Overview

URL links.iledesaffaires-guide.fr/c/iR2/p6S/LCMnOYDGoDuG-PX59DWHnQ/E/JGBr/F/18957e99
IP176.126.250.255
ASNIQ PL Sp. z o.o.
Location Poland
Report completed2022-09-15 18:23:12 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-15 2 links.iledesaffaires-guide.fr/c/iR2/p6S/LCMnOYDGoDuG-PX59DWHnQ/E/JGBr/F/18957e99 Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (22)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS content.wirkaufendeinauto.de (1) 431524 2015-04-01 22:00:05 UTC 2022-09-15 06:52:51 UTC 143.204.55.66
mnemonic passive DNS www.googletagmanager.com (1) 75 2012-12-25 14:52:06 UTC 2022-09-15 04:51:39 UTC 142.250.74.72
mnemonic passive DNS www.google-analytics.com (2) 40 2012-10-03 01:04:21 UTC 2022-09-15 12:49:11 UTC 142.250.74.174
mnemonic passive DNS www.facebook.com (1) 99 2017-01-30 05:00:00 UTC 2022-09-15 04:51:09 UTC 31.13.72.36
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-15 04:47:36 UTC 34.120.237.76
mnemonic passive DNS r3.o.lencr.org (4) 344 2020-12-02 08:52:13 UTC 2022-09-15 04:51:36 UTC 23.36.76.242
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-15 05:55:39 UTC 143.204.55.35
mnemonic passive DNS ocsp.sca1b.amazontrust.com (7) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 54.230.245.118
mnemonic passive DNS www.vsav.fr (4) 0 2017-01-18 21:17:28 UTC 2022-09-15 15:28:56 UTC 54.230.111.114 Unknown ranking
mnemonic passive DNS script.crazyegg.com (3) 1992 2015-01-07 19:40:26 UTC 2022-09-15 05:31:26 UTC 104.19.148.8
mnemonic passive DNS stats.g.doubleclick.net (1) 96 2013-06-02 22:47:44 UTC 2022-09-15 04:51:17 UTC 142.251.1.155
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-09-15 12:06:25 UTC 143.204.55.115
mnemonic passive DNS r.ar-mtch1.com (1) 437472 2017-06-18 09:15:32 UTC 2022-09-15 15:28:58 UTC 13.69.68.37
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-15 04:50:53 UTC 34.117.237.239
mnemonic passive DNS content.jetztautoverkaufen.de (10) 973259 2018-12-15 03:40:35 UTC 2022-07-07 10:33:17 UTC 143.204.55.115
mnemonic passive DNS connect.facebook.net (1) 139 2012-05-22 02:51:28 UTC 2022-09-15 04:55:12 UTC 31.13.72.12
mnemonic passive DNS ocsp.pki.goog (4) 175 2017-06-14 07:23:31 UTC 2022-09-15 04:51:27 UTC 142.250.74.3
mnemonic passive DNS links.iledesaffaires-guide.fr (1) 0 2020-01-22 12:49:48 UTC 2022-09-15 15:28:45 UTC 176.126.250.255 Unknown ranking
mnemonic passive DNS ocsp.digicert.com (3) 86 2012-05-21 07:02:23 UTC 2022-09-15 11:12:10 UTC 93.184.220.29
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-15 05:55:58 UTC 52.41.252.32
mnemonic passive DNS cdnjs.cloudflare.com (6) 235 2020-10-20 10:17:36 UTC 2022-09-15 05:10:24 UTC 104.17.24.14
mnemonic passive DNS www.jetztautoverkaufen.de (1) 0 2014-10-17 15:27:50 UTC 2022-07-10 11:02:25 UTC 54.230.111.114 Domain (jetztautoverkaufen.de) ranked at: 965286


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 176.126.250.255

Date UQ / IDS / BL URL IP
2022-09-16 06:03:58 +0000
0 - 0 - 1 links.iledesaffaires-guide.fr/c/iR2/p61/i6PyX (...) 176.126.250.255
2022-09-15 18:26:40 +0000
0 - 0 - 1 links.iledesaffaires-guide.fr/c/iR2/p64/LCMnO (...) 176.126.250.255
2022-09-15 18:26:14 +0000
0 - 0 - 1 links.iledesaffaires-guide.fr/c/iR2/p6w/LCMnO (...) 176.126.250.255
2022-09-15 18:24:14 +0000
0 - 0 - 4 links.iledesaffaires-guide.fr/u/iR2/LCMnOYDGo (...) 176.126.250.255
2022-09-15 18:23:12 +0000
0 - 0 - 1 links.iledesaffaires-guide.fr/c/iR2/p6S/LCMnO (...) 176.126.250.255

Last 5 reports on ASN: IQ PL Sp. z o.o.

Date UQ / IDS / BL URL IP
2022-12-08 23:28:15 +0000
0 - 0 - 1 www.vector-food.pl/ 86.111.241.86
2022-12-08 06:12:21 +0000
0 - 0 - 1 circu.it/fwAyNKr 46.248.190.217
2022-12-08 05:13:15 +0000
0 - 0 - 50 tube.play69.pl/http:/tube.play69.pl/mature/oi (...) 86.111.241.39
2022-12-05 00:57:46 +0000
0 - 0 - 3 46.248.190.217/ 46.248.190.217
2022-12-04 23:44:23 +0000
0 - 0 - 1 cuttly.org/ 46.248.190.217

Last 5 reports on domain: iledesaffaires-guide.fr

Date UQ / IDS / BL URL IP
2022-09-16 06:03:58 +0000
0 - 0 - 1 links.iledesaffaires-guide.fr/c/iR2/p61/i6PyX (...) 176.126.250.255
2022-09-15 18:26:40 +0000
0 - 0 - 1 links.iledesaffaires-guide.fr/c/iR2/p64/LCMnO (...) 176.126.250.255
2022-09-15 18:26:14 +0000
0 - 0 - 1 links.iledesaffaires-guide.fr/c/iR2/p6w/LCMnO (...) 176.126.250.255
2022-09-15 18:24:14 +0000
0 - 0 - 4 links.iledesaffaires-guide.fr/u/iR2/LCMnOYDGo (...) 176.126.250.255
2022-09-15 18:23:12 +0000
0 - 0 - 1 links.iledesaffaires-guide.fr/c/iR2/p6S/LCMnO (...) 176.126.250.255

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-09-16 06:03:58 +0000
0 - 0 - 1 links.iledesaffaires-guide.fr/c/iR2/p61/i6PyX (...) 176.126.250.255
2022-09-15 18:26:40 +0000
0 - 0 - 1 links.iledesaffaires-guide.fr/c/iR2/p64/LCMnO (...) 176.126.250.255
2022-09-15 18:26:14 +0000
0 - 0 - 1 links.iledesaffaires-guide.fr/c/iR2/p6w/LCMnO (...) 176.126.250.255
2022-09-15 18:20:25 +0000
0 - 0 - 1 links.iledesaffaires-guide.fr/c/iR2/p6-/LCMnO (...) 176.126.250.255
2022-09-15 18:20:07 +0000
0 - 0 - 1 links.iledesaffaires-guide.fr/c/iR2/p63/LCMnO (...) 176.126.250.255


JavaScript

Executed Scripts (27)


Executed Evals (1)

#1 JavaScript::Eval (size: 61, repeated: 1) - SHA256: 76c671bfde17d8d293fbbad855ea06d32fe222d4b167565617a26d5ecb473f32

                                        (function() {
    return "undefined" !== typeof gaHardcoded ? !0 : !1
})();
                                    

Executed Writes (0)



HTTP Transactions (62)


Request Response
                                        
                                            GET /c/iR2/p6S/LCMnOYDGoDuG-PX59DWHnQ/E/JGBr/F/18957e99 HTTP/1.1 
Host: links.iledesaffaires-guide.fr
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         176.126.250.255
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
                                        
Cache-Control: private
Location: https://r.ar-mtch1.com/Redirect?pid=cH&chid=rh&md5=5bdcbae0211f76bc427c86ef832895c5&sha256=e93ce4c06b5167d2461a135db45bf2d92bd5fe4133b21c36c349a15d993bea73&url=https%3a%2f%2fwww.vsav.fr%2fvaleur%2fm6%2f%3futm_source%3dEMA%26utm_medium%3demail%26utm_campaign%3d0%26ema%3dFR_1%26JID%3dFR_EMA_1_1239_5215065_1_0_0&type=c&list=FR_Tessouhaits&esp=F
Set-Cookie: TEMP_DATA=e99e8dc4-aabb-4e7f-aad1-720d108532ca; path=/ esg1=iR2/p6S/LCMnOYDGoDuG-PX59DWHnQ/E/JGBr/F/9b3f9cb9; path=/
Date: Thu, 15 Sep 2022 18:23:00 GMT
Content-Length: 488


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (416), with CRLF line terminators
Size:   488
Md5:    22e6d796acda41be32f0807432a99170
Sha1:   65145dbaba8fb8470c42527325ac45463e1e57ef
Sha256: fc3a4f3150d643caa92bf50e1b96b957c6f2dc60cbf416f5ced1aa6854f53604

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 15 Sep 2022 18:10:29 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9I4FLHkGmBFPDb9S2yCOn-8yBXYxhvQgFw2zaSBZ4tm-tIFPe58O7A==
Age: 752


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    99b7d23c1748d0526782b9ff9ea45f09
Sha1:   eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
Sha256: 48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.242
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12995
Expires: Thu, 15 Sep 2022 21:59:36 GMT
Date: Thu, 15 Sep 2022 18:23:01 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 15 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: bqsno4eFL3I_Ti0eE16vr9lYBjYRLDAMvEVSFE6Gg0D8X6UTsH0myA==
age: 49666
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    742edb4038f38bc533514982f3d2e861
Sha1:   cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
                                        
                                            GET /Redirect?pid=cH&chid=rh&md5=5bdcbae0211f76bc427c86ef832895c5&sha256=e93ce4c06b5167d2461a135db45bf2d92bd5fe4133b21c36c349a15d993bea73&url=https%3a%2f%2fwww.vsav.fr%2fvaleur%2fm6%2f%3futm_source%3dEMA%26utm_medium%3demail%26utm_campaign%3d0%26ema%3dFR_1%26JID%3dFR_EMA_1_1239_5215065_1_0_0&type=c&list=FR_Tessouhaits&esp=F HTTP/1.1 
Host: r.ar-mtch1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         13.69.68.37
HTTP/2 302 Found
                                        
date: Thu, 15 Sep 2022 18:23:00 GMT
server: Microsoft-IIS/10.0
location: https://www.vsav.fr:443/valeur/m6/?utm_source=EMA&utm_medium=email&utm_campaign=0&ema=FR_1&JID=FR_EMA_1_1239_5215065_1_0_0
set-cookie: adrakerv2did=lAK2Zkcvpb8P8X_nhnma_a; expires=Fri, 15 Sep 2023 18:23:01 GMT; domain=.ar-mtch1.com; path=/; samesite=none adrakerv2vid=2EgdDuxR5TLZTlIqIq3WTQ; expires=Fri, 15 Sep 2023 18:23:01 GMT; domain=.ar-mtch1.com; path=/; samesite=none
content-length: 0
x-powered-by: ASP.NET
X-Firefox-Spdy: h2

                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 15 Sep 2022 18:23:01 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.118
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Thu, 15 Sep 2022 18:23:01 GMT
Server: ECS (dcb/7F5D)
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: v-CCtbsjqxJzKHjv1BQIjtxat4t0bIWPGT9-fd7x8x0fjgc4AViQQw==

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Thu, 15 Sep 2022 18:03:22 GMT
Expires: Thu, 15 Sep 2022 18:03:22 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: dVoY2KUdzkOJbbqzAdFKsPdaqQUrJeZtWwuESS7g5yzjC6pzV7-kZg==
Age: 1179


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3647
Cache-Control: 'max-age=158059'
Date: Thu, 15 Sep 2022 18:23:02 GMT
Last-Modified: Thu, 15 Sep 2022 17:22:15 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: qKgexOQ3DKxyLMxoPhbd1w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.41.252.32
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: C9UAxz0je9aeVqduWvfEwZCZxq4=

                                        
                                            GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vsav.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.24.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Thu, 15 Sep 2022 18:23:02 GMT
content-length: 26909
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-14e4a"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 1980706
expires: Tue, 05 Sep 2023 18:23:02 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yHqHZWhvLAr5HMDs6zM%2BLE6V4AGxh9iCNlGKaAGsHNCycRsHicqUBdYRM0D8ixKjgfsjNaQOziQEsY9a39n%2FOk5mvdJ0j88NdFeAep1B9lotVCuQc7eNleJ%2BPstiVA%2F80y76BT1g"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74b36428fc0db527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32065)
Size:   26909
Md5:    63827323c175768ccb0e8ed54589a3e5
Sha1:   9760e238d6ecced66396798559f70593793d801e
Sha256: 196f9479a27db836a2a7454e222f0cb52d4eeb162e0a50e69401ba1a8d81b564
                                        
                                            GET /ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vsav.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.24.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Thu, 15 Sep 2022 18:23:02 GMT
content-length: 591
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec1-514"
last-modified: Mon, 04 May 2020 16:11:45 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1083163
expires: Tue, 05 Sep 2023 18:23:02 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0zTptd8VTkV1CBFrRQg6VRWejEi%2B%2FrEmssZJ25ZW0RIzFEfiWd4qlpd09xSoGqIaHATkwf9ArDX6dNeW9mU67iDF0AbHjjHE8zu6qlcWXjjFKn9zqWtMxQeuWtzALbjwBVFAzXHn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74b364290c20b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1266)
Size:   591
Md5:    414869f16aa77a65b4928a018f7f1abb
Sha1:   cea521f7a2958a50239526ed6b068f0937527653
Sha256: afee364ce513c6517247b81cce5eb5eadb1dbbb35e439eb3fa97bbc15fac2cd3
                                        
                                            GET /ajax/libs/slick-carousel/1.6.0/slick.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vsav.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.24.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Thu, 15 Sep 2022 18:23:02 GMT
content-length: 12032
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fd5-14929"
last-modified: Mon, 04 May 2020 16:16:21 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 8706530
expires: Tue, 05 Sep 2023 18:23:02 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F4%2BGHHowFqZHhUATH0vyUGXE0w8uEsdUOoPPdnRogJWkCGpj9lREtFyhSYyFldn5rxwAUDC9pDiWQjffviZk5i8fOJVno4bdLNfHCHuiVRSDILepr90xj2koHu7h3fbzt5PkgS7X"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74b364290c24b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   12032
Md5:    fab824518fd82853ed2698f39d8ec43e
Sha1:   df19bf45131085a88eb2cd4c07e2bda44cef0e98
Sha256: d55908906f498a577e0f9cc6ffeac157765acb67643c23d22c0d51b352e208c4
                                        
                                            GET /ajax/libs/babel-core/5.6.15/browser-polyfill.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vsav.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.24.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Thu, 15 Sep 2022 18:23:02 GMT
content-length: 21126
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d6a-14cd3"
last-modified: Mon, 04 May 2020 16:06:02 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1000161
expires: Tue, 05 Sep 2023 18:23:02 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7M19r2nqsNCdKGUyZlJ%2BNAT985J4Ys9NO0Zy069Wv4Dw9BOGPMJyRQtEDKKpcuoKeSohEjsAPblSZKnj0wU7ErUbCtytDpksxswOYv3eIZLVL%2FoXVrcVYuUF6SPUNKzr9IfKpAsl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74b364292c4fb527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32029)
Size:   21126
Md5:    436276016fa6a667bb2972144b953a8b
Sha1:   6fd57f29a60a5a34adba9796f20065e2d3e19782
Sha256: 2e22da644911c19f285e17ab2a0cdb713ee830d26bfe708737ff09deb806cfc2
                                        
                                            GET /ajax/libs/slick-carousel/1.6.0/slick.min.css HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vsav.fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.17.24.14
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Thu, 15 Sep 2022 18:23:02 GMT
content-length: 382
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fd5-50a"
last-modified: Mon, 04 May 2020 16:16:21 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1210374
expires: Tue, 05 Sep 2023 18:23:02 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dVBC0r1lMquXoNP9iriSxjuTwkFDKLRo09ti58E8zUMe1QwIzQmPo55vxIdRlUBLFTNc5BGtA2zGLk%2FsOUwG0UnW5ZMIDjoPurUNu0eEnL7uOC8T1XpDlFpd%2F42vsf5m7%2FDCPtai"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74b364296c90b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1290), with no line terminators
Size:   382
Md5:    0fdccbc9ab0563b984da415344206bc3
Sha1:   32e2fe3151bd7656667ba951d2512a57efbd0593
Sha256: 83ab14487f326759ee1070e7e24724a7667a9311966eb9539d6cd2056af610d7
                                        
                                            GET /ajax/libs/slick-carousel/1.6.0/slick-theme.min.css HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vsav.fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.17.24.14
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Thu, 15 Sep 2022 18:23:02 GMT
content-length: 637
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fd5-92d"
last-modified: Mon, 04 May 2020 16:16:21 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1209752
expires: Tue, 05 Sep 2023 18:23:02 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2FbijAOPluU0KN5nW1hzPSBwmI%2F6msVbtILIMlK8zMUd1HDf4%2BwH9w0DxKX9GKtIIXTGQhsPI22Z0uth2guT%2FLfUYqHXuSc6iE9ofleWYHuGsUxWLvqH0beAcwBt0LdGtX0Nx5mb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74b364296c91b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (2341), with no line terminators
Size:   637
Md5:    ace16504c46d8af7874a2565d472756c
Sha1:   8336209df75ed19425fd89802eb1410e704fa621
Sha256: 8fdb69e4f981a611c55eb25f04cabb056bfad171363359786e03cfbf6af655fc
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.118
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 15 Sep 2022 18:23:02 GMT
Last-Modified: Thu, 15 Sep 2022 18:15:22 GMT
Server: ECS (bsa/EB14)
X-Cache: Miss from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: R-ojztqr_IUabv3617SokJWK75L-Ta6RDB5yx6bYgxttCB_kCdiqoQ==
Age: 460

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.118
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 15 Sep 2022 18:23:02 GMT
Last-Modified: Thu, 15 Sep 2022 18:15:22 GMT
Server: ECS (dcb/7EC8)
X-Cache: Miss from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 1bZrz1CBY3OcHbuATTnCVYf2_IHXg3QsSepVLWf4f8dRmknutXFeiA==
Age: 460

                                        
                                            GET /static/car_images/spritesheet.png HTTP/1.1 
Host: content.jetztautoverkaufen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vsav.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.55.115
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 8798
last-modified: Wed, 28 Dec 2016 09:28:17 GMT
x-amz-meta-extension: png
accept-ranges: bytes
server: AmazonS3
date: Thu, 15 Sep 2022 18:15:22 GMT
etag: "01b0983d563fcb13b89e6e2da9c78d21"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: -FFGquTn6EOtJMTWMbSop8ZmCIN4TB0DH6nU34kGZapY4LK3o8OxaA==
age: 78442
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 231 x 102, 8-bit/color RGBA, non-interlaced\012- data
Size:   8798
Md5:    01b0983d563fcb13b89e6e2da9c78d21
Sha1:   6f22c5969f5af9f5ee31acb7cad85fb13427ca2e
Sha256: 48b45e924e8d5413d7b8b7b17ed5934259957b6594510212aed764bf7f676a0a
                                        
                                            GET /static/car_images/javk-blue-loading.png HTTP/1.1 
Host: content.jetztautoverkaufen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vsav.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.55.115
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 6477
last-modified: Mon, 25 Sep 2017 14:59:01 GMT
x-amz-meta-extension: png
accept-ranges: bytes
server: AmazonS3
date: Thu, 15 Sep 2022 01:27:40 GMT
etag: "bc424c6984a83e7c5586f25d2dc3af5c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 7BdZzMLJT5H-CaH-2ctFXNC562g7KXScJVnIXdlbVpBdoVYXTga5Cg==
age: 60923
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 172 x 226, 8-bit/color RGBA, non-interlaced\012- data
Size:   6477
Md5:    bc424c6984a83e7c5586f25d2dc3af5c
Sha1:   61ad7d55524228439085d19b05e5ceb6c10d7be0
Sha256: 25453cafd6bbd18e0967a48489ee07e9a0e2a2127d1f94256dd2bf5177823bc2
                                        
                                            GET /static/car_images/right-arrow.png HTTP/1.1 
Host: content.jetztautoverkaufen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vsav.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.55.115
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 216
last-modified: Mon, 24 Aug 2020 09:16:26 GMT
x-amz-meta-extension: png
accept-ranges: bytes
server: AmazonS3
date: Thu, 15 Sep 2022 18:15:22 GMT
etag: "289c694aeda15d118fdfd4050cbe945f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 5Y8nYJYic2vdd3iLdzD6u_J-L_R0IwuAG5bFVfpexOaprT2q_3W9zg==
age: 74376
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 27 x 45, 8-bit/color RGBA, non-interlaced\012- data
Size:   216
Md5:    289c694aeda15d118fdfd4050cbe945f
Sha1:   79d0978d29f230a4bd29d1b91d6806604a878743
Sha256: 216b1e9824ed10837c8da0daf048b4b759428f6338ddcb8c5a75d241344c501c
                                        
                                            GET /jav/images/fr-logo.png HTTP/1.1 
Host: www.jetztautoverkaufen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vsav.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.111.114
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 9273
date: Thu, 15 Sep 2022 18:23:02 GMT
server: Apache/2.4.52 (Unix)
x-env: prod
vary: X-FORWARDED-PROTO
last-modified: Fri, 28 Jan 2022 14:16:04 GMT
etag: "2439-5d6a51338f100"
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sIdxnvqR-jgON5p1P7BvGmCnLuCTc_aICbrfMudxJpLGnm28pllvTA==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 395 x 63, 8-bit/color RGBA, non-interlaced\012- data
Size:   9273
Md5:    597264b0ff5f0cc4034adb438eec8796
Sha1:   12b8c70abc1c80865364e9c2153b70cc662b50ad
Sha256: 071e9990c55c67f266fc9b2d815726e81fa34cf34c3d32130f7cbea9d210d26c
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.118
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 15 Sep 2022 18:23:02 GMT
Last-Modified: Thu, 15 Sep 2022 18:16:31 GMT
Server: ECS (nyb/1D1C)
X-Cache: Miss from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: -2IMBaOjLWqTDbKcYktVOoRJtVbV3bRbbKcw4jAWeCTHm6Dqbnqe4Q==
Age: 391

                                        
                                            GET /static/car_images/img-lazy.js HTTP/1.1 
Host: content.jetztautoverkaufen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vsav.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/2 200 OK
content-type: text/javascript
                                        
content-length: 585
last-modified: Mon, 12 Dec 2016 18:03:08 GMT
x-amz-meta-extension: js
accept-ranges: bytes
server: AmazonS3
date: Thu, 15 Sep 2022 03:44:30 GMT
etag: "b44fc4dfb1d7fe6c054fb4e3e874d20e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: pAvwspQUcHCk3YLvsId4gYP2RM4Nria7FVPzi6mb8-1Dd0fx9WBekA==
age: 52713
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   585
Md5:    b44fc4dfb1d7fe6c054fb4e3e874d20e
Sha1:   51cdca090a0025ae99607f6e12e75014ed17febb
Sha256: 105242a38c84dd4628e16ca409d1180b2f64a0e6206088bfe2d3be5759bfdca9
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.118
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Thu, 15 Sep 2022 18:23:02 GMT
Server: ECS (dcb/7FA8)
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: LsoeZfhGaMSXhevsfnIwGPHxJbX-aO-wdS30LWAtKFSFiWP32Z0g5g==

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.118
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 15 Sep 2022 18:23:02 GMT
Last-Modified: Thu, 15 Sep 2022 16:33:20 GMT
Server: ECS (dcb/7ECA)
X-Cache: Miss from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 1zOr2s8NIxPq0RfMKujHCvPmwAs2VFCbHVQ3XCtwwSnSuSVjjLtxyA==
Age: 6582

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.118
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Thu, 15 Sep 2022 18:23:02 GMT
Server: ECS (dcb/7F5C)
X-Cache: Miss from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: PQkDSn1AZzjrTOzTyy0nkbUzGPq1AdijladD8jAbqjFOrDLVX5VUIA==

                                        
                                            GET /static/car_images/smallest-green-checkmark.png HTTP/1.1 
Host: content.wirkaufendeinauto.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vsav.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.66
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 322
date: Tue, 13 Sep 2022 05:52:56 GMT
last-modified: Mon, 25 Nov 2019 06:03:50 GMT
etag: "5d573e50d94c482107ee282fe8b23522"
cache-control: max-age=604800,public
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: QRa70ZrV19JKOe8IP_FRXrLfdiYJHmq9d8OxGHMGro5M9nYSKnyfwA==
age: 217807
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 14 x 11, 8-bit/color RGBA, non-interlaced\012- data
Size:   322
Md5:    5d573e50d94c482107ee282fe8b23522
Sha1:   6078f451532308b8be8612d348c5d395631677f6
Sha256: e8579c257ce8a062d1a937aec71daa4b193c5c63d9627315e637aacc12d05a41
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.vsav.fr
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vsav.fr/valeur/m6/?utm_source=EMA&utm_medium=email&utm_campaign=0&ema=FR_1&JID=FR_EMA_1_1239_5215065_1_0_0
Cookie: JAVSID=142hcv8vlm7ljojvmbufg4at95; SCID_RESET_TIME=1726424582; SCID=c459dbacd97cb78c26a06009e60859c1; JAV=FR_EMA_1_1239_5215065_1_0_0%26_cl%3D1663266182
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.114
HTTP/2 200 OK
content-type: image/x-icon
                                        
content-length: 1150
date: Thu, 15 Sep 2022 18:23:02 GMT
server: Apache/2.4.52 (Unix)
x-env: prod
vary: X-FORWARDED-PROTO
last-modified: Fri, 28 Jan 2022 14:16:04 GMT
etag: "47e-5d6a51338f100"
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8KQwfzCExiQ9aw_T4jRwbY9K4Gf3I53dUIJ-KXT5bjUtm71HBra3Zg==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size:   1150
Md5:    85085c08133be6d2c18c21389a8bdab1
Sha1:   2128dabbca391dba100db1179220b9b1183e3d75
Sha256: 33d172297ef4e206f899e416344d4534a47ef61dd4aa25cd83aaca2b7ef70fe0
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 15 Sep 2022 18:23:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /gtm.js?id=GTM-WRTJPW HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vsav.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.72
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 15 Sep 2022 18:23:03 GMT
expires: Thu, 15 Sep 2022 18:23:03 GMT
cache-control: private, max-age=900
last-modified: Thu, 15 Sep 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 62160
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (30169)
Size:   62160
Md5:    a269d628cb12da56049c588d2a10c6a8
Sha1:   c6832399cff9e01f095aec4166a0c64210a9950c
Sha256: a4725938e37d76ba6e84a21e6db7e7cf6cf282a8f88aaf8cc3746567aec3a7f8
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 15 Sep 2022 18:23:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4767
Cache-Control: 'max-age=158059'
Date: Thu, 15 Sep 2022 18:23:03 GMT
Last-Modified: Thu, 15 Sep 2022 17:03:36 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vsav.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Thu, 15 Sep 2022 16:41:12 GMT
expires: Thu, 15 Sep 2022 18:41:12 GMT
cache-control: public, max-age=7200
age: 6111
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20006
Md5:    56f5d7f608e25d64207135f045f988cb
Sha1:   901eb59372ae330ae85e1384da93479b21ae1082
Sha256: 1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
                                        
                                            GET /en_US/fbevents.js HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vsav.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         31.13.72.12
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: gzip
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: Im9dso1LS/24R9Sf9T2B128EF+jgLNaWEnaw/7nZX2JbomQ0vebY28d/gKecGk/WXR0wxdoTg/c9aQJnvRnfBw==
priority: u=3,i
content-length: 26872
x-fb-trip-id: 2074150462
date: Thu, 15 Sep 2022 18:23:03 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (64348)
Size:   26872
Md5:    ecb99528d18dbe7952eac9618eaf2d8e
Sha1:   eb59bf3afc849403fa3dde09b75b5fc51f29e7b5
Sha256: bcecfe43bf3e0f22ff425fe630e189d28fc3ecdc9764dd1686599e5ce59f40cc
                                        
                                            GET /pages/data-scripts/0041/4715/site/www.vsav.fr.json?t=1 HTTP/1.1 
Host: script.crazyegg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vsav.fr
Connection: keep-alive
Referer: https://www.vsav.fr/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.19.148.8
HTTP/2 200 OK
content-type: application/json
                                        
date: Thu, 15 Sep 2022 18:23:03 GMT
content-length: 3073
access-control-expose-headers: CE-Version
ce-version: 11.4.4
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
last-modified: Thu, 15 Sep 2022 18:15:23 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 460
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b3642e1f9f0b65-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (29268), with no line terminators
Size:   3073
Md5:    b7e30c2d6bcebd5d88c3c560658ae925
Sha1:   04f52d4b5cb955c9ab32e743129af57ec64dbbc5
Sha256: aaedb9449970e183d956479212e83f02d7c649b51cb0835a0e407a51bfd6c4f1
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4767
Cache-Control: 'max-age=158059'
Date: Thu, 15 Sep 2022 18:23:03 GMT
Last-Modified: Thu, 15 Sep 2022 17:03:36 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /pages/versioned/common-scripts/2f6ad22e93ca0a50994ab7cdcb57f3ce.js HTTP/1.1 
Host: script.crazyegg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vsav.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.19.148.8
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Thu, 15 Sep 2022 18:23:03 GMT
content-length: 30407
cache-control: public, max-age=31536000, s-maxage=31536000
timing-allow-origin: *
last-modified: Sun, 04 Sep 2022 15:37:41 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 3094
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b3642e3a41b4ff-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (26535)
Size:   30407
Md5:    1f65bc4bbd6ed833ed7a7390184b379c
Sha1:   3fb62902e38cb7f88b14f278d6f170dcfab65e37
Sha256: 01d4c83582774ace9cbee5bf411010777536dc044440df0c2221f1ac59dff02d
                                        
                                            POST /j/collect?v=1&_v=j96&a=1867919513&t=pageview&_s=1&dl=https%3A%2F%2Fwww.vsav.fr%2Fvaleur%2Fm6%2F%3Futm_source%3DEMA%26utm_medium%3Demail%26utm_campaign%3D0%26ema%3DFR_1%26JID%3DFR_EMA_1_1239_5215065_1_0_0&ul=en-us&de=UTF-8&dt=Vendresavoiture.fr%20%7C%20%C3%89valuation%20auto&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAEABAAAAAC~&jid=750982608&gjid=126130564&cid=358505188.1663266168&tid=UA-69110693-1&_gid=434028326.1663266168&_r=1&gtm=2wg9e0WRTJPW&z=527515316 HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.vsav.fr
Connection: keep-alive
Referer: https://www.vsav.fr/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: https://www.vsav.fr
date: Thu, 15 Sep 2022 18:23:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   2
Md5:    cc7a1e792bca8ccb1946b7a07f6dbc03
Sha1:   11a2757082428311f587b7664fa9840376137f80
Sha256: de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
                                        
                                            GET /pages/data-scripts/0041/4715/sampling/www.vsav.fr.json?t=462018 HTTP/1.1 
Host: script.crazyegg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vsav.fr
Connection: keep-alive
Referer: https://www.vsav.fr/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.19.148.8
HTTP/2 200 OK
content-type: application/json
                                        
date: Thu, 15 Sep 2022 18:23:03 GMT
content-length: 528
access-control-expose-headers: CE-Version
ce-version: 11.4.4
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
last-modified: Thu, 15 Sep 2022 18:15:23 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 460
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b3642e78150b65-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (2020), with no line terminators
Size:   528
Md5:    7fd4252776fd730f472888059b3c49ba
Sha1:   910c31d38d98bf0ceb108663575cd117e81a34d0
Sha256: c02c7070b5d7eb5b4c2b08aac078f40db1822220c908d2bace66da1874211778
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 15 Sep 2022 18:23:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-69110693-1&cid=358505188.1663266168&jid=750982608&gjid=126130564&_gid=434028326.1663266168&_u=YEBAAEAAAAAAAC~&z=59155201 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.vsav.fr
Connection: keep-alive
Referer: https://www.vsav.fr/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.251.1.155
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: https://www.vsav.fr
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 15 Sep 2022 18:23:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    c4ca4238a0b923820dcc509a6f75849b
Sha1:   356a192b7913b04c54574d18c28d46e6395428ab
Sha256: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 15 Sep 2022 18:23:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /tr/?id=1790114407892605&ev=PageView&dl=https%3A%2F%2Fwww.vsav.fr%2Fvaleur%2Fm6%2F%3Futm_source%3DEMA%26utm_medium%3Demail%26utm_campaign%3D0%26ema%3DFR_1%26JID%3DFR_EMA_1_1239_5215065_1_0_0&rl=&if=false&ts=1663266168214&sw=1280&sh=1024&v=2.9.81&r=stable&ec=0&o=30&fbp=fb.1.1663266168213.1299945916&it=1663266168093&coo=false&rqm=GET HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vsav.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         31.13.72.36
HTTP/2 200 OK
content-type: image/gif
                                        
date: Thu, 15 Sep 2022 18:23:03 GMT
expires: Thu, 15 Sep 2022 18:23:03 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie:
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   44
Md5:    b798f4ce7359fd815df4bdf76503b295
Sha1:   f8cc6addf1707ad236ad9970b0a48f9733d07da5
Sha256: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.242
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A4F07D30F29E785E2EE605AEE590AB928C3E1412F4DC61FF163CF32445CC3AF4"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9355
Expires: Thu, 15 Sep 2022 20:58:58 GMT
Date: Thu, 15 Sep 2022 18:23:03 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.242
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A4F07D30F29E785E2EE605AEE590AB928C3E1412F4DC61FF163CF32445CC3AF4"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9355
Expires: Thu, 15 Sep 2022 20:58:58 GMT
Date: Thu, 15 Sep 2022 18:23:03 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.242
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A4F07D30F29E785E2EE605AEE590AB928C3E1412F4DC61FF163CF32445CC3AF4"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9355
Expires: Thu, 15 Sep 2022 20:58:58 GMT
Date: Thu, 15 Sep 2022 18:23:03 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb035d64b-46a7-4c49-b95b-e454aa90f817.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9071
x-amzn-requestid: b450f7cf-6cc7-4d1f-aef3-4496f0971727
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeIxuEq6oAMF9jQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632254d7-6912ef8731d81fa43b805e5b;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 22:25:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 6LDUuDX1W8-Q88pDJma0xCAd5QuJ0YV-VpJ_8LVyDHX9YN1k0fQZ8Q==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 22:36:39 GMT
etag: "d37ad0f40bc1f3f0022467dd0af2478980bd858a"
age: 71184
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9071
Md5:    1633672fad0b564108cf81ad711dc881
Sha1:   d37ad0f40bc1f3f0022467dd0af2478980bd858a
Sha256: cc7176a297f6009f07074fb9af796132b4452833be675bf378cc950fe81a582a
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafb10f81-8409-401c-bd62-3ec01954600c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6770
x-amzn-requestid: b7c9513c-b8ba-41c7-9f9a-0a9d2266172d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X7FlpEVRIAMFygA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63144fbd-7a4408363cdc46c9355a9f47;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 07:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: fqj5PljprRruE1jwYAVwKoHkjys-RakUjzuV67_Ued6T4et99JPxPg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 21:45:05 GMT
age: 74278
etag: "f6b742549ea35a4b1345cffb937a8bbcceee08ef"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6770
Md5:    2e5f57ba37fac4e6047a9a321a8ec084
Sha1:   f6b742549ea35a4b1345cffb937a8bbcceee08ef
Sha256: f8c67c54806e47089b9ba297599e3e4cde1fd2e2e38b76acc9e8de0e99d7b77e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1266c973-1bdd-4969-82ca-1106689fe929.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5078
x-amzn-requestid: b6177371-a8ba-4541-a48d-21bd806e866e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X0erUHT-IAMFWKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6311ab15-157ed5b700e0aad5481f5c0f;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 07:04:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MYJf90B8rX8_nPUl4stpbZcQeQDaZ2Hgyu6GmsfdqUh-0Nx5OJJThw==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 20:21:54 GMT
age: 79269
etag: "af100925cba1be716fd2200715d6136bd7f0c5bc"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5078
Md5:    f50c34bc30a732593e8fe465055a44ff
Sha1:   af100925cba1be716fd2200715d6136bd7f0c5bc
Sha256: 703049736ccc8815945d69634059c4cd39533417e0969107d460c36a6787c761
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86bf6a5e-a3e5-479d-a052-fa843c45a3d9.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9400
x-amzn-requestid: 8cf35176-18a1-427b-870c-bdae465060c8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYM18E-iIAMFcmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ff4f2-427bc0ff6593e71e25b91589;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 03:11:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZVnPAYUOBCRUYD3wEx79lIMjBJCKyVB9CmnTqMJIaFPbQGPoHwB73w==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 20:21:37 GMT
age: 79286
etag: "96ab8cd8e14350f730d26731f3445710324e24e2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9400
Md5:    4833535b1650b0ac875704023b650e66
Sha1:   96ab8cd8e14350f730d26731f3445710324e24e2
Sha256: d2b5a51e39a4890ba56e819d4d5d1d57d4d3cfc50dde42efdf23b8e9be17d1c7
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6078
x-amzn-requestid: e09c099f-5a2d-49d7-b6ab-e16f09c28bd0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YavJEEM5IAMFreQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f8a0-0fbb7b3d0cd6fbfa04f5a5d2;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:39:44 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Rx8KX_QI5I2x7q0gcvxcJX7QzZUe2KkfqAUVR64lEujF4xDEWWDhZQ==
via: 1.1 9b21fd56256eda6d1379e32829c4c446.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 20:21:13 GMT
age: 79310
etag: "33d0dcadaa42179b2eae914c8ad16c9c088afbc9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6078
Md5:    f2157f7cfbdeb607f28ae51eb090f2c3
Sha1:   33d0dcadaa42179b2eae914c8ad16c9c088afbc9
Sha256: 135cd89c2c82f0f5e53d2612d5eac868c175b28a567a07e63a2073942e36a066
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F706eea65-3ba8-43f4-85c3-967026936660.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9922
x-amzn-requestid: de1e3e45-74ff-41b2-986f-e78473cb6d98
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YVc1SGM7IAMFw0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631edb54-2099524d6f2c338b41eea101;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 07:10:12 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MtgQUzYMa3mT0lxPhQ5ZCp9XVVyBH8T0dlx_0wSLMZlaFEiCikTXMw==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 22:25:51 GMT
age: 71832
etag: "c7cf1f6a259cece60a34261ec83ee00736e1d72b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9922
Md5:    3ef9865421a37eae9a4df04083d27485
Sha1:   c7cf1f6a259cece60a34261ec83ee00736e1d72b
Sha256: 723b65ba660f22281f85d6caceea23e9cd932ee9084dc905a08a585746c4c4cc
                                        
                                            GET /static/car_images/icon-circle-car-coin-eur-blue.svg HTTP/1.1 
Host: content.jetztautoverkaufen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vsav.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.55.115
HTTP/2 200 OK
content-type: image/svg+xml
                                        
last-modified: Wed, 28 Oct 2020 10:28:31 GMT
x-amz-meta-extension: svg
server: AmazonS3
content-encoding: gzip
date: Thu, 15 Sep 2022 03:09:17 GMT
etag: W/"6d91d1db0929424226414ba3ed8b71c3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: -O411QH1gLepMtfR7WTcE7l5rhXdcINX4S8GhExhSzjnKFTok-dafQ==
age: 54826
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1610
Md5:    932add1be0f60b19e2bdbf5c482bfc4e
Sha1:   751e9092a2d824aa25f18462c618818e4115c9be
Sha256: 0f3ff7a7253553b14041ea9ae95b00ac24e5c9331236de1b90c3caa334cd6573
                                        
                                            GET /valeur/m6/?utm_source=EMA&utm_medium=email&utm_campaign=0&ema=FR_1&JID=FR_EMA_1_1239_5215065_1_0_0 HTTP/1.1 
Host: www.vsav.fr
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         54.230.111.114
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Thu, 15 Sep 2022 18:23:02 GMT
server: Apache/2.4.52 (Unix)
x-b3-traceid: 92a4c900731c7df9
cache-control: no-cache
set-cookie: JAVSID=142hcv8vlm7ljojvmbufg4at95; path=/; HttpOnly SCID_RESET_TIME=1726424582; expires=Sun, 15-Sep-2024 18:23:02 GMT; Max-Age=63158400; path=/; domain=.vsav.fr; HttpOnly SCID=c459dbacd97cb78c26a06009e60859c1; expires=Sun, 15-Sep-2024 18:23:02 GMT; Max-Age=63158400; path=/; domain=.vsav.fr; HttpOnly JAV=FR_EMA_1_1239_5215065_1_0_0%26_cl%3D1663266182; expires=Sun, 15-Sep-2024 18:23:02 GMT; Max-Age=63158400; path=/; domain=.vsav.fr; HttpOnly
x-env: prod
vary: X-FORWARDED-PROTO
x-cache: Miss from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vw8WjA7_lpGuGCrDQiScDif7m69C4eHWKdjRwz8f21WlqS125K4szg==
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /static/car_images/icon-circle-car-mechanic-blue.svg HTTP/1.1 
Host: content.jetztautoverkaufen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vsav.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.55.115
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 14 Sep 2022 21:43:27 GMT
last-modified: Wed, 28 Oct 2020 10:28:31 GMT
etag: W/"ffd8496f136f1dabeb407dc3e9060972"
x-amz-meta-extension: svg
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 4gBsyVeXhg1DxCCB504IG-ORhNAlPU2H7vqiFBzL4MJ2uAIJbvaKWA==
age: 74376
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /static/car_images/icon-circle-phone-car-inspection-blue.svg HTTP/1.1 
Host: content.jetztautoverkaufen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vsav.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.55.115
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 14 Sep 2022 21:43:27 GMT
last-modified: Wed, 28 Oct 2020 10:28:31 GMT
etag: W/"3454d353771f74181dedb105edf79e1d"
x-amz-meta-extension: svg
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 0-5CxLGqAwvJhwolenzHJqCCK8Au2nG9-a2CsPaq_GmQgG5v8dCkKg==
age: 74376
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /static/car_images/dsbVendor.de5ffd94f009b0565709854795a3f940.js HTTP/1.1 
Host: content.jetztautoverkaufen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vsav.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Wed, 05 May 2021 08:33:27 GMT
x-amz-meta-extension: js
server: AmazonS3
content-encoding: gzip
date: Wed, 14 Sep 2022 22:13:08 GMT
etag: W/"55fa4b0bf3dd48b971783e68857fdbd1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: kZi1JmhiKQnYSn0_3ECe7b5ck-SX8C7SvhoINbccT3SpzpJiJGnlBA==
age: 72595
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /static/car_images/valeur_m0_2d9d7e59e80b033d4041_styles.css HTTP/1.1 
Host: content.jetztautoverkaufen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vsav.fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Mon, 01 Mar 2021 08:18:10 GMT
x-amz-meta-extension: css
server: AmazonS3
content-encoding: gzip
date: Thu, 15 Sep 2022 06:46:17 GMT
etag: W/"36ba5f7eee44a067e0601caacc8069f8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: lOSrYKwZDSM0ccuzFBXoEk4RKFbpYfVsPCXO4JuRBqfLUC6JnJTWCQ==
age: 41806
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /papi/v1/car-types/manufacturer HTTP/1.1 
Host: www.vsav.fr
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.vsav.fr/valeur/m6/?utm_source=EMA&utm_medium=email&utm_campaign=0&ema=FR_1&JID=FR_EMA_1_1239_5215065_1_0_0
Connection: keep-alive
Cookie: JAVSID=142hcv8vlm7ljojvmbufg4at95; SCID_RESET_TIME=1726424582; SCID=c459dbacd97cb78c26a06009e60859c1; JAV=FR_EMA_1_1239_5215065_1_0_0%26_cl%3D1663266182
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.114
HTTP/2 200 OK
content-type: application/json
                                        
date: Thu, 15 Sep 2022 18:23:03 GMT
server: Apache/2.4.52 (Unix)
x-b3-traceid: 789ff62faff7406e
cache-control: no-cache
x-env: prod
vary: X-FORWARDED-PROTO
x-cache: Miss from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7OtXlsyZCcJ4uORFdZtdGj_K8PqzHwpAQ8lsVVpx38dKnN3HWEtkhQ==
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /static/car_images/valeur_m0_2d9d7e59e80b033d4041_app.js HTTP/1.1 
Host: content.jetztautoverkaufen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vsav.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Mon, 01 Mar 2021 08:18:11 GMT
x-amz-meta-extension: js
server: AmazonS3
content-encoding: gzip
date: Thu, 15 Sep 2022 03:09:17 GMT
etag: W/"15f209b8930aebf8b684330d1abdd19c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: CsplLZXaL1HAF9AZqD_hi4urVJf8_saogPlcobZ5PHsAH09b6VXr6Q==
age: 54826
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /papi/v1/dynamic-step/configuration/m0/fr/ HTTP/1.1 
Host: www.vsav.fr
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.vsav.fr/valeur/m6/?utm_source=EMA&utm_medium=email&utm_campaign=0&ema=FR_1&JID=FR_EMA_1_1239_5215065_1_0_0
Connection: keep-alive
Cookie: JAVSID=142hcv8vlm7ljojvmbufg4at95; SCID_RESET_TIME=1726424582; SCID=c459dbacd97cb78c26a06009e60859c1; JAV=FR_EMA_1_1239_5215065_1_0_0%26_cl%3D1663266182
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.114
HTTP/2 200 OK
content-type: application/json
                                        
date: Thu, 15 Sep 2022 18:23:03 GMT
server: Apache/2.4.52 (Unix)
x-b3-traceid: 584623659601f67c
cache-control: no-cache
x-env: prod
vary: X-FORWARDED-PROTO
x-cache: Miss from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: T1WH_0a08TJFZiiefwNIneMbLzAwre5JMLfScEMWCPL5niwb4eFYZg==
X-Firefox-Spdy: h2


--- Additional Info ---