one-time-offer.com
Open in
urlscan Pro
63.35.138.152
Public Scan
Submitted URL: https://banners.wlservices.fr/jump-510
Effective URL: https://one-time-offer.com/sol9/cdiscount_fr/pb422230/promo.asp?sid=453e7694be70885b7b690ecd9134d66c&ci=B6B616165636AA01A1D...
Submission: On October 01 via manual from FR
Effective URL: https://one-time-offer.com/sol9/cdiscount_fr/pb422230/promo.asp?sid=453e7694be70885b7b690ecd9134d66c&ci=B6B616165636AA01A1D...
Submission: On October 01 via manual from FR
Summary
This website contacted 12 IPs
in 5 countries
across 10 domains to perform 51 HTTP transactions.
The main IP is 63.35.138.152, located in
Dublin, Ireland and
belongs to AMAZON-02 - Amazon.com, Inc., US.
The main domain is one-time-offer.com.
TLS certificate: Issued by DigiCert Global CA G2 on August 19th 2019. Valid for: 2 years.
This is the only time one-time-offer.com was scanned on urlscan.io!
TLS certificate: Issued by DigiCert Global CA G2 on August 19th 2019. Valid for: 2 years.
This is the only time one-time-offer.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 | 54.229.124.80 54.229.124.80 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
| 1 5 | 63.35.138.152 63.35.138.152 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
| 28 | 143.204.208.147 143.204.208.147 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
| 2 | 2a00:1450:400... 2a00:1450:4001:806::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 1 | 52.222.157.91 52.222.157.91 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
| 1 2 | 2a00:1450:400... 2a00:1450:4001:80b::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 3 | 2a00:1450:400... 2a00:1450:4001:825::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 5 | 2a02:26f0:6c0... 2a02:26f0:6c00:28a::2db0 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 1 1 | 2a00:1450:400... 2a00:1450:400c:c06::9d | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 1 1 | 2a00:1450:400... 2a00:1450:4001:820::2004 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:819::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 3 | 34.198.177.179 34.198.177.179 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
| 1 | 52.22.9.21 52.22.9.21 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
| 51 | 12 |
1
54.229.124.80
(Dublin, Ireland)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-229-124-80.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-229-124-80.eu-west-1.compute.amazonaws.com
| banners.wlservices.fr |
5
63.35.138.152
(Dublin, Ireland)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-63-35-138-152.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-63-35-138-152.eu-west-1.compute.amazonaws.com
| one-time-offer.com |
28
143.204.208.147
(Seattle, United States)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-208-147.fra53.r.cloudfront.net
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-208-147.fra53.r.cloudfront.net
| d3dh5c7rwzliwm.cloudfront.net |
2
2a00:1450:4001:806::200a
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| fonts.googleapis.com |
1
52.222.157.91
(Seattle, United States)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-157-91.fra53.r.cloudfront.net
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-157-91.fra53.r.cloudfront.net
| media.one-time-offer.com |
2
2a00:1450:4001:80b::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| www.google-analytics.com |
3
2a00:1450:4001:825::2003
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| fonts.gstatic.com |
1
2a00:1450:400c:c06::9d
(Brussels, Belgium)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| stats.g.doubleclick.net |
1
2a00:1450:4001:820::2004
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| www.google.com |
1
2a00:1450:4001:819::2003
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| www.google.de |
3
34.198.177.179
(Ashburn, United States)
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-198-177-179.compute-1.amazonaws.com
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-198-177-179.compute-1.amazonaws.com
| conductor.clicktale.net |
1
52.22.9.21
(Ashburn, United States)
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-22-9-21.compute-1.amazonaws.com
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-22-9-21.compute-1.amazonaws.com
| ing-district.clicktale.net |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 28 |
cloudfront.net
d3dh5c7rwzliwm.cloudfront.net |
154 KB |
| 9 |
clicktale.net
cdnssl.clicktale.net conductor.clicktale.net ing-district.clicktale.net |
94 KB |
| 6 |
one-time-offer.com
1 redirects
one-time-offer.com media.one-time-offer.com |
35 KB |
| 3 |
gstatic.com
fonts.gstatic.com |
27 KB |
| 2 |
google-analytics.com
1 redirects
www.google-analytics.com |
18 KB |
| 2 |
googleapis.com
fonts.googleapis.com |
1 KB |
| 1 |
google.de
www.google.de |
109 B |
| 1 |
google.com
1 redirects
www.google.com |
182 B |
| 1 |
doubleclick.net
1 redirects
stats.g.doubleclick.net |
160 B |
| 1 |
wlservices.fr
banners.wlservices.fr |
682 B |
| 51 | 10 |
| Domain | Requested by | |
|---|---|---|
| 28 | d3dh5c7rwzliwm.cloudfront.net |
one-time-offer.com
d3dh5c7rwzliwm.cloudfront.net |
| 5 | cdnssl.clicktale.net |
one-time-offer.com
cdnssl.clicktale.net banners.wlservices.fr |
| 5 | one-time-offer.com |
1 redirects
banners.wlservices.fr
one-time-offer.com |
| 3 | conductor.clicktale.net |
cdnssl.clicktale.net
|
| 3 | fonts.gstatic.com |
one-time-offer.com
|
| 2 | www.google-analytics.com |
1 redirects
d3dh5c7rwzliwm.cloudfront.net
|
| 2 | fonts.googleapis.com |
one-time-offer.com
|
| 1 | ing-district.clicktale.net |
cdnssl.clicktale.net
|
| 1 | www.google.de |
one-time-offer.com
|
| 1 | www.google.com | 1 redirects |
| 1 | stats.g.doubleclick.net | 1 redirects |
| 1 | media.one-time-offer.com |
one-time-offer.com
|
| 1 | banners.wlservices.fr | |
| 51 | 13 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.remisesetreductions.fr |
| d3dh5c7rwzliwm.cloudfront.net |
| d1fd8aj8bhyfe9.cloudfront.net |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.wlservices.fr COMODO RSA Domain Validation Secure Server CA |
2016-12-08 - 2019-12-08 |
3 years | crt.sh |
| one-time-offer.com DigiCert Global CA G2 |
2019-08-19 - 2021-10-14 |
2 years | crt.sh |
| *.cloudfront.net DigiCert Global CA G2 |
2019-07-17 - 2020-07-05 |
a year | crt.sh |
| *.googleapis.com GTS CA 1O1 |
2019-09-05 - 2019-11-28 |
3 months | crt.sh |
| *.google-analytics.com GTS CA 1O1 |
2019-09-05 - 2019-11-28 |
3 months | crt.sh |
| *.google.com GTS CA 1O1 |
2019-09-05 - 2019-11-28 |
3 months | crt.sh |
| *.clicktale.net DigiCert SHA2 Secure Server CA |
2018-07-15 - 2019-10-14 |
a year | crt.sh |
| www.google.de GTS CA 1O1 |
2019-09-05 - 2019-11-28 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://one-time-offer.com/sol9/cdiscount_fr/pb422230/promo.asp?sid=453e7694be70885b7b690ecd9134d66c&ci=B6B616165636AA01A1D04131D1B120F14BA7A7A7574717BB70B0E1E08777C7C667B7A77C709C17D7C6775697C7C686B74DA1C1B151016101A1B1ED46651435352594A4D5449E52420242027283C3C3D34FE4047555345545C4A425&infoid=453e7694be70885b7b690ecd9134d66c
Frame ID: A90F9B72703D4327B7EBE3B42C5DA53B
Requests: 51 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://banners.wlservices.fr/jump-510 Page URL
-
https://one-time-offer.com/sg/gateway.aspx?v=532343A353&p=A2D29252E242BE77B7D7F706E72FC3A32303A3239F16D...
HTTP 302
https://one-time-offer.com/sol9/cdiscount_fr/pb422230/promo.asp?sid=453e7694be70885b7b690ecd9134d66c&ci... Page URL
Detected technologies
Nginx
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Google Font API
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
- script /jquery-ui[.-]([\d.]*\d)[^\/]*\.js/i
- script /jquery-ui.*\.js/i
jQuery UI
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /jquery-ui[.-]([\d.]*\d)[^\/]*\.js/i
- script /jquery-ui.*\.js/i
Page Statistics
7 Outgoing links
These are links going to different origins than the main page.
URL: https://www.remisesetreductions.fr/terms-and-conditions
Title: les Conditions d’Utilisation du Service
Title: les Conditions d’Utilisation du Service
Search URL Search Domain Scan URL
URL: https://www.remisesetreductions.fr/privacy-policy
Title: Charte de Données Personnelles.
Title: Charte de Données Personnelles.
Search URL Search Domain Scan URL
URL: https://www.remisesetreductions.fr/Home/AllRetailers/422230
Title: 700 e-marchands
Title: 700 e-marchands
Search URL Search Domain Scan URL
URL: https://d3dh5c7rwzliwm.cloudfront.net/FR/RR/site/20180523/Remises_et_Reductions_Formulaire_de_Retractation.pdf
Title: rétractation
Title: rétractation
Search URL Search Domain Scan URL
URL: https://d1fd8aj8bhyfe9.cloudfront.net/FR/RR/site/Remises_et_Reductions_Conditions_Utilisation_du_Service.pdf
Title: Conditions d'Utilisation du Service
Title: Conditions d'Utilisation du Service
Search URL Search Domain Scan URL
URL: https://www.remisesetreductions.fr/about-us
Title: Mentions légales
Title: Mentions légales
Search URL Search Domain Scan URL
URL: https://www.remisesetreductions.fr/cookies
Title: En savoir plus et paramétrez ces cookies.
Title: En savoir plus et paramétrez ces cookies.
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://banners.wlservices.fr/jump-510 Page URL
-
https://one-time-offer.com/sg/gateway.aspx?v=532343A353&p=A2D29252E242BE77B7D7F706E72FC3A32303A3239F16D6060727&cl=0776
HTTP 302
https://one-time-offer.com/sol9/cdiscount_fr/pb422230/promo.asp?sid=453e7694be70885b7b690ecd9134d66c&ci=B6B616165636AA01A1D04131D1B120F14BA7A7A7574717BB70B0E1E08777C7C667B7A77C709C17D7C6775697C7C686B74DA1C1B151016101A1B1ED46651435352594A4D5449E52420242027283C3C3D34FE4047555345545C4A425&infoid=453e7694be70885b7b690ecd9134d66c Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 38- https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1656772467&t=pageview&_s=1&dl=https%3A%2F%2Fone-time-offer.com%2Fsol9%2Fcdiscount_fr%2Fpb422230%2Fpromo.asp%3Fsid%3D453e7694be70885b7b690ecd9134d66c%26ci%3DB6B616165636AA01A1D04131D1B120F14BA7A7A7574717BB70B0E1E08777C7C667B7A77C709C17D7C6775697C7C686B74DA1C1B151016101A1B1ED46651435352594A4D5449E52420242027283C3C3D34FE4047555345545C4A425%26infoid%3D453e7694be70885b7b690ecd9134d66c&dr=https%3A%2F%2Fbanners.wlservices.fr%2Fjump-510&ul=en-us&de=windows-1252&dt=Remises%20%26%20R%C3%A9ductions&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAAAB~&jid=468767494&gjid=1744429629&cid=538770701.1569957217&tid=UA-35454984-1&_gid=2064081471.1569957217&_r=1&z=619933436 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-35454984-1&cid=538770701.1569957217&jid=468767494&_gid=2064081471.1569957217&gjid=1744429629&_v=j79&z=619933436 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-35454984-1&cid=538770701.1569957217&jid=468767494&_v=j79&z=619933436 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-35454984-1&cid=538770701.1569957217&jid=468767494&_v=j79&z=619933436&slf_rd=1&random=1895088356
- https://one-time-offer.com/common/xt_recMilestone.asp HTTP 302
- https://media.one-time-offer.com/images/spacer.gif
51 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
jump-510
banners.wlservices.fr/ |
181 B 682 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
promo.asp
one-time-offer.com/sol9/cdiscount_fr/pb422230/ Redirect Chain
|
41 KB 15 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
style-0818.css
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/ZETER/css/ |
23 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
10 KB 802 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
1 KB 497 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fr_validation.js
one-time-offer.com/scripts/ |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
solicitations.js
one-time-offer.com/scripts/ |
23 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
promo_flow.js
one-time-offer.com/scripts/ |
16 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
countryCode.js
d3dh5c7rwzliwm.cloudfront.net/ALL/JS/ |
266 B 813 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-1.4.2.min.js
d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/ |
71 KB 25 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-ui-1.8.2.custom.min.js
d3dh5c7rwzliwm.cloudfront.net/FR/RR/js/ |
204 KB 52 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.autotab-1.1b.js
media.one-time-offer.com/FR/js/ |
7 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
FR_interactions-RTA-11-03-2019_EPSILON.js
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/ZETER/js/ |
23 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
leavers.js
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/ZETER/js/ |
11 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ga_fr.js
d3dh5c7rwzliwm.cloudfront.net/FR/js/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
FR_RR_Zeta_TTB_CDsicount.jpg
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/modalDC/v2/img/ |
18 KB 18 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
confirm_button.png
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/ZETA/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logo_RR_DoubleClic.png
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/modalDC/v2/img/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
mdp_info.png
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/img/ |
346 B 859 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
yes_button.png
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/ZETA/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cashback.png
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/ZETABIS/img/ |
550 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
remboursement.png
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/ZETABIS/img/ |
539 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
coupon.png
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/ZETABIS/img/ |
564 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
blackClosingcross.gif
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/ |
891 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Clicktale_FR.js
d3dh5c7rwzliwm.cloudfront.net/FR/js/ |
211 B 758 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
43 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
script_cvv_bb_global_V4_FR.js
d3dh5c7rwzliwm.cloudfront.net/ALL/JS/ |
39 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
fleche.png
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/img/ |
165 B 678 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
round_left.png
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/modalDC/v2/img/ |
338 B 852 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
round_right.png
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/modalDC/v2/img/ |
308 B 822 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
step1.png
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/ZETA/images/ |
260 B 799 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
info.png
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/ZETA/images/ |
561 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
step2.png
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/ZETA/images/ |
342 B 881 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tooltip_zeter.png
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/ZETER/img/ |
989 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
card.jpg
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/ZETABIS/img/ |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
5f937341-947c-4dcc-a5eb-289b334b1095.js
cdnssl.clicktale.net/www14/ptc/ |
108 KB 22 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
monitor-latest.js
cdnssl.clicktale.net/www/ |
61 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
5f937341-947c-4dcc-a5eb-289b334b1095.js
cdnssl.clicktale.net/www14/pcc/ |
66 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
WR-latest.js
cdnssl.clicktale.net/www/ |
55 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
FR_RR_logo_voucher_0050_cdiscount.png
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/mokuba/modalDC/v2/img/header/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
monitor
conductor.clicktale.net/ |
1 B 256 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
monitor
conductor.clicktale.net/ |
1 B 265 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ChangeMonitor-latest.js
cdnssl.clicktale.net/www/ |
47 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
/
ing-district.clicktale.net/ctn_v2/auth/ |
242 B 487 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
monitor
conductor.clicktale.net/ |
1 B 256 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
spacer.gif
media.one-time-offer.com/images/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
vto_arrow.png
d3dh5c7rwzliwm.cloudfront.net/FR/RR/templates/ZETA/images/ |
235 B 774 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- media.one-time-offer.com
- URL
- https://media.one-time-offer.com/images/spacer.gif
Verdicts & Comments Add Verdict or Comment
257 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| validateRequiredFields function| toggleNcof function| ncofOnErr function| popUp function| popUp2 function| popUp_toolbar function| changeImage function| changeCCImage function| scrolltop function| closeDivElement function| playAudio function| setExpDateEnabled function| getPrivateLabelCCTypes function| postExpDates function| postRecMilestone function| exitPop function| noExitPop function| noThanksButton function| noThanksButtonSubmit function| noThanksButtonBrylaneIntegrated function| exitPopIntoWindow boolean| nosubmit function| survey function| cancelEnter function| keyhandler function| siteWindowDisplay function| siteWinFocus function| siteWinFocusP1b function| siteWinSubmit function| intSiteWinSubmit function| awaWinFocus function| sitePop function| postGateway function| submitonce function| checkHotelCard function| noThanksButtonP2bFlow_DC function| noThanksButtonP2bFlow_DC_575_mlst function| addDays function| getBrowser function| intSitePopFull function| getInternetExplorerVersion function| formClickRecMilestone function| formPopGeneric function| formTabGeneric function| formPopChooseCoupon function| formPopHybridDataOnSell function| formPopHybridDataOnDC function| formPopMatchBack function| formPopNoInterim function| getRadios function| disableNoncof function| IsDuplicateDriver function| ValidateDriverList function| breakOut object| countryCode function| $ function| jQuery function| DP_jQuery_1569957216924 number| AFKtimer function| clickOnClickOpener function| ccMaxLenght function| cocher function| checkValidation function| updateTypedEmail function| testFields function| f_testAddress_fields function| f_trim function| charCode object| requiredFields object| validateFields object| compareFields function| wl_copyField1 function| TestZip function| VerifyPassword function| TestPwdLength function| TestMail function| VerifyMail function| VerifyCCExp function| expdate function| modMY function| ccnumSpace function| mailSpace boolean| moduleLeavers boolean| ignore_onbeforeunload string| htmlLeavers undefined| generateProspectId string| GoogleAnalyticsObject function| ga string| srcRta object| scriptRta object| arr_cardtype function| closeInterimPageIfError function| addValid function| addInvalid object| arrCCTypeRealTime function| isRealTimeAuth function| addValidation string| SessionID string| VTOgetValue string| VoucherLink string| VoucherLinkModal string| LogoLink function| Clicktale boolean| client_clickTale object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| router function| open_hint function| checkCvvLgth function| checkCVV function| set_ccLgth function| getCvvFl function| selectCC boolean| maestro_isAccepted boolean| americanExpress_isAccepted boolean| mastercard_isAccepted boolean| visa_isAccepted boolean| visaElectron_isAccepted boolean| switch_isAccepted boolean| solo_isAccepted boolean| visaDebit_isAccepted string| CCT_mc string| CCT_v string| CCT_ae string| CCT_vd string| CCT_mss string| ico_amex string| ico_visa string| ico_master function| displayLogoCC function| addValidCC_836 function| addValidCC_837 function| createOverlay function| centerOverlay function| showOverlay function| closeOverlay number| isError object| autoMonitorConfig string| ct_pdc_qs_val object| ClickTaleGlobal object| ClickTaleMonitor object| ClickTaleSettings object| ct_dispatcher function| ClickTaleCreateDOMElement function| ClickTaleAppendInHead function| ClickTaleXHTMLCompliantScriptTagCreate object| settings function| ClickTaleOnRecording boolean| isHttps undefined| scriptSource undefined| pccSource string| pccSrc object| pccScriptElement function| ClickTaleEnableCS object| ctVEconfig object| ClickTaleOnReadyList boolean| ClickTaleIsXHTMLCompliant boolean| ClickTaleIncludedOnDOMReady string| ClickTaleScriptSource function| onloaded undefined| ClickTalePrevOnReady function| ClickTaleOnReady object| _uxa string| p_lngSolId string| p_strPubNoThanksURL string| p_lngClientId string| p_strErrorMessage string| p_astrBadCharacters string| p_astrMissingFields string| p_astrRedLabels string| p_astrBadCard string| p_astrBadCardType string| p_astrBadExpiration string| p_lngProductId string| f_strAccountName_CCdata string| f_strErrorMessages string| f_strErrorFlag string| f_strSessionId string| p_intCountryId string| premiumOffer string| solBrand string| solPremiumValue string| solOfferPrice string| solCpid object| paramRouter number| c_month number| c_year string| i_month string| i_year string| i_trg object| CEC string| WRFi number| WRFk number| WRFh number| WRFj object| WRFw number| ClickTaleUnloadPause number| ClickTaleEventsMask string| ClickTaleIgnoreCookieName string| ClickTaleUIDCookieName function| ClickTaleLog function| ClickTale string| ClickTaleCookieDomain function| ClickTaleUploadPage function| ClickTaleDelayUploadPage function| ClickTaleIsUploadPage function| ClickTaleSetAllSensitive function| ClickTaleResetAllSensitive function| ClickTaleSetSomeSensitive function| ClickTaleResetSomeSensitive function| ClickTaleIgnore function| ClickTaleRegisterFormSubmitFailure function| ClickTaleGetVersion function| ClickTaleSetCustomElementID function| ClickTaleRegisterFormSubmitSuccess function| ClickTaleExec function| ClickTaleField function| ClickTaleNote function| ClickTaleTag function| ClickTaleEvent function| ClickTaleGetPID function| ClickTaleSetUID function| ClickTaleGetUID function| ClickTaleGetSID function| ClickTaleLogical function| ClickTaleDetectAgent function| ClickTaleIsPlayback number| ClickTaleCookieExpiryDays function| ClickTaleIsSavedRecording function| ClickTaleIsRecording function| ClickTaleSendJsonMessage function| ClickTaleDispatchPersistedMessages function| ClickTaleUploadPageNow function| ClickTaleAddAugmentElementPathHandler function| ClickTaleGetAuthResponse function| ClickTaleGetSubscriberId function| ClickTaleGetPartition function| ClickTaleGetWRIgnoreExpiry number| WRInitTime object| ClickTaleFetchFromWithCookies object| ctRules_PrePCC object| ctCustomCode_PrePCC function| doOnlyWhen object| ct boolean| ClickTaleFirstPCCGo function| clickTaleStartEventSignal function| clickTaleEndEventSignal function| ClicktaleIntegrationExperienceHandler function| MutationSummary object| ClickTaleOnUploadPageContentFetched object| ClickTaleOnStop object| trg object| result10 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .one-time-offer.com/ | Name: __CT_Data Value: gpv=1&ckp=tld&dm=one-time-offer.com&apv_24723_www14=1&cpv_24723_www14=1 |
|
| .one-time-offer.com/ | Name: _gat Value: 1 |
|
| .one-time-offer.com/ | Name: _gid Value: GA1.2.2064081471.1569957217 |
|
| .one-time-offer.com/ | Name: _ga Value: GA1.2.538770701.1569957217 |
|
| .one-time-offer.com/ | Name: ctm Value: eydwZ3YnOjI5NTIwNDEwOTE1MDg3N3wndnN0Jzo0ODM3MzYyOTE1OTQ4ODg0fCd2c3RyJzo2NjYzNDgwNDE1ODU3NTY0fCdpbnRyJzoxNTY5OTU3MjE3MDM0fCd2JzoxfQ== |
|
| one-time-offer.com/ | Name: ASPSESSIONIDSADCCSDS Value: MBBLLFMBIEBEICJEPICPLMGA |
|
| one-time-offer.com/ | Name: WLSession Value: SID=453e7694be70885b7b690ecd9134d66c&SessionClosed=false |
|
| one-time-offer.com/ | Name: JOIN%5FEMAIL%5FSENT Value: NO |
|
| one-time-offer.com/ | Name: USER%5FID Value: 1127716300 |
|
| one-time-offer.com/ | Name: ASP.NET_SessionId Value: 4jfintudqwcjym2drkv0i1dl |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
banners.wlservices.fr
cdnssl.clicktale.net
conductor.clicktale.net
d3dh5c7rwzliwm.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
ing-district.clicktale.net
media.one-time-offer.com
one-time-offer.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
media.one-time-offer.com
143.204.208.147
2a00:1450:4001:806::200a
2a00:1450:4001:80b::200e
2a00:1450:4001:819::2003
2a00:1450:4001:820::2004
2a00:1450:4001:825::2003
2a00:1450:400c:c06::9d
2a02:26f0:6c00:28a::2db0
34.198.177.179
52.22.9.21
52.222.157.91
54.229.124.80
63.35.138.152
0a2db346233d33a83dea94107790a6e37f08f8702a13a9286063cf66b5721769
0f22bc68b2d6c31aef062528898f120b668e3d5a053bb93c467f95c4a60a675c
0ffa4a0ea890bf2abe8472627794c85160803130c47bb525a886e695390c01db
11e5db674677ffa051c40868035e9dfeb2603527c14e68d5586e6466af0cc27c
124a3d038c149d31ffa54e6c6e680d5cfccf1935d90562a5085fbfeb1c02a334
13ea7d64b2ecfb0f04335bd01bfe49ef9fcf3952a49b7ac12fb532b536986436
1958bb7f293956e7170f639ce93a3d628ae465fa24fd751e1a2b3cd837059ffa
1adeb9b7455c164e01a88173d356742be2a4b5dc4977f0f64fee5b5d4b38e0b3
1e8e9c25d4bb637c5bdfc24ec9a88a09c99129f1d96e4c17787a2cca7e46adb5
2185a07cdb3fdd3568e730803b065e69c72bf5bda05df64799ff4915fe20b774
2b083980f56aa6d6377a82f898ba925e637c03b9c6a35c28d0a1e31d149c34f5
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
4104c36d9a497be97630c8ed0576708bfc1381b2ff6a92aa7a41e17122390083
429fc8a709b152ff9f8d8ae9995dd7eb5744cc63e1f864d59530cdbee0d28b4b
44521ba72d7a9e1e1c325b0e98a158c8c3cb08f2fd6ffafa29434bbdade178e8
4adc069981edb7493c84c594465a9a0753f357e6fc96adeaf46b8a08107b2e0c
4b9a53e2a9e29ac7c846ba1f79a14567b46e2a182f188a74ccb478f9398b0136
52295428f1d4d23a3a2e279cc1dacf9b9869b08004da91fb219ac01f48e86938
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5e750cee3d7d608e4432bfb54ad598338e3995f6d6f9a45c8cf78651cf262f93
6e4022fddeff65ea86882f127832b41cb44c9f1bc98e06bfb2e9f84a9d8e3884
74c1729764fb747dc56427110c363d9a16acd517b261e531d1b6c8074f87d53d
74f3dd7ca91fe6cf70d8c8b352b8a2d989cbbddf306d801540aecdb681537ece
797098af164983a60c1e4c7668404e5235371be199b0667cfec4f2183cb8fe30
7b58b6c4a184876841680ec97ce717b2fde434ae4f5c84c9b74394ffb4c7381d
8380a1fbd46042955f25aade9894cd66babe9f4c444af66bbfb3fadadec74913
93061188db2906e61892f302272b06e3e00f3c30dd90b578f31280db9c9ecc73
9d8a2811fe6cec544f8e4ba7915c7ee8d4caa72257d97bf4f8964dae6c621ff6
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a691be605680d294a43ba844824872f21bf622e82a7164a278d37331b15b375f
a817caa51f8f79dcd5cece79293ff01db77232183ac1cd398856ced8f106c1c0
b214c7b862a0e50798c53344af7e709b24b85b0cd30a7a6b753c2e86dfed2554
b6e7eff529efa6de4490a438b12f1f64f4c909b85516191405cf725f539be117
b736a2340a5f155f6c5aa3769fee3d210b1c8ac2b396af63a02dee0f77b2f601
b88f73890129209f3e4ed73a75158f56bd2a06a02bc27002e11ea9a023c6b0ff
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
bd725400d7663d77534310ed503555c9d36d451c927544bd378d84a60f8842b3
c0ab5ebac185c69524a76444d973e2da07654f7c7411378da070ce8293acf457
c4c375371a89b85b3542beceb9c6af02284d582bc3f6574da43cd110a6fc6d73
c9936aa6717dd935acd2e4fc01308fcbd35b587702afafb66fd713606dac1f2b
cf8612d7c0fb3fc90d91d896fc4ff6409e159611c1ed079a334645c977af0670
cfe8518a51db241c9fbf42877c960a43656d7045c95d28afdb12ced8c9d30aad
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
eefa52b2c00da92a6d15ac90cd9e6f4f9ae127b47bd4e51405dada036cf670e5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f274ed543cecada68bc0167ffc73237722b516238c2c7b2fcf51bc5380ceb8f8
fa059e6eda21c54f7d06d65b06eb1de839fa4981839c269d9756e9487d907e7a
fa85ae90eab1ea27d5af4eccf87a0ec47e0d80181fb0af0d247eb7650acf9559