Overview

URL links.iledesaffaires-guide.fr/c/iR2/p61/i6PyX_f3xIj6IQGoG4bnVQ/E/lYSR/F/0509eb9c
IP176.126.250.255
ASNIQ PL Sp. z o.o.
Location Poland
Report completed2022-09-16 06:03:58 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-16 2 links.iledesaffaires-guide.fr/c/iR2/p61/i6PyX_f3xIj6IQGoG4bnVQ/E/lYSR/F/0509eb9c Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (22)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS script.crazyegg.com (3) 1992 2015-01-07 19:40:26 UTC 2022-09-15 05:31:26 UTC 104.19.148.8
mnemonic passive DNS stats.g.doubleclick.net (1) 96 2013-06-02 22:47:44 UTC 2022-09-16 04:26:22 UTC 142.251.1.154
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-16 04:25:30 UTC 143.204.55.35
mnemonic passive DNS ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2022-09-15 23:57:23 UTC 93.184.220.29
mnemonic passive DNS content.wirkaufendeinauto.de (1) 431524 2015-04-01 22:00:05 UTC 2022-09-15 18:26:04 UTC 143.204.55.26
mnemonic passive DNS www.vsav.fr (4) 0 2017-01-18 21:17:28 UTC 2022-09-15 18:26:04 UTC 54.230.111.114 Unknown ranking
mnemonic passive DNS ocsp.pki.goog (3) 175 2017-06-14 07:23:31 UTC 2022-09-15 04:51:27 UTC 142.250.74.3
mnemonic passive DNS www.googletagmanager.com (1) 75 2012-12-25 14:52:06 UTC 2022-09-15 04:51:39 UTC 142.250.74.72
mnemonic passive DNS connect.facebook.net (1) 139 2012-05-22 02:51:28 UTC 2022-09-15 04:55:12 UTC 31.13.72.12
mnemonic passive DNS r3.o.lencr.org (3) 344 2020-12-02 08:52:13 UTC 2022-09-15 04:51:36 UTC 23.36.76.226
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-09-16 00:14:15 UTC 143.204.55.35
mnemonic passive DNS ocsp.sca1b.amazontrust.com (4) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.158
mnemonic passive DNS cdnjs.cloudflare.com (4) 235 2020-10-20 10:17:36 UTC 2022-09-16 04:31:46 UTC 104.17.25.14
mnemonic passive DNS links.iledesaffaires-guide.fr (1) 0 2020-01-22 12:49:48 UTC 2022-09-16 05:43:02 UTC 176.126.250.255 Unknown ranking
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-16 04:23:36 UTC 34.117.237.239
mnemonic passive DNS content.jetztautoverkaufen.de (9) 973259 2018-12-15 03:40:35 UTC 2022-09-15 18:26:04 UTC 143.204.55.77
mnemonic passive DNS www.facebook.com (1) 99 2017-01-30 05:00:00 UTC 2022-09-16 04:23:46 UTC 31.13.72.36
mnemonic passive DNS img-getpocket.cdn.mozilla.net (5) 1631 2017-09-01 03:40:57 UTC 2022-09-16 04:03:33 UTC 34.120.237.76
mnemonic passive DNS r.ar-mtch1.com (1) 437472 2017-06-18 09:15:32 UTC 2022-09-16 05:43:08 UTC 13.69.68.37
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-15 05:55:58 UTC 52.89.136.7
mnemonic passive DNS www.jetztautoverkaufen.de (1) 0 2014-10-17 15:27:50 UTC 2022-09-15 18:26:04 UTC 54.230.111.114 Domain (jetztautoverkaufen.de) ranked at: 965286
mnemonic passive DNS www.google-analytics.com (2) 40 2012-10-03 01:04:21 UTC 2022-09-15 22:45:35 UTC 142.250.74.174


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 176.126.250.255

Date UQ / IDS / BL URL IP
2022-09-16 06:03:58 +0000
0 - 0 - 1 links.iledesaffaires-guide.fr/c/iR2/p61/i6PyX (...) 176.126.250.255
2022-09-15 18:26:40 +0000
0 - 0 - 1 links.iledesaffaires-guide.fr/c/iR2/p64/LCMnO (...) 176.126.250.255
2022-09-15 18:26:14 +0000
0 - 0 - 1 links.iledesaffaires-guide.fr/c/iR2/p6w/LCMnO (...) 176.126.250.255
2022-09-15 18:24:14 +0000
0 - 0 - 4 links.iledesaffaires-guide.fr/u/iR2/LCMnOYDGo (...) 176.126.250.255
2022-09-15 18:23:12 +0000
0 - 0 - 1 links.iledesaffaires-guide.fr/c/iR2/p6S/LCMnO (...) 176.126.250.255

Last 5 reports on ASN: IQ PL Sp. z o.o.

Date UQ / IDS / BL URL IP
2022-11-30 10:56:39 +0000
0 - 0 - 3 46.248.190.217/ 46.248.190.217
2022-11-30 01:26:19 +0000
0 - 0 - 2 links.xtradenudes.com/ 91.199.51.171
2022-11-27 15:36:31 +0000
0 - 0 - 1 cuttly.org/ 46.248.190.217
2022-11-26 21:54:56 +0000
0 - 0 - 5 links.xtradenudes.com/c/spw/l6_/xfrl4r5jddgim (...) 91.199.51.171
2022-11-26 20:32:45 +0000
0 - 0 - 4 links.xtradenudes.com/c/sPw/L6Z/XFrL4R5JdDGiM (...) 91.199.51.171

Last 5 reports on domain: iledesaffaires-guide.fr

Date UQ / IDS / BL URL IP
2022-09-16 06:03:58 +0000
0 - 0 - 1 links.iledesaffaires-guide.fr/c/iR2/p61/i6PyX (...) 176.126.250.255
2022-09-15 18:26:40 +0000
0 - 0 - 1 links.iledesaffaires-guide.fr/c/iR2/p64/LCMnO (...) 176.126.250.255
2022-09-15 18:26:14 +0000
0 - 0 - 1 links.iledesaffaires-guide.fr/c/iR2/p6w/LCMnO (...) 176.126.250.255
2022-09-15 18:24:14 +0000
0 - 0 - 4 links.iledesaffaires-guide.fr/u/iR2/LCMnOYDGo (...) 176.126.250.255
2022-09-15 18:23:12 +0000
0 - 0 - 1 links.iledesaffaires-guide.fr/c/iR2/p6S/LCMnO (...) 176.126.250.255

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-09-15 18:26:40 +0000
0 - 0 - 1 links.iledesaffaires-guide.fr/c/iR2/p64/LCMnO (...) 176.126.250.255
2022-09-15 18:26:14 +0000
0 - 0 - 1 links.iledesaffaires-guide.fr/c/iR2/p6w/LCMnO (...) 176.126.250.255
2022-09-15 18:23:12 +0000
0 - 0 - 1 links.iledesaffaires-guide.fr/c/iR2/p6S/LCMnO (...) 176.126.250.255
2022-09-15 18:20:25 +0000
0 - 0 - 1 links.iledesaffaires-guide.fr/c/iR2/p6-/LCMnO (...) 176.126.250.255
2022-09-15 18:20:07 +0000
0 - 0 - 1 links.iledesaffaires-guide.fr/c/iR2/p63/LCMnO (...) 176.126.250.255


JavaScript

Executed Scripts (27)


Executed Evals (1)

#1 JavaScript::Eval (size: 61, repeated: 1) - SHA256: 76c671bfde17d8d293fbbad855ea06d32fe222d4b167565617a26d5ecb473f32

                                        (function() {
    return "undefined" !== typeof gaHardcoded ? !0 : !1
})();
                                    

Executed Writes (0)



HTTP Transactions (52)


Request Response
                                        
                                            GET /c/iR2/p61/i6PyX_f3xIj6IQGoG4bnVQ/E/lYSR/F/0509eb9c HTTP/1.1 
Host: links.iledesaffaires-guide.fr
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         176.126.250.255
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
                                        
Cache-Control: private
Location: https://r.ar-mtch1.com/Redirect?pid=cH&chid=rh&md5=94e2167bb6ba9b68a922d7b0a287f79d&sha256=8aba7ff256c7edef2103a8cc737385026e481ee0495f762574c1cb885fcd3018&url=https%3a%2f%2fwww.vsav.fr%2fvaleur%2fm6%2f%3futm_source%3dEMA%26utm_medium%3demail%26utm_campaign%3d0%26ema%3dFR_1%26JID%3dFR_EMA_1_1239_5215065_1_0_0&type=c&list=FR_Tessouhaits&esp=F
Set-Cookie: TEMP_DATA=cab88af0-7fa1-40da-9fc4-dcf10b35d632; path=/ esg1=iR2/p61/i6PyX_f3xIj6IQGoG4bnVQ/E/lYSR/F/b7d94ee9; path=/
Date: Fri, 16 Sep 2022 06:03:46 GMT
Content-Length: 488


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (416), with CRLF line terminators
Size:   488
Md5:    9e4242fad39a8149c2f28b8232fdad13
Sha1:   9487c9597222f97f5a64c5e141832f4c8ec75945
Sha256: e17d6090a252613efe232fc68b6b03650068ef0bd2491c87f8b14e4033dff675

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "FEF9CE9F75EC19E7AE2CCBFFB6654DB2473A2B4ACC94C1B4303E5EC24149465F"
Last-Modified: Thu, 15 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9167
Expires: Fri, 16 Sep 2022 08:36:34 GMT
Date: Fri, 16 Sep 2022 06:03:47 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 16 Sep 2022 05:10:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9Vz07cUYkjrl6oyMrOvRt2-zjvo1VrxglR2Q_wtr7M3MMRMgEYsLTQ==
Age: 3181


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    b593eb39329cfe060d55be5e4a5405e2
Sha1:   78e46c1028e9f94f8569303ad2d90d7df13a059a
Sha256: 08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 16 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: VMLkFHm8CeMkH0nwrJff2_-mI35Lzzk43xIJoEcOl3pyqmwtye0dLA==
age: 5312
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    742edb4038f38bc533514982f3d2e861
Sha1:   cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
                                        
                                            GET /Redirect?pid=cH&chid=rh&md5=94e2167bb6ba9b68a922d7b0a287f79d&sha256=8aba7ff256c7edef2103a8cc737385026e481ee0495f762574c1cb885fcd3018&url=https%3a%2f%2fwww.vsav.fr%2fvaleur%2fm6%2f%3futm_source%3dEMA%26utm_medium%3demail%26utm_campaign%3d0%26ema%3dFR_1%26JID%3dFR_EMA_1_1239_5215065_1_0_0&type=c&list=FR_Tessouhaits&esp=F HTTP/1.1 
Host: r.ar-mtch1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         13.69.68.37
HTTP/2 302 Found
                                        
date: Fri, 16 Sep 2022 06:03:47 GMT
server: Microsoft-IIS/10.0
location: https://www.vsav.fr:443/valeur/m6/?utm_source=EMA&utm_medium=email&utm_campaign=0&ema=FR_1&JID=FR_EMA_1_1239_5215065_1_0_0
set-cookie: adrakerv2did=12TuNHf-HhcjCxsN4nrodQ; expires=Sat, 16 Sep 2023 06:03:47 GMT; domain=.ar-mtch1.com; path=/; samesite=none adrakerv2vid=pRoFj7S4vogGxAhhkaBxKy; expires=Sat, 16 Sep 2023 06:03:47 GMT; domain=.ar-mtch1.com; path=/; samesite=none
content-length: 0
x-powered-by: ASP.NET
X-Firefox-Spdy: h2

                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 16 Sep 2022 06:03:47 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.158
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Fri, 16 Sep 2022 06:03:48 GMT
Server: ECS (dcb/7F39)
X-Cache: Miss from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 6mbzRqe5hg_Y7NOLjLRFB_TwlQlfaAHoTY_uA4Su97049MQ3GYOXUw==

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 16 Sep 2022 06:03:22 GMT
Cache-Control: max-age=3600
Expires: Fri, 16 Sep 2022 06:15:44 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: N8enz_ui1WLdYq7ibh89zpaCBtk-0YlB98yEWmZ6strFKC8IFrtXMg==
Age: 26


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3932
Cache-Control: 'max-age=158059'
Date: Fri, 16 Sep 2022 06:03:48 GMT
Last-Modified: Fri, 16 Sep 2022 04:58:16 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /ajax/libs/slick-carousel/1.6.0/slick.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vsav.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 16 Sep 2022 06:03:48 GMT
content-length: 12032
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fd5-14929"
last-modified: Mon, 04 May 2020 16:16:21 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 8748576
expires: Wed, 06 Sep 2023 06:03:48 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qhqiRWt0H%2BqbfAcsSDVxOkEZanGexX9IAV0%2FnLNHi%2B74acxH0r75hspu7vdUGXlV7hyVnhk2cELTq4NrhpajAVaBo43VkhOvg7xTzXpVSrsygrT9IsEJvRj4RIt9D%2Fxg9b%2FgGnyA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74b766ae3d720b3d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   12032
Md5:    fab824518fd82853ed2698f39d8ec43e
Sha1:   df19bf45131085a88eb2cd4c07e2bda44cef0e98
Sha256: d55908906f498a577e0f9cc6ffeac157765acb67643c23d22c0d51b352e208c4
                                        
                                            GET /ajax/libs/babel-core/5.6.15/browser-polyfill.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vsav.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 16 Sep 2022 06:03:48 GMT
content-length: 21126
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d6a-14cd3"
last-modified: Mon, 04 May 2020 16:06:02 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1042207
expires: Wed, 06 Sep 2023 06:03:48 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AoUgw%2BxQgvTEW9XkQ2mHcYJc0wEfbgS8fGAMB85fnRNkuftac2fyFPxQgMMaImhGk1GcWeBXHkAi6xuXZM9%2BHez6CWWa31OJJNc9hy97SEHVdRmOas842oZu2cKr4A8B826JxnHa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74b766ae3d740b3d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32029)
Size:   21126
Md5:    436276016fa6a667bb2972144b953a8b
Sha1:   6fd57f29a60a5a34adba9796f20065e2d3e19782
Sha256: 2e22da644911c19f285e17ab2a0cdb713ee830d26bfe708737ff09deb806cfc2
                                        
                                            GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vsav.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 16 Sep 2022 06:03:48 GMT
content-length: 26909
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-14e4a"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 2022752
expires: Wed, 06 Sep 2023 06:03:48 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sKq41mgnpzfVXH1prb%2FFHGfbCjZf08pzC7RRH8kZh6Hv11TbIL0GXqTDvu%2F8u2dm17VyynISdSZafBLYtg25hDfgVGful2xp5eQAJ27fY9sRI5NiTJAhhoQON0x1tWbjmxCBYvhH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74b766ae4d7a0b3d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32065)
Size:   26909
Md5:    63827323c175768ccb0e8ed54589a3e5
Sha1:   9760e238d6ecced66396798559f70593793d801e
Sha256: 196f9479a27db836a2a7454e222f0cb52d4eeb162e0a50e69401ba1a8d81b564
                                        
                                            GET /static/car_images/spritesheet.png HTTP/1.1 
Host: content.jetztautoverkaufen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vsav.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.55.77
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 8798
last-modified: Wed, 28 Dec 2016 09:28:17 GMT
x-amz-meta-extension: png
accept-ranges: bytes
server: AmazonS3
date: Thu, 15 Sep 2022 20:35:44 GMT
etag: "01b0983d563fcb13b89e6e2da9c78d21"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: fmPeG2f6wEGkDXJcykuOWB9KJNt6FXKIa_FbkkTxa3HQk_SN_5qTiA==
age: 34085
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 231 x 102, 8-bit/color RGBA, non-interlaced\012- data
Size:   8798
Md5:    01b0983d563fcb13b89e6e2da9c78d21
Sha1:   6f22c5969f5af9f5ee31acb7cad85fb13427ca2e
Sha256: 48b45e924e8d5413d7b8b7b17ed5934259957b6594510212aed764bf7f676a0a
                                        
                                            GET /static/car_images/img-lazy.js HTTP/1.1 
Host: content.jetztautoverkaufen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vsav.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.55.77
HTTP/2 200 OK
content-type: text/javascript
                                        
content-length: 585
last-modified: Mon, 12 Dec 2016 18:03:08 GMT
x-amz-meta-extension: js
accept-ranges: bytes
server: AmazonS3
date: Fri, 16 Sep 2022 06:03:48 GMT
etag: "b44fc4dfb1d7fe6c054fb4e3e874d20e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 58uI-yoPkSImUzShVsAsZGk95Ud1CuctdHxQQ_e5oHiY_OBXMhqkDA==
age: 8337
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   585
Md5:    b44fc4dfb1d7fe6c054fb4e3e874d20e
Sha1:   51cdca090a0025ae99607f6e12e75014ed17febb
Sha256: 105242a38c84dd4628e16ca409d1180b2f64a0e6206088bfe2d3be5759bfdca9
                                        
                                            GET /static/car_images/javk-blue-loading.png HTTP/1.1 
Host: content.jetztautoverkaufen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vsav.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.55.77
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 6477
last-modified: Mon, 25 Sep 2017 14:59:01 GMT
x-amz-meta-extension: png
accept-ranges: bytes
server: AmazonS3
date: Fri, 16 Sep 2022 06:03:48 GMT
etag: "bc424c6984a83e7c5586f25d2dc3af5c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: AKOr96OApMI9Dip8TnBoWX2danVhSlIa0qDKaqo0TsraQLQDr3VyHw==
age: 8974
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 172 x 226, 8-bit/color RGBA, non-interlaced\012- data
Size:   6477
Md5:    bc424c6984a83e7c5586f25d2dc3af5c
Sha1:   61ad7d55524228439085d19b05e5ceb6c10d7be0
Sha256: 25453cafd6bbd18e0967a48489ee07e9a0e2a2127d1f94256dd2bf5177823bc2
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: yzmj9/FziL2LG1/26P6Xqg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.89.136.7
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ubgrk61IFp3Lsxbqy0N4+72y4eM=

                                        
                                            GET /static/car_images/right-arrow.png HTTP/1.1 
Host: content.jetztautoverkaufen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vsav.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.55.77
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 216
last-modified: Mon, 24 Aug 2020 09:16:26 GMT
x-amz-meta-extension: png
accept-ranges: bytes
server: AmazonS3
date: Thu, 15 Sep 2022 21:43:29 GMT
etag: "289c694aeda15d118fdfd4050cbe945f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: QH3LXMUa-DaGRtP0vQLjV-YOjFIZsY2wnHdLA5BkYrFnOp6_vdUrOw==
age: 30020
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 27 x 45, 8-bit/color RGBA, non-interlaced\012- data
Size:   216
Md5:    289c694aeda15d118fdfd4050cbe945f
Sha1:   79d0978d29f230a4bd29d1b91d6806604a878743
Sha256: 216b1e9824ed10837c8da0daf048b4b759428f6338ddcb8c5a75d241344c501c
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.158
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 16 Sep 2022 06:03:48 GMT
Last-Modified: Fri, 16 Sep 2022 05:11:25 GMT
Server: ECS (dcb/7FA3)
X-Cache: Miss from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: tyBP40grE3Gn5seBMPNp1OKLu318U7bfREui7floIasB-CEi0WqnSg==
Age: 3143

                                        
                                            GET /jav/images/fr-logo.png HTTP/1.1 
Host: www.jetztautoverkaufen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vsav.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.111.114
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 9273
date: Fri, 16 Sep 2022 06:03:48 GMT
server: Apache/2.4.52 (Unix)
x-env: prod
vary: X-FORWARDED-PROTO
last-modified: Fri, 28 Jan 2022 14:16:04 GMT
etag: "2439-5d6a51338f100"
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: AVqB-U2L59cU6iLrC21PwNL5al80hv8yLR9qg4T_JbPdNJcSv9fEVQ==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 395 x 63, 8-bit/color RGBA, non-interlaced\012- data
Size:   9273
Md5:    597264b0ff5f0cc4034adb438eec8796
Sha1:   12b8c70abc1c80865364e9c2153b70cc662b50ad
Sha256: 071e9990c55c67f266fc9b2d815726e81fa34cf34c3d32130f7cbea9d210d26c
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.158
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Fri, 16 Sep 2022 06:03:48 GMT
Server: ECS (dcb/7F5E)
X-Cache: Miss from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Re2hbW9mDgprRBH_IrYhKnzZmOdWED39WO84LcpzQdaSXKw3hSpF3Q==

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.158
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 16 Sep 2022 06:03:48 GMT
Last-Modified: Fri, 16 Sep 2022 05:49:49 GMT
Server: ECS (dcb/7F83)
X-Cache: Miss from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: lzrSyFqT1T21kwcSIVDK6ySz9jjc1L4MJXCKBxxYjQP5ojEphAznxg==
Age: 839

                                        
                                            GET /static/car_images/smallest-green-checkmark.png HTTP/1.1 
Host: content.wirkaufendeinauto.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vsav.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.55.26
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 322
date: Tue, 13 Sep 2022 05:52:56 GMT
last-modified: Mon, 25 Nov 2019 06:03:50 GMT
etag: "5d573e50d94c482107ee282fe8b23522"
cache-control: max-age=604800,public
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZWBSSC5OQyZpvw2d8ftLJ28MM1H6-z6iW4W0HuS_aCZgI88VyO9z1A==
age: 259854
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 14 x 11, 8-bit/color RGBA, non-interlaced\012- data
Size:   322
Md5:    5d573e50d94c482107ee282fe8b23522
Sha1:   6078f451532308b8be8612d348c5d395631677f6
Sha256: e8579c257ce8a062d1a937aec71daa4b193c5c63d9627315e637aacc12d05a41
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.vsav.fr
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vsav.fr/valeur/m6/?utm_source=EMA&utm_medium=email&utm_campaign=0&ema=FR_1&JID=FR_EMA_1_1239_5215065_1_0_0
Cookie: JAVSID=9t746n5cvngngdbk37gstlrlb4; SCID_RESET_TIME=1726466628; SCID=377dd1916efdfef58b869f7ab5e611f7; JAV=FR_EMA_1_1239_5215065_1_0_0%26_cl%3D1663308228
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.114
HTTP/2 200 OK
content-type: image/x-icon
                                        
content-length: 1150
date: Fri, 16 Sep 2022 06:03:49 GMT
server: Apache/2.4.52 (Unix)
x-env: prod
vary: X-FORWARDED-PROTO
last-modified: Fri, 28 Jan 2022 14:16:04 GMT
etag: "47e-5d6a51338f100"
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: R4af6ZscPRl3Ihhfmh8w9JFauhYP-C24oGJlpna6VoLjs97Mgtfhlg==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size:   1150
Md5:    85085c08133be6d2c18c21389a8bdab1
Sha1:   2128dabbca391dba100db1179220b9b1183e3d75
Sha256: 33d172297ef4e206f899e416344d4534a47ef61dd4aa25cd83aaca2b7ef70fe0
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 16 Sep 2022 06:03:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /gtm.js?id=GTM-WRTJPW HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vsav.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.72
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 16 Sep 2022 06:03:49 GMT
expires: Fri, 16 Sep 2022 06:03:49 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 62086
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (30169)
Size:   62086
Md5:    cb73b902e1d5699ca92eeaf1aa9f8056
Sha1:   5f4e616be7f78ead2885509d24f102813057410a
Sha256: 9721f4ca2a82d376f61600834d50076db52ef55bad2cea77c185c4c88c01f8a6
                                        
                                            GET /static/car_images/icon-circle-car-mechanic-blue.svg HTTP/1.1 
Host: content.jetztautoverkaufen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vsav.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.55.77
HTTP/2 200 OK
content-type: image/svg+xml
                                        
last-modified: Wed, 28 Oct 2020 10:28:31 GMT
x-amz-meta-extension: svg
server: AmazonS3
content-encoding: gzip
date: Fri, 16 Sep 2022 06:03:48 GMT
etag: W/"ffd8496f136f1dabeb407dc3e9060972"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: uEJq4SzNxOiuEcbY3U_cDIkrowWTqoNmiIZlQPQZ9ZG833S3bLeG_w==
age: 30019
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   2061
Md5:    721152aa9546ac874f495195ad8e2cbe
Sha1:   a8739064fb3d77abdcc31b7629436a8fbdaa7434
Sha256: 545d15707c0b8ae56001ef371dc2f25ef55cbd7f9e53cfafcf3c43bc9383e5c6
                                        
                                            GET /papi/v1/car-types/manufacturer HTTP/1.1 
Host: www.vsav.fr
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.vsav.fr/valeur/m6/?utm_source=EMA&utm_medium=email&utm_campaign=0&ema=FR_1&JID=FR_EMA_1_1239_5215065_1_0_0
Connection: keep-alive
Cookie: JAVSID=9t746n5cvngngdbk37gstlrlb4; SCID_RESET_TIME=1726466628; SCID=377dd1916efdfef58b869f7ab5e611f7; JAV=FR_EMA_1_1239_5215065_1_0_0%26_cl%3D1663308228
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.114
HTTP/2 200 OK
content-type: application/json
                                        
date: Fri, 16 Sep 2022 06:03:49 GMT
server: Apache/2.4.52 (Unix)
x-b3-traceid: 80a3a24041930ec8
cache-control: no-cache
x-env: prod
vary: X-FORWARDED-PROTO
x-cache: Miss from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OII-7OX3aSBzWS81Qu2YMziLNkF3gjHfzdd0kJDXulAou0dJ_rcnLg==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- data
Size:   1477
Md5:    328bb15c5a68f31e040205de07160033
Sha1:   c939d3b7df8068b9cc6e89f9d8827cb9bb8e72a4
Sha256: 1ff1ef2a90efa571209d257205d82ca615bed7be36d2206eec5ae8f8047aee1c
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vsav.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Fri, 16 Sep 2022 04:41:12 GMT
expires: Fri, 16 Sep 2022 06:41:12 GMT
cache-control: public, max-age=7200
age: 4957
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20006
Md5:    56f5d7f608e25d64207135f045f988cb
Sha1:   901eb59372ae330ae85e1384da93479b21ae1082
Sha256: 1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
                                        
                                            GET /en_US/fbevents.js HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vsav.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         31.13.72.12
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: gzip
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: TGdOsWcCrTChSOq2FCRZ3PGDD6McwLYnVF3RB51sRamJWG5cl8yFF2BEHZg00QyPLEc4dok1c8WS3yQCApv2fg==
content-length: 26872
x-fb-trip-id: 1904183273
date: Fri, 16 Sep 2022 06:03:49 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (64348)
Size:   26872
Md5:    ecb99528d18dbe7952eac9618eaf2d8e
Sha1:   eb59bf3afc849403fa3dde09b75b5fc51f29e7b5
Sha256: bcecfe43bf3e0f22ff425fe630e189d28fc3ecdc9764dd1686599e5ce59f40cc
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5508
Cache-Control: 'max-age=158059'
Date: Fri, 16 Sep 2022 06:03:49 GMT
Last-Modified: Fri, 16 Sep 2022 04:32:01 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /pages/data-scripts/0041/4715/site/www.vsav.fr.json?t=1 HTTP/1.1 
Host: script.crazyegg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vsav.fr
Connection: keep-alive
Referer: https://www.vsav.fr/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.19.148.8
HTTP/2 200 OK
content-type: application/json
                                        
date: Fri, 16 Sep 2022 06:03:49 GMT
content-length: 3073
access-control-expose-headers: CE-Version
ce-version: 11.4.4
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
last-modified: Thu, 15 Sep 2022 18:15:23 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 42506
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b766b3b9c6b505-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (29268), with no line terminators
Size:   3073
Md5:    b7e30c2d6bcebd5d88c3c560658ae925
Sha1:   04f52d4b5cb955c9ab32e743129af57ec64dbbc5
Sha256: aaedb9449970e183d956479212e83f02d7c649b51cb0835a0e407a51bfd6c4f1
                                        
                                            POST /j/collect?v=1&_v=j96&a=1919446575&t=pageview&_s=1&dl=https%3A%2F%2Fwww.vsav.fr%2Fvaleur%2Fm6%2F%3Futm_source%3DEMA%26utm_medium%3Demail%26utm_campaign%3D0%26ema%3DFR_1%26JID%3DFR_EMA_1_1239_5215065_1_0_0&ul=en-us&de=UTF-8&dt=Vendresavoiture.fr%20%7C%20%C3%89valuation%20auto&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAEABAAAAAC~&jid=1986957164&gjid=469343239&cid=1518748951.1663308214&tid=UA-69110693-1&_gid=2112705395.1663308214&_r=1&gtm=2wg9e0WRTJPW&z=1980640683 HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.vsav.fr
Connection: keep-alive
Referer: https://www.vsav.fr/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: https://www.vsav.fr
date: Fri, 16 Sep 2022 06:03:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   2
Md5:    cc7a1e792bca8ccb1946b7a07f6dbc03
Sha1:   11a2757082428311f587b7664fa9840376137f80
Sha256: de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
                                        
                                            GET /pages/versioned/common-scripts/2f6ad22e93ca0a50994ab7cdcb57f3ce.js HTTP/1.1 
Host: script.crazyegg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vsav.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.19.148.8
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Fri, 16 Sep 2022 06:03:49 GMT
content-length: 30407
cache-control: public, max-age=31536000, s-maxage=31536000
timing-allow-origin: *
last-modified: Sun, 04 Sep 2022 15:37:41 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 45140
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b766b3dc23b521-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (26535)
Size:   30407
Md5:    1f65bc4bbd6ed833ed7a7390184b379c
Sha1:   3fb62902e38cb7f88b14f278d6f170dcfab65e37
Sha256: 01d4c83582774ace9cbee5bf411010777536dc044440df0c2221f1ac59dff02d
                                        
                                            GET /pages/data-scripts/0041/4715/sampling/www.vsav.fr.json?t=462030 HTTP/1.1 
Host: script.crazyegg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vsav.fr
Connection: keep-alive
Referer: https://www.vsav.fr/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.19.148.8
HTTP/2 200 OK
content-type: application/json
                                        
date: Fri, 16 Sep 2022 06:03:49 GMT
content-length: 528
access-control-expose-headers: CE-Version
ce-version: 11.4.4
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
last-modified: Thu, 15 Sep 2022 18:15:23 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 42506
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b766b41a50b505-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (2020), with no line terminators
Size:   528
Md5:    7fd4252776fd730f472888059b3c49ba
Sha1:   910c31d38d98bf0ceb108663575cd117e81a34d0
Sha256: c02c7070b5d7eb5b4c2b08aac078f40db1822220c908d2bace66da1874211778
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 16 Sep 2022 06:03:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-69110693-1&cid=1518748951.1663308214&jid=1986957164&gjid=469343239&_gid=2112705395.1663308214&_u=YEBAAEAAAAAAAC~&z=1999565709 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.vsav.fr
Connection: keep-alive
Referer: https://www.vsav.fr/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.251.1.154
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: https://www.vsav.fr
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 16 Sep 2022 06:03:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    c4ca4238a0b923820dcc509a6f75849b
Sha1:   356a192b7913b04c54574d18c28d46e6395428ab
Sha256: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 16 Sep 2022 06:03:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /tr/?id=1790114407892605&ev=PageView&dl=https%3A%2F%2Fwww.vsav.fr%2Fvaleur%2Fm6%2F%3Futm_source%3DEMA%26utm_medium%3Demail%26utm_campaign%3D0%26ema%3DFR_1%26JID%3DFR_EMA_1_1239_5215065_1_0_0&rl=&if=false&ts=1663308214070&sw=1280&sh=1024&v=2.9.81&r=stable&ec=0&o=30&fbp=fb.1.1663308214069.2073149634&it=1663308213893&coo=false&rqm=GET HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vsav.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         31.13.72.36
HTTP/2 200 OK
content-type: image/gif
                                        
date: Fri, 16 Sep 2022 06:03:49 GMT
expires: Fri, 16 Sep 2022 06:03:49 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie:
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  gzip compressed data, from Unix\012- data
Size:   85955
Md5:    ff7339f08a17bfefde5df763005d555d
Sha1:   1c8c6774cf66a337311b4529a956e66e27492fce
Sha256: e8cebce38440f7af53dae7ac39c66508d234e388a3ea1d5c0e6950718eb670c7
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12496
Expires: Fri, 16 Sep 2022 09:32:06 GMT
Date: Fri, 16 Sep 2022 06:03:50 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12496
Expires: Fri, 16 Sep 2022 09:32:06 GMT
Date: Fri, 16 Sep 2022 06:03:50 GMT
Connection: keep-alive

                                        
                                            GET /static/car_images/icon-circle-phone-car-inspection-blue.svg HTTP/1.1 
Host: content.jetztautoverkaufen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vsav.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.55.77
HTTP/2 200 OK
content-type: image/svg+xml
                                        
last-modified: Wed, 28 Oct 2020 10:28:31 GMT
x-amz-meta-extension: svg
server: AmazonS3
content-encoding: gzip
date: Fri, 16 Sep 2022 06:03:48 GMT
etag: W/"3454d353771f74181dedb105edf79e1d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: nKqAhEeRSydMjzK3sq3vIrLqwf2orTF_WAay_VRvlkouopgXIcGk2A==
age: 30020
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   13894
Md5:    8e1a5c9b27998a907d25c54e6fe8cb0a
Sha1:   90a300d8d35822324e17ea5b4f73d31bfc020dc5
Sha256: 867a5540b16f8615e7074b31fd8d6c21dbe0c414c26a38e26a649bc168523deb
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3eb4aa92-edbe-4eb2-a1a4-0526bce5b13f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6300
x-amzn-requestid: c7bbe10c-76da-4cb4-a34c-2a0319d3b7a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhUkXGpPIAMF1kA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239ae8-51191d655852f60d5cf280fc;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:36:40 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 8y9suBepMTTS0MOqnZd7zzSHFLdKVnjIjoeZ2xmkIuMMZ15m5tbwqw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:50:35 GMT
etag: "742c33d879e3d0a21ff90b090960870a5cd0bb04"
age: 29595
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6300
Md5:    2e990e4086570a10e2b3ec85aace1b82
Sha1:   742c33d879e3d0a21ff90b090960870a5cd0bb04
Sha256: dd01ff5d019e5017ad49330f28dc0e09c768c8e66c2cc6b387d553642dc365fe
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee084149-a07d-4141-a484-d9f352209914.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9904
x-amzn-requestid: a23cb4b3-db6e-48ae-90b1-3ecf6478bf52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhVDpH_CIAMFl4w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239bb0-15869210609a18587467d1e2;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:40:00 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: RbKcO0CPRsex8VWdIVqctamGyJ7D1PHD04ry2wbrcDPDYL0Yy5vPPQ==
via: 1.1 1002c05e647d0804e83147cdd205d14a.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:50:35 GMT
etag: "8e1090346d90bc69e7a95384e6a7a01154e31567"
age: 29595
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9904
Md5:    e6d17788c7d2a1a91e68eff48df14bd1
Sha1:   8e1090346d90bc69e7a95384e6a7a01154e31567
Sha256: 1e1eefa02e4c55e73be87a309ad5c2335856125cb678cff6ebc42c5ff73a0e2b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a73e855-9877-4793-b59a-30b8e5a96117.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8435
x-amzn-requestid: f6efd924-4f54-41a6-8771-087803b5b8ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhU0-EJaoAMFvtQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239b52-37c21ee857fe27d104b70337;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:38:26 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rgjwYJ-ZzVF3bv7pl1l8TN8EAoENIcaSAXJU_YhFOSNRCzrCuPuKbQ==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:44:10 GMT
age: 29980
etag: "b6e634ef27eba9da38c6472565e0fdca6898e4f0"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8435
Md5:    b7d4ee58e0f26ec6817dbab72aa7db6d
Sha1:   b6e634ef27eba9da38c6472565e0fdca6898e4f0
Sha256: 07db05a6ee70a699164ad55da47bfca58e6639956e256d902cbe0388cd7995c6
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd10bce85-63ee-4a0f-93d7-c5af7cb0a4f3.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 2076
x-amzn-requestid: 4d219353-93bd-4f18-8a8c-64142d7be19d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhVBdHN-oAMFmgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239ba2-70dafa722a10c16e5b21de02;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:39:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8-7AUXlRwp2qBjLd-x7QWDKJDEwV_ZLSRxjO5gyVfFXB7obVOH__Sg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:48:48 GMT
age: 29702
etag: "8193e7ef70c77f11bb698f4973c42444c8362fcc"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   2076
Md5:    5a10204c6f1c13d6f6d2a19653e49eac
Sha1:   8193e7ef70c77f11bb698f4973c42444c8362fcc
Sha256: c230fddf7736fee44f47bf857f67261adfe8099c8d896ef5a21301822bfeaca8
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ac817a0-279c-44ad-92b0-a799997b91ed.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8843
x-amzn-requestid: 055dc4af-96bb-48af-823a-56e606701c01
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhVAlFseoAMFurw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239b9d-67ba7aaf2b588234573e1c9c;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:39:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: WkdIyxNFlhmlhe5c3iNkCNWQmRrMrfKqD4pYMe5J7iYzUgo0XorwAg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:53:59 GMT
age: 29391
etag: "2029669d941625cb78a23b52cd6511af111c8591"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8843
Md5:    918f9961aa6acc47b01feb731750d208
Sha1:   2029669d941625cb78a23b52cd6511af111c8591
Sha256: 1f8cfc977ecea3b3dba2992fd4e310f8d426be1316c467f516e5ed2332ecaf96
                                        
                                            GET /valeur/m6/?utm_source=EMA&utm_medium=email&utm_campaign=0&ema=FR_1&JID=FR_EMA_1_1239_5215065_1_0_0 HTTP/1.1 
Host: www.vsav.fr
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         54.230.111.114
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Fri, 16 Sep 2022 06:03:48 GMT
server: Apache/2.4.52 (Unix)
x-b3-traceid: 485d57be5e2ecefa
cache-control: no-cache
set-cookie: JAVSID=9t746n5cvngngdbk37gstlrlb4; path=/; HttpOnly SCID_RESET_TIME=1726466628; expires=Mon, 16-Sep-2024 06:03:48 GMT; Max-Age=63158400; path=/; domain=.vsav.fr; HttpOnly SCID=377dd1916efdfef58b869f7ab5e611f7; expires=Mon, 16-Sep-2024 06:03:48 GMT; Max-Age=63158400; path=/; domain=.vsav.fr; HttpOnly JAV=FR_EMA_1_1239_5215065_1_0_0%26_cl%3D1663308228; expires=Mon, 16-Sep-2024 06:03:48 GMT; Max-Age=63158400; path=/; domain=.vsav.fr; HttpOnly
x-env: prod
vary: X-FORWARDED-PROTO
x-cache: Miss from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YfbIXceldOw1_oLhIwoO6qrZAAq5FS7n52Pcqr2aEIqhg9jDXH5n-g==
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /static/car_images/valeur_m0_2d9d7e59e80b033d4041_app.js HTTP/1.1 
Host: content.jetztautoverkaufen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vsav.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.77
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Mon, 01 Mar 2021 08:18:11 GMT
x-amz-meta-extension: js
server: AmazonS3
content-encoding: gzip
date: Fri, 16 Sep 2022 06:03:48 GMT
etag: W/"15f209b8930aebf8b684330d1abdd19c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: dbE-eTnuL2zv5xFbRAPNrbf1OVNS4VvOlpMHpQLjhv6Gw4fK57kMbg==
age: 10230
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vsav.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 16 Sep 2022 06:03:48 GMT
content-length: 591
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec1-514"
last-modified: Mon, 04 May 2020 16:11:45 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1125209
expires: Wed, 06 Sep 2023 06:03:48 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a3h%2FYh4I0DBPCuk1xIH8TYirghP7LaoaAPFZWQHAd%2FEuOLoGShLoSL5or6F%2B5ep8eYamxVdEJR3x6pV5ZsfhjXU6zWpz0LZYSn9YHPjZm%2BR554oRdufF1tX3VWKfquCrbs2sA2eY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74b766ae4d7f0b3d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /static/car_images/icon-circle-car-coin-eur-blue.svg HTTP/1.1 
Host: content.jetztautoverkaufen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vsav.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.55.77
HTTP/2 200 OK
content-type: image/svg+xml
                                        
last-modified: Wed, 28 Oct 2020 10:28:31 GMT
x-amz-meta-extension: svg
server: AmazonS3
content-encoding: gzip
date: Fri, 16 Sep 2022 06:03:48 GMT
etag: W/"6d91d1db0929424226414ba3ed8b71c3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 3ZCdcIrsqDMjRmwX-ZrgV4cCyAQ8ckj_O22uvF0TtFsZR_QfrunkKA==
age: 10230
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /static/car_images/dsbVendor.de5ffd94f009b0565709854795a3f940.js HTTP/1.1 
Host: content.jetztautoverkaufen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vsav.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.77
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Wed, 05 May 2021 08:33:27 GMT
x-amz-meta-extension: js
server: AmazonS3
content-encoding: gzip
date: Fri, 16 Sep 2022 06:03:48 GMT
etag: W/"55fa4b0bf3dd48b971783e68857fdbd1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: WT9pKX04HVX-95lOZoUBZrfU-72ea9gS_IhQSQbrYhg1DiRtLG6l9Q==
age: 28228
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /papi/v1/dynamic-step/configuration/m0/fr/ HTTP/1.1 
Host: www.vsav.fr
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.vsav.fr/valeur/m6/?utm_source=EMA&utm_medium=email&utm_campaign=0&ema=FR_1&JID=FR_EMA_1_1239_5215065_1_0_0
Connection: keep-alive
Cookie: JAVSID=9t746n5cvngngdbk37gstlrlb4; SCID_RESET_TIME=1726466628; SCID=377dd1916efdfef58b869f7ab5e611f7; JAV=FR_EMA_1_1239_5215065_1_0_0%26_cl%3D1663308228
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.114
HTTP/2 200 OK
content-type: application/json
                                        
date: Fri, 16 Sep 2022 06:03:49 GMT
server: Apache/2.4.52 (Unix)
x-b3-traceid: 75e7bc2f6f303e38
cache-control: no-cache
x-env: prod
vary: X-FORWARDED-PROTO
x-cache: Miss from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hvPsudQwE-4IpE6N2mqxgpCW-BuzVuCHs-7Wx0o4NM1MOc2MmnrAHA==
X-Firefox-Spdy: h2


--- Additional Info ---