one-time-offer.com Open in urlscan Pro
52.16.213.184 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://one-time-offer.com/sg/gateway.aspx?v=3333137373&p=A292B2F22262BE77B7D7F706E72FC3A3A3F303039F16D6060727&cl=0574&q=&h...
Effective URL:
https://one-time-offer.com/sol9/darty_fr/sb840930/promo.asp?sid=7deac3bcf839a2dd96420dc8f6a4df5d&ci=C6A6A6F606069A11D1C0712...
Submission: On October 09 via api (October 9th 2022, 9:43:46 am UTC) from CZ — Scanned from DE

Summary HTTP 75 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 16 IPs in 3 countries across 10 domains to perform 75 HTTP transactions. The main IP is 52.16.213.184, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is one-time-offer.com. The Cisco Umbrella rank of the primary domain is 542057.
TLS certificate: Issued by Entrust Certification Authority - L1K on December 16th 2021. Valid for: a year.

This is the only time one-time-offer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4 9	52.16.213.184 52.16.213.184	16509 (AMAZON-02) (AMAZON-02)
40	99.86.1.6 99.86.1.6	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
3	2600:9000:206... 2600:9000:206f:9a00:14:9586:a100:21	16509 (AMAZON-02) (AMAZON-02)
1	34.254.54.173 34.254.54.173	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:206... 2600:9000:206f:fc00:b:d114:6780:21	16509 (AMAZON-02) (AMAZON-02)
7	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::ac40:929e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.16.82.29 52.16.82.29	16509 (AMAZON-02) (AMAZON-02)
1	143.204.215.16 143.204.215.16	16509 (AMAZON-02) (AMAZON-02)
2	54.246.158.148 54.246.158.148	16509 (AMAZON-02) (AMAZON-02)
1	52.215.165.3 52.215.165.3	16509 (AMAZON-02) (AMAZON-02)
1	52.30.123.22 52.30.123.22	16509 (AMAZON-02) (AMAZON-02)
75	16

9 52.16.213.184 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-213-184.eu-west-1.compute.amazonaws.com

one-time-offer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 99.86.1.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-1-6.fra6.r.cloudfront.net

d3dh5c7rwzliwm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:206f:9a00:14:9586:a100:21 (United States)

ASN16509 (AMAZON-02, US)

dkdrawii0zqtg.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.254.54.173 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-54-173.eu-west-1.compute.amazonaws.com

tracking.wlscripts.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:fc00:b:d114:6780:21 (United States)

ASN16509 (AMAZON-02, US)

d2lbtufyyqy5cu.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:929e (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.16.82.29 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-82-29.eu-west-1.compute.amazonaws.com

analytics.member-center.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-16.fra53.r.cloudfront.net

t.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.246.158.148 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-158-148.eu-west-1.compute.amazonaws.com

q-aeu1.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.165.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-165-3.eu-west-1.compute.amazonaws.com

c.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.123.22 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-123-22.eu-west-1.compute.amazonaws.com

k-aeu1.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	cloudfront.net d3dh5c7rwzliwm.cloudfront.net dkdrawii0zqtg.cloudfront.net d2lbtufyyqy5cu.cloudfront.net	649 KB
9	one-time-offer.com 4 redirects one-time-offer.com — Cisco Umbrella Rank: 542057	39 KB
7	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 668	123 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118	4 KB
5	contentsquare.net t.contentsquare.net — Cisco Umbrella Rank: 4176 q-aeu1.contentsquare.net — Cisco Umbrella Rank: 11659 c.contentsquare.net — Cisco Umbrella Rank: 4236 k-aeu1.contentsquare.net — Cisco Umbrella Rank: 12995	78 KB
3	gstatic.com fonts.gstatic.com	75 KB
1	member-center.com analytics.member-center.com — Cisco Umbrella Rank: 624434	154 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 913	359 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 129	67 KB
1	wlscripts.net tracking.wlscripts.net	67 B
75	10

	Domain	Requested by
40	d3dh5c7rwzliwm.cloudfront.net	one-time-offer.com d3dh5c7rwzliwm.cloudfront.net
9	one-time-offer.com	4 redirects one-time-offer.com d3dh5c7rwzliwm.cloudfront.net
7	cdn.cookielaw.org	d3dh5c7rwzliwm.cloudfront.net cdn.cookielaw.org
6	fonts.googleapis.com	one-time-offer.com d3dh5c7rwzliwm.cloudfront.net
3	fonts.gstatic.com	fonts.googleapis.com
3	dkdrawii0zqtg.cloudfront.net	one-time-offer.com dkdrawii0zqtg.cloudfront.net
2	q-aeu1.contentsquare.net	t.contentsquare.net
1	k-aeu1.contentsquare.net	t.contentsquare.net
1	c.contentsquare.net
1	t.contentsquare.net	d3dh5c7rwzliwm.cloudfront.net
1	analytics.member-center.com	www.googletagmanager.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	www.googletagmanager.com	d3dh5c7rwzliwm.cloudfront.net
1	d2lbtufyyqy5cu.cloudfront.net	one-time-offer.com
1	tracking.wlscripts.net	one-time-offer.com
75	15

This site contains links to these domains. Also see Links.

Domain
www.remisesetreductions.fr
d3dh5c7rwzliwm.cloudfront.net
webloyalty.com
onetrust.com

Subject Issuer	Validity	Valid
one-time-offer.com Entrust Certification Authority - L1K	`2021-12-16` - `2023-01-15`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
wlservices.fr Amazon	`2022-05-19` - `2023-06-17`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-01-12` - `2023-01-12`	a year	crt.sh
member-center.com Amazon	`2021-12-13` - `2023-01-10`	a year	crt.sh
t.contentsquare.net Amazon	`2021-11-13` - `2022-12-11`	a year	crt.sh
q-aeu1.contentsquare.net Amazon	`2022-05-23` - `2023-06-21`	a year	crt.sh
kep-web.ba.contentsquare.net Amazon	`2022-09-01` - `2023-09-30`	a year	crt.sh
kep-malka.ba.contentsquare.net Amazon	`2022-08-29` - `2023-09-27`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://one-time-offer.com/sol9/darty_fr/sb840930/promo.asp?sid=7deac3bcf839a2dd96420dc8f6a4df5d&ci=C6A6A6F606069A11D1C0712120A110E13BB797078737E7AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DC1C1C1C1F17101715131ED46651435352594A4D5449E2212A24232827373F3D34FE4047555345545C4A425&infoid=7deac3bcf839a2dd96420dc8f6a4df5d
Frame ID: C5B456F55E5A26AB69657BEEE690F1CB
Requests: 70 HTTP requests in this frame

Frame: https://d3dh5c7rwzliwm.cloudfront.net/FR/html/details_popup.html
Frame ID: 3358817B47F981E14246BC203C7A6673
Requests: 2 HTTP requests in this frame

Frame: https://d3dh5c7rwzliwm.cloudfront.net/FR/html/details_popup.html
Frame ID: 0306BE1BD3523A46902E15D138EB20D9
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Remises & RéductionsFR_RR_ARROW_Voucher4fr_rr_sellpageMockup_updates_v5_arrowfr_rr_sellpageMockup_updates_v5_arrowFR_Cashback_iconFR_MMB_iconFR_Coupon_iconfr_rr_sellpageMockup_updates_v5_arrowBack ButtonFilter Button

Page URL History Show full URLs

https://one-time-offer.com/sg/gateway.aspx?v=3333137373&p=A292B2F22262BE77B7D7F706E72FC3A3A3F303039F16D... HTTP 302
https://one-time-offer.com/sol9/darty_fr/sb840930/promo.asp?sid=7deac3bcf839a2dd96420dc8f6a4df5d&ci=C6A... Page URL

Detected technologies

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui[.-]([\d.]*\d)[^/]*\.js
jquery-ui.*\.js

Page Statistics

75
Requests

95 %
HTTPS

47 %
IPv6

10
Domains

15
Subdomains

16
IPs

3
Countries

1035 kB
Transfer

2353 kB
Size

6
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.remisesetreductions.fr/terms-and-conditions
Title: les Conditions d’Utilisation du Service

Search URL Search Domain Scan URL

URL: https://www.remisesetreductions.fr/privacy-policy
Title: Charte de Données Personnelles.

Search URL Search Domain Scan URL

URL: https://www.remisesetreductions.fr/Home/AllRetailers/840930
Title: 700 e-marchands

Search URL Search Domain Scan URL

URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/site/20190913/Remises_et_Reductions_Formulaire_de_Retractation.pdf
Title: rétractation

Search URL Search Domain Scan URL

URL: https://webloyalty.com/
Title: webloyalty.com

Search URL Search Domain Scan URL

URL: https://www.remisesetreductions.fr/about-us
Title: Mentions légales

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://one-time-offer.com/sg/gateway.aspx?v=3333137373&p=A292B2F22262BE77B7D7F706E72FC3A3A3F303039F16D6060727&cl=0574&q=&h=2894b209fcfb22750917c4b576615f2e HTTP 302
https://one-time-offer.com/sol9/darty_fr/sb840930/promo.asp?sid=7deac3bcf839a2dd96420dc8f6a4df5d&ci=C6A6A6F606069A11D1C0712120A110E13BB797078737E7AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DC1C1C1C1F17101715131ED46651435352594A4D5449E2212A24232827373F3D34FE4047555345545C4A425&infoid=7deac3bcf839a2dd96420dc8f6a4df5d Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55

https://one-time-offer.com/common/xt_recMilestone.asp HTTP 302
https://d3dh5c7rwzliwm.cloudfront.net/ALL/images/spacer.gif

Request Chain 66

https://one-time-offer.com/common/xt_recMilestone.asp HTTP 302
https://d3dh5c7rwzliwm.cloudfront.net/ALL/images/spacer.gif

Request Chain 73

https://one-time-offer.com/common/xt_recMilestone.asp HTTP 302
https://d3dh5c7rwzliwm.cloudfront.net/ALL/images/spacer.gif

75 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request promo.asp Show response
one-time-offer.com/sol9/darty_fr/sb840930/
Redirect Chain

https://one-time-offer.com/sg/gateway.aspx?v=3333137373&p=A292B2F22262BE77B7D7F706E72FC3A3A3F303039F16D6060727&cl=0574&q=&h=2894b209fcfb22750917c4b576615f2e
https://one-time-offer.com/sol9/darty_fr/sb840930/promo.asp?sid=7deac3bcf839a2dd96420dc8f6a4df5d&ci=C6A6A6F606069A11D1C0712120A110E13BB797078737E7AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73...

73 KB
26 KB

321ms
321ms

Document
text/html

52.16.213.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://one-time-offer.com/sol9/darty_fr/sb840930/promo.asp?sid=7deac3bcf839a2dd96420dc8f6a4df5d&ci=C6A6A6F606069A11D1C0712120A110E13BB797078737E7AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DC1C1C1C1F17101715131ED46651435352594A4D5449E2212A24232827373F3D34FE4047555345545C4A425&infoid=7deac3bcf839a2dd96420dc8f6a4df5d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.213.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-213-184.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/8.5 /
Resource Hash: eed6469391b8e3335a678eb433bf851a116162f08881a3be5020d520ae85683a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
content-encoding: gzip
content-length: 26300
content-type: text/html
date: Sun, 09 Oct 2022 09:43:41 GMT
server: Microsoft-IIS/8.5
vary: Accept-Encoding

Redirect headers

cache-control: private
content-length: 1173
content-type: text/html; charset=utf-8
date: Sun, 09 Oct 2022 09:43:41 GMT
location: /sol9/darty_fr/sb840930/promo.asp?sid=7deac3bcf839a2dd96420dc8f6a4df5d&ci=C6A6A6F606069A11D1C0712120A110E13BB797078737E7AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DC1C1C1C1F17101715131ED46651435352594A4D5449E2212A24232827373F3D34FE4047555345545C4A425&infoid=7deac3bcf839a2dd96420dc8f6a4df5d
server: Microsoft-IIS/8.5

GET
H/1.1 200
OK FR_RR_KAPPA_PROMO_RWD_cookies_wrapper.js Show response
d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/ 18 KB
5 KB 78ms
22ms Script
text/javascript 99.86.1.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/FR_RR_KAPPA_PROMO_RWD_cookies_wrapper.js
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/darty_fr/sb840930/promo.asp?sid=7deac3bcf839a2dd96420dc8f6a4df5d&ci=C6A6A6F606069A11D1C0712120A110E13BB797078737E7AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DC1C1C1C1F17101715131ED46651435352594A4D5449E2212A24232827373F3D34FE4047555345545C4A425&infoid=7deac3bcf839a2dd96420dc8f6a4df5d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.1.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-6.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f85013ff265bef7b4f7dbbb38eba7a7b9f015c1aeaff39e0d0399660ac046f2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: omKORCqZFLN3uETAlbPg0VzNRMIGxxUv
Content-Encoding: gzip
Via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
Date: Sun, 09 Oct 2022 08:49:17 GMT
X-Amz-Cf-Pop: FRA6-C1
Age: 7618
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
x-amz-meta-user: gsokate
Last-Modified: Tue, 21 Dec 2021 07:40:22 GMT
Server: AmazonS3
ETag: W/"ca5c05eaeaa54f93d2bb39b99b158fbc"
Vary: Accept-Encoding, Origin
Content-Type: text/javascript
X-Amz-Cf-Id: JL7-_nfHPVoiHhu_S6Lcg3zwXzu9UlDAXTnvrjZntf4WzSZnZSBV0Q==

GET
H/1.1 200
OK style_REY2_428_3DS_desktop-template-05.css
d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/ 22 KB
6 KB 75ms
20ms Stylesheet
text/css 99.86.1.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/style_REY2_428_3DS_desktop-template-05.css
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/darty_fr/sb840930/promo.asp?sid=7deac3bcf839a2dd96420dc8f6a4df5d&ci=C6A6A6F606069A11D1C0712120A110E13BB797078737E7AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DC1C1C1C1F17101715131ED46651435352594A4D5449E2212A24232827373F3D34FE4047555345545C4A425&infoid=7deac3bcf839a2dd96420dc8f6a4df5d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.1.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-6.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b60b366a2bcc7f3993ea6e07492a0d4c5d91e443f44d784744c46c5b33aafdcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: b9F7ogihkbp4hgPo4je2eqMjhrQUga4T
Content-Encoding: gzip
Via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
Date: Sun, 09 Oct 2022 03:28:11 GMT
X-Amz-Cf-Pop: FRA6-C1
Age: 23149
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
x-amz-meta-user: gsokate
Last-Modified: Wed, 24 Aug 2022 14:37:17 GMT
Server: AmazonS3
ETag: W/"688f259e999e073f7f92b0659a9c16a7"
Vary: Accept-Encoding, Origin
Content-Type: text/css
X-Amz-Cf-Id: nZ0JAHtKrYQwWPWqLM-hLlkb-rFURdMij4xxFVBTvfkZy6Vw9DARKA==

GET
H2 200 css
fonts.googleapis.com/ 10 KB
828 B 86ms
32ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,800

Requested by

Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/darty_fr/sb840930/promo.asp?sid=7deac3bcf839a2dd96420dc8f6a4df5d&ci=C6A6A6F606069A11D1C0712120A110E13BB797078737E7AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DC1C1C1C1F17101715131ED46651435352594A4D5449E2212A24232827373F3D34FE4047555345545C4A425&infoid=7deac3bcf839a2dd96420dc8f6a4df5d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f229fcd4f2c83dbd2ee87ee7be177146e75a954c6ba982e4c29936d2a409cb03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 09 Oct 2022 09:43:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 09 Oct 2022 08:54:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 09 Oct 2022 09:43:41 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
927 B 85ms
31ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Paytone+One

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

693ee6643cf51bc7de0a48386c193b49ec28a0ef4a8a219c363d2f4d3d1359f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 09 Oct 2022 09:43:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 09 Oct 2022 09:37:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 09 Oct 2022 09:43:41 GMT

GET
H2 200 Oxanium.css
dkdrawii0zqtg.cloudfront.net/Oxanium/ 2 KB
2 KB 87ms
25ms Stylesheet
text/css 2600:9000:206f:9a00:14:9586:a100:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkdrawii0zqtg.cloudfront.net/Oxanium/Oxanium.css
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/darty_fr/sb840930/promo.asp?sid=7deac3bcf839a2dd96420dc8f6a4df5d&ci=C6A6A6F606069A11D1C0712120A110E13BB797078737E7AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DC1C1C1C1F17101715131ED46651435352594A4D5449E2212A24232827373F3D34FE4047555345545C4A425&infoid=7deac3bcf839a2dd96420dc8f6a4df5d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:9a00:14:9586:a100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 57dfc7637aef7db2b5b68775b512f8fce25575d803f4af4e87260118938186d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: Jt7AsrgWb3slIlimj7CQkX7TLYpJPz75
date: Sun, 09 Oct 2022 06:29:08 GMT
via: 1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
last-modified: Mon, 11 Jan 2021 15:01:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 16845
etag: "e60cbab4e2b902891d27b2cd1c5fcb7d"
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 1823
x-amz-meta-user: aparatore
x-amz-cf-id: Jioa_qrpNZlTMKObPpn77pRWZQLtmzEfSk4ohXtMQZTecJKvHuGJbQ==

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
682 B 90ms
36ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@300;900&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7286e31a06a6e6447980235c424439f93e095023ac7f766c37a13e1d1fc8cfa3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 09 Oct 2022 09:43:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 09 Oct 2022 09:43:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 09 Oct 2022 09:43:41 GMT

GET
H2 200 fr_validation.js Show response
one-time-offer.com/scripts/ 10 KB
3 KB 51ms
49ms Script
application/javascript 52.16.213.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://one-time-offer.com/scripts/fr_validation.js
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/darty_fr/sb840930/promo.asp?sid=7deac3bcf839a2dd96420dc8f6a4df5d&ci=C6A6A6F606069A11D1C0712120A110E13BB797078737E7AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DC1C1C1C1F17101715131ED46651435352594A4D5449E2212A24232827373F3D34FE4047555345545C4A425&infoid=7deac3bcf839a2dd96420dc8f6a4df5d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.213.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-213-184.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/8.5 /
Resource Hash: b214c7b862a0e50798c53344af7e709b24b85b0cd30a7a6b753c2e86dfed2554

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://one-time-offer.com/sol9/darty_fr/sb840930/promo.asp?sid=7deac3bcf839a2dd96420dc8f6a4df5d&ci=C6A6A6F606069A11D1C0712120A110E13BB797078737E7AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DC1C1C1C1F17101715131ED46651435352594A4D5449E2212A24232827373F3D34FE4047555345545C4A425&infoid=7deac3bcf839a2dd96420dc8f6a4df5d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 09:43:41 GMT
content-encoding: gzip
last-modified: Fri, 20 May 2016 12:58:36 GMT
server: Microsoft-IIS/8.5
etag: "0263d5297b2d11:0"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 2913

GET
H2 200 solicitations.js Show response
one-time-offer.com/scripts/ 20 KB
6 KB 50ms
47ms Script
application/javascript 52.16.213.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://one-time-offer.com/scripts/solicitations.js
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/darty_fr/sb840930/promo.asp?sid=7deac3bcf839a2dd96420dc8f6a4df5d&ci=C6A6A6F606069A11D1C0712120A110E13BB797078737E7AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DC1C1C1C1F17101715131ED46651435352594A4D5449E2212A24232827373F3D34FE4047555345545C4A425&infoid=7deac3bcf839a2dd96420dc8f6a4df5d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.213.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-213-184.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 89783270bead756e8bfb2f92e9d0d0708bc9c65e05c18ca4058946a813846a1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://one-time-offer.com/sol9/darty_fr/sb840930/promo.asp?sid=7deac3bcf839a2dd96420dc8f6a4df5d&ci=C6A6A6F606069A11D1C0712120A110E13BB797078737E7AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DC1C1C1C1F17101715131ED46651435352594A4D5449E2212A24232827373F3D34FE4047555345545C4A425&infoid=7deac3bcf839a2dd96420dc8f6a4df5d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 09:43:41 GMT
content-encoding: gzip
last-modified: Wed, 30 Mar 2022 20:52:45 GMT
server: Microsoft-IIS/8.5
etag: "80c2b1b7844d81:0"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 5926

GET
H2 200 promo_flow.js Show response
one-time-offer.com/scripts/ 17 KB
3 KB 49ms
46ms Script
application/javascript 52.16.213.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://one-time-offer.com/scripts/promo_flow.js
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/darty_fr/sb840930/promo.asp?sid=7deac3bcf839a2dd96420dc8f6a4df5d&ci=C6A6A6F606069A11D1C0712120A110E13BB797078737E7AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DC1C1C1C1F17101715131ED46651435352594A4D5449E2212A24232827373F3D34FE4047555345545C4A425&infoid=7deac3bcf839a2dd96420dc8f6a4df5d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.213.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-213-184.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 7ca9827b9cb830e35c510501de1ad37e7ebedd8c8cb388a925253a64f95bee15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://one-time-offer.com/sol9/darty_fr/sb840930/promo.asp?sid=7deac3bcf839a2dd96420dc8f6a4df5d&ci=C6A6A6F606069A11D1C0712120A110E13BB797078737E7AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DC1C1C1C1F17101715131ED46651435352594A4D5449E2212A24232827373F3D34FE4047555345545C4A425&infoid=7deac3bcf839a2dd96420dc8f6a4df5d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 09:43:41 GMT
content-encoding: gzip
last-modified: Mon, 20 Sep 2021 13:27:14 GMT
server: Microsoft-IIS/8.5
etag: "0e5593923aed71:0"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 2740

GET
H/1.1 200
OK countryCode.js Show response
d3dh5c7rwzliwm.cloudfront.net/ALL/JS/ 266 B
849 B 77ms
23ms Script
text/javascript 99.86.1.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/ALL/JS/countryCode.js
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/darty_fr/sb840930/promo.asp?sid=7deac3bcf839a2dd96420dc8f6a4df5d&ci=C6A6A6F606069A11D1C0712120A110E13BB797078737E7AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DC1C1C1C1F17101715131ED46651435352594A4D5449E2212A24232827373F3D34FE4047555345545C4A425&infoid=7deac3bcf839a2dd96420dc8f6a4df5d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.1.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-6.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8380a1fbd46042955f25aade9894cd66babe9f4c444af66bbfb3fadadec74913

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: hJeSIGv5pXXyyKYreNWGJPLdd.bjVqsC
Date: Sun, 09 Oct 2022 06:29:07 GMT
Via: 1.1 92ab13182d4b89ed20b3b5c10adc4f22.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA6-C1
Age: 17541
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 266
x-amz-meta-user: wgarrido
Last-Modified: Wed, 13 Feb 2019 14:14:18 GMT
Server: AmazonS3
ETag: "683ec31106c6b7258f17d8e4099090d2"
Vary: Accept-Encoding, Origin
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: qHtRkxXYboiUTjipFp3iK5bCIJkbH_1PLZvbJj96JzOWHh1dbztSIg==

GET
H/1.1 200
OK jquery-1.4.2.min.js Show response
d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/ 71 KB
25 KB 78ms
24ms Script
text/javascript 99.86.1.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/jquery-1.4.2.min.js
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/darty_fr/sb840930/promo.asp?sid=7deac3bcf839a2dd96420dc8f6a4df5d&ci=C6A6A6F606069A11D1C0712120A110E13BB797078737E7AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DC1C1C1C1F17101715131ED46651435352594A4D5449E2212A24232827373F3D34FE4047555345545C4A425&infoid=7deac3bcf839a2dd96420dc8f6a4df5d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.1.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-6.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1adeb9b7455c164e01a88173d356742be2a4b5dc4977f0f64fee5b5d4b38e0b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: L2DvUgs5paiYR8R6q.gze5i_hvR889T7
Content-Encoding: gzip
Via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
Date: Sun, 09 Oct 2022 06:29:08 GMT
Last-Modified: Mon, 29 Feb 2016 09:54:16 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA6-C1
Age: 15123
ETag: W/"a8a2a48ddaa95527c6d3db763e2b7809"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin
Content-Type: text/javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: YdzZkmEL25pk6iB5yc5CnBPn5gni2dXSnacyoGXAp9VIRpLSPoybfA==

GET
H/1.1 200
OK jquery-ui-1.8.2.custom.min.js Show response
d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/ 204 KB
52 KB 101ms
20ms Script
text/javascript 99.86.1.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/jquery-ui-1.8.2.custom.min.js
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/darty_fr/sb840930/promo.asp?sid=7deac3bcf839a2dd96420dc8f6a4df5d&ci=C6A6A6F606069A11D1C0712120A110E13BB797078737E7AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DC1C1C1C1F17101715131ED46651435352594A4D5449E2212A24232827373F3D34FE4047555345545C4A425&infoid=7deac3bcf839a2dd96420dc8f6a4df5d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.1.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-6.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b6e7eff529efa6de4490a438b12f1f64f4c909b85516191405cf725f539be117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: TIm7w0TXrACS8x4kx0h4b5m1QUXkNlkD
Content-Encoding: gzip
Via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
Date: Sun, 09 Oct 2022 06:29:08 GMT
Last-Modified: Wed, 09 Mar 2016 13:51:59 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA6-C1
Age: 20666
ETag: W/"84d5c35fd13637738a036ed11be2a154"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin
Content-Type: text/javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: LORFja996Rfmq46KmqOwR2GUdHiynZbVIF5WPWWhohpUupKznHqdCA==

GET
H/1.1 200
OK jquery.autotab-1.1b.js Show response
d3dh5c7rwzliwm.cloudfront.net/FR/js/ 7 KB
3 KB 107ms
20ms Script
text/javascript 99.86.1.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/js/jquery.autotab-1.1b.js
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/darty_fr/sb840930/promo.asp?sid=7deac3bcf839a2dd96420dc8f6a4df5d&ci=C6A6A6F606069A11D1C0712120A110E13BB797078737E7AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DC1C1C1C1F17101715131ED46651435352594A4D5449E2212A24232827373F3D34FE4047555345545C4A425&infoid=7deac3bcf839a2dd96420dc8f6a4df5d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.1.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-6.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 52295428f1d4d23a3a2e279cc1dacf9b9869b08004da91fb219ac01f48e86938

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: 84TczmOBEGkseG2zq3iic.24ZqSUYyTu
Content-Encoding: gzip
Via: 1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
Date: Sun, 09 Oct 2022 06:29:08 GMT
X-Amz-Cf-Pop: FRA6-C1
Age: 18732
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
x-amz-meta-user: aparatore
Last-Modified: Wed, 15 May 2019 07:06:30 GMT
Server: AmazonS3
ETag: W/"ef37b11d0b73e90b623e6be842e0d7a9"
Vary: Accept-Encoding, Origin
Content-Type: text/javascript
X-Amz-Cf-Id: j0XPBYz--Py0clDOGrexhxxIuTVNlHwQzw4J9sRTN-TU5PaIRkSuhQ==

GET
H/1.1 200
OK LabelFloat.js Show response
d3dh5c7rwzliwm.cloudfront.net/UK/Templates/Js/ 330 B
886 B 108ms
22ms Script
text/javascript 99.86.1.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/UK/Templates/Js/LabelFloat.js
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/darty_fr/sb840930/promo.asp?sid=7deac3bcf839a2dd96420dc8f6a4df5d&ci=C6A6A6F606069A11D1C0712120A110E13BB797078737E7AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DC1C1C1C1F17101715131ED46651435352594A4D5449E2212A24232827373F3D34FE4047555345545C4A425&infoid=7deac3bcf839a2dd96420dc8f6a4df5d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.1.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-6.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ebae3291f840fc32c3d128bbe9518706dc5c14dd704949984d802d28a8c20d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: ijL6OI7v1PwiFDg9m2risraTCsyBP598
Date: Sun, 09 Oct 2022 06:27:29 GMT
Via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
Last-Modified: Mon, 10 Apr 2017 08:13:14 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA6-C1
Age: 15474
ETag: "8e7aeed06a461c2046ae2262ffde03d5"
Vary: Accept-Encoding, Origin
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 330
X-Amz-Cf-Id: yMcRSUWOLf4-MK86hrD1YlTsEf0F0PofdSU9-ssVXy8jA4D4L3Z7mQ==

GET
H/1.1 200
OK FR_interactions-3DS-detect-VTOfix-dynamicInterstitial.js Show response
d3dh5c7rwzliwm.cloudfront.net/FR/js/desktop/ 41 KB
12 KB 110ms
24ms Script
text/javascript 99.86.1.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/js/desktop/FR_interactions-3DS-detect-VTOfix-dynamicInterstitial.js
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/darty_fr/sb840930/promo.asp?sid=7deac3bcf839a2dd96420dc8f6a4df5d&ci=C6A6A6F606069A11D1C0712120A110E13BB797078737E7AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DC1C1C1C1F17101715131ED46651435352594A4D5449E2212A24232827373F3D34FE4047555345545C4A425&infoid=7deac3bcf839a2dd96420dc8f6a4df5d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.1.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-6.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c27c97eac4067ef10dcaf87268070a764ca4cd5d211257fe25b88e111eb2d3af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: HjMTouOJWDGOzesUmlF2cAyosS1c6qxa
Content-Encoding: gzip
Via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
Date: Sun, 09 Oct 2022 04:34:47 GMT
X-Amz-Cf-Pop: FRA6-C1
Age: 18535
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
x-amz-meta-user: ymarchand
Last-Modified: Wed, 31 Aug 2022 08:16:42 GMT
Server: AmazonS3
ETag: W/"d48a44999912c3e5f199fc2abf26ebbe"
Vary: Accept-Encoding, Origin
Content-Type: text/javascript
X-Amz-Cf-Id: Dj21SnbJQdOV4vzFwUH-NKpCCOkl-3EPLGd47XV7WWbeqUNrqGTmRg==

GET
H/1.1 200
OK leavers.js Show response
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/ZETER/js/ 11 KB
4 KB 109ms
23ms Script
text/javascript 99.86.1.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/ZETER/js/leavers.js
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/darty_fr/sb840930/promo.asp?sid=7deac3bcf839a2dd96420dc8f6a4df5d&ci=C6A6A6F606069A11D1C0712120A110E13BB797078737E7AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DC1C1C1C1F17101715131ED46651435352594A4D5449E2212A24232827373F3D34FE4047555345545C4A425&infoid=7deac3bcf839a2dd96420dc8f6a4df5d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.1.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-6.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 11e5db674677ffa051c40868035e9dfeb2603527c14e68d5586e6466af0cc27c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: in7W4mBFWew9Mao9xiNSyP6Xa5.RcTPA
Content-Encoding: gzip
Via: 1.1 92ab13182d4b89ed20b3b5c10adc4f22.cloudfront.net (CloudFront)
Date: Sun, 09 Oct 2022 07:29:54 GMT
X-Amz-Cf-Pop: FRA6-C1
Age: 9890
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
x-amz-meta-user: ymarchand
Last-Modified: Thu, 04 Oct 2018 07:14:55 GMT
Server: AmazonS3
ETag: W/"ee4a0db13c3da6956218b3a7891607a6"
Vary: Accept-Encoding, Origin
Content-Type: text/javascript
X-Amz-Cf-Id: PMjrQ4JmV-Q1xl4VE5bqhJ95Km5Yy0Izk_VEWCdQTl3xrfXdStMXRQ==

GET
H/1.1 200
OK style_KAPA.css
d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/ 13 KB
4 KB 74ms
21ms Stylesheet
text/css 99.86.1.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/style_KAPA.css
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/darty_fr/sb840930/promo.asp?sid=7deac3bcf839a2dd96420dc8f6a4df5d&ci=C6A6A6F606069A11D1C0712120A110E13BB797078737E7AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DC1C1C1C1F17101715131ED46651435352594A4D5449E2212A24232827373F3D34FE4047555345545C4A425&infoid=7deac3bcf839a2dd96420dc8f6a4df5d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.1.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-6.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0c42ff05e2e248efed2b86bd41594a56dcdcdb3207082312856d569482a34b5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: XFvUlSVHRjhsrjZ0yK7B_1KP2FxKydeb
Content-Encoding: gzip
Via: 1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
Date: Sun, 09 Oct 2022 06:29:07 GMT
X-Amz-Cf-Pop: FRA6-C1
Age: 13104
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
x-amz-meta-user: kbajwa
Last-Modified: Thu, 20 May 2021 09:26:02 GMT
Server: AmazonS3
ETag: W/"19fc800428d4724f3b59737412fdd08e"
Vary: Accept-Encoding, Origin
Content-Type: text/css
X-Amz-Cf-Id: K-iIfP-k0zmYN0EXCtr5N-5_HNgur5P2yrvlOvXvnKmyHRuTHfqjSw==

GET
H/1.1 200
OK interstitial_styles.css
d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/ 3 KB
2 KB 76ms
23ms Stylesheet
text/css 99.86.1.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/interstitial_styles.css
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/darty_fr/sb840930/promo.asp?sid=7deac3bcf839a2dd96420dc8f6a4df5d&ci=C6A6A6F606069A11D1C0712120A110E13BB797078737E7AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DC1C1C1C1F17101715131ED46651435352594A4D5449E2212A24232827373F3D34FE4047555345545C4A425&infoid=7deac3bcf839a2dd96420dc8f6a4df5d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.1.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-6.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4b8653402f746ac5433be07742703fb380931c611f7a764f50edd74b9b2a1928

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: yjZvuwOW1f_BH1RyA2p8Y5F9PFbcvEwQ
Content-Encoding: gzip
Via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
Date: Sun, 09 Oct 2022 03:28:11 GMT
X-Amz-Cf-Pop: FRA6-C1
Age: 27504
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
x-amz-meta-user: ngandhi
Last-Modified: Wed, 22 Jun 2022 10:27:06 GMT
Server: AmazonS3
ETag: W/"d9d22259228bad696ed97dfaa85b6585"
Vary: Accept-Encoding, Origin
Content-Type: text/css
X-Amz-Cf-Id: nId3_7r6hs-z07n4dxdYFGiY1X7j-aZN8zan0a9kC5Q503h4m9BwAQ==

GET
H/1.1 200
OK ga_cookie_fr.js Show response
d3dh5c7rwzliwm.cloudfront.net/FR/js/ 3 KB
2 KB 111ms
24ms Script
text/javascript 99.86.1.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/js/ga_cookie_fr.js
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/darty_fr/sb840930/promo.asp?sid=7deac3bcf839a2dd96420dc8f6a4df5d&ci=C6A6A6F606069A11D1C0712120A110E13BB797078737E7AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DC1C1C1C1F17101715131ED46651435352594A4D5449E2212A24232827373F3D34FE4047555345545C4A425&infoid=7deac3bcf839a2dd96420dc8f6a4df5d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.1.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-6.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a04e6c9a58e4f7de825fd103326e0f00a6b3b2634233c9b68870894cba763290

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: TJJs3QE_t.qOnxTyxStktSfCVvTOxy3x
Content-Encoding: gzip
Via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
Date: Sat, 08 Oct 2022 23:05:33 GMT
X-Amz-Cf-Pop: FRA6-C1
Age: 38288
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
x-amz-meta-user: gsokate
Last-Modified: Mon, 19 Jul 2021 11:34:21 GMT
Server: AmazonS3
ETag: W/"4f4f821662fbd06d10a7a6de6d2f6985"
Vary: Accept-Encoding, Origin
Content-Type: text/javascript
X-Amz-Cf-Id: MKLSk7jnQuMFxvM4n1EtFn4FxpaySoFRf4mgXY1s3Qx74sKRaAo02w==

GET
H/1.1 200
OK analytics_cookie_FR_RR.js Show response
d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/ 262 B
844 B 127ms
21ms Script
text/javascript 99.86.1.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/analytics_cookie_FR_RR.js
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/darty_fr/sb840930/promo.asp?sid=7deac3bcf839a2dd96420dc8f6a4df5d&ci=C6A6A6F606069A11D1C0712120A110E13BB797078737E7AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DC1C1C1C1F17101715131ED46651435352594A4D5449E2212A24232827373F3D34FE4047555345545C4A425&infoid=7deac3bcf839a2dd96420dc8f6a4df5d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.1.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-6.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0cede639efd6c1d520bce74b3c1f5cbbccf57522abdad7c95e56025b82f986f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: wVJEc7mOuiOFVscNSlWqDosAcuqgRfb6
Date: Sun, 09 Oct 2022 06:27:29 GMT
Via: 1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA6-C1
Age: 19447
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 262
x-amz-meta-user: gsokate
Last-Modified: Thu, 01 Apr 2021 13:49:58 GMT
Server: AmazonS3
ETag: "91923f128eb53ad36311b76a321757c2"
Vary: Accept-Encoding, Origin
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: FsQWUeDYOZu4XVQMrgeDRZB0VMqgRTerTcNOAyqiYMlZ3YackZSwNQ==

GET
H2 200 7deac3bcf839a2dd96420dc8f6a4df5d
tracking.wlscripts.net/VIEWS/2894b209fcfb22750917c4b576615f2e/ 2 B
67 B 443ms
336ms Image
text/html 34.254.54.173
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tracking.wlscripts.net/VIEWS/2894b209fcfb22750917c4b576615f2e/7deac3bcf839a2dd96420dc8f6a4df5d
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/darty_fr/sb840930/promo.asp?sid=7deac3bcf839a2dd96420dc8f6a4df5d&ci=C6A6A6F606069A11D1C0712120A110E13BB797078737E7AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DC1C1C1C1F17101715131ED46651435352594A4D5449E2212A24232827373F3D34FE4047555345545C4A425&infoid=7deac3bcf839a2dd96420dc8f6a4df5d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.54.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-54-173.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 09:43:42 GMT
server: awselb/2.0
content-length: 2
content-type: text/html

GET
H2 200 img-loading.gif
d2lbtufyyqy5cu.cloudfront.net/test/ 7 KB
7 KB 84ms
22ms Image
image/gif 2600:9000:206f:fc00:b:d114:6780:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2lbtufyyqy5cu.cloudfront.net/test/img-loading.gif
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/darty_fr/sb840930/promo.asp?sid=7deac3bcf839a2dd96420dc8f6a4df5d&ci=C6A6A6F606069A11D1C0712120A110E13BB797078737E7AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DC1C1C1C1F17101715131ED46651435352594A4D5449E2212A24232827373F3D34FE4047555345545C4A425&infoid=7deac3bcf839a2dd96420dc8f6a4df5d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:fc00:b:d114:6780:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ce8d81c4491ce798ebac41d52eef71ea6cc5adb1b6db1ea23c5c04e58c86f313

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: juZ9z1M.ShAWALIAJtRUd6jOLYz.3prg
date: Sun, 09 Oct 2022 03:28:11 GMT
via: 1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
last-modified: Mon, 26 Apr 2021 13:25:08 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 31514
etag: "1b74bf248a59bf6e0b3109fbb31a0829"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 7197
x-amz-cf-id: hcwaXoZgf6_BBQAD0ZPrn3g4mZCCNu_H8WMFSFHDyDMIyUJdhDOinQ==

GET
H/1.1 200
OK FR_RR_Zeta_TTB_Darty_V2.jpg
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/modalDC/v2/img/ 14 KB
14 KB 27ms
27ms Image
image/jpeg 99.86.1.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/modalDC/v2/img/FR_RR_Zeta_TTB_Darty_V2.jpg
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/darty_fr/sb840930/promo.asp?sid=7deac3bcf839a2dd96420dc8f6a4df5d&ci=C6A6A6F606069A11D1C0712120A110E13BB797078737E7AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DC1C1C1C1F17101715131ED46651435352594A4D5449E2212A24232827373F3D34FE4047555345545C4A425&infoid=7deac3bcf839a2dd96420dc8f6a4df5d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.1.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-6.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5887fc30b3ce6d35eedf8e617a74c84bfdd108a3f753bdb9e749c1093829c7e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: VWJEir0XgJCZaH_2xERv.Tskw8bIrFcL
Date: Sun, 09 Oct 2022 09:43:41 GMT
Via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA6-C1
Age: 7239
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 14143
x-amz-meta-user: ntambe
Last-Modified: Thu, 14 Jun 2018 15:13:54 GMT
Server: AmazonS3
ETag: "2327a14d934314050d695d718a47d0f6"
Vary: Accept-Encoding, Origin
Content-Type: image/jpeg
Accept-Ranges: bytes
X-Amz-Cf-Id: FEgS9zzrBkbg2qrwooSluwNv6tr1wTCR8ePnn5NjqFX6gyZUoZcFEw==

GET
H/1.1 200
OK ES_Mockup_Voucher_vFR_gold_smart.png
d3dh5c7rwzliwm.cloudfront.net/FR/RR/soldev-10850/img/ 304 KB
304 KB 23ms
23ms Image
image/png 99.86.1.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/soldev-10850/img/ES_Mockup_Voucher_vFR_gold_smart.png
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/darty_fr/sb840930/promo.asp?sid=7deac3bcf839a2dd96420dc8f6a4df5d&ci=C6A6A6F606069A11D1C0712120A110E13BB797078737E7AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DC1C1C1C1F17101715131ED46651435352594A4D5449E2212A24232827373F3D34FE4047555345545C4A425&infoid=7deac3bcf839a2dd96420dc8f6a4df5d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.1.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-6.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d4f676fb18755519f6c6967b5ab57c7a467657c959ec22f8b519bd3e5de9668d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: VSVXNi7PIopS4uOncpYOQdtxRk0d9mrb
Date: Sun, 09 Oct 2022 05:57:55 GMT
Via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA6-C1
Age: 13547
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 311161
x-amz-meta-user: gsokate
Last-Modified: Wed, 18 May 2022 08:08:39 GMT
Server: AmazonS3
ETag: "fcc12e9438e3a086eed26b60621a9835"
Vary: Accept-Encoding, Origin
Content-Type: image/png
Accept-Ranges: bytes
X-Amz-Cf-Id: 3AKfhy0GBsRzy2eTNx_wUAMhp9M_NnDev8oaVN6pDXDWzMdA0pe5dw==

GET
H/1.1 200
OK logo_RR_DoubleClic.png
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/modalDC/v2/img/ 31 KB
32 KB 22ms
21ms Image
image/png 99.86.1.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/modalDC/v2/img/logo_RR_DoubleClic.png
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/darty_fr/sb840930/promo.asp?sid=7deac3bcf839a2dd96420dc8f6a4df5d&ci=C6A6A6F606069A11D1C0712120A110E13BB797078737E7AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DC1C1C1C1F17101715131ED46651435352594A4D5449E2212A24232827373F3D34FE4047555345545C4A425&infoid=7deac3bcf839a2dd96420dc8f6a4df5d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.1.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-6.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9e481bbe87da2d176fdadf9d3c6b6ca0bee736c4c510613b941f1cfdc761cf0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: IjDegPCeyqadi1YtqvprX7QbNltMUBQm
Date: Sun, 09 Oct 2022 08:49:17 GMT
Via: 1.1 92ab13182d4b89ed20b3b5c10adc4f22.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA6-C1
Age: 16511
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 31911
x-amz-meta-user: ymarchand
Last-Modified: Thu, 08 Sep 2022 15:37:07 GMT
Server: AmazonS3
ETag: "32003ccfbea5a6ca36133416c6c296b2"
Vary: Accept-Encoding, Origin
Content-Type: image/png
Accept-Ranges: bytes
X-Amz-Cf-Id: DJN2Im51EQ7z8R1TSxE_ljG-ZqIHRkp-SUuMO5tfLYbZcgSThcNq4g==

GET
H/1.1 200
OK CCgoldBG_nolines.png
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/ZETABIS/img/ 22 KB
22 KB 22ms
22ms Image
image/png 99.86.1.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/ZETABIS/img/CCgoldBG_nolines.png
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/darty_fr/sb840930/promo.asp?sid=7deac3bcf839a2dd96420dc8f6a4df5d&ci=C6A6A6F606069A11D1C0712120A110E13BB797078737E7AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DC1C1C1C1F17101715131ED46651435352594A4D5449E2212A24232827373F3D34FE4047555345545C4A425&infoid=7deac3bcf839a2dd96420dc8f6a4df5d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.1.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-6.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2b38ad3bc616f69332f3ecca87016bbfe66c77ec1a31b68dece47776e0a4bb39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: TlJj4CazOH62IHi7YjR2.8FCQmt2Wnxo
Date: Sun, 09 Oct 2022 05:57:55 GMT
Via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA6-C1
Age: 13547
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 22276
x-amz-meta-user: aparatore
Last-Modified: Mon, 11 Jan 2021 08:11:42 GMT
Server: AmazonS3
ETag: "4ccf1c0909d1d808868817d8ea1c1325"
Vary: Accept-Encoding, Origin
Content-Type: image/png
Accept-Ranges: bytes
X-Amz-Cf-Id: xWFcziUuQ_fl98v3m2PDIzxb-yAHfgJyeG0ttcSy_1xUspH_zS7V9Q==

GET
H/1.1 200
OK mdp_info.png
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/img/ 346 B
896 B 27ms
25ms Image
image/png 99.86.1.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/img/mdp_info.png
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/darty_fr/sb840930/promo.asp?sid=7deac3bcf839a2dd96420dc8f6a4df5d&ci=C6A6A6F606069A11D1C0712120A110E13BB797078737E7AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DC1C1C1C1F17101715131ED46651435352594A4D5449E2212A24232827373F3D34FE4047555345545C4A425&infoid=7deac3bcf839a2dd96420dc8f6a4df5d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.1.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-6.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 124a3d038c149d31ffa54e6c6e680d5cfccf1935d90562a5085fbfeb1c02a334

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: LKFRulTcNBjSQVNkYEoc0dWx4zWzEs4A
Date: Sun, 09 Oct 2022 03:28:11 GMT
Via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
Last-Modified: Thu, 22 Oct 2015 07:20:28 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA6-C1
Age: 29840
ETag: "68c514ae5f431a73795154b2d19c17eb"
Vary: Accept-Encoding, Origin
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 346
X-Amz-Cf-Id: 4SAwN1TzHOiU640T57Rx3JGv-TNXQPMniRoFIjGjuoIMG2sL-WbzSg==

GET
H/1.1 200
OK tracker_cookie.js Show response
d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/ 11 KB
4 KB 22ms
21ms Script
text/javascript 99.86.1.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/tracker_cookie.js
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/darty_fr/sb840930/promo.asp?sid=7deac3bcf839a2dd96420dc8f6a4df5d&ci=C6A6A6F606069A11D1C0712120A110E13BB797078737E7AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DC1C1C1C1F17101715131ED46651435352594A4D5449E2212A24232827373F3D34FE4047555345545C4A425&infoid=7deac3bcf839a2dd96420dc8f6a4df5d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.1.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-6.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d250ccda429e35c4638581f14f9ee7e143aca859d2c77f54db12742b31ac8dff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: HX1e2UZP_70Mx.16qU8oz8tDM3YvBoGN
Content-Encoding: gzip
Via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
Date: Sun, 09 Oct 2022 06:29:08 GMT
X-Amz-Cf-Pop: FRA6-C1
Age: 15745
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
x-amz-meta-user: ymarchand
Last-Modified: Thu, 08 Sep 2022 15:05:20 GMT
Server: AmazonS3
ETag: W/"faed08e605d7a71980ee6cd0dc3380c1"
Vary: Accept-Encoding, Origin
Content-Type: text/javascript
X-Amz-Cf-Id: 33kH56PRFR0XDz0tRo50nAsy-nRfxoyqJs312VSMfqIYFY1W6a9TJg==

GET
H/1.1 200
OK FIX_FR_RR_437_REY2_3DS_0622.js Show response
d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/ 5 KB
3 KB 21ms
20ms Script
text/javascript 99.86.1.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/FIX_FR_RR_437_REY2_3DS_0622.js
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/darty_fr/sb840930/promo.asp?sid=7deac3bcf839a2dd96420dc8f6a4df5d&ci=C6A6A6F606069A11D1C0712120A110E13BB797078737E7AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DC1C1C1C1F17101715131ED46651435352594A4D5449E2212A24232827373F3D34FE4047555345545C4A425&infoid=7deac3bcf839a2dd96420dc8f6a4df5d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.1.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-6.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31acffbbd1a860246add3bb801217b48b27eee43025aa8ab611de27a74205a60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: liVMp8Ed0bi2IEsrSvdH_GK8tiZQnlyO
Content-Encoding: gzip
Via: 1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
Date: Sun, 09 Oct 2022 06:02:04 GMT
X-Amz-Cf-Pop: FRA6-C1
Age: 13298
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
x-amz-meta-user: ymarchand
Last-Modified: Wed, 31 Aug 2022 08:17:11 GMT
Server: AmazonS3
ETag: W/"ea5bb1ad0ec959a90f0f085b69305999"
Vary: Accept-Encoding, Origin
Content-Type: text/javascript
X-Amz-Cf-Id: oGikWBUt0-4eRYCn648h3vzHltWfWmmiAdZYzBcDNXPiZZrcjfyFRA==

GET
H/1.1 200
OK milestone_tracking.js Show response
d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/ 3 KB
1 KB 25ms
21ms Script
text/javascript 99.86.1.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/milestone_tracking.js
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/darty_fr/sb840930/promo.asp?sid=7deac3bcf839a2dd96420dc8f6a4df5d&ci=C6A6A6F606069A11D1C0712120A110E13BB797078737E7AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DC1C1C1C1F17101715131ED46651435352594A4D5449E2212A24232827373F3D34FE4047555345545C4A425&infoid=7deac3bcf839a2dd96420dc8f6a4df5d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.1.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-6.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c28d2287ba25f531f52f96d00895c8d04ecebb1ed5ae5849b5c2b088c2ea7f82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: oF5VVWcAGofDUUwE7pHM0yPp6Y2DZ0Sl
Content-Encoding: gzip
Via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
Date: Sun, 09 Oct 2022 03:28:11 GMT
X-Amz-Cf-Pop: FRA6-C1
Age: 26001
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
x-amz-meta-user: kbajwa
Last-Modified: Wed, 23 Jun 2021 09:48:10 GMT
Server: AmazonS3
ETag: W/"b9168af0c5cf07f58ea7ea1c82eff881"
Vary: Accept-Encoding, Origin
Content-Type: text/javascript
X-Amz-Cf-Id: W-zyyPUjLfEKlIZ8xIN0JdJbNthc7GTwmTq-29HIvkx6yD_Y-zIwkA==

GET
H/1.1 200
OK FR_resize-boxes.js Show response
d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/ 1 KB
1 KB 25ms
22ms Script
text/javascript 99.86.1.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/FR_resize-boxes.js
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/darty_fr/sb840930/promo.asp?sid=7deac3bcf839a2dd96420dc8f6a4df5d&ci=C6A6A6F606069A11D1C0712120A110E13BB797078737E7AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DC1C1C1C1F17101715131ED46651435352594A4D5449E2212A24232827373F3D34FE4047555345545C4A425&infoid=7deac3bcf839a2dd96420dc8f6a4df5d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.1.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-6.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c19badd2e95becdb5b490d89efe6e57d8d6f903121f22d86efbafc117c49870e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: kIMhMlGnl6VJWfv8OTYNVRecmZEv1yw4
Content-Encoding: gzip
Via: 1.1 92ab13182d4b89ed20b3b5c10adc4f22.cloudfront.net (CloudFront)
Date: Sun, 09 Oct 2022 06:29:08 GMT
X-Amz-Cf-Pop: FRA6-C1
Age: 21194
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
x-amz-meta-user: kbajwa
Last-Modified: Mon, 04 Oct 2021 11:31:12 GMT
Server: AmazonS3
ETag: W/"b6891efad76d60fd53a2a9f0af3f9f5f"
Vary: Accept-Encoding, Origin
Content-Type: text/javascript
X-Amz-Cf-Id: Z1QRCbcOQGMMa4TdW0HBqm0Czs_jjqLJkGqg0zocdSfxgpz1vFhacA==

GET
H/1.1 200
OK FIX_WORDING_KAPPA_435.js Show response
d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/ 4 KB
2 KB 26ms
23ms Script
text/javascript 99.86.1.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/FIX_WORDING_KAPPA_435.js
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/darty_fr/sb840930/promo.asp?sid=7deac3bcf839a2dd96420dc8f6a4df5d&ci=C6A6A6F606069A11D1C0712120A110E13BB797078737E7AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DC1C1C1C1F17101715131ED46651435352594A4D5449E2212A24232827373F3D34FE4047555345545C4A425&infoid=7deac3bcf839a2dd96420dc8f6a4df5d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.1.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-6.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3520de6824493555fa3d2b1c0717dff225c4c4d7ce8e868977389eb043e7a280

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: ke2e8ezNkh2iBSSp.7nVHXBZz7ldNeku
Content-Encoding: gzip
Via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
Date: Sun, 09 Oct 2022 06:29:08 GMT
X-Amz-Cf-Pop: FRA6-C1
Age: 18835
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
x-amz-meta-user: ymarchand
Last-Modified: Wed, 31 Aug 2022 10:10:44 GMT
Server: AmazonS3
ETag: W/"4ebaa8dc347a3df99b7eba0e506cd579"
Vary: Accept-Encoding, Origin
Content-Type: text/javascript
X-Amz-Cf-Id: h5LIVpRqmv_qCE6lmUMnZiUBHvS1IDSB2-9i49Xg5jJO0Mcb3w_VOw==

GET
H/1.1 200
OK FIX_WORDING_KAPPA_435.css
d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/ 741 B
1 KB 25ms
22ms Stylesheet
text/css 99.86.1.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/FIX_WORDING_KAPPA_435.css
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/darty_fr/sb840930/promo.asp?sid=7deac3bcf839a2dd96420dc8f6a4df5d&ci=C6A6A6F606069A11D1C0712120A110E13BB797078737E7AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DC1C1C1C1F17101715131ED46651435352594A4D5449E2212A24232827373F3D34FE4047555345545C4A425&infoid=7deac3bcf839a2dd96420dc8f6a4df5d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.1.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-6.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bebb0cb9d93a651e8f0a9e23035bd76aada62c05a789177d0aaafa7cca011b81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: Mrc2zph38MnqXRofjjaIHNotcBOgegsT
Date: Sun, 09 Oct 2022 06:27:29 GMT
Via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA6-C1
Age: 14017
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 741
x-amz-meta-user: ymarchand
Last-Modified: Wed, 31 Aug 2022 10:12:04 GMT
Server: AmazonS3
ETag: "51569e49458048c582446591ff5d714f"
Vary: Accept-Encoding, Origin
Content-Type: text/css
Accept-Ranges: bytes
X-Amz-Cf-Id: FlS_WUtPGLgrlM9BZwglkh6haNySzXBXh35CZ0xwHsDhy-Q02wv_Xw==

GET
H/1.1 200
OK FR_RR_KAPPA_PROMO_RWD_cookies.css
d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/ 18 KB
4 KB 20ms
20ms Stylesheet
text/css 99.86.1.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/FR_RR_KAPPA_PROMO_RWD_cookies.css
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/darty_fr/sb840930/promo.asp?sid=7deac3bcf839a2dd96420dc8f6a4df5d&ci=C6A6A6F606069A11D1C0712120A110E13BB797078737E7AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DC1C1C1C1F17101715131ED46651435352594A4D5449E2212A24232827373F3D34FE4047555345545C4A425&infoid=7deac3bcf839a2dd96420dc8f6a4df5d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.1.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-6.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e6f0978189cc569303e3f98accc039dbb600bf11f6377b110a1c6d88ce7db7ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: iIlgXU8LHfcpGGgHjp9MOTChN0oVRvrx
Content-Encoding: gzip
Via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
Date: Sun, 09 Oct 2022 06:29:08 GMT
X-Amz-Cf-Pop: FRA6-C1
Age: 19713
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
x-amz-meta-user: gsokate
Last-Modified: Tue, 04 May 2021 09:55:43 GMT
Server: AmazonS3
ETag: W/"73d8e9734478bb3088df3849c3d9cb89"
Vary: Accept-Encoding, Origin
Content-Type: text/css
X-Amz-Cf-Id: cTey_cYiza-ie9L_h-QhtnbXoO8Qd6d-pyqSiADKEkq1_RQh83whCQ==

GET
H/1.1 200
OK device-detect.js Show response
d3dh5c7rwzliwm.cloudfront.net/ALL/JS/ 3 KB
2 KB 21ms
21ms Script
text/javascript 99.86.1.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/ALL/JS/device-detect.js
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/darty_fr/sb840930/promo.asp?sid=7deac3bcf839a2dd96420dc8f6a4df5d&ci=C6A6A6F606069A11D1C0712120A110E13BB797078737E7AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DC1C1C1C1F17101715131ED46651435352594A4D5449E2212A24232827373F3D34FE4047555345545C4A425&infoid=7deac3bcf839a2dd96420dc8f6a4df5d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.1.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-6.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ecfb7a12437e01bde4a07b35599509f9cadbc5f9cbe34a56af2b827d828c67e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: 6VV7VcBDY9BtjExb7uu8Haa8W45VeJFz
Content-Encoding: gzip
Via: 1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
Date: Sun, 09 Oct 2022 06:29:08 GMT
X-Amz-Cf-Pop: FRA6-C1
Age: 20339
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
x-amz-meta-user: gsokate
Last-Modified: Fri, 17 Sep 2021 12:05:19 GMT
Server: AmazonS3
ETag: W/"c150126024bf29a0517e951a0a0ccd30"
Vary: Accept-Encoding, Origin
Content-Type: text/javascript
X-Amz-Cf-Id: 6S6mLEiTTA1urlBWFfrkeNm9a1RLEmrbSKyROjvd6guW5ffCuok3SA==

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/fcc01ff5-636a-461e-8941-bd653a7fe10d/ 4 KB
2 KB 93ms
31ms Script
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/fcc01ff5-636a-461e-8941-bd653a7fe10d/OtAutoBlock.js

Requested by

Host: d3dh5c7rwzliwm.cloudfront.net
URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/FR_RR_KAPPA_PROMO_RWD_cookies_wrapper.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c30ba96503f1de9a792a9e725155b852434607e956eb5b6e8997013dfb653091

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 09 Oct 2022 09:43:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: iVcbIayDAoC1oama2voL9w==
age: 8176
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1474
x-ms-lease-status: unlocked
last-modified: Thu, 15 Jul 2021 08:22:45 GMT
server: cloudflare
etag: 0x8D94769B9383812
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 8beaae59-601e-00a3-08ea-101487000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 75762c679bfe6943-FRA
expires: Sun, 09 Oct 2022 13:43:42 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 94ms
32ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: d3dh5c7rwzliwm.cloudfront.net
URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/FR_RR_KAPPA_PROMO_RWD_cookies_wrapper.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 09 Oct 2022 09:43:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: zvDmpz9S9y5z1XhncmOZ/w==
age: 11804
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 7151
x-ms-lease-status: unlocked
last-modified: Thu, 06 Oct 2022 21:18:13 GMT
server: cloudflare
etag: 0x8DAA7E0473C6A75
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: ce063e19-401e-00f0-7edd-d90888000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 75762c679c036943-FRA

GET
H/1.1 200
OK script_cvv_bb_3DS_global_V4_FR_JoinBin.js Show response
d3dh5c7rwzliwm.cloudfront.net/ALL/JS/ 40 KB
7 KB 23ms
23ms Script
text/javascript 99.86.1.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/ALL/JS/script_cvv_bb_3DS_global_V4_FR_JoinBin.js
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/darty_fr/sb840930/promo.asp?sid=7deac3bcf839a2dd96420dc8f6a4df5d&ci=C6A6A6F606069A11D1C0712120A110E13BB797078737E7AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DC1C1C1C1F17101715131ED46651435352594A4D5449E2212A24232827373F3D34FE4047555345545C4A425&infoid=7deac3bcf839a2dd96420dc8f6a4df5d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.1.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-6.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 60141d1affdc3c483c31396c1a9165cfb9f3eb790c9ce40dc93a26eb1c560669

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: LU_rghBanvwt8bW_urJ2udf6e_2Tcdso
Content-Encoding: gzip
Via: 1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
Date: Sun, 09 Oct 2022 06:29:09 GMT
X-Amz-Cf-Pop: FRA6-C1
Age: 18397
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
x-amz-meta-user: gsokate
Last-Modified: Mon, 06 Jun 2022 13:51:50 GMT
Server: AmazonS3
ETag: W/"1bfc657a65d7f6a7daa5506e6f2d83ba"
Vary: Accept-Encoding, Origin
Content-Type: text/javascript
X-Amz-Cf-Id: qMSZB_HnSE7rNNQ20SAFw3cSGRqTAC5pw1w-PgVyLVk87Bo7_BqQrQ==

GET
H/1.1 200
OK pattern-2-large.png
d3dh5c7rwzliwm.cloudfront.net/FR/images/ 37 KB
37 KB 32ms
23ms Image
image/png 99.86.1.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/images/pattern-2-large.png
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/darty_fr/sb840930/promo.asp?sid=7deac3bcf839a2dd96420dc8f6a4df5d&ci=C6A6A6F606069A11D1C0712120A110E13BB797078737E7AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DC1C1C1C1F17101715131ED46651435352594A4D5449E2212A24232827373F3D34FE4047555345545C4A425&infoid=7deac3bcf839a2dd96420dc8f6a4df5d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.1.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-6.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e56184da35b674dad8aa52047fa71e1e52694508e63a04684e746fb227dda613

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: FHGBZY0_Ig1pk7jMAaLd_ZTEPRM1f4Kt
Date: Sun, 09 Oct 2022 04:41:21 GMT
Via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA6-C1
Age: 18141
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 37683
x-amz-meta-user: lfellmann
Last-Modified: Wed, 23 Sep 2020 15:31:00 GMT
Server: AmazonS3
ETag: "fb11437bfd2ac68e0339c1c75e0f1e71"
Vary: Accept-Encoding, Origin
Content-Type: image/png
Accept-Ranges: bytes
X-Amz-Cf-Id: ly36B6qF1sOZcDQzmDs57TyeDSA_PHV17Otw95pr0I3vqVwJ4PZkVg==

GET
H/1.1 200
OK fleche.png
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/img/ 165 B
715 B 36ms
21ms Image
image/png 99.86.1.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/img/fleche.png
Requested by: Host: d3dh5c7rwzliwm.cloudfront.net
URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/style_REY2_428_3DS_desktop-template-05.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.1.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-6.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf8612d7c0fb3fc90d91d896fc4ff6409e159611c1ed079a334645c977af0670

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/style_REY2_428_3DS_desktop-template-05.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: H16EQssbPPddOYVe7DwcZybv7.ktAvKj
Date: Sun, 09 Oct 2022 06:29:08 GMT
Via: 1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 Aug 2016 06:29:28 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA6-C1
Age: 15123
ETag: "7f4eb8719c5b81a2c81f81fd1120e909"
Vary: Accept-Encoding, Origin
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 165
X-Amz-Cf-Id: 7d-i6S-hZtLANeq5oLWF7Dzh70I56OCfVzjZgGbvAcDPUAliKtMsKA==

GET
H/1.1 200
OK round_left.png
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/modalDC/v2/img/ 288 B
864 B 58ms
24ms Image
image/png 99.86.1.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/modalDC/v2/img/round_left.png
Requested by: Host: d3dh5c7rwzliwm.cloudfront.net
URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/style_KAPA.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.1.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-6.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4654da0fb6b121c04d5943a7365c6cd6bcbff0f4e9b7f20261bb136d39dddd86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/style_KAPA.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: 52Jq3Y9FYGXnUbVoINJOCzkPs8ktRHMh
Date: Sun, 09 Oct 2022 06:29:08 GMT
Via: 1.1 92ab13182d4b89ed20b3b5c10adc4f22.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA6-C1
Age: 16446
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 288
x-amz-meta-user: ngandhi
Last-Modified: Wed, 12 May 2021 14:07:06 GMT
Server: AmazonS3
ETag: "367efb880f245df06cd614e17fd3f955"
Vary: Accept-Encoding, Origin
Content-Type: image/png
Accept-Ranges: bytes
X-Amz-Cf-Id: y3vNrsacxl1NtPCg970ciohS1BHvROKbAlZ8mkjF5tlc9f13keU-Ig==

GET
H/1.1 200
OK round_right.png
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/modalDC/v2/img/ 278 B
854 B 59ms
25ms Image
image/png 99.86.1.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/modalDC/v2/img/round_right.png
Requested by: Host: d3dh5c7rwzliwm.cloudfront.net
URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/style_KAPA.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.1.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-6.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 077081403676ca25396e6fbe5cce7155e7d63e83903868b91695a9d5cf8a15ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/style_KAPA.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: O2dNpEjvoqERy4hXgKJKImWcQbKzRIjN
Date: Sun, 09 Oct 2022 06:29:08 GMT
Via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA6-C1
Age: 15558
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 278
x-amz-meta-user: ngandhi
Last-Modified: Wed, 12 May 2021 14:07:04 GMT
Server: AmazonS3
ETag: "fb752cf8eac72d694dea5b6928834164"
Vary: Accept-Encoding, Origin
Content-Type: image/png
Accept-Ranges: bytes
X-Amz-Cf-Id: gIFqKPrmNaXKpz7PLerk_DAdjnuhn2D1qt4AaS0MQQUGyc8os2OAZQ==

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 93ms
38ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://one-time-offer.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 18:50:24 GMT
x-content-type-options: nosniff
age: 485598
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 18:50:24 GMT

GET
H2 200 Oxanium-Medium.woff2
dkdrawii0zqtg.cloudfront.net/Oxanium/ 13 KB
13 KB 67ms
28ms Font
application/font-woff2 2600:9000:206f:9a00:14:9586:a100:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkdrawii0zqtg.cloudfront.net/Oxanium/Oxanium-Medium.woff2
Requested by: Host: dkdrawii0zqtg.cloudfront.net
URL: https://dkdrawii0zqtg.cloudfront.net/Oxanium/Oxanium.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:9a00:14:9586:a100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 86b1ccf63235b047380c389b74b118665df079b40706b9360a11f420ec62dceb

Request headers

Referer: https://dkdrawii0zqtg.cloudfront.net/Oxanium/Oxanium.css
Origin: https://one-time-offer.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: RkDR4xitytH2CMza8MwbVPvedJPoZPAM
date: Sun, 09 Oct 2022 05:29:57 GMT
via: 1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 15225
x-cache: Hit from cloudfront
content-length: 12808
x-amz-meta-user: aparatore
last-modified: Mon, 11 Jan 2021 14:59:49 GMT
server: AmazonS3
etag: "caf9fc1e7fec26b96984b826d6eb5e7c"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: application/font-woff2
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: sm0Ipu38OMIUZjRkVCZOv8jGSog8j3ZK4yT_znrHt3u4rjcOgn55oQ==

GET
H2 200 Oxanium-Bold.woff2
dkdrawii0zqtg.cloudfront.net/Oxanium/ 12 KB
13 KB 60ms
21ms Font
application/font-woff2 2600:9000:206f:9a00:14:9586:a100:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkdrawii0zqtg.cloudfront.net/Oxanium/Oxanium-Bold.woff2
Requested by: Host: dkdrawii0zqtg.cloudfront.net
URL: https://dkdrawii0zqtg.cloudfront.net/Oxanium/Oxanium.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:9a00:14:9586:a100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fd85536f1b59127421f184b4c8b186bb991fabe6c9d314ebb9a5bbaf11d8aed2

Request headers

Referer: https://dkdrawii0zqtg.cloudfront.net/Oxanium/Oxanium.css
Origin: https://one-time-offer.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: eiGvopmXv.2ZAUZzPcQbcLQ8LtpUwpff
date: Sun, 09 Oct 2022 05:40:52 GMT
via: 1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 14570
x-cache: Hit from cloudfront
content-length: 12476
x-amz-meta-user: aparatore
last-modified: Mon, 11 Jan 2021 14:59:50 GMT
server: AmazonS3
etag: "b5fe7985255d606213a15c9c06904c17"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: application/font-woff2
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: 8vQOzA_hQYOJ79S197YexqzapLJDxMnhZKB4y5yG2C0nx5PfYWZfiQ==

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 72ms
19ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://one-time-offer.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 20:40:44 GMT
x-content-type-options: nosniff
age: 133378
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Oct 2023 20:40:44 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 76ms
24ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://one-time-offer.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 03:39:12 GMT
x-content-type-options: nosniff
age: 281070
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Oct 2023 03:39:12 GMT

GET
H/1.1 200
OK Clicktale_FR.js Show response
d3dh5c7rwzliwm.cloudfront.net/FR/js/ 202 B
786 B 23ms
23ms Script
text/javascript 99.86.1.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/js/Clicktale_FR.js
Requested by: Host: d3dh5c7rwzliwm.cloudfront.net
URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/tracker_cookie.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.1.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-6.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dd1315cb2466d61eccb9001c163d8e5423eb2841612cf74bbfd97acb918784d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: A2zCNSECe109adH3W2vNpN9G4pXXQe97
Date: Sun, 09 Oct 2022 07:29:54 GMT
Via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA6-C1
Age: 11125
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 202
x-amz-meta-user: ymarchand
Last-Modified: Thu, 19 May 2022 14:04:13 GMT
Server: AmazonS3
ETag: "e7b92a341d00c2fc815aeddfeb81e0f0"
Vary: Accept-Encoding, Origin
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: 3nrBbkDaK57BjN_zMCW9NS7wER7lksfchVuuYbKSKH90uyuJAm-Htg==

GET
H/1.1 200
OK card.jpg
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/ZETABIS/img/ 3 KB
3 KB 21ms
21ms Image
image/jpeg 99.86.1.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/ZETABIS/img/card.jpg
Requested by: Host: d3dh5c7rwzliwm.cloudfront.net
URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/style_REY2_428_3DS_desktop-template-05.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.1.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-6.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cec4205899ad0e0c3874cdfce2eb2577bc38a99422da5cc951c4014d66532226

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/style_REY2_428_3DS_desktop-template-05.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: UiM4cS9jJ8wdA2dpxycB5ivEL_i0yyby
Date: Sun, 09 Oct 2022 06:27:30 GMT
Via: 1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA6-C1
Age: 16207
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 2614
x-amz-meta-user: ymarchand
Last-Modified: Mon, 10 May 2021 06:59:35 GMT
Server: AmazonS3
ETag: "4fe3d1fbeb039955a75d473adbf6cbce"
Vary: Accept-Encoding, Origin
Content-Type: image/jpeg
Accept-Ranges: bytes
X-Amz-Cf-Id: GomA99xfQMHTajTHu8xiKXWck7SkSPwLC6nSvYSLK4IeB7p58dd9Kw==

GET
H2 200 xt_rta_info.asp Show response
one-time-offer.com/common/ 79 B
252 B 167ms
157ms XHR
application/json 52.16.213.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://one-time-offer.com/common/xt_rta_info.asp?ccType=Unknown+Type&bin=0
Requested by: Host: d3dh5c7rwzliwm.cloudfront.net
URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/jquery-1.4.2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.213.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-213-184.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 1bce75f9438e0406ca18e08ef0070eda72016893f42ef7aca2e347ab77dd1329

Request headers

Accept: application/json, text/javascript, */*
Referer: https://one-time-offer.com/sol9/darty_fr/sb840930/promo.asp?sid=7deac3bcf839a2dd96420dc8f6a4df5d&ci=C6A6A6F606069A11D1C0712120A110E13BB797078737E7AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DC1C1C1C1F17101715131ED46651435352594A4D5449E2212A24232827373F3D34FE4047555345545C4A425&infoid=7deac3bcf839a2dd96420dc8f6a4df5d
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 09 Oct 2022 09:43:42 GMT
cache-control: private
server: Microsoft-IIS/8.5
content-length: 79
content-type: application/json; charset=utf-8

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
503 B 61ms
54ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@400;700&display=swap

Requested by

Host: d3dh5c7rwzliwm.cloudfront.net
URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/css/FR_RR_KAPPA_PROMO_RWD_cookies.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aee1e4e4dfaa2c0f96dcaf744f7f30e2cacd831eed9aae5266189216fa13a06a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d3dh5c7rwzliwm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 09 Oct 2022 09:43:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 09 Oct 2022 09:35:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 09 Oct 2022 09:43:42 GMT

GET
H2 200 fcc01ff5-636a-461e-8941-bd653a7fe10d.json Show response
cdn.cookielaw.org/consent/fcc01ff5-636a-461e-8941-bd653a7fe10d/ 5 KB
2 KB 120ms
69ms XHR
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/fcc01ff5-636a-461e-8941-bd653a7fe10d/fcc01ff5-636a-461e-8941-bd653a7fe10d.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

943a12f8d6daafb119e543994b543f46e17a29e97df35167216de42102ab546f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 09 Oct 2022 09:43:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: t5t40AmLJzHwWn0nRUuiRg==
age: 11016
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1505
x-ms-lease-status: unlocked
last-modified: Thu, 15 Jul 2021 08:22:44 GMT
server: cloudflare
etag: 0x8D94769B8A727C8
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 28bf4431-401e-003c-1acf-116c3d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 75762c686be992b1-FRA
expires: Sun, 09 Oct 2022 13:43:42 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 276 KB
67 KB 92ms
43ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W5XHZJF

Requested by

Host: d3dh5c7rwzliwm.cloudfront.net
URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/js/ga_cookie_fr.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d2ba2053dceb00435276f01190ca34d889acc2a7217b767f23324a5c73ca473d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 09:43:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68118
x-xss-protection: 0
last-modified: Sun, 09 Oct 2022 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 09 Oct 2022 09:43:42 GMT

GET
H/1.1 200
OK details_popup.html Show response
d3dh5c7rwzliwm.cloudfront.net/FR/html/ Frame 3358 6 KB
3 KB 22ms
22ms Document
text/html 99.86.1.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/html/details_popup.html
Requested by: Host: d3dh5c7rwzliwm.cloudfront.net
URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/jquery-1.4.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.1.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-6.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3bdc00a54c53d12b47e3655e9f3aa4771fb1278a236ca4d2b2ed83372278340a

Request headers

Referer: https://one-time-offer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 19448
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sun, 09 Oct 2022 06:29:09 GMT
ETag: W/"bbcddd5600e8340ef507a7898351dfc3"
Last-Modified: Fri, 26 Aug 2022 11:01:50 GMT
Server: AmazonS3
Transfer-Encoding: chunked
Vary: Accept-Encoding Origin
Via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
X-Amz-Cf-Id: SrAl_2FlmysSBJPQQvXCQmFJ8yz6dAQSGetefIkaOkgZjGqXAGaLlQ==
X-Amz-Cf-Pop: FRA6-C1
X-Cache: Hit from cloudfront
x-amz-meta-user: gsokate
x-amz-version-id: P8qXpZsOTOlD4JF.Mie2bWZMbxhnx4FH

GET
H/1.1 200
OK details_popup.html Show response
d3dh5c7rwzliwm.cloudfront.net/FR/html/ Frame 0306 6 KB
3 KB 21ms
20ms Document
text/html 99.86.1.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/html/details_popup.html
Requested by: Host: d3dh5c7rwzliwm.cloudfront.net
URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/jquery-1.4.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.1.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-6.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3bdc00a54c53d12b47e3655e9f3aa4771fb1278a236ca4d2b2ed83372278340a

Request headers

Referer: https://one-time-offer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 19448
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sun, 09 Oct 2022 06:29:09 GMT
ETag: W/"bbcddd5600e8340ef507a7898351dfc3"
Last-Modified: Fri, 26 Aug 2022 11:01:50 GMT
Server: AmazonS3
Transfer-Encoding: chunked
Vary: Accept-Encoding Origin
Via: 1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
X-Amz-Cf-Id: 4gccqbkWcFYR-jCg5wBHeCZOM0xlvayMLe5CwDLQpqLxEcYOkLjlCQ==
X-Amz-Cf-Pop: FRA6-C1
X-Cache: Hit from cloudfront
x-amz-meta-user: gsokate
x-amz-version-id: P8qXpZsOTOlD4JF.Mie2bWZMbxhnx4FH

GET
H/1.1

200
OK

spacer.gif Show response
d3dh5c7rwzliwm.cloudfront.net/ALL/images/
Redirect Chain

https://one-time-offer.com/common/xt_recMilestone.asp
https://d3dh5c7rwzliwm.cloudfront.net/ALL/images/spacer.gif

43 B
706 B

61ms
20ms

XHR
image/gif

99.86.1.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/ALL/images/spacer.gif
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/darty_fr/sb840930/promo.asp?sid=7deac3bcf839a2dd96420dc8f6a4df5d&ci=C6A6A6F606069A11D1C0712120A110E13BB797078737E7AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DC1C1C1C1F17101715131ED46651435352594A4D5449E2212A24232827373F3D34FE4047555345545C4A425&infoid=7deac3bcf839a2dd96420dc8f6a4df5d
Protocol: HTTP/1.1
Server: 99.86.1.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-6.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: iG7_tlWBrGLw6cWT9taMgLAkJAqZyJ2R
Date: Sun, 09 Oct 2022 06:29:09 GMT
Via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA6-C1
Age: 17018
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 43
x-amz-meta-user: ymarchand
Last-Modified: Mon, 11 May 2020 07:31:23 GMT
Server: AmazonS3
ETag: "fc94fb0c3ed8a8f909dbc7630a0987ff"
Vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Content-Type: image/gif
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-Amz-Cf-Id: o-yoxu_DpnsTLhcyF2-2UQJAN95M46dLJpJyOYoWfmoOaM_H3GuOwg==

Redirect headers

location: https://d3dh5c7rwzliwm.cloudfront.net/ALL/images/spacer.gif
date: Sun, 09 Oct 2022 09:43:42 GMT
cache-control: private
server: Microsoft-IIS/8.5
content-length: 180
content-type: text/html

GET
H/1.1 200
OK scanning.gif
d3dh5c7rwzliwm.cloudfront.net/UK/Templates/CCScan/ 46 KB
46 KB 22ms
22ms Image
image/gif 99.86.1.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/UK/Templates/CCScan/scanning.gif
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/darty_fr/sb840930/promo.asp?sid=7deac3bcf839a2dd96420dc8f6a4df5d&ci=C6A6A6F606069A11D1C0712120A110E13BB797078737E7AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DC1C1C1C1F17101715131ED46651435352594A4D5449E2212A24232827373F3D34FE4047555345545C4A425&infoid=7deac3bcf839a2dd96420dc8f6a4df5d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.1.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-6.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 667fbd73600f9931eb3ab39292833c7ed9182385858d5004d1e93132daa3bb5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: P5X8e32szzZRuYav0b9HEo6Tqj_nFIPW
Date: Sun, 09 Oct 2022 03:28:11 GMT
Via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
Last-Modified: Wed, 30 Mar 2016 13:29:50 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA6-C1
Age: 53656
ETag: "123876a2d2f4e3cf7cb8ce35eb5f1383"
Vary: Accept-Encoding, Origin
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 46809
X-Amz-Cf-Id: ym3wqQOag4o7RvoT41Y9-_zDmB-HKh0iR7HDopNZUj-ankfPYr7a5g==

GET
H/1.1 200
OK Darty.png
d3dh5c7rwzliwm.cloudfront.net/FR/header_TTB/Darty/ 2 KB
2 KB 24ms
24ms Image
image/png 99.86.1.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/header_TTB/Darty/Darty.png
Requested by: Host: one-time-offer.com
URL: https://one-time-offer.com/sol9/darty_fr/sb840930/promo.asp?sid=7deac3bcf839a2dd96420dc8f6a4df5d&ci=C6A6A6F606069A11D1C0712120A110E13BB797078737E7AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DC1C1C1C1F17101715131ED46651435352594A4D5449E2212A24232827373F3D34FE4047555345545C4A425&infoid=7deac3bcf839a2dd96420dc8f6a4df5d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.1.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-6.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: faf45ff7ff8975c7178efb3779338178160f81ce469908803e409bd02be53654

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: vOb3sAGkdGmi4vGjLqn.6IwUyOwwna7i
Date: Sun, 09 Oct 2022 09:43:42 GMT
Via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
Last-Modified: Fri, 17 Feb 2017 15:33:53 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA6-C1
Age: 9116
ETag: "f92ff5b74c8c692d3d6ad268c621d9cd"
Vary: Accept-Encoding, Origin
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2006
X-Amz-Cf-Id: 0c2rlsLtIHsxhgkf6W0V0_IAWCTRK9QNJN-gTcHLyruuetXWq0ZE-Q==

GET
H3 200 css
fonts.googleapis.com/ Frame 3358 10 KB
755 B 30ms
30ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,800

Requested by

Host: d3dh5c7rwzliwm.cloudfront.net
URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/html/details_popup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f229fcd4f2c83dbd2ee87ee7be177146e75a954c6ba982e4c29936d2a409cb03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d3dh5c7rwzliwm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 09 Oct 2022 09:43:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 09 Oct 2022 09:34:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 09 Oct 2022 09:43:42 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 0306 10 KB
755 B 30ms
29ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,800

Requested by

Host: d3dh5c7rwzliwm.cloudfront.net
URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/html/details_popup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f229fcd4f2c83dbd2ee87ee7be177146e75a954c6ba982e4c29936d2a409cb03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d3dh5c7rwzliwm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 09 Oct 2022 09:43:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 09 Oct 2022 09:12:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 09 Oct 2022 09:43:42 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 153 B
359 B 117ms
64ms XHR
application/json 2606:4700:4400::ac40:929e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:929e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6fba5ed9a21a948a1edf9f018055a8ed911df83da750fcb24177e2a3c539a085

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://one-time-offer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 09:43:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 75762c693c41bbc5-FRA
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.16.0/ 374 KB
83 KB 33ms
32ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.16.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

353bcd41d11cc5a2bcb6763c269e41ac785c06ace29ac10053bb7c0fa3bf1ecf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 09 Oct 2022 09:43:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: dGCXlveaBvO7BI0nfZKP+g==
age: 11874
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 85065
x-ms-lease-status: unlocked
last-modified: Thu, 06 May 2021 19:31:04 GMT
server: cloudflare
etag: 0x8D910C57D52F14C
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 478a2812-101e-0120-2a59-03f27f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 75762c69a84a6943-FRA

GET
H2 200 fr.json Show response
cdn.cookielaw.org/consent/fcc01ff5-636a-461e-8941-bd653a7fe10d/f7c33a51-b06d-40e0-b5c2-b3d39a3d1488/ 48 KB
13 KB 52ms
51ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/fcc01ff5-636a-461e-8941-bd653a7fe10d/f7c33a51-b06d-40e0-b5c2-b3d39a3d1488/fr.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.16.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

325724d29a8ac61842c12c2db6daa35a65bc471185ee3bccb4eed306ab1fc200

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 09 Oct 2022 09:43:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: XO8pHrl/+OpQfqEfK7BxGg==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 13179
x-ms-lease-status: unlocked
last-modified: Thu, 15 Jul 2021 08:22:55 GMT
server: cloudflare
etag: 0x8D94769BF75744A
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: d6fb9842-e01e-011c-37e3-1146a4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 75762c6a0f8192b1-FRA
expires: Sun, 09 Oct 2022 13:43:42 GMT

GET
H2 200 LambdaWLAnalytics Show response
analytics.member-center.com/lambda/ 79 B
154 B 179ms
66ms Script
application/javascript 52.16.82.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.member-center.com/lambda/LambdaWLAnalytics?WLUMID=undefined&PID=27400
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5XHZJF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.82.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-82-29.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 173dca22aed758a683176f3e3d9ccc10964a100628a575ebc2b467eb4620359d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 09:43:42 GMT
server: awselb/2.0
content-length: 79
content-type: application/javascript

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.16.0/assets/ 12 KB
3 KB 27ms
27ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.16.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.16.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb1fa7363d6e4772f7c49d67f031d68f209e66de6c3c05aade6fdc57a02505c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 09 Oct 2022 09:43:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: DKM3/i+7h7Fs8cEMor3s2A==
age: 11015
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2938
x-ms-lease-status: unlocked
last-modified: Thu, 06 May 2021 19:30:47 GMT
server: cloudflare
etag: 0x8D910C572DA86E8
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: e59c09a1-b01e-0022-1ed0-11b6d0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 75762c6ab91f92b1-FRA

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/6.16.0/assets/v2/ 46 KB
12 KB 33ms
33ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.16.0/assets/v2/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.16.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a02b434edb84f078f67ae040f565f6258b91dfa3f16ad8e305392cfe5d18e8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 09 Oct 2022 09:43:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 2Zi7TemSsXHh6hY5sI0Yeg==
age: 11015
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 11890
x-ms-lease-status: unlocked
last-modified: Thu, 06 May 2021 19:30:50 GMT
server: cloudflare
etag: 0x8D910C574C4FC1A
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: e543e0b7-901e-0058-4ad0-11dc9d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 75762c6ac92092b1-FRA

GET
H/1.1

200
OK

spacer.gif Show response
d3dh5c7rwzliwm.cloudfront.net/ALL/images/
Redirect Chain

https://one-time-offer.com/common/xt_recMilestone.asp
https://d3dh5c7rwzliwm.cloudfront.net/ALL/images/spacer.gif

43 B
706 B

22ms
21ms

XHR
image/gif

99.86.1.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/ALL/images/spacer.gif
Protocol: HTTP/1.1
Server: 99.86.1.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-6.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: iG7_tlWBrGLw6cWT9taMgLAkJAqZyJ2R
Date: Sun, 09 Oct 2022 06:29:09 GMT
Via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA6-C1
Age: 17018
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 43
x-amz-meta-user: ymarchand
Last-Modified: Mon, 11 May 2020 07:31:23 GMT
Server: AmazonS3
ETag: "fc94fb0c3ed8a8f909dbc7630a0987ff"
Vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Content-Type: image/gif
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-Amz-Cf-Id: 3GTPf6KSS-_kZj_ugs5pzaEJHQ6tmoC1okRXSBeoKloMEy0YQsgLBg==

Redirect headers

location: https://d3dh5c7rwzliwm.cloudfront.net/ALL/images/spacer.gif
date: Sun, 09 Oct 2022 09:43:42 GMT
cache-control: private
server: Microsoft-IIS/8.5
content-length: 180
content-type: text/html

GET
H2 200 c66df5def7d7a.js Show response
t.contentsquare.net/uxa/ 350 KB
77 KB 76ms
21ms Script
application/javascript 143.204.215.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.contentsquare.net/uxa/c66df5def7d7a.js
Requested by: Host: d3dh5c7rwzliwm.cloudfront.net
URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/tracker_cookie.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-16.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2f1fc9e463940bf8a1885857da903f522ae67a0552f3f26ddd3214070a5efa08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 14:57:10 GMT
content-encoding: gzip
via: 1.1 c90147ea5199ff7ce77981c8da4247c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 67594
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 78579
last-modified: Wed, 05 Oct 2022 14:56:45 GMT
server: AmazonS3
etag: "5f4e71da24fc4acfc9e0425a2e15726b"
vary: Accept-Encoding, Origin
content-type: application/javascript;charset=utf-8
cache-control: max-age=900
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: _jdrfhJeR77xroeDcIGjv-fwP1cPwxyUMex55ZRx1CoUssDcIZWAJw==

OPTIONS
H2 200 quota
q-aeu1.contentsquare.net/ Frame 0
0 141ms
43ms Preflight 54.246.158.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q-aeu1.contentsquare.net/quota?enc=raw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.158.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-158-148.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://one-time-offer.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length: 0
date: Sun, 09 Oct 2022 09:43:43 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
timing-allow-origin: *

POST
H2 200 quota Show response
q-aeu1.contentsquare.net/ 29 B
243 B 42ms
41ms Fetch
application/json 54.246.158.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q-aeu1.contentsquare.net/quota?enc=raw
Requested by: Host: t.contentsquare.net
URL: https://t.contentsquare.net/uxa/c66df5def7d7a.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.158.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-158-148.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 70c705d49e04d07b8353972235ca2f2f7f48c1ddbb671829a282558b991a8fa1

Request headers

Referer: https://one-time-offer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Sun, 09 Oct 2022 09:43:43 GMT
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression
content-length: 29
access-control-allow-methods: POST, OPTIONS
content-type: application/json

GET
H2 204 pageview
c.contentsquare.net/ 0
320 B 138ms
41ms Image
text/plain 52.215.165.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/pageview?pid=13536&uu=35130169-07f7-a30b-fc2e-65fb5f62701e&sn=1&lv=1665308623&lhd=1665308623&hd=1665308623&pn=1&dw=1600&dh=1839&ww=1600&wh=1200&sw=1600&sh=1200&dr=&url=https%3A%2F%2Fone-time-offer.com%2Fsol9%2Fdarty_fr%2Fsb840930%2Fpromo.asp%3Fsid%3D7deac3bcf839a2dd96420dc8f6a4df5d%26ci%3DC6A6A6F606069A11D1C0712120A110E13BB797078737E7AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DC1C1C1C1F17101715131ED46651435352594A4D5449E2212A24232827373F3D34FE4047555345545C4A425%26infoid%3D7deac3bcf839a2dd96420dc8f6a4df5d&uc=1&la=en-US&v=11.49.1&pvt=n&r=879070
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.165.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-165-3.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Oct 2022 09:43:43 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
BLOB 200
OK d091ed28-ed35-4f9b-95f0-97b4d9c6870d
https://one-time-offer.com/ 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://one-time-offer.com/d091ed28-ed35-4f9b-95f0-97b4d9c6870d
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2a08279200a1d57da78dbb12b84890d5a37cf5afa02015b777e586a98cdba258

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 1979
Content-Type: application/javascript

POST
H2 200 recording Show response
k-aeu1.contentsquare.net/v2/ 0
187 B 243ms
87ms Fetch 52.30.123.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://k-aeu1.contentsquare.net/v2/recording?rt=5&v=11.49.1&pid=13536&uu=35130169-07f7-a30b-fc2e-65fb5f62701e&sn=1&pn=1&ri=1&rst=1665308623265&let=1665308623320&enc=lzstring
Requested by: Host: t.contentsquare.net
URL: https://t.contentsquare.net/uxa/c66df5def7d7a.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.123.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-123-22.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 09 Oct 2022 09:43:43 GMT
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression
content-length: 0
access-control-allow-methods: GET, POST, OPTIONS

GET
H/1.1

200
OK

spacer.gif Show response
d3dh5c7rwzliwm.cloudfront.net/ALL/images/
Redirect Chain

https://one-time-offer.com/common/xt_recMilestone.asp
https://d3dh5c7rwzliwm.cloudfront.net/ALL/images/spacer.gif

43 B
706 B

21ms
20ms

XHR
image/gif

99.86.1.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3dh5c7rwzliwm.cloudfront.net/ALL/images/spacer.gif
Protocol: HTTP/1.1
Server: 99.86.1.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-6.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://one-time-offer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: iG7_tlWBrGLw6cWT9taMgLAkJAqZyJ2R
Date: Sun, 09 Oct 2022 06:29:09 GMT
Via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA6-C1
Age: 17020
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 43
x-amz-meta-user: ymarchand
Last-Modified: Mon, 11 May 2020 07:31:23 GMT
Server: AmazonS3
ETag: "fc94fb0c3ed8a8f909dbc7630a0987ff"
Vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Content-Type: image/gif
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-Amz-Cf-Id: zkhISdAhjPJsIUjL_TvYI_y4rSpYpNavJW6A7OQPE_ztG9UO6GkJ4w==

Redirect headers

location: https://d3dh5c7rwzliwm.cloudfront.net/ALL/images/spacer.gif
date: Sun, 09 Oct 2022 09:43:44 GMT
cache-control: private
server: Microsoft-IIS/8.5
content-length: 180
content-type: text/html

Verdicts & Comments Add Verdict or Comment

271 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
one-time-offer.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: fx3xnxon0d2yuei055sxlecx
one-time-offer.com/	1969-12-31 23:59:59	Name: WLSession Value: SID=7deac3bcf839a2dd96420dc8f6a4df5d&SessionClosed=false
one-time-offer.com/	1970-01-20 15:20:44	Name: USER%5FID Value: 1298826957
one-time-offer.com/	1969-12-31 23:59:59	Name: ASPSESSIONIDCCRQDRSB Value: HKNNNJLAAMJIOJEOKLDBBLAH
one-time-offer.com/	1969-12-31 23:59:59	Name: ASPSESSIONIDASQQARTB Value: NKBJNNLAJCFEJCILPOFLNKBB
.one-time-offer.com/	1970-01-20 15:20:44	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Sun+Oct+09+2022+09%3A43%3A42+GMT%2B0000+(GMT)&version=6.16.0&isIABGlobal=false&hosts=&consentId=560497d6-3d91-4ab0-8e1a-f6ad792d64ce&interactionCount=0&landingPath=https%3A%2F%2Fone-time-offer.com%2Fsol9%2Fdarty_fr%2Fsb840930%2Fpromo.asp%3Fsid%3D7deac3bcf839a2dd96420dc8f6a4df5d%26ci%3DC6A6A6F606069A11D1C0712120A110E13BB797078737E7AB00A0D1F07067F7D617A7976C808C27C7B667668736D6B6A73DC1C1C1C1F17101715131ED46651435352594A4D5449E2212A24232827373F3D34FE4047555345545C4A425%26infoid%3D7deac3bcf839a2dd96420dc8f6a4df5d&groups=C0001%3A1%2CC0003%3A0%2CC0004%3A0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.member-center.com
c.contentsquare.net
cdn.cookielaw.org
d2lbtufyyqy5cu.cloudfront.net
d3dh5c7rwzliwm.cloudfront.net
dkdrawii0zqtg.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
k-aeu1.contentsquare.net
one-time-offer.com
q-aeu1.contentsquare.net
t.contentsquare.net
tracking.wlscripts.net
www.googletagmanager.com
143.204.215.16
2600:9000:206f:9a00:14:9586:a100:21
2600:9000:206f:fc00:b:d114:6780:21
2606:4700:4400::ac40:929e
2606:4700::6810:9440
2a00:1450:4001:803::200a
2a00:1450:4001:828::2008
2a00:1450:4001:831::2003
34.254.54.173
52.16.213.184
52.16.82.29
52.215.165.3
52.30.123.22
54.246.158.148
99.86.1.6
077081403676ca25396e6fbe5cce7155e7d63e83903868b91695a9d5cf8a15ce
0c42ff05e2e248efed2b86bd41594a56dcdcdb3207082312856d569482a34b5a
0cede639efd6c1d520bce74b3c1f5cbbccf57522abdad7c95e56025b82f986f0
11e5db674677ffa051c40868035e9dfeb2603527c14e68d5586e6466af0cc27c
124a3d038c149d31ffa54e6c6e680d5cfccf1935d90562a5085fbfeb1c02a334
173dca22aed758a683176f3e3d9ccc10964a100628a575ebc2b467eb4620359d
1adeb9b7455c164e01a88173d356742be2a4b5dc4977f0f64fee5b5d4b38e0b3
1bce75f9438e0406ca18e08ef0070eda72016893f42ef7aca2e347ab77dd1329
2a08279200a1d57da78dbb12b84890d5a37cf5afa02015b777e586a98cdba258
2b38ad3bc616f69332f3ecca87016bbfe66c77ec1a31b68dece47776e0a4bb39
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f1fc9e463940bf8a1885857da903f522ae67a0552f3f26ddd3214070a5efa08
31acffbbd1a860246add3bb801217b48b27eee43025aa8ab611de27a74205a60
325724d29a8ac61842c12c2db6daa35a65bc471185ee3bccb4eed306ab1fc200
3520de6824493555fa3d2b1c0717dff225c4c4d7ce8e868977389eb043e7a280
353bcd41d11cc5a2bcb6763c269e41ac785c06ace29ac10053bb7c0fa3bf1ecf
3bdc00a54c53d12b47e3655e9f3aa4771fb1278a236ca4d2b2ed83372278340a
4654da0fb6b121c04d5943a7365c6cd6bcbff0f4e9b7f20261bb136d39dddd86
4a02b434edb84f078f67ae040f565f6258b91dfa3f16ad8e305392cfe5d18e8c
4b8653402f746ac5433be07742703fb380931c611f7a764f50edd74b9b2a1928
52295428f1d4d23a3a2e279cc1dacf9b9869b08004da91fb219ac01f48e86938
57dfc7637aef7db2b5b68775b512f8fce25575d803f4af4e87260118938186d4
5887fc30b3ce6d35eedf8e617a74c84bfdd108a3f753bdb9e749c1093829c7e0
60141d1affdc3c483c31396c1a9165cfb9f3eb790c9ce40dc93a26eb1c560669
667fbd73600f9931eb3ab39292833c7ed9182385858d5004d1e93132daa3bb5b
693ee6643cf51bc7de0a48386c193b49ec28a0ef4a8a219c363d2f4d3d1359f2
6fba5ed9a21a948a1edf9f018055a8ed911df83da750fcb24177e2a3c539a085
70c705d49e04d07b8353972235ca2f2f7f48c1ddbb671829a282558b991a8fa1
7286e31a06a6e6447980235c424439f93e095023ac7f766c37a13e1d1fc8cfa3
7ca9827b9cb830e35c510501de1ad37e7ebedd8c8cb388a925253a64f95bee15
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
8380a1fbd46042955f25aade9894cd66babe9f4c444af66bbfb3fadadec74913
86b1ccf63235b047380c389b74b118665df079b40706b9360a11f420ec62dceb
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
89783270bead756e8bfb2f92e9d0d0708bc9c65e05c18ca4058946a813846a1e
943a12f8d6daafb119e543994b543f46e17a29e97df35167216de42102ab546f
9e481bbe87da2d176fdadf9d3c6b6ca0bee736c4c510613b941f1cfdc761cf0a
9ebae3291f840fc32c3d128bbe9518706dc5c14dd704949984d802d28a8c20d0
a04e6c9a58e4f7de825fd103326e0f00a6b3b2634233c9b68870894cba763290
aee1e4e4dfaa2c0f96dcaf744f7f30e2cacd831eed9aae5266189216fa13a06a
b214c7b862a0e50798c53344af7e709b24b85b0cd30a7a6b753c2e86dfed2554
b60b366a2bcc7f3993ea6e07492a0d4c5d91e443f44d784744c46c5b33aafdcd
b6e7eff529efa6de4490a438b12f1f64f4c909b85516191405cf725f539be117
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
bebb0cb9d93a651e8f0a9e23035bd76aada62c05a789177d0aaafa7cca011b81
c19badd2e95becdb5b490d89efe6e57d8d6f903121f22d86efbafc117c49870e
c27c97eac4067ef10dcaf87268070a764ca4cd5d211257fe25b88e111eb2d3af
c28d2287ba25f531f52f96d00895c8d04ecebb1ed5ae5849b5c2b088c2ea7f82
c30ba96503f1de9a792a9e725155b852434607e956eb5b6e8997013dfb653091
ce8d81c4491ce798ebac41d52eef71ea6cc5adb1b6db1ea23c5c04e58c86f313
cec4205899ad0e0c3874cdfce2eb2577bc38a99422da5cc951c4014d66532226
cf8612d7c0fb3fc90d91d896fc4ff6409e159611c1ed079a334645c977af0670
d250ccda429e35c4638581f14f9ee7e143aca859d2c77f54db12742b31ac8dff
d2ba2053dceb00435276f01190ca34d889acc2a7217b767f23324a5c73ca473d
d4f676fb18755519f6c6967b5ab57c7a467657c959ec22f8b519bd3e5de9668d
dd1315cb2466d61eccb9001c163d8e5423eb2841612cf74bbfd97acb918784d7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e56184da35b674dad8aa52047fa71e1e52694508e63a04684e746fb227dda613
e6f0978189cc569303e3f98accc039dbb600bf11f6377b110a1c6d88ce7db7ae
eb1fa7363d6e4772f7c49d67f031d68f209e66de6c3c05aade6fdc57a02505c1
ecfb7a12437e01bde4a07b35599509f9cadbc5f9cbe34a56af2b827d828c67e7
eed6469391b8e3335a678eb433bf851a116162f08881a3be5020d520ae85683a
f229fcd4f2c83dbd2ee87ee7be177146e75a954c6ba982e4c29936d2a409cb03
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f85013ff265bef7b4f7dbbb38eba7a7b9f015c1aeaff39e0d0399660ac046f2c
faf45ff7ff8975c7178efb3779338178160f81ce469908803e409bd02be53654
fd85536f1b59127421f184b4c8b186bb991fabe6c9d314ebb9a5bbaf11d8aed2

one-time-offer.com Open in urlscan Pro 52.16.213.184 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

75 Requests

95 %HTTPS

47 %IPv6

10 Domains

15 Subdomains

16 IPs

3 Countries

1035 kBTransfer

2353 kBSize

6 Cookies

7 Outgoing links

Page URL History

Redirected requests

75 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

one-time-offer.com Open in urlscan Pro
52.16.213.184 Public Scan

Screenshot
Live screenshot

Full Image

75
Requests

95 %
HTTPS

47 %
IPv6

10
Domains

15
Subdomains

16
IPs

3
Countries

1035 kB
Transfer

2353 kB
Size

6
Cookies

75 HTTP transactions
0 data transactions