urlscan.io logo urlscan.io
SecurityTrails logo

fr.loccitane.com Open in urlscan Pro
104.109.65.23  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://links.internaute-ces-jours-links.fr/c/n7h/cgo/r8ZqNG3MzIKL-wxfP5Q0qa/i/b_1c/F/cd807a3d
Effective URL: https://fr.loccitane.com/creme-ultra-riche-corps-karite,74,1,24534,1144555.htm
Submission: On July 11 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 8 countries across 13 domains to perform 15 HTTP transactions. The main IP is 104.109.65.23, located in Netherlands and belongs to AKAMAI-ASN1, US. The main domain is fr.loccitane.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on September 10th 2018. Valid for: a year.
This is the only time fr.loccitane.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 80.209.249.242 47544 (IQPL-AS)
1 1 52.178.92.96 8075 (MICROSOFT...)
2 2 54.246.129.40 16509 (AMAZON-02)
3 34.253.99.129 16509 (AMAZON-02)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 3.208.106.182 14618 (AMAZON-AES)
1 2 52.71.165.73 14618 (AMAZON-AES)
1 52.4.94.17 14618 (AMAZON-AES)
1 1 146.185.44.114 47841 (OXALIDE)
1 1 146.185.44.113 47841 (OXALIDE)
1 2 104.109.65.23 20940 (AKAMAI-ASN1)
1 54.230.202.159 16509 (AMAZON-02)
1 54.229.231.89 16509 (AMAZON-02)
15 10
1    80.209.249.242 (Poland)

ASN47544 (IQPL-AS, PL)
PTR: 80-209-249-242.rev.iq.pl
links.internaute-ces-jours-links.fr
1    52.178.92.96 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
r.ar-mtch1.com
2    54.246.129.40 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-246-129-40.eu-west-1.compute.amazonaws.com
go.oferting.org
trac.oferting.org
3    34.253.99.129 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-253-99-129.eu-west-1.compute.amazonaws.com
r-ext.oferting.org
1    2a02:26f0:6c00:19c::63cc (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
b-code.liadm.com
3    2a00:1450:4001:817::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
1    2a00:1450:4001:81b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
3    3.208.106.182 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-208-106-182.compute-1.amazonaws.com
api.airbrake.io
2    52.71.165.73 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-71-165-73.compute-1.amazonaws.com
c.liadm.com
1    52.4.94.17 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-4-94-17.compute-1.amazonaws.com
i.liadm.com
1    146.185.44.114 (France)

ASN47841 (OXALIDE, FR)
PTR: not.updated.oxalide.net
tracker.affility.net
1    146.185.44.113 (France)

ASN47841 (OXALIDE, FR)
PTR: not.updated.oxalide.net
act.bdtrkconv.com
2    104.109.65.23 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-65-23.deploy.static.akamaitechnologies.com
fr.loccitane.com
1    54.230.202.159 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-202-159.fra50.r.cloudfront.net
ct.datado.me
1    54.229.231.89 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-229-231-89.eu-west-1.compute.amazonaws.com
c.datado.me
Domain Requested by
3 api.airbrake.io b-code.liadm.com
3 www.google-analytics.com 1 redirects r-ext.oferting.org
3 r-ext.oferting.org r-ext.oferting.org
2 fr.loccitane.com 1 redirects
2 c.liadm.com 1 redirects r-ext.oferting.org
1 c.datado.me ct.datado.me
1 ct.datado.me fr.loccitane.com
1 act.bdtrkconv.com 1 redirects
1 tracker.affility.net 1 redirects
1 trac.oferting.org 1 redirects
1 i.liadm.com b-code.liadm.com
1 www.google.de r-ext.oferting.org
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 b-code.liadm.com r-ext.oferting.org
1 go.oferting.org 1 redirects
1 r.ar-mtch1.com 1 redirects
1 links.internaute-ces-jours-links.fr 1 redirects
15 18

This site contains no links.

Subject Issuer Validity Valid

1970-01-01 -
1970-01-01		 a few seconds crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-06-18 -
2019-09-10		 3 months crt.sh
www.google.de
Google Internet Authority G3		 2019-06-18 -
2019-09-10		 3 months crt.sh
*.airbrake.io
SSL.com DV CA		 2018-10-16 -
2020-11-27		 2 years crt.sh
loccitane.com
DigiCert SHA2 Secure Server CA		 2018-09-10 -
2020-03-10		 a year crt.sh
*.datado.me
Gandi Standard SSL CA 2		 2019-05-24 -
2020-05-24		 a year crt.sh

This page contains 3 frames:

Primary Page: https://fr.loccitane.com/creme-ultra-riche-corps-karite,74,1,24534,1144555.htm
Frame ID: 2FAE789CA070A7FE0062ABB1D58B7602
Requests: 13 HTTP requests in this frame

Frame: http://i.liadm.com/s/c/a-00xy?s=&cim=&ps=true&ls=false&duid=&domainSessionId=undefined&ppid=0&euns=0&ci=0&version=sc-2.2.2&nosync=false&
Frame ID: 1755D24389A89DC691F29106710D8E29
Requests: 1 HTTP requests in this frame

Frame: https://c.datado.me/captcha/?initialCid=AHrlqAAAAAMA_WZYK9LPLZsAuSIpMg%3D%3D&hash=05855055E4FD6CAFCCD506CE41122E&cid=null&t=fe
Frame ID: 0CEA12D150677089EEF23DF406A02633
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://links.internaute-ces-jours-links.fr/c/n7h/cgo/r8ZqNG3MzIKL-wxfP5Q0qa/i/b_1c/F/cd807a3d HTTP 302
    https://r.ar-mtch1.com/Redirect?pid=cH&chid=Ec&md5=c6d5752db0427dd5fc7a019db7984715&sha256=c39997ce... HTTP 302
    http://go.oferting.org/sZqg?vars=_vu%3Dc6d5752db0427dd5fc7a019db7984715 HTTP 302
    http://r-ext.oferting.org/r/?utm_source=occitane&utm_medium=sopext&utm_campaign=8738846-6728763&orig=a... Page URL
  2. https://trac.oferting.org/of/?u=c6d5752db0427dd5fc7a019db7984715&emn_i=616&emn_a=414&emn_c=94974&emn_r... HTTP 302
    https://tracker.affility.net/collecte/?action=mailredirect&c=lqhlttc95cqlpaa36piwmwx2910cgvmwq HTTP 301
    https://act.bdtrkconv.com/collecte/?action=mailredirect&c=lqhlttc95cqlpaa36piwmwx2910cgvmwq HTTP 302
    http://fr.loccitane.com/creme-ultra-riche-corps-karite,74,1,24534,1144555.htm HTTP 301
    https://fr.loccitane.com/creme-ultra-riche-corps-karite,74,1,24534,1144555.htm Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

15
Requests

60 %
HTTPS

29 %
IPv6

13
Domains

18
Subdomains

10
IPs

8
Countries

87 kB
Transfer

185 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://links.internaute-ces-jours-links.fr/c/n7h/cgo/r8ZqNG3MzIKL-wxfP5Q0qa/i/b_1c/F/cd807a3d HTTP 302
    https://r.ar-mtch1.com/Redirect?pid=cH&chid=Ec&md5=c6d5752db0427dd5fc7a019db7984715&sha256=c39997cee6acc5fa857f0fd6a2b35217e770dd3938575e84c8c4ef250342f63d&url=http%3a%2f%2fgo.oferting.org%2fsZqg%3fvars%3d_vu%253Dc6d5752db0427dd5fc7a019db7984715&type=c&list=FR_LM_behrimoez75&esp=F HTTP 302
    http://go.oferting.org/sZqg?vars=_vu%3Dc6d5752db0427dd5fc7a019db7984715 HTTP 302
    http://r-ext.oferting.org/r/?utm_source=occitane&utm_medium=sopext&utm_campaign=8738846-6728763&orig=automatic&utm_term=generica&rtt=&f=0&c=fashion&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fu%3Dc6d5752db0427dd5fc7a019db7984715%26emn_i%3D616%26emn_a%3D414%26emn_c%3D94974%26emn_rt%3D0%26ol%3DNo-label%26emn_p%3D%26emn_cat%3D8738846-6728763%26term%3D%26emn_t%3D6728763%26ref_offer%3D8738846%26go%3Dhttps%253A%252F%252Ftracker.affility.net%252Fcollecte%252F%253Faction%253Dmailredirect%2526c%253Dlqhlttc95cqlpaa36piwmwx2910cgvmwq Page URL
  2. https://trac.oferting.org/of/?u=c6d5752db0427dd5fc7a019db7984715&emn_i=616&emn_a=414&emn_c=94974&emn_rt=0&ol=No-label&emn_p=&emn_cat=8738846-6728763&term=&emn_t=6728763&ref_offer=8738846&go=https%3A%2F%2Ftracker.affility.net%2Fcollecte%2F%3Faction%3Dmailredirect%26c%3Dlqhlttc95cqlpaa36piwmwx2910cgvmwq HTTP 302
    https://tracker.affility.net/collecte/?action=mailredirect&c=lqhlttc95cqlpaa36piwmwx2910cgvmwq HTTP 301
    https://act.bdtrkconv.com/collecte/?action=mailredirect&c=lqhlttc95cqlpaa36piwmwx2910cgvmwq HTTP 302
    http://fr.loccitane.com/creme-ultra-riche-corps-karite,74,1,24534,1144555.htm HTTP 301
    https://fr.loccitane.com/creme-ultra-riche-corps-karite,74,1,24534,1144555.htm Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://links.internaute-ces-jours-links.fr/c/n7h/cgo/r8ZqNG3MzIKL-wxfP5Q0qa/i/b_1c/F/cd807a3d HTTP 302
  • https://r.ar-mtch1.com/Redirect?pid=cH&chid=Ec&md5=c6d5752db0427dd5fc7a019db7984715&sha256=c39997cee6acc5fa857f0fd6a2b35217e770dd3938575e84c8c4ef250342f63d&url=http%3a%2f%2fgo.oferting.org%2fsZqg%3fvars%3d_vu%253Dc6d5752db0427dd5fc7a019db7984715&type=c&list=FR_LM_behrimoez75&esp=F HTTP 302
  • http://go.oferting.org/sZqg?vars=_vu%3Dc6d5752db0427dd5fc7a019db7984715 HTTP 302
  • http://r-ext.oferting.org/r/?utm_source=occitane&utm_medium=sopext&utm_campaign=8738846-6728763&orig=automatic&utm_term=generica&rtt=&f=0&c=fashion&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fu%3Dc6d5752db0427dd5fc7a019db7984715%26emn_i%3D616%26emn_a%3D414%26emn_c%3D94974%26emn_rt%3D0%26ol%3DNo-label%26emn_p%3D%26emn_cat%3D8738846-6728763%26term%3D%26emn_t%3D6728763%26ref_offer%3D8738846%26go%3Dhttps%253A%252F%252Ftracker.affility.net%252Fcollecte%252F%253Faction%253Dmailredirect%2526c%253Dlqhlttc95cqlpaa36piwmwx2910cgvmwq
Request Chain 4
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 5
  • http://www.google-analytics.com/r/collect?v=1&_v=j77&a=1766272687&t=pageview&_s=1&dl=http%3A%2F%2Fr-ext.oferting.org%2Fr%2F%3Futm_source%3Doccitane%26utm_medium%3Dsopext%26utm_campaign%3D8738846-6728763%26orig%3Dautomatic%26utm_term%3Dgenerica%26rtt%3D%26f%3D0%26c%3Dfashion%26g%3D%26partner%3Dworld%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.org%252Fof%252F%253Fu%253Dc6d5752db0427dd5fc7a019db7984715%2526emn_i%253D616%2526emn_a%253D414%2526emn_c%253D94974%2526emn_rt%253D0%2526ol%253DNo-label%2526emn_p%253D%2526emn_cat%253D8738846-6728763%2526term%253D%2526emn_t%253D6728763%2526ref_offer%253D8738846%2526go%253Dhttps%25253A%25252F%25252Ftracker.affility.net%25252Fcollecte%25252F%25253Faction%25253Dmailredirect%252526c%25253Dlqhlttc95cqlpaa36piwmwx2910cgvmwq&ul=en-us&de=UTF-8&dt=World%20--%20we%20are%20redirecting%20you%20to%20Occitane%27s%20website&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACEABB~&jid=357922950&gjid=1500013642&cid=268193986.1562829772&tid=UA-46029424-1&_gid=826343194.1562829772&_r=1&cd1=6728763&cd4=8738846&cd6=World&cd7=automatic&cd9=No-label&cd10=616&cd11=fashion&z=878967577 HTTP 307
  • https://www.google-analytics.com/r/collect?v=1&_v=j77&a=1766272687&t=pageview&_s=1&dl=http%3A%2F%2Fr-ext.oferting.org%2Fr%2F%3Futm_source%3Doccitane%26utm_medium%3Dsopext%26utm_campaign%3D8738846-6728763%26orig%3Dautomatic%26utm_term%3Dgenerica%26rtt%3D%26f%3D0%26c%3Dfashion%26g%3D%26partner%3Dworld%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.org%252Fof%252F%253Fu%253Dc6d5752db0427dd5fc7a019db7984715%2526emn_i%253D616%2526emn_a%253D414%2526emn_c%253D94974%2526emn_rt%253D0%2526ol%253DNo-label%2526emn_p%253D%2526emn_cat%253D8738846-6728763%2526term%253D%2526emn_t%253D6728763%2526ref_offer%253D8738846%2526go%253Dhttps%25253A%25252F%25252Ftracker.affility.net%25252Fcollecte%25252F%25253Faction%25253Dmailredirect%252526c%25253Dlqhlttc95cqlpaa36piwmwx2910cgvmwq&ul=en-us&de=UTF-8&dt=World%20--%20we%20are%20redirecting%20you%20to%20Occitane%27s%20website&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACEABB~&jid=357922950&gjid=1500013642&cid=268193986.1562829772&tid=UA-46029424-1&_gid=826343194.1562829772&_r=1&cd1=6728763&cd4=8738846&cd6=World&cd7=automatic&cd9=No-label&cd10=616&cd11=fashion&z=878967577
Request Chain 6
  • http://www.google-analytics.com/r/collect?v=1&_v=j77&a=1766272687&t=pageview&_s=1&dl=http%3A%2F%2Fr-ext.oferting.org%2Fr%2F%3Futm_source%3Doccitane%26utm_medium%3Dsopext%26utm_campaign%3D8738846-6728763%26orig%3Dautomatic%26utm_term%3Dgenerica%26rtt%3D%26f%3D0%26c%3Dfashion%26g%3D%26partner%3Dworld%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.org%252Fof%252F%253Fu%253Dc6d5752db0427dd5fc7a019db7984715%2526emn_i%253D616%2526emn_a%253D414%2526emn_c%253D94974%2526emn_rt%253D0%2526ol%253DNo-label%2526emn_p%253D%2526emn_cat%253D8738846-6728763%2526term%253D%2526emn_t%253D6728763%2526ref_offer%253D8738846%2526go%253Dhttps%25253A%25252F%25252Ftracker.affility.net%25252Fcollecte%25252F%25253Faction%25253Dmailredirect%252526c%25253Dlqhlttc95cqlpaa36piwmwx2910cgvmwq&ul=en-us&de=UTF-8&dt=World%20--%20we%20are%20redirecting%20you%20to%20Occitane%27s%20website&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACEABB~&jid=1163247378&gjid=1766285034&cid=268193986.1562829772&tid=UA-2213239-17&_gid=826343194.1562829772&_r=1&cd1=6728763&cd4=8738846&cd6=World&cd7=automatic&cd9=No-label&cd10=616&cd11=fashion&z=1232958050 HTTP 307
  • https://www.google-analytics.com/r/collect?v=1&_v=j77&a=1766272687&t=pageview&_s=1&dl=http%3A%2F%2Fr-ext.oferting.org%2Fr%2F%3Futm_source%3Doccitane%26utm_medium%3Dsopext%26utm_campaign%3D8738846-6728763%26orig%3Dautomatic%26utm_term%3Dgenerica%26rtt%3D%26f%3D0%26c%3Dfashion%26g%3D%26partner%3Dworld%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.org%252Fof%252F%253Fu%253Dc6d5752db0427dd5fc7a019db7984715%2526emn_i%253D616%2526emn_a%253D414%2526emn_c%253D94974%2526emn_rt%253D0%2526ol%253DNo-label%2526emn_p%253D%2526emn_cat%253D8738846-6728763%2526term%253D%2526emn_t%253D6728763%2526ref_offer%253D8738846%2526go%253Dhttps%25253A%25252F%25252Ftracker.affility.net%25252Fcollecte%25252F%25253Faction%25253Dmailredirect%252526c%25253Dlqhlttc95cqlpaa36piwmwx2910cgvmwq&ul=en-us&de=UTF-8&dt=World%20--%20we%20are%20redirecting%20you%20to%20Occitane%27s%20website&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACEABB~&jid=1163247378&gjid=1766285034&cid=268193986.1562829772&tid=UA-2213239-17&_gid=826343194.1562829772&_r=1&cd1=6728763&cd4=8738846&cd6=World&cd7=automatic&cd9=No-label&cd10=616&cd11=fashion&z=1232958050 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2213239-17&cid=268193986.1562829772&jid=1163247378&_gid=826343194.1562829772&gjid=1766285034&_v=j77&z=1232958050 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2213239-17&cid=268193986.1562829772&jid=1163247378&_v=j77&z=1232958050 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2213239-17&cid=268193986.1562829772&jid=1163247378&_v=j77&z=1232958050&slf_rd=1&random=821911219
Request Chain 10
  • http://c.liadm.com/i?e=pv&eid=36aa033a-1e36-43d8-9e62-e45d5adf226b&url=http%3A%2F%2Fr-ext.oferting.org%2Fr%2F%3Futm_source%3Doccitane%26utm_medium%3Dsopext%26utm_campaign%3D8738846-6728763%26orig%3Dautomatic%26utm_term%3Dgenerica%26rtt%3D%26f%3D0%26c%3Dfashion%26g%3D%26partner%3Dworld%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.org%252Fof%252F%253Fu%253Dc6d5752db0427dd5fc7a019db7984715%2526emn_i%253D616%2526emn_a%253D414%2526emn_c%253D94974%2526emn_rt%253D0%2526ol%253DNo-label%2526emn_p%253D%2526emn_cat%253D8738846-6728763%2526term%253D%2526emn_t%253D6728763%2526ref_offer%253D8738846%2526go%253Dhttps%25253A%25252F%25252Ftracker.affility.net%25252Fcollecte%25252F%25253Faction%25253Dmailredirect%252526c%25253Dlqhlttc95cqlpaa36piwmwx2910cgvmwq&page=World%20--%20we%20are%20redirecting%20you%20to%20Occitane%27s%20website&refr=&aid=a-00xy&sid=ccface9b-15f6-4ea0-9252-858c5bce51e4&duid=a-00xy--673300a2-fcec-47f6-9cb8-d02df76484ef&p=web&tna=liveIntentPublisherTracker&tv=pub-2.4.1& HTTP 302
  • http://c.liadm.com/i?e=pv&&duid=a-00xy--673300a2-fcec-47f6-9cb8-d02df76484ef&eid=36aa033a-1e36-43d8-9e62-e45d5adf226b&url=http://r-ext.oferting.org/r/?utm_source%3Doccitane%26utm_medium%3Dsopext%26utm_campaign%3D8738846-6728763%26orig%3Dautomatic%26utm_term%3Dgenerica%26rtt%3D%26f%3D0%26c%3Dfashion%26g%3D%26partner%3Dworld%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.org%252Fof%252F%253Fu%253Dc6d5752db0427dd5fc7a019db7984715%2526emn_i%253D616%2526emn_a%253D414%2526emn_c%253D94974%2526emn_rt%253D0%2526ol%253DNo-label%2526emn_p%253D%2526emn_cat%253D8738846-6728763%2526term%253D%2526emn_t%253D6728763%2526ref_offer%253D8738846%2526go%253Dhttps%25253A%25252F%25252Ftracker.affility.net%25252Fcollecte%25252F%25253Faction%25253Dmailredirect%252526c%25253Dlqhlttc95cqlpaa36piwmwx2910cgvmwq&refr=&aid=a-00xy&tna=liveIntentPublisherTracker&page=World+--+we+are+redirecting+you+to+Occitane%27s+website&tv=pub-2.4.1&n3pc=true&p=web&sid=ccface9b-15f6-4ea0-9252-858c5bce51e4

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
r-ext.oferting.org/r/
Redirect Chain
  • http://links.internaute-ces-jours-links.fr/c/n7h/cgo/r8ZqNG3MzIKL-wxfP5Q0qa/i/b_1c/F/cd807a3d
  • https://r.ar-mtch1.com/Redirect?pid=cH&chid=Ec&md5=c6d5752db0427dd5fc7a019db7984715&sha256=c39997cee6acc5fa857f0fd6a2b35217e770dd3938575e84c8c4ef250342f63d&url=http%3a%2f%2fgo.oferting.org%2fsZqg%3...
  • http://go.oferting.org/sZqg?vars=_vu%3Dc6d5752db0427dd5fc7a019db7984715
  • http://r-ext.oferting.org/r/?utm_source=occitane&utm_medium=sopext&utm_campaign=8738846-6728763&orig=automatic&utm_term=generica&rtt=&f=0&c=fashion&g=&partner=world&redirection=https%3A%2F%2Ftrac.o...
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://r-ext.oferting.org/r/?utm_source=occitane&utm_medium=sopext&utm_campaign=8738846-6728763&orig=automatic&utm_term=generica&rtt=&f=0&c=fashion&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fu%3Dc6d5752db0427dd5fc7a019db7984715%26emn_i%3D616%26emn_a%3D414%26emn_c%3D94974%26emn_rt%3D0%26ol%3DNo-label%26emn_p%3D%26emn_cat%3D8738846-6728763%26term%3D%26emn_t%3D6728763%26ref_offer%3D8738846%26go%3Dhttps%253A%252F%252Ftracker.affility.net%252Fcollecte%252F%253Faction%253Dmailredirect%2526c%253Dlqhlttc95cqlpaa36piwmwx2910cgvmwq
Protocol
HTTP/1.1
Server
34.253.99.129 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-253-99-129.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
97f009f44a9b4261c3e4c8a19f76214875d6e9f5674489d3fdb8a6407a7de78b

Request headers

Host
r-ext.oferting.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 11 Jul 2019 07:22:51 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
Vary
Accept-Encoding
Cache-Control
no-cache, private
Content-Encoding
gzip

Redirect headers

Date
Thu, 11 Jul 2019 07:22:50 GMT
Server
Apache
X-Powered-By
PHP/5.3.10-1ubuntu3.23
Location
http://r-ext.oferting.org/r/?utm_source=occitane&utm_medium=sopext&utm_campaign=8738846-6728763&orig=automatic&utm_term=generica&rtt=&f=0&c=fashion&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fu%3Dc6d5752db0427dd5fc7a019db7984715%26emn_i%3D616%26emn_a%3D414%26emn_c%3D94974%26emn_rt%3D0%26ol%3DNo-label%26emn_p%3D%26emn_cat%3D8738846-6728763%26term%3D%26emn_t%3D6728763%26ref_offer%3D8738846%26go%3Dhttps%253A%252F%252Ftracker.affility.net%252Fcollecte%252F%253Faction%253Dmailredirect%2526c%253Dlqhlttc95cqlpaa36piwmwx2910cgvmwq
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
20
Keep-Alive
timeout=2, max=200
Connection
Keep-Alive
Content-Type
text/html
a-00xy.min.js
b-code.liadm.com/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://b-code.liadm.com/a-00xy.min.js
Requested by
Host: r-ext.oferting.org
URL: http://r-ext.oferting.org/r/?utm_source=occitane&utm_medium=sopext&utm_campaign=8738846-6728763&orig=automatic&utm_term=generica&rtt=&f=0&c=fashion&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fu%3Dc6d5752db0427dd5fc7a019db7984715%26emn_i%3D616%26emn_a%3D414%26emn_c%3D94974%26emn_rt%3D0%26ol%3DNo-label%26emn_p%3D%26emn_cat%3D8738846-6728763%26term%3D%26emn_t%3D6728763%26ref_offer%3D8738846%26go%3Dhttps%253A%252F%252Ftracker.affility.net%252Fcollecte%252F%253Faction%253Dmailredirect%2526c%253Dlqhlttc95cqlpaa36piwmwx2910cgvmwq
Protocol
HTTP/1.1
Security
, ,
Server
2a02:26f0:6c00:19c::63cc , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
3f77639840cc50824854a9b795b77c0433560f8d59818de22b8a75e02291a021

Request headers

Referer
http://r-ext.oferting.org/r/?utm_source=occitane&utm_medium=sopext&utm_campaign=8738846-6728763&orig=automatic&utm_term=generica&rtt=&f=0&c=fashion&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fu%3Dc6d5752db0427dd5fc7a019db7984715%26emn_i%3D616%26emn_a%3D414%26emn_c%3D94974%26emn_rt%3D0%26ol%3DNo-label%26emn_p%3D%26emn_cat%3D8738846-6728763%26term%3D%26emn_t%3D6728763%26ref_offer%3D8738846%26go%3Dhttps%253A%252F%252Ftracker.affility.net%252Fcollecte%252F%253Faction%253Dmailredirect%2526c%253Dlqhlttc95cqlpaa36piwmwx2910cgvmwq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 11 Jul 2019 07:22:51 GMT
Content-Encoding
gzip
Last-Modified
Fri, 05 Jul 2019 09:16:14 GMT
ETag
"fc78eb77f2d20d149481d20e19491aba"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=2806
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11589
preload.gif
r-ext.oferting.org/images/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://r-ext.oferting.org/images/preload.gif
Requested by
Host: r-ext.oferting.org
URL: http://r-ext.oferting.org/r/?utm_source=occitane&utm_medium=sopext&utm_campaign=8738846-6728763&orig=automatic&utm_term=generica&rtt=&f=0&c=fashion&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fu%3Dc6d5752db0427dd5fc7a019db7984715%26emn_i%3D616%26emn_a%3D414%26emn_c%3D94974%26emn_rt%3D0%26ol%3DNo-label%26emn_p%3D%26emn_cat%3D8738846-6728763%26term%3D%26emn_t%3D6728763%26ref_offer%3D8738846%26go%3Dhttps%253A%252F%252Ftracker.affility.net%252Fcollecte%252F%253Faction%253Dmailredirect%2526c%253Dlqhlttc95cqlpaa36piwmwx2910cgvmwq
Protocol
HTTP/1.1
Security
, ,
Server
34.253.99.129 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-253-99-129.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7929082d8761c3db532e83d1630ad642747808517060e2432056f4050f4ebd9a

Request headers

Referer
http://r-ext.oferting.org/r/?utm_source=occitane&utm_medium=sopext&utm_campaign=8738846-6728763&orig=automatic&utm_term=generica&rtt=&f=0&c=fashion&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fu%3Dc6d5752db0427dd5fc7a019db7984715%26emn_i%3D616%26emn_a%3D414%26emn_c%3D94974%26emn_rt%3D0%26ol%3DNo-label%26emn_p%3D%26emn_cat%3D8738846-6728763%26term%3D%26emn_t%3D6728763%26ref_offer%3D8738846%26go%3Dhttps%253A%252F%252Ftracker.affility.net%252Fcollecte%252F%253Faction%253Dmailredirect%2526c%253Dlqhlttc95cqlpaa36piwmwx2910cgvmwq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 11 Jul 2019 07:22:51 GMT
Last-Modified
Thu, 13 Jun 2019 14:30:08 GMT
Server
nginx
ETag
"5d025df0-47ed"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18413
jquery-3.3.1.min.js
r-ext.oferting.org/js/ 		85 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://r-ext.oferting.org/js/jquery-3.3.1.min.js
Requested by
Host: r-ext.oferting.org
URL: http://r-ext.oferting.org/r/?utm_source=occitane&utm_medium=sopext&utm_campaign=8738846-6728763&orig=automatic&utm_term=generica&rtt=&f=0&c=fashion&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fu%3Dc6d5752db0427dd5fc7a019db7984715%26emn_i%3D616%26emn_a%3D414%26emn_c%3D94974%26emn_rt%3D0%26ol%3DNo-label%26emn_p%3D%26emn_cat%3D8738846-6728763%26term%3D%26emn_t%3D6728763%26ref_offer%3D8738846%26go%3Dhttps%253A%252F%252Ftracker.affility.net%252Fcollecte%252F%253Faction%253Dmailredirect%2526c%253Dlqhlttc95cqlpaa36piwmwx2910cgvmwq
Protocol
HTTP/1.1
Security
, ,
Server
34.253.99.129 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-253-99-129.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer
http://r-ext.oferting.org/r/?utm_source=occitane&utm_medium=sopext&utm_campaign=8738846-6728763&orig=automatic&utm_term=generica&rtt=&f=0&c=fashion&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fu%3Dc6d5752db0427dd5fc7a019db7984715%26emn_i%3D616%26emn_a%3D414%26emn_c%3D94974%26emn_rt%3D0%26ol%3DNo-label%26emn_p%3D%26emn_cat%3D8738846-6728763%26term%3D%26emn_t%3D6728763%26ref_offer%3D8738846%26go%3Dhttps%253A%252F%252Ftracker.affility.net%252Fcollecte%252F%253Faction%253Dmailredirect%2526c%253Dlqhlttc95cqlpaa36piwmwx2910cgvmwq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 11 Jul 2019 07:22:51 GMT
Content-Encoding
gzip
Last-Modified
Thu, 13 Jun 2019 14:30:08 GMT
Server
nginx
ETag
W/"5d025df0-1538f"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: r-ext.oferting.org
URL: http://r-ext.oferting.org/r/?utm_source=occitane&utm_medium=sopext&utm_campaign=8738846-6728763&orig=automatic&utm_term=generica&rtt=&f=0&c=fashion&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fu%3Dc6d5752db0427dd5fc7a019db7984715%26emn_i%3D616%26emn_a%3D414%26emn_c%3D94974%26emn_rt%3D0%26ol%3DNo-label%26emn_p%3D%26emn_cat%3D8738846-6728763%26term%3D%26emn_t%3D6728763%26ref_offer%3D8738846%26go%3Dhttps%253A%252F%252Ftracker.affility.net%252Fcollecte%252F%253Faction%253Dmailredirect%2526c%253Dlqhlttc95cqlpaa36piwmwx2910cgvmwq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a4883cce814b6793c5bd6dd3639d6048ecab39a93a90b560d39a9fd0aff6e263
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://r-ext.oferting.org/r/?utm_source=occitane&utm_medium=sopext&utm_campaign=8738846-6728763&orig=automatic&utm_term=generica&rtt=&f=0&c=fashion&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fu%3Dc6d5752db0427dd5fc7a019db7984715%26emn_i%3D616%26emn_a%3D414%26emn_c%3D94974%26emn_rt%3D0%26ol%3DNo-label%26emn_p%3D%26emn_cat%3D8738846-6728763%26term%3D%26emn_t%3D6728763%26ref_offer%3D8738846%26go%3Dhttps%253A%252F%252Ftracker.affility.net%252Fcollecte%252F%253Faction%253Dmailredirect%2526c%253Dlqhlttc95cqlpaa36piwmwx2910cgvmwq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 20 Jun 2019 21:35:04 GMT
server
Golfe2
age
2143
date
Thu, 11 Jul 2019 06:47:08 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
17707
expires
Thu, 11 Jul 2019 08:47:08 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
collect
www.google-analytics.com/r/
Redirect Chain
  • http://www.google-analytics.com/r/collect?v=1&_v=j77&a=1766272687&t=pageview&_s=1&dl=http%3A%2F%2Fr-ext.oferting.org%2Fr%2F%3Futm_source%3Doccitane%26utm_medium%3Dsopext%26utm_campaign%3D8738846-67...
  • https://www.google-analytics.com/r/collect?v=1&_v=j77&a=1766272687&t=pageview&_s=1&dl=http%3A%2F%2Fr-ext.oferting.org%2Fr%2F%3Futm_source%3Doccitane%26utm_medium%3Dsopext%26utm_campaign%3D8738846-6...
35 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j77&a=1766272687&t=pageview&_s=1&dl=http%3A%2F%2Fr-ext.oferting.org%2Fr%2F%3Futm_source%3Doccitane%26utm_medium%3Dsopext%26utm_campaign%3D8738846-6728763%26orig%3Dautomatic%26utm_term%3Dgenerica%26rtt%3D%26f%3D0%26c%3Dfashion%26g%3D%26partner%3Dworld%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.org%252Fof%252F%253Fu%253Dc6d5752db0427dd5fc7a019db7984715%2526emn_i%253D616%2526emn_a%253D414%2526emn_c%253D94974%2526emn_rt%253D0%2526ol%253DNo-label%2526emn_p%253D%2526emn_cat%253D8738846-6728763%2526term%253D%2526emn_t%253D6728763%2526ref_offer%253D8738846%2526go%253Dhttps%25253A%25252F%25252Ftracker.affility.net%25252Fcollecte%25252F%25253Faction%25253Dmailredirect%252526c%25253Dlqhlttc95cqlpaa36piwmwx2910cgvmwq&ul=en-us&de=UTF-8&dt=World%20--%20we%20are%20redirecting%20you%20to%20Occitane%27s%20website&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACEABB~&jid=357922950&gjid=1500013642&cid=268193986.1562829772&tid=UA-46029424-1&_gid=826343194.1562829772&_r=1&cd1=6728763&cd4=8738846&cd6=World&cd7=automatic&cd9=No-label&cd10=616&cd11=fashion&z=878967577
Requested by
Host: r-ext.oferting.org
URL: http://r-ext.oferting.org/r/?utm_source=occitane&utm_medium=sopext&utm_campaign=8738846-6728763&orig=automatic&utm_term=generica&rtt=&f=0&c=fashion&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fu%3Dc6d5752db0427dd5fc7a019db7984715%26emn_i%3D616%26emn_a%3D414%26emn_c%3D94974%26emn_rt%3D0%26ol%3DNo-label%26emn_p%3D%26emn_cat%3D8738846-6728763%26term%3D%26emn_t%3D6728763%26ref_offer%3D8738846%26go%3Dhttps%253A%252F%252Ftracker.affility.net%252Fcollecte%252F%253Faction%253Dmailredirect%2526c%253Dlqhlttc95cqlpaa36piwmwx2910cgvmwq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://r-ext.oferting.org/r/?utm_source=occitane&utm_medium=sopext&utm_campaign=8738846-6728763&orig=automatic&utm_term=generica&rtt=&f=0&c=fashion&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fu%3Dc6d5752db0427dd5fc7a019db7984715%26emn_i%3D616%26emn_a%3D414%26emn_c%3D94974%26emn_rt%3D0%26ol%3DNo-label%26emn_p%3D%26emn_cat%3D8738846-6728763%26term%3D%26emn_t%3D6728763%26ref_offer%3D8738846%26go%3Dhttps%253A%252F%252Ftracker.affility.net%252Fcollecte%252F%253Faction%253Dmailredirect%2526c%253Dlqhlttc95cqlpaa36piwmwx2910cgvmwq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jul 2019 07:22:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/r/collect?v=1&_v=j77&a=1766272687&t=pageview&_s=1&dl=http%3A%2F%2Fr-ext.oferting.org%2Fr%2F%3Futm_source%3Doccitane%26utm_medium%3Dsopext%26utm_campaign%3D8738846-6728763%26orig%3Dautomatic%26utm_term%3Dgenerica%26rtt%3D%26f%3D0%26c%3Dfashion%26g%3D%26partner%3Dworld%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.org%252Fof%252F%253Fu%253Dc6d5752db0427dd5fc7a019db7984715%2526emn_i%253D616%2526emn_a%253D414%2526emn_c%253D94974%2526emn_rt%253D0%2526ol%253DNo-label%2526emn_p%253D%2526emn_cat%253D8738846-6728763%2526term%253D%2526emn_t%253D6728763%2526ref_offer%253D8738846%2526go%253Dhttps%25253A%25252F%25252Ftracker.affility.net%25252Fcollecte%25252F%25253Faction%25253Dmailredirect%252526c%25253Dlqhlttc95cqlpaa36piwmwx2910cgvmwq&ul=en-us&de=UTF-8&dt=World%20--%20we%20are%20redirecting%20you%20to%20Occitane%27s%20website&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACEABB~&jid=357922950&gjid=1500013642&cid=268193986.1562829772&tid=UA-46029424-1&_gid=826343194.1562829772&_r=1&cd1=6728763&cd4=8738846&cd6=World&cd7=automatic&cd9=No-label&cd10=616&cd11=fashion&z=878967577
Non-Authoritative-Reason
HSTS
ga-audiences
www.google.de/ads/
Redirect Chain
  • http://www.google-analytics.com/r/collect?v=1&_v=j77&a=1766272687&t=pageview&_s=1&dl=http%3A%2F%2Fr-ext.oferting.org%2Fr%2F%3Futm_source%3Doccitane%26utm_medium%3Dsopext%26utm_campaign%3D8738846-67...
  • https://www.google-analytics.com/r/collect?v=1&_v=j77&a=1766272687&t=pageview&_s=1&dl=http%3A%2F%2Fr-ext.oferting.org%2Fr%2F%3Futm_source%3Doccitane%26utm_medium%3Dsopext%26utm_campaign%3D8738846-6...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2213239-17&cid=268193986.1562829772&jid=1163247378&_gid=826343194.1562829772&gjid=1766285034&_v=j77&z=1232958050
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2213239-17&cid=268193986.1562829772&jid=1163247378&_v=j77&z=1232958050
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2213239-17&cid=268193986.1562829772&jid=1163247378&_v=j77&z=1232958050&slf_rd=1&random=821911219
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2213239-17&cid=268193986.1562829772&jid=1163247378&_v=j77&z=1232958050&slf_rd=1&random=821911219
Requested by
Host: r-ext.oferting.org
URL: http://r-ext.oferting.org/r/?utm_source=occitane&utm_medium=sopext&utm_campaign=8738846-6728763&orig=automatic&utm_term=generica&rtt=&f=0&c=fashion&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fu%3Dc6d5752db0427dd5fc7a019db7984715%26emn_i%3D616%26emn_a%3D414%26emn_c%3D94974%26emn_rt%3D0%26ol%3DNo-label%26emn_p%3D%26emn_cat%3D8738846-6728763%26term%3D%26emn_t%3D6728763%26ref_offer%3D8738846%26go%3Dhttps%253A%252F%252Ftracker.affility.net%252Fcollecte%252F%253Faction%253Dmailredirect%2526c%253Dlqhlttc95cqlpaa36piwmwx2910cgvmwq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://r-ext.oferting.org/r/?utm_source=occitane&utm_medium=sopext&utm_campaign=8738846-6728763&orig=automatic&utm_term=generica&rtt=&f=0&c=fashion&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fu%3Dc6d5752db0427dd5fc7a019db7984715%26emn_i%3D616%26emn_a%3D414%26emn_c%3D94974%26emn_rt%3D0%26ol%3DNo-label%26emn_p%3D%26emn_cat%3D8738846-6728763%26term%3D%26emn_t%3D6728763%26ref_offer%3D8738846%26go%3Dhttps%253A%252F%252Ftracker.affility.net%252Fcollecte%252F%253Faction%253Dmailredirect%2526c%253Dlqhlttc95cqlpaa36piwmwx2910cgvmwq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jul 2019 07:22:51 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 11 Jul 2019 07:22:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2213239-17&cid=268193986.1562829772&jid=1163247378&_v=j77&z=1232958050&slf_rd=1&random=821911219
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
create-notice
api.airbrake.io/api/v3/projects/126987/ 		56 B
392 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.airbrake.io/api/v3/projects/126987/create-notice?key=55ca1bc7fd4a30d3b8411550dfb9148c
Requested by
Host: b-code.liadm.com
URL: http://b-code.liadm.com/a-00xy.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.208.106.182 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-208-106-182.compute-1.amazonaws.com
Software
/
Resource Hash
bc1a6aeda70b19b2f4070456504adc3cb3b257725debb7e8ae02931ee5c0acbd

Request headers

Referer
http://r-ext.oferting.org/r/?utm_source=occitane&utm_medium=sopext&utm_campaign=8738846-6728763&orig=automatic&utm_term=generica&rtt=&f=0&c=fashion&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fu%3Dc6d5752db0427dd5fc7a019db7984715%26emn_i%3D616%26emn_a%3D414%26emn_c%3D94974%26emn_rt%3D0%26ol%3DNo-label%26emn_p%3D%26emn_cat%3D8738846-6728763%26term%3D%26emn_t%3D6728763%26ref_offer%3D8738846%26go%3Dhttps%253A%252F%252Ftracker.affility.net%252Fcollecte%252F%253Faction%253Dmailredirect%2526c%253Dlqhlttc95cqlpaa36piwmwx2910cgvmwq
Origin
http://r-ext.oferting.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 11 Jul 2019 07:22:52 GMT
status
420
x-ratelimit-remaining
9984
access-control-allow-methods
OPTIONS,GET,PUT,POST
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
X-RateLimit-Delay
x-ratelimit-delay
8
x-ratelimit-limit
10000
access-control-allow-headers
Accept,Origin,Content-Type,X-Requested-With
content-length
56
create-notice
api.airbrake.io/api/v3/projects/126987/ 		56 B
392 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.airbrake.io/api/v3/projects/126987/create-notice?key=55ca1bc7fd4a30d3b8411550dfb9148c
Requested by
Host: b-code.liadm.com
URL: http://b-code.liadm.com/a-00xy.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.208.106.182 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-208-106-182.compute-1.amazonaws.com
Software
/
Resource Hash
bc1a6aeda70b19b2f4070456504adc3cb3b257725debb7e8ae02931ee5c0acbd

Request headers

Referer
http://r-ext.oferting.org/r/?utm_source=occitane&utm_medium=sopext&utm_campaign=8738846-6728763&orig=automatic&utm_term=generica&rtt=&f=0&c=fashion&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fu%3Dc6d5752db0427dd5fc7a019db7984715%26emn_i%3D616%26emn_a%3D414%26emn_c%3D94974%26emn_rt%3D0%26ol%3DNo-label%26emn_p%3D%26emn_cat%3D8738846-6728763%26term%3D%26emn_t%3D6728763%26ref_offer%3D8738846%26go%3Dhttps%253A%252F%252Ftracker.affility.net%252Fcollecte%252F%253Faction%253Dmailredirect%2526c%253Dlqhlttc95cqlpaa36piwmwx2910cgvmwq
Origin
http://r-ext.oferting.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 11 Jul 2019 07:22:52 GMT
status
420
x-ratelimit-remaining
9983
access-control-allow-methods
OPTIONS,GET,PUT,POST
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
X-RateLimit-Delay
x-ratelimit-delay
8
x-ratelimit-limit
10000
access-control-allow-headers
Accept,Origin,Content-Type,X-Requested-With
content-length
56
create-notice
api.airbrake.io/api/v3/projects/126987/ 		128 B
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.airbrake.io/api/v3/projects/126987/create-notice?key=55ca1bc7fd4a30d3b8411550dfb9148c
Requested by
Host: b-code.liadm.com
URL: http://b-code.liadm.com/a-00xy.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.208.106.182 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-208-106-182.compute-1.amazonaws.com
Software
/
Resource Hash
97c90fb9dd849c6526d3c334251d2dbae94fd765d2b4116cc46ea9d593573579

Request headers

Referer
http://r-ext.oferting.org/r/?utm_source=occitane&utm_medium=sopext&utm_campaign=8738846-6728763&orig=automatic&utm_term=generica&rtt=&f=0&c=fashion&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fu%3Dc6d5752db0427dd5fc7a019db7984715%26emn_i%3D616%26emn_a%3D414%26emn_c%3D94974%26emn_rt%3D0%26ol%3DNo-label%26emn_p%3D%26emn_cat%3D8738846-6728763%26term%3D%26emn_t%3D6728763%26ref_offer%3D8738846%26go%3Dhttps%253A%252F%252Ftracker.affility.net%252Fcollecte%252F%253Faction%253Dmailredirect%2526c%253Dlqhlttc95cqlpaa36piwmwx2910cgvmwq
Origin
http://r-ext.oferting.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 11 Jul 2019 07:22:52 GMT
content-encoding
gzip
status
200
vary
Accept-Encoding
access-control-allow-methods
OPTIONS,GET,PUT,POST
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
x-ratelimit-remaining
9982
x-ratelimit-delay
8
x-ratelimit-limit
10000
access-control-allow-headers
Accept,Origin,Content-Type,X-Requested-With
access-control-expose-headers
X-RateLimit-Delay
i
c.liadm.com/
Redirect Chain
  • http://c.liadm.com/i?e=pv&eid=36aa033a-1e36-43d8-9e62-e45d5adf226b&url=http%3A%2F%2Fr-ext.oferting.org%2Fr%2F%3Futm_source%3Doccitane%26utm_medium%3Dsopext%26utm_campaign%3D8738846-6728763%26orig%3...
  • http://c.liadm.com/i?e=pv&&duid=a-00xy--673300a2-fcec-47f6-9cb8-d02df76484ef&eid=36aa033a-1e36-43d8-9e62-e45d5adf226b&url=http://r-ext.oferting.org/r/?utm_source%3Doccitane%26utm_medium%3Dsopext%26...
43 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://c.liadm.com/i?e=pv&&duid=a-00xy--673300a2-fcec-47f6-9cb8-d02df76484ef&eid=36aa033a-1e36-43d8-9e62-e45d5adf226b&url=http://r-ext.oferting.org/r/?utm_source%3Doccitane%26utm_medium%3Dsopext%26utm_campaign%3D8738846-6728763%26orig%3Dautomatic%26utm_term%3Dgenerica%26rtt%3D%26f%3D0%26c%3Dfashion%26g%3D%26partner%3Dworld%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.org%252Fof%252F%253Fu%253Dc6d5752db0427dd5fc7a019db7984715%2526emn_i%253D616%2526emn_a%253D414%2526emn_c%253D94974%2526emn_rt%253D0%2526ol%253DNo-label%2526emn_p%253D%2526emn_cat%253D8738846-6728763%2526term%253D%2526emn_t%253D6728763%2526ref_offer%253D8738846%2526go%253Dhttps%25253A%25252F%25252Ftracker.affility.net%25252Fcollecte%25252F%25253Faction%25253Dmailredirect%252526c%25253Dlqhlttc95cqlpaa36piwmwx2910cgvmwq&refr=&aid=a-00xy&tna=liveIntentPublisherTracker&page=World+--+we+are+redirecting+you+to+Occitane%27s+website&tv=pub-2.4.1&n3pc=true&p=web&sid=ccface9b-15f6-4ea0-9252-858c5bce51e4
Requested by
Host: r-ext.oferting.org
URL: http://r-ext.oferting.org/r/?utm_source=occitane&utm_medium=sopext&utm_campaign=8738846-6728763&orig=automatic&utm_term=generica&rtt=&f=0&c=fashion&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fu%3Dc6d5752db0427dd5fc7a019db7984715%26emn_i%3D616%26emn_a%3D414%26emn_c%3D94974%26emn_rt%3D0%26ol%3DNo-label%26emn_p%3D%26emn_cat%3D8738846-6728763%26term%3D%26emn_t%3D6728763%26ref_offer%3D8738846%26go%3Dhttps%253A%252F%252Ftracker.affility.net%252Fcollecte%252F%253Faction%253Dmailredirect%2526c%253Dlqhlttc95cqlpaa36piwmwx2910cgvmwq
Protocol
HTTP/1.1
Security
, ,
Server
52.71.165.73 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-71-165-73.compute-1.amazonaws.com
Software
akka-http/10.0.9 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer
http://r-ext.oferting.org/r/?utm_source=occitane&utm_medium=sopext&utm_campaign=8738846-6728763&orig=automatic&utm_term=generica&rtt=&f=0&c=fashion&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fu%3Dc6d5752db0427dd5fc7a019db7984715%26emn_i%3D616%26emn_a%3D414%26emn_c%3D94974%26emn_rt%3D0%26ol%3DNo-label%26emn_p%3D%26emn_cat%3D8738846-6728763%26term%3D%26emn_t%3D6728763%26ref_offer%3D8738846%26go%3Dhttps%253A%252F%252Ftracker.affility.net%252Fcollecte%252F%253Faction%253Dmailredirect%2526c%253Dlqhlttc95cqlpaa36piwmwx2910cgvmwq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 11 Jul 2019 07:22:53 GMT
Server
akka-http/10.0.9
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43

Redirect headers

Date
Thu, 11 Jul 2019 07:22:53 GMT
Server
akka-http/10.0.9
Access-Control-Allow-Origin
*
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Location
http://c.liadm.com/i?e=pv&&duid=a-00xy--673300a2-fcec-47f6-9cb8-d02df76484ef&eid=36aa033a-1e36-43d8-9e62-e45d5adf226b&url=http://r-ext.oferting.org/r/?utm_source%3Doccitane%26utm_medium%3Dsopext%26utm_campaign%3D8738846-6728763%26orig%3Dautomatic%26utm_term%3Dgenerica%26rtt%3D%26f%3D0%26c%3Dfashion%26g%3D%26partner%3Dworld%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.org%252Fof%252F%253Fu%253Dc6d5752db0427dd5fc7a019db7984715%2526emn_i%253D616%2526emn_a%253D414%2526emn_c%253D94974%2526emn_rt%253D0%2526ol%253DNo-label%2526emn_p%253D%2526emn_cat%253D8738846-6728763%2526term%253D%2526emn_t%253D6728763%2526ref_offer%253D8738846%2526go%253Dhttps%25253A%25252F%25252Ftracker.affility.net%25252Fcollecte%25252F%25253Faction%25253Dmailredirect%252526c%25253Dlqhlttc95cqlpaa36piwmwx2910cgvmwq&refr=&aid=a-00xy&tna=liveIntentPublisherTracker&page=World+--+we+are+redirecting+you+to+Occitane's+website&tv=pub-2.4.1&n3pc=true&p=web&sid=ccface9b-15f6-4ea0-9252-858c5bce51e4
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Cookie set a-00xy
i.liadm.com/s/c/ Frame 1755 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://i.liadm.com/s/c/a-00xy?s=&cim=&ps=true&ls=false&duid=&domainSessionId=undefined&ppid=0&euns=0&ci=0&version=sc-2.2.2&nosync=false&
Requested by
Host: b-code.liadm.com
URL: http://b-code.liadm.com/a-00xy.min.js
Protocol
HTTP/1.1
Server
52.4.94.17 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-4-94-17.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Host
i.liadm.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://r-ext.oferting.org/r/?utm_source=occitane&utm_medium=sopext&utm_campaign=8738846-6728763&orig=automatic&utm_term=generica&rtt=&f=0&c=fashion&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fu%3Dc6d5752db0427dd5fc7a019db7984715%26emn_i%3D616%26emn_a%3D414%26emn_c%3D94974%26emn_rt%3D0%26ol%3DNo-label%26emn_p%3D%26emn_cat%3D8738846-6728763%26term%3D%26emn_t%3D6728763%26ref_offer%3D8738846%26go%3Dhttps%253A%252F%252Ftracker.affility.net%252Fcollecte%252F%253Faction%253Dmailredirect%2526c%253Dlqhlttc95cqlpaa36piwmwx2910cgvmwq
Accept-Encoding
gzip, deflate
Cookie
lidid=5beab6e5-5b8b-4974-b990-c9577be28b70
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://r-ext.oferting.org/r/?utm_source=occitane&utm_medium=sopext&utm_campaign=8738846-6728763&orig=automatic&utm_term=generica&rtt=&f=0&c=fashion&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fu%3Dc6d5752db0427dd5fc7a019db7984715%26emn_i%3D616%26emn_a%3D414%26emn_c%3D94974%26emn_rt%3D0%26ol%3DNo-label%26emn_p%3D%26emn_cat%3D8738846-6728763%26term%3D%26emn_t%3D6728763%26ref_offer%3D8738846%26go%3Dhttps%253A%252F%252Ftracker.affility.net%252Fcollecte%252F%253Faction%253Dmailredirect%2526c%253Dlqhlttc95cqlpaa36piwmwx2910cgvmwq

Response headers

Cache-Control
private, no-cache, max-age=0
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 11 Jul 2019 07:22:53 GMT
ETag
1.61803398874
Set-Cookie
_li_ss=MgUIBhCWCjIFCAoQlgoyBgiLARCHCjIFCHoQlQoyBQgLEJYKMgUICxCWCjIGCIoBEJYK; Max-Age=2592000; Expires=Sat, 10 Aug 2019 07:22:53 GMT; Path=/s
Vary
Accept-Encoding
Content-Length
640
Connection
keep-alive
Primary Request Cookie set creme-ultra-riche-corps-karite,74,1,24534,1144555.htm
fr.loccitane.com/
Redirect Chain
  • https://trac.oferting.org/of/?u=c6d5752db0427dd5fc7a019db7984715&emn_i=616&emn_a=414&emn_c=94974&emn_rt=0&ol=No-label&emn_p=&emn_cat=8738846-6728763&term=&emn_t=6728763&ref_offer=8738846&go=https%3...
  • https://tracker.affility.net/collecte/?action=mailredirect&c=lqhlttc95cqlpaa36piwmwx2910cgvmwq
  • https://act.bdtrkconv.com/collecte/?action=mailredirect&c=lqhlttc95cqlpaa36piwmwx2910cgvmwq
  • http://fr.loccitane.com/creme-ultra-riche-corps-karite,74,1,24534,1144555.htm
  • https://fr.loccitane.com/creme-ultra-riche-corps-karite,74,1,24534,1144555.htm
488 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fr.loccitane.com/creme-ultra-riche-corps-karite,74,1,24534,1144555.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.65.23 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-65-23.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
904c098c03a04d5acdb74c3d13cbeccb705f6cf66ef04fe29a0de25f709fb25c
Security Headers
Name Value
X-Xss-Protection 1

Request headers

Host
fr.loccitane.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://r-ext.oferting.org/r/?utm_source=occitane&utm_medium=sopext&utm_campaign=8738846-6728763&orig=automatic&utm_term=generica&rtt=&f=0&c=fashion&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fu%3Dc6d5752db0427dd5fc7a019db7984715%26emn_i%3D616%26emn_a%3D414%26emn_c%3D94974%26emn_rt%3D0%26ol%3DNo-label%26emn_p%3D%26emn_cat%3D8738846-6728763%26term%3D%26emn_t%3D6728763%26ref_offer%3D8738846%26go%3Dhttps%253A%252F%252Ftracker.affility.net%252Fcollecte%252F%253Faction%253Dmailredirect%2526c%253Dlqhlttc95cqlpaa36piwmwx2910cgvmwq
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://r-ext.oferting.org/r/?utm_source=occitane&utm_medium=sopext&utm_campaign=8738846-6728763&orig=automatic&utm_term=generica&rtt=&f=0&c=fashion&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fu%3Dc6d5752db0427dd5fc7a019db7984715%26emn_i%3D616%26emn_a%3D414%26emn_c%3D94974%26emn_rt%3D0%26ol%3DNo-label%26emn_p%3D%26emn_cat%3D8738846-6728763%26term%3D%26emn_t%3D6728763%26ref_offer%3D8738846%26go%3Dhttps%253A%252F%252Ftracker.affility.net%252Fcollecte%252F%253Faction%253Dmailredirect%2526c%253Dlqhlttc95cqlpaa36piwmwx2910cgvmwq

Response headers

Cache-Control
max-age=0, private, no-cache, no-store, must-revalidate
Pragma
no-cache
Content-Type
text/html;charset=utf-8
Server
Microsoft-IIS/7.5
X-DataDome
protected
Charset
utf-8
X-DataDome-CID
AHrlqAAAAAMA_WZYK9LPLZsAuSIpMg==
X-Powered-By
ASP.NET
Access-Control-Allow-Headers
content-type
X-Xss-Protection
1
X-Front
front3
Content-Length
488
Date
Thu, 11 Jul 2019 07:22:55 GMT
Connection
keep-alive
Set-Cookie
datadome=3eopuj3yggSLDK5PUdkyFyK4mKGiW0Be4zFD5v..qCbXEIQs.TSYiKpsb.epjQoD64GrCUsVrpe1_vcRA3fAz;Path=/;Domain=.loccitane.com;Expires=Fri, 10-Jul-2020 07:22:55 GMT;Max-Age=31536000 AKA_A2=A; expires=Thu, 11-Jul-2019 08:22:55 GMT; path=/; domain=loccitane.com; secure; HttpOnly
Server-Timing
cdn-cache; desc=MISS edge; dur=10 origin; dur=10

Redirect headers

Content-Type
text/html; charset=UTF-8
Location
https://fr.loccitane.com/creme-ultra-riche-corps-karite,74,1,24534,1144555.htm
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
Access-Control-Allow-Headers
content-type
X-Xss-Protection
1
X-Front
front3
Content-Length
201
Date
Thu, 11 Jul 2019 07:22:55 GMT
Connection
keep-alive
Server-Timing
cdn-cache; desc=MISS edge; dur=22 origin; dur=2
c.js
ct.datado.me/ 		988 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ct.datado.me/c.js
Requested by
Host: fr.loccitane.com
URL: https://fr.loccitane.com/creme-ultra-riche-corps-karite,74,1,24534,1144555.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.202.159 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-202-159.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9985a5154750ec0d86073870b61bce82a1bb97bb2ec88ecc3a7a99556364c07f

Request headers

Referer
https://fr.loccitane.com/creme-ultra-riche-corps-karite,74,1,24534,1144555.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 10 Jul 2019 13:50:57 GMT
via
1.1 da44a033908207250002410c047e8764.cloudfront.net (CloudFront)
last-modified
Mon, 08 Jul 2019 12:46:36 GMT
server
AmazonS3
age
66904
etag
"9c98acfe0fa2442ff7e48ee4f4b9bfd4"
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-pop
FRA50
accept-ranges
bytes
content-length
988
x-amz-cf-id
OLy1pYwBxVbPnyVCuE0HO62DJ5dy-_8-P-yZ6rUQcQ-f1AAdgO7GZQ==
/
c.datado.me/captcha/ Frame 0CEA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://c.datado.me/captcha/?initialCid=AHrlqAAAAAMA_WZYK9LPLZsAuSIpMg%3D%3D&hash=05855055E4FD6CAFCCD506CE41122E&cid=null&t=fe
Requested by
Host: ct.datado.me
URL: https://ct.datado.me/c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.231.89 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-229-231-89.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash

Request headers

:method
GET
:authority
c.datado.me
:scheme
https
:path
/captcha/?initialCid=AHrlqAAAAAMA_WZYK9LPLZsAuSIpMg%3D%3D&hash=05855055E4FD6CAFCCD506CE41122E&cid=null&t=fe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://fr.loccitane.com/creme-ultra-riche-corps-karite,74,1,24534,1144555.htm
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fr.loccitane.com/creme-ultra-riche-corps-karite,74,1,24534,1144555.htm

Response headers

status
403
date
Thu, 11 Jul 2019 07:22:59 GMT
content-type
text/html; charset=UTF-8
content-length
0
server
Apache
cache-control
max-age=0, must-revalidate, private

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| dd

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

act.bdtrkconv.com
api.airbrake.io
b-code.liadm.com
c.datado.me
c.liadm.com
ct.datado.me
fr.loccitane.com
go.oferting.org
i.liadm.com
links.internaute-ces-jours-links.fr
r-ext.oferting.org
r.ar-mtch1.com
stats.g.doubleclick.net
trac.oferting.org
tracker.affility.net
www.google-analytics.com
www.google.com
www.google.de
104.109.65.23
146.185.44.113
146.185.44.114
2a00:1450:4001:806::2003
2a00:1450:4001:817::200e
2a00:1450:4001:81b::2004
2a00:1450:400c:c06::9d
2a02:26f0:6c00:19c::63cc
3.208.106.182
34.253.99.129
52.178.92.96
52.4.94.17
52.71.165.73
54.229.231.89
54.230.202.159
54.246.129.40
80.209.249.242
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
3f77639840cc50824854a9b795b77c0433560f8d59818de22b8a75e02291a021
7929082d8761c3db532e83d1630ad642747808517060e2432056f4050f4ebd9a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
904c098c03a04d5acdb74c3d13cbeccb705f6cf66ef04fe29a0de25f709fb25c
97c90fb9dd849c6526d3c334251d2dbae94fd765d2b4116cc46ea9d593573579
97f009f44a9b4261c3e4c8a19f76214875d6e9f5674489d3fdb8a6407a7de78b
9985a5154750ec0d86073870b61bce82a1bb97bb2ec88ecc3a7a99556364c07f
a4883cce814b6793c5bd6dd3639d6048ecab39a93a90b560d39a9fd0aff6e263
bc1a6aeda70b19b2f4070456504adc3cb3b257725debb7e8ae02931ee5c0acbd
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629