031d68f209e66de6c3c05aade6fdc57a02505c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 18 Nov 2021 17:19:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
DKM3/i+7h7Fs8cEMor3s2A==
age
10814
vary
Accept-Encoding
content-length
2938
x-ms-lease-status
unlocked
last-modified
Thu, 06 May 2021 19:30:47 GMT
server
cloudflare
etag
0x8D910C572DA86E8
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
5017ca11-701e-0156-215a-db76c3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6b02dd64dc880e0e-MXP
otPcTab.json
cdn.cookielaw.org/scripttemplates/6.16.0/assets/v2/ 		46 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.16.0/assets/v2/otPcTab.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.16.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a02b434edb84f078f67ae040f565f6258b91dfa3f16ad8e305392cfe5d18e8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 18 Nov 2021 17:19:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
2Zi7TemSsXHh6hY5sI0Yeg==
age
2660296
vary
Accept-Encoding
content-length
11890
x-ms-lease-status
unlocked
last-modified
Thu, 06 May 2021 19:30:50 GMT
server
cloudflare
etag
0x8D910C574C4FC1A
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
515a0f86-801e-00a9-346e-c40d0e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6b02dd64dc970e0e-MXP
spacer.gif
d3dh5c7rwzliwm.cloudfront.net/ALL/images/
Redirect Chain
  • https://one-time-offer.com/common/xt_recMilestone.asp
  • http://d3dh5c7rwzliwm.cloudfront.net/ALL/images/spacer.gif
0
0
spacer.gif
d3dh5c7rwzliwm.cloudfront.net/ALL/images/
Redirect Chain
  • https://one-time-offer.com/common/xt_recMilestone.asp
  • https://d3dh5c7rwzliwm.cloudfront.net/ALL/images/spacer.gif
43 B
860 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d3dh5c7rwzliwm.cloudfront.net/ALL/images/spacer.gif
Protocol
HTTP/1.1
Server
143.204.101.153 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-153.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://one-time-offer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 18 Nov 2021 02:10:56 GMT
Via
1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
Age
54524
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
43
x-amz-meta-user
ymarchand
Last-Modified
Mon, 11 May 2020 07:31:23 GMT
Server
AmazonS3
ETag
"fc94fb0c3ed8a8f909dbc7630a0987ff"
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Access-Control-Allow-Methods
HEAD, GET
x-amz-version-id
iG7_tlWBrGLw6cWT9taMgLAkJAqZyJ2R
Access-Control-Allow-Origin
https://one-time-offer.com
Access-Control-Expose-Headers
ETag, x-amz-meta-custom-header
Access-Control-Allow-Credentials
true
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Type
image/gif
X-Amz-Cf-Id
Ly9vrY1gII0GsKpPLmGhYXMxpfVDcvMLcTJSfeLamcP7Y1Q51csd0w==

Redirect headers

location
https://d3dh5c7rwzliwm.cloudfront.net/ALL/images/spacer.gif
date
Thu, 18 Nov 2021 17:19:39 GMT
cache-control
private
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET
content-length
180
content-type
text/html

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
d3dh5c7rwzliwm.cloudfront.net
URL
http://d3dh5c7rwzliwm.cloudfront.net/ALL/images/spacer.gif

Verdicts & Comments Add Verdict or Comment

229 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler string| winURL object| cookie_script_01 object| cookie_script_02 function| OptanonWrapper function| otGetInitialGrps function| otDeleteCookie function| otGetInactiveId function| eraseCookie function| eraseCookieFromAllPaths function| deleteCookies function| dropContent function| createCookies function| showCMP function| hideCookieUI function| validateRequiredFields function| toggleNcof function| ncofOnErr function| popUp function| popUp2 function| popUp_toolbar function| changeImage function| changeCCImage function| scrolltop function| closeDivElement function| playAudio function| setExpDateEnabled function| getPrivateLabelCCTypes function| postExpDates function| postRecMilestone function| postRecSession function| exitPop function| noExitPop function| noThanksButton function| noThanksButtonSubmit function| noThanksButtonBrylaneIntegrated function| exitPopIntoWindow boolean| nosubmit function| survey function| cancelEnter function| keyhandler function| siteWindowDisplay function| siteWinFocus function| siteWinFocusP1b function| siteWinSubmit function| intSiteWinSubmit function| awaWinFocus function| sitePop function| postGateway function| submitonce function| checkHotelCard function| noThanksButtonP2bFlow_DC function| noThanksButtonP2bFlow_DC_575_mlst function| addDays function| getBrowser function| intSitePopFull function| formClickRecMilestone function| formPopGeneric function| formTabGeneric function| formPopChooseCoupon function| formPopHybridDataOnSell function| formPopHybridDataOnDC function| formPopMatchBack function| formPopNoInterim function| getRadios function| disableNoncof function| IsDuplicateDriver function| ValidateDriverList function| breakOut object| countryCode function| $ function| jQuery function| DP_jQuery_1637255976771 boolean| keyboardOpen function| detect object| timeout number| slideIndex boolean| sliderActive function| showSlides function| checkSize function| goSlides function| plusSlides number| AFKtimer function| arrowDownAnimation function| arrowUpAnimation function| clickOnClickOpener function| ccMaxLenght function| cocher function| checkValidation function| updateTypedEmail function| testFields function| f_testAddress_fields function| f_trim function| charCode object| requiredFields object| validateFields object| compareFields function| processBeforeSubmit function| wl_copyField1 function| TestCountry function| TestZip function| VerifyPassword function| TestPwdLength function| TestMail function| VerifyMail function| VerifyCCExp function| expdate function| modMY function| ccnumSpace function| mailSpace function| clearBlanksB function| clearBlanksA function| showInterimModal function| hideInterimModal function| addvalidmark boolean| moduleLeavers boolean| ignore_onbeforeunload string| htmlLeavers undefined| generateProspectId string| srcRta object| scriptRta object| arrCCTypeRealTime object| arr_cardtype function| closeInterimPageIfError function| addValid function| addInvalid function| isRealTimeAuth function| addValidation string| SessionID string| VTOgetValue string| VoucherLink string| VoucherLinkModal string| LogoLink object| s string| p_lngSolId string| p_strPubNoThanksURL string| p_lngClientId string| p_strErrorMessage string| p_astrBadCharacters string| p_astrMissingFields string| p_astrRedLabels string| p_astrBadCard string| p_astrBadCardType string| p_astrBadExpiration string| p_lngProductId string| f_strAccountName_CCdata string| f_strErrorMessages string| f_strErrorFlag string| f_strSessionId string| p_intCountryId string| premiumOffer string| cvvNumBin string| solBrand string| solPremiumValue string| solOfferPrice string| solCpid function| checkCVVvisible object| paramRouter number| nbClickDetails function| changeModalTosSmart string| partner string| clientId string| pricePoint string| rewardType string| productID string| CPID string| sessionId string| premiumAmount string| premiumType boolean| threedsFl function| validateModalFields function| show3DS function| ErrorASPRecMilestone function| resizeBoxes function| router function| open_hint function| checkCvvLgth function| checkCVV function| set_ccLgth function| getCvvFl function| selectCC boolean| maestro_isAccepted boolean| americanExpress_isAccepted boolean| mastercard_isAccepted boolean| visa_isAccepted boolean| visaElectron_isAccepted boolean| switch_isAccepted boolean| solo_isAccepted boolean| visaDebit_isAccepted string| CCT_mc string| CCT_v string| CCT_ae string| CCT_vd string| CCT_mss string| ico_amex string| ico_visa string| ico_master function| displayLogoCC function| addValidCC_836 function| addValidCC_837 function| createOverlay function| centerOverlay function| showOverlay function| closeOverlay number| isError number| c_month number| c_year string| i_month string| i_year string| i_trg object| dataLayer function| Clicktale object| OneTrustStub string| OnetrustActiveGroups string| OptanonActiveGroups object| google_tag_manager function| postscribe object| google_tag_manager_external function| jsonFeed object| otStubData object| Optanon object| OneTrust string| OptanonWrapperCount string| otIniGrps object| pathArray

7 Cookies

Domain/Path Name / Value
one-time-offer.com/ Name: ASP.NET_SessionId
Value: miwnyzsf5vnnxd4jsrw41xbi
one-time-offer.com/ Name: WLSession
Value: SID=1d232d22693f04974c6fcbc524c42813&SessionClosed=false
one-time-offer.com/ Name: USER%5FID
Value: 1246259090
one-time-offer.com/ Name: ASPSESSIONIDASTSRRBC
Value: HOOHNDCDJFJAAGBJAGKLNEJN
one-time-offer.com/ Name: ASPSESSIONIDCCQDSTBD
Value: OBMMKPADGBDMPCJMKAGNDGMD
.one-time-offer.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Thu+Nov+18+2021+17%3A19%3A37+GMT%2B0000+(GMT)&version=6.16.0&isIABGlobal=false&hosts=&consentId=805263e8-98f3-4f62-bce3-c2d17d79ed14&interactionCount=0&landingPath=https%3A%2F%2Fone-time-offer.com%2Fsol9%2Fdamart_fr%2Fsb717430%2Fpromo.asp%3Fsid%3D1d232d22693f04974c6fcbc524c42813%26ci%3DC6D626B696269A11D1C0712120A110E13BB797D7F76717AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DF121F1B171E131017131ED46651435352594A4D5449E52D232B2422293A3F3D34FE4047555345545C4A425%26infoid%3D1d232d22693f04974c6fcbc524c42813&groups=C0001%3A1%2CC0003%3A0%2CC0004%3A0
one-time-offer.com/ Name: ASPSESSIONIDQQCRSRAD
Value: DGAENNBDIKDBDOEIPHGDCEPC

1 Console Messages

Source Level URL
Text
security error URL: https://one-time-offer.com/sol9/damart_fr/sb717430/promo.asp?sid=1d232d22693f04974c6fcbc524c42813&ci=C6D626B696269A11D1C0712120A110E13BB797D7F76717AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DF121F1B171E131017131ED46651435352594A4D5449E52D232B2422293A3F3D34FE4047555345545C4A425&infoid=1d232d22693f04974c6fcbc524c42813
Message:
Mixed Content: The page at 'https://one-time-offer.com/sol9/damart_fr/sb717430/promo.asp?sid=1d232d22693f04974c6fcbc524c42813&ci=C6D626B696269A11D1C0712120A110E13BB797D7F76717AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DF121F1B171E131017131ED46651435352594A4D5449E52D232B2422293A3F3D34FE4047555345545C4A425&infoid=1d232d22693f04974c6fcbc524c42813' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://d3dh5c7rwzliwm.cloudfront.net/ALL/images/spacer.gif'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.member-center.com
banners.wlservices.fr
cdn.cookielaw.org
d3dh5c7rwzliwm.cloudfront.net
dkdrawii0zqtg.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
one-time-offer.com
www.googletagmanager.com
d3dh5c7rwzliwm.cloudfront.net
143.204.101.153
2600:9000:2156:2600:14:9586:a100:21
2606:4700:10::6814:b944
2606:4700::6810:9440
2a00:1450:4001:802::2003
2a00:1450:4001:810::200a
2a00:1450:4001:830::2008
3.251.38.196
34.248.213.251
52.51.253.105
0096dde1ba0a47d8ac4b1f3faae7013cce83adfb255f7fc35cea8a9ce119f119
077081403676ca25396e6fbe5cce7155e7d63e83903868b91695a9d5cf8a15ce
0b19d7b02efa2e63180e064f2801718bccb6fd3c2c307ee41110e21e2e4ad390
0c42ff05e2e248efed2b86bd41594a56dcdcdb3207082312856d569482a34b5a
0cede639efd6c1d520bce74b3c1f5cbbccf57522abdad7c95e56025b82f986f0
10a17911fe0de7c92b489f71755a2f7d4c9fae6b3b326b2d2acab0a7402165e6
11e5db674677ffa051c40868035e9dfeb2603527c14e68d5586e6466af0cc27c
124a3d038c149d31ffa54e6c6e680d5cfccf1935d90562a5085fbfeb1c02a334
173dca22aed758a683176f3e3d9ccc10964a100628a575ebc2b467eb4620359d
1adeb9b7455c164e01a88173d356742be2a4b5dc4977f0f64fee5b5d4b38e0b3
1bce75f9438e0406ca18e08ef0070eda72016893f42ef7aca2e347ab77dd1329
1c3651c48dc8ee266374f9e3e555ab44225199712db261b303156c5d2d62d609
2690badc31814d3c7cc38d5bd1e34f514e04abd2dbe0bfa601ee4347ea82a30f
2b38ad3bc616f69332f3ecca87016bbfe66c77ec1a31b68dece47776e0a4bb39
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
353bcd41d11cc5a2bcb6763c269e41ac785c06ace29ac10053bb7c0fa3bf1ecf
4104c36d9a497be97630c8ed0576708bfc1381b2ff6a92aa7a41e17122390083
4654da0fb6b121c04d5943a7365c6cd6bcbff0f4e9b7f20261bb136d39dddd86
4a02b434edb84f078f67ae040f565f6258b91dfa3f16ad8e305392cfe5d18e8c
4b7a665bf6b3908da1f66a6483da8c52431e61e124a1588fb83835b1ef194d64
4e9187ce99f6871a91e57bea12068ac166269a35f14e1c4c69ac85203502c2fa
52295428f1d4d23a3a2e279cc1dacf9b9869b08004da91fb219ac01f48e86938
57dfc7637aef7db2b5b68775b512f8fce25575d803f4af4e87260118938186d4
5b80826c55b0d331392995f79a267770e779b98d4cca0d7124e78ec60cf304f3
667fbd73600f9931eb3ab39292833c7ed9182385858d5004d1e93132daa3bb5b
726d69f35e4220ac81e2dac4b57076b2e3eed60c9fbabd3221a914abc8e400da
7ad3ff657f32032ef8efa653730c135bd6aab764db571b1de66d295ec10c81ac
7ca9827b9cb830e35c510501de1ad37e7ebedd8c8cb388a925253a64f95bee15
8380a1fbd46042955f25aade9894cd66babe9f4c444af66bbfb3fadadec74913
8571d74f55eff7ea2c94150a0607f7e8f0a2403da66f238f7c89f4822ae7f9b8
86b1ccf63235b047380c389b74b118665df079b40706b9360a11f420ec62dceb
87a0d6b72d1f25e73a511f1c7d63a96a48b3b34736e8b95e367a628faea4625b
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
943a12f8d6daafb119e543994b543f46e17a29e97df35167216de42102ab546f
9ebae3291f840fc32c3d128bbe9518706dc5c14dd704949984d802d28a8c20d0
a04e6c9a58e4f7de825fd103326e0f00a6b3b2634233c9b68870894cba763290
ab5365562797d4cb63c04ed8fac0399746471d2c6c5d7b26a219cfebc6a15068
ae581f6b1c675a860395cda9dfb2963ed3cfbdfa14e10bf8a0ddc3245e4debbd
b214c7b862a0e50798c53344af7e709b24b85b0cd30a7a6b753c2e86dfed2554
b6e7eff529efa6de4490a438b12f1f64f4c909b85516191405cf725f539be117
c19badd2e95becdb5b490d89efe6e57d8d6f903121f22d86efbafc117c49870e
c1d11767720b3f8ffdaeff1c70c77e282066e07bdffc12d88b27480676780501
c28d2287ba25f531f52f96d00895c8d04ecebb1ed5ae5849b5c2b088c2ea7f82
c30ba96503f1de9a792a9e725155b852434607e956eb5b6e8997013dfb653091
c3a179b475d6172f19fae44a7b0b55b329206f3ab364cf0e66a2d840bb548dee
cc24527c156532b8a3f9ee65ea20dec14f9ea769d765033a51b24d855bb4038c
cec4205899ad0e0c3874cdfce2eb2577bc38a99422da5cc951c4014d66532226
cf8612d7c0fb3fc90d91d896fc4ff6409e159611c1ed079a334645c977af0670
d8174f782feed11dbaf66bd035300d24623814e61f1500ac6b73a00895ec1bd3
db2761fcc5d150bb8a9230995b75cc9911967932b49129383c7275f6239365e4
e0e4e394c54bada549ba929376c448dbcf2f1a5e8ebb20b03485743da1f04b2f
e6f0978189cc569303e3f98accc039dbb600bf11f6377b110a1c6d88ce7db7ae
eb1fa7363d6e4772f7c49d67f031d68f209e66de6c3c05aade6fdc57a02505c1
fd85536f1b59127421f184b4c8b186bb991fabe6c9d314ebb9a5bbaf11d8aed2