chaumont-en-vexin-hdf.eurobillets.com/supermarches-match-8
172.67.183.116301 Moved Permanently 0 B URL HTTP/1.1 chaumont-en-vexin-hdf.eurobillets.com/supermarches-match-8
IP 172.67.183.116:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /supermarches-match-8 HTTP/1.1
Host: chaumont-en-vexin-hdf.eurobillets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 28 Sep 2022 10:16:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 28 Sep 2022 11:16:24 GMT
Location: https://chaumont-en-vexin-hdf.eurobillets.com/supermarches-match-8
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dI%2B1URg7d7KBnv%2F5fzrEN5rLU5ICPlV%2FEFwkcPTEQ1WGyKfLQDFLaIfnHDFcj1WqXRQM%2BPzRB4x7QULqaUGvzRn8ixQXGy2c3Eg7v0SL1bS29xIsiy4D6%2FPk1iGwh29TUpzcE5WtRzoBpZO7sU5EuY3CSyKHnACL"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751bb9310ad90b69-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7fb7c70f7f4e2cee27eb0e7d875931f7
98fca3817a551b1daecebae103a48e718b8b5a53
2a40f957a6b1734aa3f87cff51b673f0536732db15b09033dd604879692df349
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A40F957A6B1734AA3F87CFF51B673F0536732DB15B09033DD604879692DF349"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2295
Expires: Wed, 28 Sep 2022 10:54:39 GMT
Date: Wed, 28 Sep 2022 10:16:24 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 28 Sep 2022 09:17:40 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 3C_4zRdGuSi2TitNK9JEL0ufDIB8lnvP6oKLZPtF1pUk87XVQdFDfw==
Age: 3524
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 28 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wEz-C-_iNV0ZqeJ3riHgVS-_kOPTP4G2cYbo3a2zS1pc46joSBbRJQ==
age: 17278
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 10:16:24 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 319dcca5f6eaa4084b5d02f554bb73b5
7ad3f2cc1d2fa90b3befade6ddeb8d13bc0c8bc5
f1d0d802bbe0746690b1b72f669c0163700e6b87cc6c590ddda5c47c08a23355
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 10:16:24 GMT
Server: ECS (amb/6B8D)
Content-Length: 280
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 28 Sep 2022 09:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Wed, 28 Sep 2022 10:03:11 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Za4j9hFZAIIMM2rEOC2iTEZgd6kS9iwYqMIihFdC4RxLLLKd7CvI-w==
Age: 2812
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 319dcca5f6eaa4084b5d02f554bb73b5
7ad3f2cc1d2fa90b3befade6ddeb8d13bc0c8bc5
f1d0d802bbe0746690b1b72f669c0163700e6b87cc6c590ddda5c47c08a23355
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 10:16:25 GMT
Last-Modified: Wed, 28 Sep 2022 10:16:24 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 2f76d47ed4f3c90f557522303bb760bc
f34542cabea7a4517debf64c298b59fc009ea56c
5ce5c216b7cb6a4425f12453e447ad364bcc1cd7d23a9d2468a8a40adfc2cb10
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 10:16:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash eff25f6689ed8c533e31d2e8574a3bda
9dbf02a8918fc7bffb30d4c566be9040f471e261
3f54797d15bca44d44d9eb2e6a4a102d7336fe944e60ca3a0408edf28354a18a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3F54797D15BCA44D44D9EB2E6A4A102D7336FE944E60CA3A0408EDF28354A18A"
Last-Modified: Tue, 27 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1951
Expires: Wed, 28 Sep 2022 10:48:56 GMT
Date: Wed, 28 Sep 2022 10:16:25 GMT
Connection: keep-alive
www.googletagmanager.com/gtag/js?id=UA-115920637-8
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-115920637-8
IP 142.250.74.72:0
File type ASCII text, with very long lines (2039)
Hash bd574e68188c3fd60ad485f8429e578a
ac7cdcd30ba3073340492c8846572706fac380d1
464124d4aed43ff4f598c82d935259306bf0510c72a5bff28c1d63692d021d88
GET /gtag/js?id=UA-115920637-8 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chaumont-en-vexin-hdf.eurobillets.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 28 Sep 2022 10:16:25 GMT
expires: Wed, 28 Sep 2022 10:16:25 GMT
cache-control: private, max-age=900
last-modified: Wed, 28 Sep 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42335
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3526d5ce1381ba26cbc553db057e1915
fe01c920696448e8bf12e6fff877bce8281d34a2
09604aed7cbca7971bfcb5afcb53591600b944f28eff21aa65dc601e78cdda53
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6464
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 10:16:25 GMT
Last-Modified: Wed, 28 Sep 2022 08:28:41 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 2f76d47ed4f3c90f557522303bb760bc
f34542cabea7a4517debf64c298b59fc009ea56c
5ce5c216b7cb6a4425f12453e447ad364bcc1cd7d23a9d2468a8a40adfc2cb10
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 10:16:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash e2875a9e06f892f0d4fa46c0f98a1c49
9c0e332f55a592367b602494642ee2127699b543
74692ca89ddc427d0c55f56aedb738b107a9761c44ed5201f932f54950a6f406
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 10:16:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
us03.biz/?te=mq4wcyzyme5ha3ddf43donrt
185.177.92.147200 OK 1.2 kB URL HTTP/2 us03.biz/?te=mq4wcyzyme5ha3ddf43donrt
IP 185.177.92.147:0
ASN #39572 DataWeb Global Group B.V.
Hash a2d22c7c2f7de9a77b84bc3e7c54a526
a6833ff47ddac255142a366fc13beff5f515071f
0ce9fb40e75020c49c98a47f32b5cb38b8e80c2a88463f73fb875e9aeca7161b
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /?te=mq4wcyzyme5ha3ddf43donrt HTTP/1.1
Host: us03.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chaumont-en-vexin-hdf.eurobillets.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 10:16:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=37181197-e91b-4528-a27e-00382ccb2c76; expires=Fri, 28-Oct-2022 10:16:25 GMT; Max-Age=2592000; path=/; SameSite=None; domain=us03.biz; secure
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:400,300,700&subset=latin
142.250.74.10200 OK 1.2 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,300,700&subset=latin
IP 142.250.74.10:0
Hash 746126f126a70a0ca7e1eb5f4ffbacd4
7c6f7aa3501a334fdf10ff34f71f434a0941a2b1
cc67341fb4599461141f7c925fc2be471ee41d0ac0bc17c3cbf964cee341d847
GET /css?family=Open+Sans:400,300,700&subset=latin HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chaumont-en-vexin-hdf.eurobillets.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 28 Sep 2022 10:16:25 GMT
date: Wed, 28 Sep 2022 10:16:25 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.39.175.179101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.39.175.179:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: E3npy4soUI+Y06WMY4lnVA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: jBkoMu/wiyvIzU33Jt5j5CgtMZg=
get.optad360.io/sf/prebid5.14.0.js
143.204.55.52200 OK 471 kB URL HTTP/2 get.optad360.io/sf/prebid5.14.0.js
IP 143.204.55.52:0
File type ASCII text, with very long lines (47069)
Size 471 kB (471445 bytes)
Hash 6dd0a13bde35d2daa452bba998871016
67c1a126236fe4d9fefd628dc4040a2991417f2a
7109518959a6958168f639860050324f4f063fd1697f32677cf9d0180ab02453
GET /sf/prebid5.14.0.js HTTP/1.1
Host: get.optad360.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chaumont-en-vexin-hdf.eurobillets.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 471445
date: Thu, 22 Sep 2022 03:30:24 GMT
last-modified: Thu, 23 Sep 2021 07:59:54 GMT
etag: "6dd0a13bde35d2daa452bba998871016"
cache-control: public, max-age=360000000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _XH1QF_IRiOu-aoJVlpLtLTZElsPBz5C0F0glZqUs-gAuWFhmZIDFg==
age: 542762
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fc82211401f793132f7d43c2fd253af5
605d8371709b5d2a41967fd390c34fa649f89ea3
b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 10:16:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fc82211401f793132f7d43c2fd253af5
605d8371709b5d2a41967fd390c34fa649f89ea3
b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 10:16:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fc82211401f793132f7d43c2fd253af5
605d8371709b5d2a41967fd390c34fa649f89ea3
b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 10:16:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.163200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://chaumont-en-vexin-hdf.eurobillets.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 24 Sep 2022 18:01:25 GMT
expires: Sun, 24 Sep 2023 18:01:25 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
age: 317700
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
b.tile.openstreetmap.org/16/33110/22429.png
151.101.85.91200 OK 12 kB URL HTTP/1.1 b.tile.openstreetmap.org/16/33110/22429.png
IP 151.101.85.91:0
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash d6b177c9ccd4cd7fff40277bd480e60f
1f98113bed5ea29e3d21d58d83e6ec60dc4cc2b8
36b3f1698a487c43f9f0f837169c423fb4218656646a8cc1bb06a6b6807dbebe
GET /16/33110/22429.png HTTP/1.1
Host: b.tile.openstreetmap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: https://chaumont-en-vexin-hdf.eurobillets.com
Connection: keep-alive
HTTP/1.1 200 OK
Server: Apache/2.4.54 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expect-CT: max-age=0
Access-Control-Allow-Origin: *
ETag: "d6b177c9ccd4cd7fff40277bd480e60f"
Cache-Control: max-age=492836, stale-while-revalidate=604800, stale-if-error=604800
Expires: Tue, 04 Oct 2022 03:10:21 GMT
X-TileRender: nidhogg.openstreetmap.org
Content-Type: image/png
Content-Length: 11451
Accept-Ranges: bytes
Date: Wed, 28 Sep 2022 10:16:25 GMT
Via: 1.1 varnish
Age: 0
Connection: keep-alive
X-Served-By: cache-bma1634-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1664360186.900128,VS0,VE11
a.tile.openstreetmap.org/16/33111/22429.png
151.101.85.91200 OK 9.0 kB URL HTTP/1.1 a.tile.openstreetmap.org/16/33111/22429.png
IP 151.101.85.91:0
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash 9b4e1ccb310f4b3a6b0bb367db139706
ccfbd00654f44c6fb20f425439b0105e75ac5130
113b381f2b0fca6867e684f4ba9cabccd02546452b5900e3190c0c3131e7549f
GET /16/33111/22429.png HTTP/1.1
Host: a.tile.openstreetmap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: https://chaumont-en-vexin-hdf.eurobillets.com
Connection: keep-alive
HTTP/1.1 200 OK
Server: Apache/2.4.54 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expect-CT: max-age=0
Access-Control-Allow-Origin: *
ETag: "9b4e1ccb310f4b3a6b0bb367db139706"
Cache-Control: max-age=491219, stale-while-revalidate=604800, stale-if-error=604800
Expires: Tue, 04 Oct 2022 02:43:24 GMT
X-TileRender: nidhogg.openstreetmap.org
Content-Type: image/png
Content-Length: 9044
Accept-Ranges: bytes
Date: Wed, 28 Sep 2022 10:16:25 GMT
Via: 1.1 varnish
Age: 0
Connection: keep-alive
X-Served-By: cache-bma1620-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1664360186.900079,VS0,VE12
b.tile.openstreetmap.org/16/33111/22428.png
151.101.85.91200 OK 4.9 kB URL HTTP/1.1 b.tile.openstreetmap.org/16/33111/22428.png
IP 151.101.85.91:0
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash 30ac1e251ab14f601ca17a03f44c8afd
78afb8bfed76cb2293950bd33054519a670b9f90
6a638d1a970922b56a892efcfb82517bfbc75c904c4e49c04d3a14cdaada0350
GET /16/33111/22428.png HTTP/1.1
Host: b.tile.openstreetmap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: https://chaumont-en-vexin-hdf.eurobillets.com
Connection: keep-alive
HTTP/1.1 200 OK
Server: Apache/2.4.54 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expect-CT: max-age=0
Access-Control-Allow-Origin: *
ETag: "30ac1e251ab14f601ca17a03f44c8afd"
Cache-Control: max-age=489816, stale-while-revalidate=604800, stale-if-error=604800
Expires: Tue, 04 Oct 2022 02:20:01 GMT
X-TileRender: nidhogg.openstreetmap.org
Content-Type: image/png
Content-Length: 4949
Accept-Ranges: bytes
Date: Wed, 28 Sep 2022 10:16:25 GMT
Via: 1.1 varnish
Age: 0
Connection: keep-alive
X-Served-By: cache-bma1680-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1664360186.898391,VS0,VE12
a.tile.openstreetmap.org/16/33109/22428.png
151.101.85.91200 OK 1.1 kB URL HTTP/1.1 a.tile.openstreetmap.org/16/33109/22428.png
IP 151.101.85.91:0
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash 6c6ba9bcb81cc9681edcaa9066d3c691
19a191954361a4f116e3cdd6bdd34cb8d0066950
1d3abf18a4b11bb1c37e19f4904a9853e3cbf5455de41467315df1faabf876d3
GET /16/33109/22428.png HTTP/1.1
Host: a.tile.openstreetmap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: https://chaumont-en-vexin-hdf.eurobillets.com
Connection: keep-alive
HTTP/1.1 200 OK
Server: Apache/2.4.54 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expect-CT: max-age=0
Access-Control-Allow-Origin: *
ETag: "6c6ba9bcb81cc9681edcaa9066d3c691"
Cache-Control: max-age=494165, stale-while-revalidate=604800, stale-if-error=604800
Expires: Tue, 04 Oct 2022 03:32:30 GMT
X-TileRender: nidhogg.openstreetmap.org
Content-Type: image/png
Content-Length: 1129
Accept-Ranges: bytes
Date: Wed, 28 Sep 2022 10:16:25 GMT
Via: 1.1 varnish
Age: 0
Connection: keep-alive
X-Served-By: cache-bma1672-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1664360186.900398,VS0,VE12
b.tile.openstreetmap.org/16/33110/22428.png
151.101.85.91200 OK 5.4 kB URL HTTP/1.1 b.tile.openstreetmap.org/16/33110/22428.png
IP 151.101.85.91:0
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash 570f459c837f936969bf5db5e52b038d
dd14fc5cb289a97bc3699f92688a7b3e299e2880
c1e0c1232a071347e6fb69f63abf8c2301ec21bbfa6e2158ba83da61d23739cc
GET /16/33110/22428.png HTTP/1.1
Host: b.tile.openstreetmap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: https://chaumont-en-vexin-hdf.eurobillets.com
Connection: keep-alive
HTTP/1.1 200 OK
Server: Apache/2.4.54 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expect-CT: max-age=0
Access-Control-Allow-Origin: *
ETag: "570f459c837f936969bf5db5e52b038d"
Cache-Control: max-age=489496, stale-while-revalidate=604800, stale-if-error=604800
Expires: Tue, 04 Oct 2022 02:14:41 GMT
X-TileRender: nidhogg.openstreetmap.org
Content-Type: image/png
Content-Length: 5370
Accept-Ranges: bytes
Date: Wed, 28 Sep 2022 10:16:25 GMT
Via: 1.1 varnish
Age: 0
Connection: keep-alive
X-Served-By: cache-bma1655-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1664360186.899880,VS0,VE18
a.tile.openstreetmap.org/16/33109/22429.png
151.101.85.91200 OK 4.3 kB URL HTTP/1.1 a.tile.openstreetmap.org/16/33109/22429.png
IP 151.101.85.91:0
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash 1e071aba1949fd41c67a118ff87a0b2d
2939922becdc7e4691c4e2cabbd96d744ae4765d
f20b31826e94f5094622962d68d4d0775e176a63aa4932f8c3e44217fea67809
GET /16/33109/22429.png HTTP/1.1
Host: a.tile.openstreetmap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: https://chaumont-en-vexin-hdf.eurobillets.com
Connection: keep-alive
HTTP/1.1 200 OK
Server: Apache/2.4.54 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expect-CT: max-age=0
Access-Control-Allow-Origin: *
ETag: "1e071aba1949fd41c67a118ff87a0b2d"
Cache-Control: max-age=488579, stale-while-revalidate=604800, stale-if-error=604800
Expires: Tue, 04 Oct 2022 01:59:24 GMT
X-TileRender: nidhogg.openstreetmap.org
Content-Type: image/png
Content-Length: 4301
Accept-Ranges: bytes
Date: Wed, 28 Sep 2022 10:16:25 GMT
Via: 1.1 varnish
Age: 0
Connection: keep-alive
X-Served-By: cache-bma1666-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1664360186.899823,VS0,VE17
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fc82211401f793132f7d43c2fd253af5
605d8371709b5d2a41967fd390c34fa649f89ea3
b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 10:16:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6ab8b69fade235ccf1a15d2cac6dd95e
37c426c0e6940920c4478855c6bb610731edd316
025fc814f74bed6fcfc2a4c25b670c1d538d06c5ce07af13d3f9f8354ca34604
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 10:16:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
216.239.36.178200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.239.36.178:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chaumont-en-vexin-hdf.eurobillets.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Wed, 28 Sep 2022 08:41:09 GMT
expires: Wed, 28 Sep 2022 10:41:09 GMT
cache-control: public, max-age=7200
age: 5716
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6ab8b69fade235ccf1a15d2cac6dd95e
37c426c0e6940920c4478855c6bb610731edd316
025fc814f74bed6fcfc2a4c25b670c1d538d06c5ce07af13d3f9f8354ca34604
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 10:16:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash e926eff5edf3bd4499ab21bb026b09da
edf25ccf5efe5096498a1069c9a6980b6a0d4579
bbb6436105c825000465c9143118196375ee484e37be227fe5fb447faa6976c4
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 10:16:26 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Sun, 02 Oct 2022 06:59:07 GMT
ETag: "edf25ccf5efe5096498a1069c9a6980b6a0d4579"
Last-Modified: Wed, 28 Sep 2022 06:59:08 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2332
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751bb93a9ebe1c12-OSL
securepubads.g.doubleclick.net/tag/js/gpt.js
216.58.207.194200 OK 28 kB URL HTTP/2 securepubads.g.doubleclick.net/tag/js/gpt.js
IP 216.58.207.194:0
File type ASCII text, with very long lines (45165)
Hash f9a3a6abf442e41019c09e6cf0bb6b5d
41eb9ba60b9965fb895dcda9175a9e7827fac1b7
e23b94e7d27c9983c2fee55146c68fe44d4c55c23014940e01fe689456fbc9ab
GET /tag/js/gpt.js HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chaumont-en-vexin-hdf.eurobillets.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27699
date: Wed, 28 Sep 2022 10:16:26 GMT
expires: Wed, 28 Sep 2022 10:16:26 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1347 / 163 of 1000 / last-modified: 1664354881"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220928
151.101.85.229200 OK 900 B URL HTTP/2 cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220928
IP 151.101.85.229:0
File type JSON data\012- , ASCII text, with very long lines (1647), with no line terminators
Hash fd9500d4271b6c279faea2d67bd65264
11cfd1f6e41462b7f10112ee71b6ba3ce3c9951c
fec4bf23aa3728a1a9f66f1443a0d4c5e469927037be1ac1e9e2f8d18ab44e2e
GET /gh/prebid/currency-file@1/latest.json?date=20220928 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://chaumont-en-vexin-hdf.eurobillets.com
Connection: keep-alive
Referer: https://chaumont-en-vexin-hdf.eurobillets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json; charset=utf-8
x-jsd-version: 1.0.1476
x-jsd-version-type: version
etag: W/"66f-H5aj4bZkqpxhdewJFk+qP7OmbCI"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 28 Sep 2022 10:16:26 GMT
age: 26127
x-served-by: cache-fra19153-FRA, cache-bma1650-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 900
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
216.58.211.2200 OK 58 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 216.58.211.2:0
File type ASCII text, with very long lines (2910)
Hash 219b5c4e9175ef55fb6ea22fde0025ff
c0d159bc2b582cf028aedf7f5172dc30300f26b0
fd5cc67737965ff3e6bc111d6994177dbb183165d5cd0b0e1c52832b88107875
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chaumont-en-vexin-hdf.eurobillets.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
date: Wed, 28 Sep 2022 10:16:26 GMT
expires: Wed, 28 Sep 2022 10:16:26 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 4454682630592406049
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 57582
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 0c4d41ec2493c8827b91ac9c01a489b0
dc4a4a5526a88296115e58d208171aa2df79b1e0
381fe4792b31f4176596a095b5684f89e21bf81b5f59a1ffbedf68df908d1c88
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4775
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 10:16:26 GMT
Last-Modified: Wed, 28 Sep 2022 08:56:51 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 19ca9dff115bc454b3d68185dd445137
a7ad26c4a679b8cd343b7d16d866ced6e2fb6fe7
41fd6902b525e0aa1e53a7d7890739cac72fef0d0af9450871b3d5e580d921c9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5052
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 10:16:26 GMT
Last-Modified: Wed, 28 Sep 2022 08:52:14 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash ce3b065271da414999c68acbcd4d3bef
fcc15ad97fa1263cd4a7e85c27ec4b79fd61d85a
d054da89e6cc63514fade8bd103b466aa4bf7db8dc6d914e8a0c83e9b3914093
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 10:16:26 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "ADEC6B813B99ED140C9C545DD578E677182B8AF3"
Expires: Wed, 28 Sep 2022 21:00:00 GMT
Last-Modified: Wed, 28 Sep 2022 09:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1945
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751bb93b4f761c12-OSL
mc.yandex.ru/metrika/watch.js
93.158.134.119200 OK 57 kB URL HTTP/2 mc.yandex.ru/metrika/watch.js
IP 93.158.134.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (570)
Hash 44366cc385a5c0f49df4f22b71434b42
3f56349f8a3fff52e28a3300052bdc2bde97371c
485ba52769d75db2ed79f65318d37070d09ce3441680aa22caa10ae3cdcb45cd
GET /metrika/watch.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chaumont-en-vexin-hdf.eurobillets.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 57285
date: Wed, 28 Sep 2022 10:16:26 GMT
access-control-allow-origin: *
etag: "632d6d03-dfc5"
expires: Wed, 28 Sep 2022 11:16:26 GMT
last-modified: Fri, 23 Sep 2022 11:23:31 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6ab8b69fade235ccf1a15d2cac6dd95e
37c426c0e6940920c4478855c6bb610731edd316
025fc814f74bed6fcfc2a4c25b670c1d538d06c5ce07af13d3f9f8354ca34604
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 10:16:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6ab8b69fade235ccf1a15d2cac6dd95e
37c426c0e6940920c4478855c6bb610731edd316
025fc814f74bed6fcfc2a4c25b670c1d538d06c5ce07af13d3f9f8354ca34604
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 10:16:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 19ca9dff115bc454b3d68185dd445137
a7ad26c4a679b8cd343b7d16d866ced6e2fb6fe7
41fd6902b525e0aa1e53a7d7890739cac72fef0d0af9450871b3d5e580d921c9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5152
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 10:16:26 GMT
Last-Modified: Wed, 28 Sep 2022 08:50:34 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e90a9821db8333e7e14139ee3c13c6b0
fb8a27f61b5726e44eac50720478c5b5d302343d
3180e0b7da813d4af4a697f3bbe265e9cd699c005548077e07325973fd0b6d1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3180E0B7DA813D4AF4A697F3BBE265E9CD699C005548077E07325973FD0B6D1C"
Last-Modified: Wed, 28 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12515
Expires: Wed, 28 Sep 2022 13:45:01 GMT
Date: Wed, 28 Sep 2022 10:16:26 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7ebf6ebc7809d3db4254caf99635697b
f62dd12f8b3e40e671948a33382a56b6d4669085
f7565caed983a7f9c910d06488826eaa4d6a48c1bf61c1b6ca0eb9195e90e853
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5738
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 10:16:26 GMT
Last-Modified: Wed, 28 Sep 2022 08:40:48 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e90a9821db8333e7e14139ee3c13c6b0
fb8a27f61b5726e44eac50720478c5b5d302343d
3180e0b7da813d4af4a697f3bbe265e9cd699c005548077e07325973fd0b6d1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3180E0B7DA813D4AF4A697F3BBE265E9CD699C005548077E07325973FD0B6D1C"
Last-Modified: Wed, 28 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12515
Expires: Wed, 28 Sep 2022 13:45:01 GMT
Date: Wed, 28 Sep 2022 10:16:26 GMT
Connection: keep-alive
prebid.a-mo.net/a/c
147.75.85.234204 No Content 0 B IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 759
Origin: https://chaumont-en-vexin-hdf.eurobillets.com
Connection: keep-alive
Referer: https://chaumont-en-vexin-hdf.eurobillets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://chaumont-en-vexin-hdf.eurobillets.com
cache-control: max-age=0, private, must-revalidate
date: Wed, 28 Sep 2022 10:16:25 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7ebf6ebc7809d3db4254caf99635697b
f62dd12f8b3e40e671948a33382a56b6d4669085
f7565caed983a7f9c910d06488826eaa4d6a48c1bf61c1b6ca0eb9195e90e853
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2545
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 10:16:26 GMT
Last-Modified: Wed, 28 Sep 2022 09:34:01 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
googleads.g.doubleclick.net/pagead/html/r20220922/r20190131/zrt_lookup.html
142.250.74.162200 OK 4.4 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20220922/r20190131/zrt_lookup.html
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1731)
Hash 682bf699cccbc0ff817e1fcb7b95262a
11ad3edf0008f52b733c2d6d7199e1f052318d58
bd42f773d589f85cf6884d7893746d5d4e0c082f78e1c80511cf3aefa1c69a0f
GET /pagead/html/r20220922/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chaumont-en-vexin-hdf.eurobillets.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4420
x-xss-protection: 0
date: Tue, 27 Sep 2022 21:21:01 GMT
expires: Tue, 11 Oct 2022 21:21:01 GMT
cache-control: public, max-age=1209600
age: 46525
etag: 9671129459699598864
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
c.tile.openstreetmap.org/16/33110/22430.png
151.101.85.91200 OK 3.7 kB URL HTTP/1.1 c.tile.openstreetmap.org/16/33110/22430.png
IP 151.101.85.91:0
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash 7e42075eca39068490dd843fe43656e4
99325e30657c80430f3667537cbb198ac0ad0acc
717d9a0a5f950802a3a9e956960085e52ed4cdac031d46f60763c9404b7fccb1
GET /16/33110/22430.png HTTP/1.1
Host: c.tile.openstreetmap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: https://chaumont-en-vexin-hdf.eurobillets.com
Connection: keep-alive
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 3707
Server: Apache/2.4.54 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expect-CT: max-age=0
Access-Control-Allow-Origin: *
ETag: "7e42075eca39068490dd843fe43656e4"
Cache-Control: max-age=492868, stale-while-revalidate=604800, stale-if-error=604800
Expires: Tue, 04 Oct 2022 03:10:54 GMT
X-TileRender: nidhogg.openstreetmap.org
Content-Type: image/png
Accept-Ranges: bytes
Date: Wed, 28 Sep 2022 10:16:26 GMT
Via: 1.1 varnish
Age: 0
X-Served-By: cache-bma1643-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1664360186.227645,VS0,VE10
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
useast.quantumdex.io/auction/apacdex
104.22.37.96204 No Content 0 B URL HTTP/2 useast.quantumdex.io/auction/apacdex
IP 104.22.37.96:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /auction/apacdex HTTP/1.1
Host: useast.quantumdex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 716
Origin: https://chaumont-en-vexin-hdf.eurobillets.com
Connection: keep-alive
Referer: https://chaumont-en-vexin-hdf.eurobillets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 28 Sep 2022 10:16:26 GMT
access-control-allow-origin: https://chaumont-en-vexin-hdf.eurobillets.com
access-control-allow-credentials: true
access-control-allow-methods: POST, GET
set-cookie: uid=62ba4f40-c9cf-4627-a7da-3eb6a5e2c463; expires=Fri, 28 Oct 2022 10:16:26 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 751bb93b5ff29903-ARN
X-Firefox-Spdy: h2
adx.adform.net/adx/openrtb
37.157.3.29204 No Content 0 B URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.3.29:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 562
Origin: https://chaumont-en-vexin-hdf.eurobillets.com
Connection: keep-alive
Referer: https://chaumont-en-vexin-hdf.eurobillets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 28 Sep 2022 10:16:26 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://chaumont-en-vexin-hdf.eurobillets.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
adx.adform.net/adx/openrtb
37.157.3.29204 No Content 0 B URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.3.29:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 581
Origin: https://chaumont-en-vexin-hdf.eurobillets.com
Connection: keep-alive
Referer: https://chaumont-en-vexin-hdf.eurobillets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 28 Sep 2022 10:16:26 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://chaumont-en-vexin-hdf.eurobillets.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
useast.quantumdex.io/auction/apacdex
104.22.37.96204 No Content 0 B URL HTTP/2 useast.quantumdex.io/auction/apacdex
IP 104.22.37.96:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /auction/apacdex HTTP/1.1
Host: useast.quantumdex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 695
Origin: https://chaumont-en-vexin-hdf.eurobillets.com
Connection: keep-alive
Referer: https://chaumont-en-vexin-hdf.eurobillets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 28 Sep 2022 10:16:26 GMT
access-control-allow-origin: https://chaumont-en-vexin-hdf.eurobillets.com
access-control-allow-credentials: true
access-control-allow-methods: POST, GET
set-cookie: uid=e4fd7d61-a992-489a-b839-f085e6996d52; expires=Fri, 28 Oct 2022 10:16:26 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 751bb93b58069903-ARN
X-Firefox-Spdy: h2
prebid.a-mo.net/a/c
147.75.85.234204 No Content 0 B IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 737
Origin: https://chaumont-en-vexin-hdf.eurobillets.com
Connection: keep-alive
Referer: https://chaumont-en-vexin-hdf.eurobillets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://chaumont-en-vexin-hdf.eurobillets.com
cache-control: max-age=0, private, must-revalidate
date: Wed, 28 Sep 2022 10:16:25 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 1
X-Firefox-Spdy: h2
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 570
Origin: https://chaumont-en-vexin-hdf.eurobillets.com
Connection: keep-alive
Referer: https://chaumont-en-vexin-hdf.eurobillets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 28 Sep 2022 10:16:26 GMT
access-control-allow-origin: https://chaumont-en-vexin-hdf.eurobillets.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
37.252.173.215200 OK 140 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.173.215:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5c83dbe52e88b02e422b5b3cfc07a710
3143f939fe0132ba9f867b701fb6f234cdf48557
9fc20ee766ed226cad93f2a6379cdc1cca5625b5bd17d176de95e96702d68255
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 680
Origin: https://chaumont-en-vexin-hdf.eurobillets.com
Connection: keep-alive
Referer: https://chaumont-en-vexin-hdf.eurobillets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 28 Sep 2022 10:16:26 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 140
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://chaumont-en-vexin-hdf.eurobillets.com
AN-X-Request-Uuid: d98b6f25-9cbc-4783-919a-a5a20d1b61fb
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
b.tile.openstreetmap.org/16/33111/22430.png
151.101.85.91200 OK 4.0 kB URL HTTP/1.1 b.tile.openstreetmap.org/16/33111/22430.png
IP 151.101.85.91:0
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash d957201ce30b3a7b6fbb928e0954fb12
504cd189da3535e44aab7c4c05545900451f70fa
f398c8d3271e964306869d16c26f525c1d4f5b5d34e920b31137674438aebf0f
GET /16/33111/22430.png HTTP/1.1
Host: b.tile.openstreetmap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: https://chaumont-en-vexin-hdf.eurobillets.com
Connection: keep-alive
HTTP/1.1 200 OK
Server: Apache/2.4.54 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expect-CT: max-age=0
Access-Control-Allow-Origin: *
ETag: "d957201ce30b3a7b6fbb928e0954fb12"
Cache-Control: max-age=491790, stale-while-revalidate=604800, stale-if-error=604800
Expires: Tue, 04 Oct 2022 02:52:56 GMT
X-TileRender: nidhogg.openstreetmap.org
Content-Type: image/png
Content-Length: 3964
Accept-Ranges: bytes
Date: Wed, 28 Sep 2022 10:16:26 GMT
Via: 1.1 varnish
Age: 0
Connection: keep-alive
X-Served-By: cache-bma1634-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1664360186.231846,VS0,VE31
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 552
Origin: https://chaumont-en-vexin-hdf.eurobillets.com
Connection: keep-alive
Referer: https://chaumont-en-vexin-hdf.eurobillets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 28 Sep 2022 10:16:26 GMT
access-control-allow-origin: https://chaumont-en-vexin-hdf.eurobillets.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
ssp.wp.pl/bidder/?cs=true&bdver=5.0&pbver=5.14.0&inver=0
212.77.99.29204 No Content 0 B URL HTTP/2 ssp.wp.pl/bidder/?cs=true&bdver=5.0&pbver=5.14.0&inver=0
IP 212.77.99.29:0
ASN #12827 Wirtualna Polska Media S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/?cs=true&bdver=5.0&pbver=5.14.0&inver=0 HTTP/1.1
Host: ssp.wp.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 554
Origin: https://chaumont-en-vexin-hdf.eurobillets.com
Connection: keep-alive
Referer: https://chaumont-en-vexin-hdf.eurobillets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Wed, 28 Sep 2022 10:16:26 GMT
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
accept-ch-lifetime: 604800
access-control-allow-credentials: true
access-control-allow-origin: https://chaumont-en-vexin-hdf.eurobillets.com
uber-trace-id: 0000000000000000b433437cfc4df8f7:2cb4d60d1b6d5b8c:0:0
vary: Origin
X-Firefox-Spdy: h2
script.4dex.io/localstore.js
104.26.8.169200 OK 269 B URL HTTP/2 script.4dex.io/localstore.js
IP 104.26.8.169:0
File type ASCII text, with very long lines (482)
Hash 050c973aa99c978726e9d63602416e35
3b2df0fb380bb212d14045a9b0226439ffc2d5ad
bb6ab03c2b29ccb00e8512f907f26e0cb1cd4b5b77d83d377b45c6d5c2e858ec
GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chaumont-en-vexin-hdf.eurobillets.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 10:16:26 GMT
content-type: application/javascript
x-amz-id-2: txac4c56ce13c94b3e8f3f6-0063316a9c
last-modified: Mon, 26 Sep 2022 09:01:16 GMT
etag: W/"922cffdd75f7192f75231d92684885aa"
cache-control: public, max-age=1800
x-amz-version-id: 1664182876788516
x-amz-request-id: txac4c56ce13c94b3e8f3f6-0063316a9c
cf-cache-status: HIT
age: 177245
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=upJYZvbfm4Zq0BulU6gpd8Ly%2FiOQ0xwe%2Bf%2BtOTx2LR0AMz2vro4WACdNFcliWowlkhxXAVvD4B3LQ8sWqh5ftYgAmyu157ld7o684CdGpgMez7YX0vbyeBEmRj%2FxtIfc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751bb93a9c270b02-OSL
content-encoding: br
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
37.252.173.215200 OK 143 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.173.215:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 25cc575904eb772b0821d9466d81f0f1
1359338d8226cfb27a946865b24a4a9fe9a40138
62128c7c9d5d422ec2896921b020bb8e6bc457b1c2ee4c722dac19bd0b768ab6
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 706
Origin: https://chaumont-en-vexin-hdf.eurobillets.com
Connection: keep-alive
Referer: https://chaumont-en-vexin-hdf.eurobillets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 28 Sep 2022 10:16:26 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 143
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://chaumont-en-vexin-hdf.eurobillets.com
AN-X-Request-Uuid: af586230-6622-4dcd-be1e-8875817f7091
Set-Cookie: icu=ChgI_8NdEAoYASABKAEw-r3QmQY4AUABSAEQ-r3QmQYYAA..; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 27-Dec-2022 10:16:26 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=1828598985877053251; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 27-Dec-2022 10:16:26 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
a.tile.openstreetmap.org/16/33112/22428.png
151.101.85.91200 OK 2.3 kB URL HTTP/1.1 a.tile.openstreetmap.org/16/33112/22428.png
IP 151.101.85.91:0
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash 025627c58bc15511cb0ec33358041f75
d41d6891661b90ad6a0b1f79fdfbd1e8483de2f3
bde35b9020d64c6b3a51075c78971ab1f3af3be9da6184feb3d33f0952791c08
GET /16/33112/22428.png HTTP/1.1
Host: a.tile.openstreetmap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: https://chaumont-en-vexin-hdf.eurobillets.com
Connection: keep-alive
HTTP/1.1 200 OK
Server: Apache/2.4.54 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expect-CT: max-age=0
Access-Control-Allow-Origin: *
ETag: "025627c58bc15511cb0ec33358041f75"
Cache-Control: max-age=419795, stale-while-revalidate=604800, stale-if-error=604800
Expires: Mon, 03 Oct 2022 06:53:01 GMT
X-TileRender: culebre.openstreetmap.org
Content-Type: image/png
Content-Length: 2335
Accept-Ranges: bytes
Date: Wed, 28 Sep 2022 10:16:26 GMT
Via: 1.1 varnish
Age: 0
Connection: keep-alive
X-Served-By: cache-bma1620-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1664360186.408053,VS0,VE34
c.tile.openstreetmap.org/16/33109/22430.png
151.101.85.91200 OK 16 kB URL HTTP/1.1 c.tile.openstreetmap.org/16/33109/22430.png
IP 151.101.85.91:0
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash 3c8a99bb4a069efdb75db705abe16a7c
6a465621b75007e51e891a273380915f497b0d9e
6087de1aaf9a7525e76d3c94252377ef76d6362b0214041ece6d84789d073210
GET /16/33109/22430.png HTTP/1.1
Host: c.tile.openstreetmap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: https://chaumont-en-vexin-hdf.eurobillets.com
Connection: keep-alive
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 16210
Server: Apache/2.4.54 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expect-CT: max-age=0
Access-Control-Allow-Origin: *
ETag: "3c8a99bb4a069efdb75db705abe16a7c"
Cache-Control: max-age=497137, stale-while-revalidate=604800, stale-if-error=604800
Expires: Tue, 04 Oct 2022 04:22:03 GMT
X-TileRender: nidhogg.openstreetmap.org
Content-Type: image/png
Accept-Ranges: bytes
Date: Wed, 28 Sep 2022 10:16:26 GMT
Via: 1.1 varnish
Age: 0
X-Served-By: cache-bma1643-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1664360186.439517,VS0,VE21
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
b.tile.openstreetmap.org/16/33108/22428.png
151.101.85.91200 OK 5.2 kB URL HTTP/1.1 b.tile.openstreetmap.org/16/33108/22428.png
IP 151.101.85.91:0
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash 9b669f75323610fcea19cb3a9029571d
5b34a05a33ba432fd9566f696bd5b71f1c289e5c
acabfa6300847f6a3ea2b2beffc70ccffbeaced9e41412bfdeb04b449f1ebe4e
GET /16/33108/22428.png HTTP/1.1
Host: b.tile.openstreetmap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: https://chaumont-en-vexin-hdf.eurobillets.com
Connection: keep-alive
HTTP/1.1 200 OK
Server: Apache/2.4.54 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expect-CT: max-age=0
Access-Control-Allow-Origin: *
ETag: "9b669f75323610fcea19cb3a9029571d"
Cache-Control: max-age=497008, stale-while-revalidate=604800, stale-if-error=604800
Expires: Tue, 04 Oct 2022 04:19:54 GMT
X-TileRender: nidhogg.openstreetmap.org
Content-Type: image/png
Content-Length: 5166
Accept-Ranges: bytes
Date: Wed, 28 Sep 2022 10:16:26 GMT
Via: 1.1 varnish
Age: 0
Connection: keep-alive
X-Served-By: cache-bma1634-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1664360186.452211,VS0,VE15
a.tile.openstreetmap.org/16/33108/22429.png
151.101.85.91200 OK 1.8 kB URL HTTP/1.1 a.tile.openstreetmap.org/16/33108/22429.png
IP 151.101.85.91:0
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash 4580ed6e70a5d7559d8afee4fed8e11a
4468ada91c7d32acacb646673a132b332ddaa17d
17fe799934c7fb0cecdd4378c3f555601336329ab49ab51ad3e97ce0d53d3580
GET /16/33108/22429.png HTTP/1.1
Host: a.tile.openstreetmap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: https://chaumont-en-vexin-hdf.eurobillets.com
Connection: keep-alive
HTTP/1.1 200 OK
Server: Apache/2.4.54 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expect-CT: max-age=0
Access-Control-Allow-Origin: *
ETag: "4580ed6e70a5d7559d8afee4fed8e11a"
Cache-Control: max-age=490440, stale-while-revalidate=604800, stale-if-error=604800
Expires: Tue, 04 Oct 2022 02:30:26 GMT
X-TileRender: nidhogg.openstreetmap.org
Content-Type: image/png
Content-Length: 1801
Accept-Ranges: bytes
Date: Wed, 28 Sep 2022 10:16:26 GMT
Via: 1.1 varnish
Age: 0
Connection: keep-alive
X-Served-By: cache-bma1620-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1664360186.454279,VS0,VE23
b.tile.openstreetmap.org/16/33113/22428.png
151.101.85.91200 OK 4.4 kB URL HTTP/1.1 b.tile.openstreetmap.org/16/33113/22428.png
IP 151.101.85.91:0
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash 3cb1916190c17fa9e0383716e82e20b5
c1a3fcf802cdf848e6a313f62371e2a9fa79eb39
16ff3a5079cf0193b8777ad8a44de334c04a37a0afdda017c88162d59f5d33da
GET /16/33113/22428.png HTTP/1.1
Host: b.tile.openstreetmap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: https://chaumont-en-vexin-hdf.eurobillets.com
Connection: keep-alive
HTTP/1.1 200 OK
Server: Apache/2.4.54 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expect-CT: max-age=0
Access-Control-Allow-Origin: *
ETag: "3cb1916190c17fa9e0383716e82e20b5"
Cache-Control: max-age=419516, stale-while-revalidate=604800, stale-if-error=604800
Expires: Mon, 03 Oct 2022 06:48:22 GMT
X-TileRender: culebre.openstreetmap.org
Content-Type: image/png
Content-Length: 4407
Accept-Ranges: bytes
Date: Wed, 28 Sep 2022 10:16:26 GMT
Via: 1.1 varnish
Age: 0
Connection: keep-alive
X-Served-By: cache-bma1655-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1664360186.474178,VS0,VE34
a.tile.openstreetmap.org/16/33112/22429.png
151.101.85.91200 OK 6.8 kB URL HTTP/1.1 a.tile.openstreetmap.org/16/33112/22429.png
IP 151.101.85.91:0
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash 8eecba3c3c1484ae200ff31e866d5f5e
7f07db0ada08985c10f9b98645efd67509f9cfa9
a8fa07344fe26ff1f57e92b274294948e915d2f8d9d41981c847997ca47b98fb
GET /16/33112/22429.png HTTP/1.1
Host: a.tile.openstreetmap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: https://chaumont-en-vexin-hdf.eurobillets.com
Connection: keep-alive
HTTP/1.1 200 OK
Server: Apache/2.4.54 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expect-CT: max-age=0
Access-Control-Allow-Origin: *
ETag: "8eecba3c3c1484ae200ff31e866d5f5e"
Cache-Control: max-age=420527, stale-while-revalidate=604800, stale-if-error=604800
Expires: Mon, 03 Oct 2022 07:05:13 GMT
X-TileRender: culebre.openstreetmap.org
Content-Type: image/png
Content-Length: 6820
Accept-Ranges: bytes
Date: Wed, 28 Sep 2022 10:16:26 GMT
Via: 1.1 varnish
Age: 0
Connection: keep-alive
X-Served-By: cache-bma1666-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1664360186.410022,VS0,VE98
b.tile.openstreetmap.org/16/33113/22429.png
151.101.85.91200 OK 1.7 kB URL HTTP/1.1 b.tile.openstreetmap.org/16/33113/22429.png
IP 151.101.85.91:0
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash a4b59d0c92608441acc1b1589231616b
17016097c4096b2f45fe5f51127e6ff1e2d951b2
63effdcb9fb658a38fdeae315d2fbebb11c657e664934f4a236e11d40c48505c
GET /16/33113/22429.png HTTP/1.1
Host: b.tile.openstreetmap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: https://chaumont-en-vexin-hdf.eurobillets.com
Connection: keep-alive
HTTP/1.1 200 OK
Server: Apache/2.4.54 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expect-CT: max-age=0
Access-Control-Allow-Origin: *
ETag: "a4b59d0c92608441acc1b1589231616b"
Cache-Control: max-age=417350, stale-while-revalidate=604800, stale-if-error=604800
Expires: Mon, 03 Oct 2022 06:12:16 GMT
X-TileRender: culebre.openstreetmap.org
Content-Type: image/png
Content-Length: 1722
Accept-Ranges: bytes
Date: Wed, 28 Sep 2022 10:16:26 GMT
Via: 1.1 varnish
Age: 0
Connection: keep-alive
X-Served-By: cache-bma1634-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1664360186.476339,VS0,VE33
a.tile.openstreetmap.org/16/33112/22430.png
151.101.85.91200 OK 14 kB URL HTTP/1.1 a.tile.openstreetmap.org/16/33112/22430.png
IP 151.101.85.91:0
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash a48cd776b2700a285c8701ecdd6813fb
775348a441d80525f0d433d6e2cc47979f3771fb
48833313940e66aa8f98511d64e42bbc2f6c5c1fb1cc70e9c09338cfc0eb33d9
GET /16/33112/22430.png HTTP/1.1
Host: a.tile.openstreetmap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: https://chaumont-en-vexin-hdf.eurobillets.com
Connection: keep-alive
HTTP/1.1 200 OK
Server: Apache/2.4.54 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expect-CT: max-age=0
Access-Control-Allow-Origin: *
ETag: "a48cd776b2700a285c8701ecdd6813fb"
Cache-Control: max-age=417748, stale-while-revalidate=604800, stale-if-error=604800
Expires: Mon, 03 Oct 2022 06:18:54 GMT
X-TileRender: culebre.openstreetmap.org
Content-Type: image/png
Content-Length: 14533
Accept-Ranges: bytes
Date: Wed, 28 Sep 2022 10:16:26 GMT
Via: 1.1 varnish
Age: 0
Connection: keep-alive
X-Served-By: cache-bma1672-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1664360186.439863,VS0,VE100
c.tile.openstreetmap.org/16/33108/22430.png
151.101.85.91200 OK 2.7 kB URL HTTP/1.1 c.tile.openstreetmap.org/16/33108/22430.png
IP 151.101.85.91:0
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash 6335957196b43ded8ad099f1e3c9c5b4
b8d0f6cc43e54db0bc131fb435fd952732d96a95
c829f98b4963db03837b76a4cfcf7c15cef7f8ff1def3c215a715506fbc19105
GET /16/33108/22430.png HTTP/1.1
Host: c.tile.openstreetmap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: https://chaumont-en-vexin-hdf.eurobillets.com
Connection: keep-alive
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 2710
Server: Apache/2.4.54 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expect-CT: max-age=0
Access-Control-Allow-Origin: *
ETag: "6335957196b43ded8ad099f1e3c9c5b4"
Cache-Control: max-age=497595, stale-while-revalidate=604800, stale-if-error=604800
Expires: Tue, 04 Oct 2022 04:29:41 GMT
X-TileRender: nidhogg.openstreetmap.org
Content-Type: image/png
Accept-Ranges: bytes
Date: Wed, 28 Sep 2022 10:16:26 GMT
Via: 1.1 varnish
Age: 0
X-Served-By: cache-bma1643-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1664360187.550320,VS0,VE10
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
a.tile.openstreetmap.org/16/33113/22430.png
151.101.85.91200 OK 2.9 kB URL HTTP/1.1 a.tile.openstreetmap.org/16/33113/22430.png
IP 151.101.85.91:0
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash eaefd344b11b1044fa626d2bfe47b6fd
155ad8429c301640d910b3d5eca9d4a5ed974b39
9cdb6b0b0313f09d76ab316debdb35d28164a181de188fe65be4c4b31aef1635
GET /16/33113/22430.png HTTP/1.1
Host: a.tile.openstreetmap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: https://chaumont-en-vexin-hdf.eurobillets.com
Connection: keep-alive
HTTP/1.1 200 OK
Server: Apache/2.4.54 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expect-CT: max-age=0
Access-Control-Allow-Origin: *
ETag: "eaefd344b11b1044fa626d2bfe47b6fd"
Cache-Control: max-age=421126, stale-while-revalidate=604800, stale-if-error=604800
Expires: Mon, 03 Oct 2022 07:15:12 GMT
X-TileRender: culebre.openstreetmap.org
Content-Type: image/png
Content-Length: 2923
Accept-Ranges: bytes
Date: Wed, 28 Sep 2022 10:16:26 GMT
Via: 1.1 varnish
Age: 0
Connection: keep-alive
X-Served-By: cache-bma1672-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1664360187.552685,VS0,VE34
mc.yandex.ru/metrika/advert.gif
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chaumont-en-vexin-hdf.eurobillets.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 28 Sep 2022 10:16:26 GMT
access-control-allow-origin: *
etag: "632d6d03-2b"
expires: Wed, 28 Sep 2022 11:16:26 GMT
accept-ranges: bytes
last-modified: Fri, 23 Sep 2022 11:23:31 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/48396329/1?wmode=7&page-url=https%3A%2F%2Fchaumont-en-vexin-hdf.eurobillets.com%2Fsupermarches-match-8&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hff9a0%3Afp%3A1030%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1218770283740%3Ahid%3A834448753%3Az%3A0%3Ai%3A20220928101623%3Aet%3A1664360184%3Ac%3A1%3Arn%3A467697353%3Arqn%3A1%3Au%3A166436018418832940%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A1%2C220%2C132%2C1%2C324%2C0%2C%2C521%2C5%2C%2C%2C%2C1224%3Ans%3A1664360181976%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664360184%3At%3ASupermarch%C3%A9s%20Match%20%E2%80%94%20le%20magasin%20and%20supermarch%C3%A9%20%E2%80%94%20Chaumont-en-Vexin%2C%20Hauts-de-France&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
93.158.134.119200 OK 426 B URL HTTP/2 mc.yandex.ru/watch/48396329/1?wmode=7&page-url=https%3A%2F%2Fchaumont-en-vexin-hdf.eurobillets.com%2Fsupermarches-match-8&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hff9a0%3Afp%3A1030%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1218770283740%3Ahid%3A834448753%3Az%3A0%3Ai%3A20220928101623%3Aet%3A1664360184%3Ac%3A1%3Arn%3A467697353%3Arqn%3A1%3Au%3A166436018418832940%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A1%2C220%2C132%2C1%2C324%2C0%2C%2C521%2C5%2C%2C%2C%2C1224%3Ans%3A1664360181976%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664360184%3At%3ASupermarch%C3%A9s%20Match%20%E2%80%94%20le%20magasin%20and%20supermarch%C3%A9%20%E2%80%94%20Chaumont-en-Vexin%2C%20Hauts-de-France&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
IP 93.158.134.119:0
File type JSON data\012- , ASCII text, with very long lines (426), with no line terminators
Hash a9c0ddbc62cf31c0a4b90ae671f64382
7a8b87155350e2e233f57e5cd8c40a54270708a0
a921421b31a4d6d3e3f17ed21a7c42b8e14a6202f807b36533cb8e72c1956596
GET /watch/48396329/1?wmode=7&page-url=https%3A%2F%2Fchaumont-en-vexin-hdf.eurobillets.com%2Fsupermarches-match-8&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hff9a0%3Afp%3A1030%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1218770283740%3Ahid%3A834448753%3Az%3A0%3Ai%3A20220928101623%3Aet%3A1664360184%3Ac%3A1%3Arn%3A467697353%3Arqn%3A1%3Au%3A166436018418832940%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A1%2C220%2C132%2C1%2C324%2C0%2C%2C521%2C5%2C%2C%2C%2C1224%3Ans%3A1664360181976%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664360184%3At%3ASupermarch%C3%A9s%20Match%20%E2%80%94%20le%20magasin%20and%20supermarch%C3%A9%20%E2%80%94%20Chaumont-en-Vexin%2C%20Hauts-de-France&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://chaumont-en-vexin-hdf.eurobillets.com
Referer: https://chaumont-en-vexin-hdf.eurobillets.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 426
date: Wed, 28 Sep 2022 10:16:26 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://chaumont-en-vexin-hdf.eurobillets.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 28-Sep-2022 10:16:26 GMT
last-modified: Wed, 28-Sep-2022 10:16:26 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash be52dbe2d47697a7f007d69c486b77b4
fe445ea87749e97423e7865bc559ad78f672a62d
65d16df2b3095c658d2bdf39b06d57486967bba7b43c43108e5025d7af5b7ab6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 10:16:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4f9b485cf94d88ef8c835c0f1a9dd397
07ef0ce794ab8cd9f0b1564c5f2ac4acb18f8f83
b396d74e533e944041f2737e98f2c872f772bd19a328cfac562f28c82438a1fc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 10:16:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=chaumont-en-vexin-hdf.eurobillets.com
142.250.74.34200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=chaumont-en-vexin-hdf.eurobillets.com
IP 142.250.74.34:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=chaumont-en-vexin-hdf.eurobillets.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chaumont-en-vexin-hdf.eurobillets.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 28 Sep 2022 10:16:26 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ef12641bb4d59312b43f4f06ae2cee73
5450eaf271bf466e6aa58b63d52b49b66c5f4a6f
894fd5dabf39c09179591f3305d88ef71eb467ddeb1fc5c568dc377c3a1317d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 10:16:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=chaumont-en-vexin-hdf.eurobillets.com&callback=_gfp_s_&client=ca-pub-5913989414836305
172.217.21.162200 OK 203 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=chaumont-en-vexin-hdf.eurobillets.com&callback=_gfp_s_&client=ca-pub-5913989414836305
IP 172.217.21.162:0
File type ASCII text, with no line terminators
Hash 112c604bf1414a6d7f2250c472e59755
2bd4e04b36056d6963c04921cb87cc834217d869
9dda99e0ccffd71c3436aa72ea359bf6d1c2dcb482c0ecea176856d31d7d738e
GET /gampad/cookie.js?domain=chaumont-en-vexin-hdf.eurobillets.com&callback=_gfp_s_&client=ca-pub-5913989414836305 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chaumont-en-vexin-hdf.eurobillets.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 28 Sep 2022 10:16:26 GMT
server: cafe
cache-control: private
content-length: 203
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=chaumont-en-vexin-hdf.eurobillets.com
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=chaumont-en-vexin-hdf.eurobillets.com
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=chaumont-en-vexin-hdf.eurobillets.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chaumont-en-vexin-hdf.eurobillets.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 28 Sep 2022 10:16:26 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash be52dbe2d47697a7f007d69c486b77b4
fe445ea87749e97423e7865bc559ad78f672a62d
65d16df2b3095c658d2bdf39b06d57486967bba7b43c43108e5025d7af5b7ab6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 10:16:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adx.adform.net/adx/openrtb
37.157.3.29200 OK 472 B URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.3.29:0
Hash 4f9b485cf94d88ef8c835c0f1a9dd397
07ef0ce794ab8cd9f0b1564c5f2ac4acb18f8f83
b396d74e533e944041f2737e98f2c872f772bd19a328cfac562f28c82438a1fc
OPTIONS /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://chaumont-en-vexin-hdf.eurobillets.com/
Origin: https://chaumont-en-vexin-hdf.eurobillets.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 10:16:26 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://chaumont-en-vexin-hdf.eurobillets.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ef12641bb4d59312b43f4f06ae2cee73
5450eaf271bf466e6aa58b63d52b49b66c5f4a6f
894fd5dabf39c09179591f3305d88ef71eb467ddeb1fc5c568dc377c3a1317d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 10:16:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 139d64e28724086d1d5ab6d2f534ff25
2c717905e83564a17bd8ca61dd934133416f629b
a37afafc8ee712ae7ae935d3ed564f3cf46dd09005debbc5e2650f8b434d1e00
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5264
Expires: Wed, 28 Sep 2022 11:44:10 GMT
Date: Wed, 28 Sep 2022 10:16:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 139d64e28724086d1d5ab6d2f534ff25
2c717905e83564a17bd8ca61dd934133416f629b
a37afafc8ee712ae7ae935d3ed564f3cf46dd09005debbc5e2650f8b434d1e00
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5264
Expires: Wed, 28 Sep 2022 11:44:10 GMT
Date: Wed, 28 Sep 2022 10:16:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 139d64e28724086d1d5ab6d2f534ff25
2c717905e83564a17bd8ca61dd934133416f629b
a37afafc8ee712ae7ae935d3ed564f3cf46dd09005debbc5e2650f8b434d1e00
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5263
Expires: Wed, 28 Sep 2022 11:44:10 GMT
Date: Wed, 28 Sep 2022 10:16:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 139d64e28724086d1d5ab6d2f534ff25
2c717905e83564a17bd8ca61dd934133416f629b
a37afafc8ee712ae7ae935d3ed564f3cf46dd09005debbc5e2650f8b434d1e00
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5263
Expires: Wed, 28 Sep 2022 11:44:10 GMT
Date: Wed, 28 Sep 2022 10:16:27 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b794c6812cb546de0295e087ebe66a7
a54803cca7d3c509c195f65961e1110c8ec56f55
6a207f75eb3951f3dea5252bc8d185cd604d3d657f15b838774e8087e91f37f5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12016
x-amzn-requestid: ec1b3715-5d0f-4045-aa5b-b70a55c81d72
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e3EtyIAMFdZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5e-201dd1ef1426a09965c68dab;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pR4b1-lZZRMnWf-PdXFGXaHBCGAfOyp3AjeuCvtu5imWmf9N9l2wKQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:48:38 GMT
age: 44869
etag: "a54803cca7d3c509c195f65961e1110c8ec56f55"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02722822-e024-44b9-8ec1-48ec9500ca58.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02722822-e024-44b9-8ec1-48ec9500ca58.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f3e1fd3401c5e635a8dbeec5f78b721d
2142075b27d0d355c51231ab06fea46e25eb9c59
2e17a43985b624e6b6592d402c36dd45b915cd6e1ac84e187c18c46420eb9a1d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02722822-e024-44b9-8ec1-48ec9500ca58.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9733
x-amzn-requestid: fff8214b-48f7-4b45-bd91-69ea4db871d6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCAWhG9HIAMFloQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330adc3-1cffa63711378c525e49e11d;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 19:36:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: L2Of12XTKmTF2EPL4MHpJvBW7GNS8gSRs3FuUMB-RUpTZaY8ew_o_w==
via: 1.1 0dc4feb22bb4657ce2bb95fd05ec7122.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 05:26:00 GMT
age: 17427
etag: "2142075b27d0d355c51231ab06fea46e25eb9c59"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7723c423-9c9b-4e58-93cc-7198e8ff6f62.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7723c423-9c9b-4e58-93cc-7198e8ff6f62.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 46dc8f1499f4de5f03bd87a68c3c6c7b
0cd28a243f9704140ccb9eb1415a77fcccc7cf87
3d7a5cdc0812857efabd7ab941aea6d6582790b86a9587809d222c0a8546262b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7723c423-9c9b-4e58-93cc-7198e8ff6f62.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7359
x-amzn-requestid: 6e3123b2-ea7e-4e3e-8399-19a66d27923f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI34CEYtIAMF01w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336d00-5995316c70da7a0c460ac432;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:37:04 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: t_uz9vKifWkMj014gCS83STU-fnM39a49_LB5By3j9NqLpqfl8tKSA==
via: 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:57:38 GMT
age: 44329
etag: "0cd28a243f9704140ccb9eb1415a77fcccc7cf87"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ee83d08d024d127fad5918e1ffacb78b
8ad289a77705358ab660b6123e9d90de991b6c13
aaab3590ef3777ce8b7a9a34f18866fa20ecaa554cbcdcdb3f1fa3c34c88ceb4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11314
x-amzn-requestid: 0ceafc65-764c-4367-b031-257061eb65d4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UPF00oAMFUpw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-0d46481b7394081b14a81131;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ve8l6PxpMuBLt5BxwywNpqM2ISt0zy2r_gweYnVw4X65PBEhpMbckg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:46:00 GMT
age: 45027
etag: "8ad289a77705358ab660b6123e9d90de991b6c13"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ad84ed0c5b2090df7996007514cf1984
651600f2ef18cecc2e38370069bbb5e1d86f68e0
a3d0729e1d43afeadd2dd8273c858b8839d9e476f773c8ec9d96b5969a9e0b4a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13299
x-amzn-requestid: 926df8b6-beec-470d-b0b3-33be326cd379
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UPF8YIAMF3Nw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-343e91e735af43d01fc83ddd;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: fcxclGRP3zfWwb6opjYU2bL9VAq_mCSNjFtfp9iMLq6tbZu57EDqpQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:50:04 GMT
etag: "651600f2ef18cecc2e38370069bbb5e1d86f68e0"
content-type: image/jpeg
age: 44783
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6139c878a7d2bd32c61fc8287996eb5b
9c4692ea64832895fbd107d91f879728b6a440c7
3839df92f0a10c1433d5b576df50c9f7953912ae4f425012262f08ee8a59ce2e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8500
x-amzn-requestid: 626c21ec-f29b-4b69-b275-c22c864c2409
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3VmENnIAMFeTQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c23-75eccc381fbd6e5d4ff59c06;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Eyy8qoYVCJbt6b6hTGJ-rOrYex9RuX1InyZbpHkeu9yQqPUEvowKcw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:48:58 GMT
etag: "9c4692ea64832895fbd107d91f879728b6a440c7"
content-type: image/jpeg
age: 44849
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
266f93fb7bc781c1b4a62a50fe98d873.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
142.250.74.65200 OK 3.1 kB URL HTTP/2 266f93fb7bc781c1b4a62a50fe98d873.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
IP 142.250.74.65:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5835)
Hash 3fa5e95a358d660ddb3c45769ae1357f
5f6164fbaf8cfbccfd061b00ae48dedfc16bbcd9
d32f4b680031c0e11222eb17385aa9d3b11d2903b05bff34c3d4eb6292631137
GET /safeframe/1-0-38/html/container.html HTTP/1.1
Host: 266f93fb7bc781c1b4a62a50fe98d873.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chaumont-en-vexin-hdf.eurobillets.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 28 Sep 2022 10:16:27 GMT
expires: Thu, 28 Sep 2023 10:16:27 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
get.optad360.io/sf/e260c3ca-844c-11e8-900d-06048607e8f8/plugin.min.js
143.204.55.52200 OK 126 kB URL HTTP/2 get.optad360.io/sf/e260c3ca-844c-11e8-900d-06048607e8f8/plugin.min.js
IP 143.204.55.52:0
Size 126 kB (125918 bytes)
Hash 5d269e4dfc72344a5f8015d444d13b27
cac91cafb599e73bee114886ad9dce2372275195
d456b242fd8f82b30b6d8cc2138d467d801f16803841bdfab067496797a8b7df
GET /sf/e260c3ca-844c-11e8-900d-06048607e8f8/plugin.min.js HTTP/1.1
Host: get.optad360.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chaumont-en-vexin-hdf.eurobillets.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 28 Sep 2022 10:16:26 GMT
last-modified: Fri, 21 Jan 2022 10:23:02 GMT
etag: W/"676a0a6687fe4fe2de92a9578315ac3b"
cache-control: public, max-age=3600
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: WkrwavBPc0AN9QMWS0SfWyIDy_Y8rQ3-0_yxqWDh7sKVnNzACD8t_g==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 042c38716faa379dfe35bfc0e350d539
f604c07161c10f251501fe5bf3ea534beb6ea865
2038294cc39316a8f13c431224609cd186f9e115b792f0b8f0f22f039c9d9ed8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 10:16:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 042c38716faa379dfe35bfc0e350d539
f604c07161c10f251501fe5bf3ea534beb6ea865
2038294cc39316a8f13c431224609cd186f9e115b792f0b8f0f22f039c9d9ed8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 10:16:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/abg_lite_fy2021.js
142.250.74.33200 OK 9.6 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20220922/r20110914/abg_lite_fy2021.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1624)
Hash f46cc3169ffbd99218f62616e2dc44ea
f44964026d2af9900a059c88967c9e8d067def45
9c82ae03291d76510460e1468338fd9303e25ccbf65e94c66e7a3e2173d7b29c
GET /pagead/js/r20220922/r20110914/abg_lite_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 9559
x-xss-protection: 0
date: Wed, 28 Sep 2022 10:07:35 GMT
expires: Wed, 12 Oct 2022 10:07:35 GMT
cache-control: public, max-age=1209600
etag: 12142024561622733046
content-type: text/javascript; charset=UTF-8
age: 532
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/qs_click_protection_fy2021.js
142.250.74.33200 OK 7.6 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/qs_click_protection_fy2021.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1494)
Hash d4c271459de87911060fd730756373be
9100e62d0d61513c1b489e47a6a35b84e8be4a25
b14fbcdbed0b02e9656b4d5ff183d84c25b076ac0b1087d2feb9254ee9ce8c24
GET /pagead/js/r20220922/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 7553
x-xss-protection: 0
date: Wed, 28 Sep 2022 09:47:23 GMT
expires: Wed, 12 Oct 2022 09:47:23 GMT
cache-control: public, max-age=1209600
etag: 15375136450269253166
content-type: text/javascript; charset=UTF-8
age: 1744
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 042c38716faa379dfe35bfc0e350d539
f604c07161c10f251501fe5bf3ea534beb6ea865
2038294cc39316a8f13c431224609cd186f9e115b792f0b8f0f22f039c9d9ed8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 10:16:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
142.250.74.98200 OK 44 kB URL HTTP/2 www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
IP 142.250.74.98:0
File type ASCII text, with very long lines (3498)
Hash f6b1f2456b44a6f219d0aed4e1a437e7
4c993a7a8f983d1b80b596b8aa65c6314bc8def7
05b89601f9c3a01b5c2efbe7a5cca69859e9c974e254501bb79d8d3a24c1267b
GET /activeview/js/current/rx_lidar.js?cache=r20110914 HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-length: 44528
date: Wed, 28 Sep 2022 10:16:27 GMT
expires: Wed, 28 Sep 2022 10:16:27 GMT
cache-control: private, max-age=3000
etag: "1664191987193040"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5e01e4cfb215a3f052b4c716bc77c1a6
6e63b3e883051319571310c44b87591f0312d83f
aebb544e0762c6c3eb289d85c20299baa3f742dc46cfa5bcc33ac6df411285ae
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 10:16:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 961 B IP 142.250.74.3:0
Hash 8a7fffac5d4b4ebc920c3f4065fa0751
dc2e1c61371704bdb1bdd229f8e9093bdb61b834
f6843edaac53138ae30f3503ec7e07d693c1384aff202fc91f0bbb0f829b2be3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 10:16:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/measurement/l?ebcid=ALh7CaQjbDz33YukGUY-FRinpFkxMYR01Ex-i7DcjyxaJYkAMrwIqUkjr9dG9mCVM-5o7AgpakNLqlVrvA0o1viXuZL1xX4U_Q
142.250.74.164204 No Content 0 B URL HTTP/2 www.google.com/ads/measurement/l?ebcid=ALh7CaQjbDz33YukGUY-FRinpFkxMYR01Ex-i7DcjyxaJYkAMrwIqUkjr9dG9mCVM-5o7AgpakNLqlVrvA0o1viXuZL1xX4U_Q
IP 142.250.74.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ads/measurement/l?ebcid=ALh7CaQjbDz33YukGUY-FRinpFkxMYR01Ex-i7DcjyxaJYkAMrwIqUkjr9dG9mCVM-5o7AgpakNLqlVrvA0o1viXuZL1xX4U_Q HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 10:16:28 GMT
server: jumble_frontend_server
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/ads/measurement/l?ebcid=ALh7CaRzYPqYEhiSIISIbWC2MOoYf4w6m_OBSMVO-_SKubWdT1UGSk0PdROXJSV4R4eqT6i5lU_w7tt7mufphPODSmc-QvKLaA
142.250.74.164204 No Content 0 B URL HTTP/2 www.google.com/ads/measurement/l?ebcid=ALh7CaRzYPqYEhiSIISIbWC2MOoYf4w6m_OBSMVO-_SKubWdT1UGSk0PdROXJSV4R4eqT6i5lU_w7tt7mufphPODSmc-QvKLaA
IP 142.250.74.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ads/measurement/l?ebcid=ALh7CaRzYPqYEhiSIISIbWC2MOoYf4w6m_OBSMVO-_SKubWdT1UGSk0PdROXJSV4R4eqT6i5lU_w7tt7mufphPODSmc-QvKLaA HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 10:16:28 GMT
server: jumble_frontend_server
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mts0.google.com/vt/data=U_6tHGksqfC3hx6QtJR4Ni-lCH4hxc5awMCYlt4w0p9MlG9L_Jrp76XfLWD6Gb5TMLI7GSznX3aAYR_E1SLzDA
216.58.207.238200 OK 19 kB URL HTTP/2 mts0.google.com/vt/data=U_6tHGksqfC3hx6QtJR4Ni-lCH4hxc5awMCYlt4w0p9MlG9L_Jrp76XfLWD6Gb5TMLI7GSznX3aAYR_E1SLzDA
IP 216.58.207.238:0
File type PNG image data, 2047 x 222, 8-bit colormap, non-interlaced\012- data
Hash a3f2105e4ae4bf4bf2b93e22ce7672b1
d114c80efec01acca098794ebf5d435bcfc7b867
c0d04db86bbaa5b1439f3d7a994fd1e856631db308b6e26b6d509e17235b1ef0
GET /vt/data=U_6tHGksqfC3hx6QtJR4Ni-lCH4hxc5awMCYlt4w0p9MlG9L_Jrp76XfLWD6Gb5TMLI7GSznX3aAYR_E1SLzDA HTTP/1.1
Host: mts0.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
x-server-version-bin: CggIBBDf0cqZBg==
server: scaffolding on HTTPServer2
content-length: 18996
x-xss-protection: 0
x-frame-options: SAMEORIGIN
date: Wed, 28 Sep 2022 10:16:28 GMT
expires: Wed, 28 Sep 2022 11:16:28 GMT
cache-control: public, max-age=3600
etag: 0ede2bc31afbb8c37
content-type: image/png
age: 0
server-timing: gfet4t7; dur=35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/ads/measurement/l?ebcid=ALh7CaQMX4ikicct0QhPr3pvqAcOiBQyADCw1KKMMVd7n9iXeTLobWwmfaIM5vr8ummW_K5D8MeLhlWsGeUF3IqDJbJbA8IxdA
142.250.74.164204 No Content 0 B URL HTTP/2 www.google.com/ads/measurement/l?ebcid=ALh7CaQMX4ikicct0QhPr3pvqAcOiBQyADCw1KKMMVd7n9iXeTLobWwmfaIM5vr8ummW_K5D8MeLhlWsGeUF3IqDJbJbA8IxdA
IP 142.250.74.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ads/measurement/l?ebcid=ALh7CaQMX4ikicct0QhPr3pvqAcOiBQyADCw1KKMMVd7n9iXeTLobWwmfaIM5vr8ummW_K5D8MeLhlWsGeUF3IqDJbJbA8IxdA HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 10:16:28 GMT
server: jumble_frontend_server
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/ads/measurement/l?ebcid=ALh7CaQ5ExoiRjthqOKaeA0a1L41rcqt0wE6w9uozpdZy92OJxgMAH33tnn9ZwWVpGu3PZ4sCyGKzoAAHjT6wEiFUbZhi7zgvg
142.250.74.164204 No Content 0 B URL HTTP/2 www.google.com/ads/measurement/l?ebcid=ALh7CaQ5ExoiRjthqOKaeA0a1L41rcqt0wE6w9uozpdZy92OJxgMAH33tnn9ZwWVpGu3PZ4sCyGKzoAAHjT6wEiFUbZhi7zgvg
IP 142.250.74.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ads/measurement/l?ebcid=ALh7CaQ5ExoiRjthqOKaeA0a1L41rcqt0wE6w9uozpdZy92OJxgMAH33tnn9ZwWVpGu3PZ4sCyGKzoAAHjT6wEiFUbZhi7zgvg HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 10:16:28 GMT
server: jumble_frontend_server
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mts0.google.com/vt/data=_I7-nAfQuvvQhD9G0tDDKmR2w-FlDnewxV3P3l771b4pflnO14ExH77T5o_lA77V7gzgRCyAiDtmXmc5F9nsCg
216.58.207.238200 OK 18 kB URL HTTP/2 mts0.google.com/vt/data=_I7-nAfQuvvQhD9G0tDDKmR2w-FlDnewxV3P3l771b4pflnO14ExH77T5o_lA77V7gzgRCyAiDtmXmc5F9nsCg
IP 216.58.207.238:0
File type PNG image data, 2046 x 209, 8-bit colormap, non-interlaced\012- data
Hash 0d5a818ee513a09f05947bca5b490150
daad05a67daaa75a43e0e75a24f9ab828074c860
2af7274e4ba0ead6a97fda245bf2f66f18be02f8bc73667237937915b2f5219c
GET /vt/data=_I7-nAfQuvvQhD9G0tDDKmR2w-FlDnewxV3P3l771b4pflnO14ExH77T5o_lA77V7gzgRCyAiDtmXmc5F9nsCg HTTP/1.1
Host: mts0.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
date: Wed, 28 Sep 2022 10:16:28 GMT
expires: Wed, 28 Sep 2022 11:16:28 GMT
cache-control: public, max-age=3600
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
etag: 08827143a7cef24ff
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
x-server-version-bin: CggIBBDf0cqZBg==
server: scaffolding on HTTPServer2
content-length: 18077
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=32
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mts0.google.com/vt/data=cn5FeXgIDpvxrH6W9pP_izl1AMK56Gvoe2ROfJp1S-uDGxnFjwX97i7rzWQEbyMOUbLZ62AUxfMo9Z4Gs16YJw
216.58.207.238200 OK 17 kB URL HTTP/2 mts0.google.com/vt/data=cn5FeXgIDpvxrH6W9pP_izl1AMK56Gvoe2ROfJp1S-uDGxnFjwX97i7rzWQEbyMOUbLZ62AUxfMo9Z4Gs16YJw
IP 216.58.207.238:0
File type PNG image data, 1456 x 224, 8-bit colormap, non-interlaced\012- data
Hash 86f64792aa575c4fb176e97d8c80f520
a878afdf16064ea33fcbb2534ae0ae2365a16f64
db9e8f68ccfa961b014239b0434b0d607fe1fd4a93986c85451f16c5e8998829
GET /vt/data=cn5FeXgIDpvxrH6W9pP_izl1AMK56Gvoe2ROfJp1S-uDGxnFjwX97i7rzWQEbyMOUbLZ62AUxfMo9Z4Gs16YJw HTTP/1.1
Host: mts0.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
x-server-version-bin: CggIBBDf0cqZBg==
server: scaffolding on HTTPServer2
content-length: 16670
x-xss-protection: 0
x-frame-options: SAMEORIGIN
date: Wed, 28 Sep 2022 10:16:28 GMT
expires: Wed, 28 Sep 2022 11:16:28 GMT
cache-control: public, max-age=3600
etag: 06184203c7684499e
content-type: image/png
age: 0
server-timing: gfet4t7; dur=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
142.250.74.163200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 28288, version 1.0\012- data
Hash 53b5e785dfdca21fa7adf7119fa1f8cc
a3a86dfd216ad29183ba5493ae39d45b62f9d8b8
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
GET /s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28288
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 24 Sep 2022 16:49:11 GMT
expires: Sun, 24 Sep 2023 16:49:11 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
content-type: font/woff2
age: 322037
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ssp.wp.pl/bidder/usersync?tcf=2
212.77.99.29200 OK 281 B URL HTTP/2 ssp.wp.pl/bidder/usersync?tcf=2
IP 212.77.99.29:0
ASN #12827 Wirtualna Polska Media S.A.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (477), with no line terminators
Hash 3cc5bd08b7a270b10e3937d69295cce8
342d412c14becbf1fecd3091e0be6355791762fa
ed13833f42b1b6b979d0e7ac1e570dddf6ed8c1ec002c4f13e421e67d3af42ef
GET /bidder/usersync?tcf=2 HTTP/1.1
Host: ssp.wp.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chaumont-en-vexin-hdf.eurobillets.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 10:16:30 GMT
content-type: text/html; charset=utf-8
content-length: 281
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
last-modified: Wed, 21 Sep 2022 14:15:31 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 4e16377a477f26db2e83fcca9c616348
910a2b483557fe55dd87920dd40bccb9f31a719c
a942116a438555dad69759e183fa74dd9ba9bcd8f61f6b2a011e4f78dbb78b6e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5868
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 10:16:30 GMT
Last-Modified: Wed, 28 Sep 2022 08:38:42 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 4e16377a477f26db2e83fcca9c616348
910a2b483557fe55dd87920dd40bccb9f31a719c
a942116a438555dad69759e183fa74dd9ba9bcd8f61f6b2a011e4f78dbb78b6e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5882
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 10:16:30 GMT
Last-Modified: Wed, 28 Sep 2022 08:38:28 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 313
ssp.wp.pl/bidder/usersync?tcf=2
212.77.99.29200 OK 281 B URL HTTP/2 ssp.wp.pl/bidder/usersync?tcf=2
IP 212.77.99.29:0
ASN #12827 Wirtualna Polska Media S.A.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (477), with no line terminators
Hash 3cc5bd08b7a270b10e3937d69295cce8
342d412c14becbf1fecd3091e0be6355791762fa
ed13833f42b1b6b979d0e7ac1e570dddf6ed8c1ec002c4f13e421e67d3af42ef
GET /bidder/usersync?tcf=2 HTTP/1.1
Host: ssp.wp.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chaumont-en-vexin-hdf.eurobillets.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 10:16:30 GMT
content-type: text/html; charset=utf-8
content-length: 281
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
last-modified: Wed, 21 Sep 2022 14:15:31 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
acdn.adnxs.com/dmp/async_usersync.html
151.101.85.108200 OK 17 kB URL HTTP/1.1 acdn.adnxs.com/dmp/async_usersync.html
IP 151.101.85.108:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52990)
Hash 9c6b5ce6b3452e98573e6409c34dd73c
de607fadef62e36945a409a838eb8fc36d819b42
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
GET /dmp/async_usersync.html HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chaumont-en-vexin-hdf.eurobillets.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
ETag: W/"623de86a-cf34"
Expires: Sun, 18 Sep 2022 08:33:42 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 28 Sep 2022 10:16:30 GMT
Age: 16331
X-Served-By: cache-lga21959-LGA, cache-bma1621-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 57914
X-Timer: S1664360190.121506,VS0,VE0
Vary: Accept-Encoding
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fchaumont-en-vexin-hdf.eurobillets.com%2F&domain=chaumont-en-vexin-hdf.eurobillets.com&cw=1&lsw=1
178.250.0.157200 OK 17 kB URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fchaumont-en-vexin-hdf.eurobillets.com%2F&domain=chaumont-en-vexin-hdf.eurobillets.com&cw=1&lsw=1
IP 178.250.0.157:0
File type JSON data\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52990)
Hash 0916f8445a6e7887608a179cc218c5ea
a8d826aec7a330049660e072f925924df5d6b43d
9f3a140e02920022f68035b9ea6fa6caf946632fd40738c2f4b8c02f151c7549
OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Fchaumont-en-vexin-hdf.eurobillets.com%2F&domain=chaumont-en-vexin-hdf.eurobillets.com&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://chaumont-en-vexin-hdf.eurobillets.com/
Origin: https://chaumont-en-vexin-hdf.eurobillets.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 10:16:29 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://chaumont-en-vexin-hdf.eurobillets.com
server-processing-duration-in-ticks: 442918
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ib.adnxs.com/async_usersync?cbfn=queuePixels
37.252.173.215307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 37.252.173.215:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 28 Sep 2022 10:16:30 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 4d2141e1-c469-40a3-af25-8cf61dcc0435
Set-Cookie: uuid2=2506597386248590715; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 27-Dec-2022 10:16:30 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
143.204.55.79302 Found 0 B URL HTTP/2 s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
IP 143.204.55.79:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID HTTP/1.1
Host: s.ad.smaato.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: CloudFront
date: Wed, 28 Sep 2022 10:16:30 GMT
content-length: 0
cache-control: no-cache, must-revalidate
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.quantumdex.io/setuid?bidder=smaato&uid=eb41d1bb
set-cookie: SCM=eb41d1bb; Expires=Wed, 19 Oct 2022 10:16:30 GMT; Domain=.smaato.net; SameSite=None; Path=/; Secure
SCMp=eb41d1bb; Expires=Sat, 08 Oct 2022 22:16:30 GMT; Domain=.smaato.net; Path=/; SameSite=None; Secure
x-cache: FunctionGeneratedResponse from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: HhrGkX6ev0CEosAsOMMnWO-HLyFDCDj-UU_Yv9Hjd7HBrs1r3P3Few==
X-Firefox-Spdy: h2
ib.adnxs.com/async_usersync?cbfn=queuePixels
37.252.173.215307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 37.252.173.215:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 28 Sep 2022 10:16:30 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 9bc2b9fd-b64b-4d08-b4ca-9e99566d9441
Set-Cookie: uuid2=3705765653502253460; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 27-Dec-2022 10:16:30 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
23.38.200.201200 OK 5.5 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
IP 23.38.200.201:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15844), with no line terminators
Hash 7725e8e949141c8ded449d86975d4c04
8cd8c314a2002cc26f821d331ab9512f52a551a2
a0c49aacf6f552bce544eb8516404f696918253cd934a6404ebeafd71f8780ae
GET /AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=122267
expires: Thu, 29 Sep 2022 20:14:17 GMT
date: Wed, 28 Sep 2022 10:16:30 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
37.252.173.215200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 37.252.173.215:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 28 Sep 2022 10:16:30 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: d77228e2-1920-4bac-9e1f-81d504c2a302
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
37.252.173.215200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 37.252.173.215:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 28 Sep 2022 10:16:30 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: dc6f6b09-ba5c-4cbe-86cc-50748fcb3c5c
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 15daca568370ea4fe5bae7dd0063b492
9398d93f4b980e9ed8d009e12e35471d6b63f0a4
9ba07c0ed0a5aab71e5f0b3c471ed52bb2c69011af536ac556b19bfc1c1ce5b3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5666
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 10:16:30 GMT
Last-Modified: Wed, 28 Sep 2022 08:42:04 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 313
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fchaumont-en-vexin-hdf.eurobillets.com%2F&domain=chaumont-en-vexin-hdf.eurobillets.com&cw=1&lsw=1
178.250.0.157200 OK 402 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fchaumont-en-vexin-hdf.eurobillets.com%2F&domain=chaumont-en-vexin-hdf.eurobillets.com&cw=1&lsw=1
IP 178.250.0.157:0
File type JSON data\012- , ASCII text, with very long lines (489), with no line terminators
Hash 1e09a97f3dd322b901835230283331be
d7204f51b264a0de5aba43dfbbee2bc5429ea28c
cadc410ebbc94ebde5e912c8205e51843eef09e5924c22aa33c6f428b4ea5a82
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fchaumont-en-vexin-hdf.eurobillets.com%2F&domain=chaumont-en-vexin-hdf.eurobillets.com&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://chaumont-en-vexin-hdf.eurobillets.com
Connection: keep-alive
Referer: https://chaumont-en-vexin-hdf.eurobillets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 10:16:29 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://chaumont-en-vexin-hdf.eurobillets.com
server-processing-duration-in-ticks: 1135600
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
onetag-sys.com/usync/?pubId=2bb78272a859ca6
51.38.120.206204 No Content 0 B URL HTTP/2 onetag-sys.com/usync/?pubId=2bb78272a859ca6
IP 51.38.120.206:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/?pubId=2bb78272a859ca6 HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
sync.quantumdex.io/setuid?bidder=smaato&uid=eb41d1bb
104.22.37.96200 OK 43 B URL HTTP/2 sync.quantumdex.io/setuid?bidder=smaato&uid=eb41d1bb
IP 104.22.37.96:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
GET /setuid?bidder=smaato&uid=eb41d1bb HTTP/1.1
Host: sync.quantumdex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sync.quantumdex.io/
Connection: keep-alive
Cookie: uid=e4fd7d61-a992-489a-b839-f085e6996d52
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 10:16:30 GMT
content-type: image/gif
content-length: 43
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 751bb954dcef9903-ARN
X-Firefox-Spdy: h2
ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
37.252.173.215307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
IP 37.252.173.215:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 28 Sep 2022 10:16:30 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
AN-X-Request-Uuid: d4ed4046-70d5-4100-8d70-65a3418ccd1e
Set-Cookie: uuid2=5625076386877948652; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 27-Dec-2022 10:16:30 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
104.18.19.126302 Found 0 B URL HTTP/2 ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
IP 104.18.19.126:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP/1.1
Host: ssum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Wed, 28 Sep 2022 10:16:30 GMT
content-length: 0
location: /usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
cf-ray: 751bb9556f8db50b-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMID=YzQe-ltngFnAMdrdoPckxwAA; Path=/; Domain=casalemedia.com; Expires=Thu, 28 Sep 2023 10:16:30 GMT; Max-Age=31536000; Secure; SameSite=None
CMPS=4515; Path=/; Domain=casalemedia.com; Expires=Tue, 27 Dec 2022 10:16:30 GMT; Max-Age=7776000; Secure; SameSite=None
CMPRO=4515; Path=/; Domain=casalemedia.com; Expires=Tue, 27 Dec 2022 10:16:30 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ybnQBaJUtz3yHH5fov7lm7BN6wANIMXfKbju%2FxleNS6Fht8Q6cKDEBQ7ai1z0VfNzJRkiijAPlvG47c7mCJ%2Fr990gzC0QwNUvXVkoJDQssTXX1WZOUN2wm1RAkoVczpeZy41sCExz0S52Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash f361f713c146c79185549a5d6cbc39e5
27df56408309928139bfed6d8489d3b3a261851f
9a94f573d1f290f126014860402fc82ecb69f6253207cdbaf33c1cfc89f6d8d5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 10:16:30 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 11:23:21 GMT
Expires: Mon, 03 Oct 2022 11:23:20 GMT
Etag: "27df56408309928139bfed6d8489d3b3a261851f"
Cache-Control: max-age=435409,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751bb9556e0eb506-OSL
onetag-sys.com/usync/?pubId=2bb78272a859ca6
51.38.120.206204 No Content 0 B URL HTTP/2 onetag-sys.com/usync/?pubId=2bb78272a859ca6
IP 51.38.120.206:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/?pubId=2bb78272a859ca6 HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E
23.38.200.22302 Found 5.7 kB URL HTTP/2 hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E
IP 23.38.200.22:0
Hash d42fa7336d44e81fb8832f28644aebd3
b00c9b54c83f698bdb15257742814dfacddf24e3
55f42a7a97c1d34e5824092baeeade636865dd26393cd6bc77b96d84d64283de
GET /cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E HTTP/1.1
Host: hbx.media.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: Apache
content-length: 154
content-type: text/html
location: https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
set-cookie: data-pbs=setstatuscode~~1;Expires=Thu, 28 Sep 2023 10:16:30 GMT;path=/;domain=.media.net;
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=86400 ; includeSubDomains
x-mnet-hl2: E
expires: Wed, 28 Sep 2022 10:16:30 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 28 Sep 2022 10:16:30 GMT
X-Firefox-Spdy: h2
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
37.252.173.215302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
IP 37.252.173.215:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sync.quantumdex.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Wed, 28 Sep 2022 10:16:30 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=0
AN-X-Request-Uuid: 1dc46a62-1138-4070-a31d-efb8d101bddb
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f65ea1b3c2ae2ce920030f3e0b20e120
03ab1e585353c1d310b30d54635024489c5a8f59
195135066025e34eb86ebfdb626743667181419395bacbf4d44f124cc775a7c3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "195135066025E34EB86EBFDB626743667181419395BACBF4D44F124CC775A7C3"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6420
Expires: Wed, 28 Sep 2022 12:03:30 GMT
Date: Wed, 28 Sep 2022 10:16:30 GMT
Connection: keep-alive
usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
213.19.147.44204 No Content 0 B URL HTTP/2 usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
IP 213.19.147.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID HTTP/1.1
Host: usermatch.targeting.unrulymedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 28 Sep 2022 10:16:30 GMT
X-Firefox-Spdy: h2
id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
162.19.138.82200 43 B URL HTTP/1.1 id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
IP 162.19.138.82:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"
set-cookie: cf=; Max-Age=300; Expires=Wed, 28-Sep-2022 10:21:30 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cip=; Max-Age=300; Expires=Wed, 28-Sep-2022 10:21:30 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cnac=; Max-Age=300; Expires=Wed, 28-Sep-2022 10:21:30 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
car=; Max-Age=300; Expires=Wed, 28-Sep-2022 10:21:30 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
gdpr=; Max-Age=300; Expires=Wed, 28-Sep-2022 10:21:30 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
callback=; Max-Age=300; Expires=Wed, 28-Sep-2022 10:21:30 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
content-type: image/gif;charset=UTF-8
transfer-encoding: chunked
date: Wed, 28 Sep 2022 10:16:29 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
213.19.147.44204 No Content 0 B URL HTTP/2 usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
IP 213.19.147.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID HTTP/1.1
Host: usermatch.targeting.unrulymedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 28 Sep 2022 10:16:30 GMT
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash b136a198d3e3ea2583518132f3f68fd3
430877df5ccfc02082a7a42fb7e4a8563eea4415
7d469ee860c8f18a28d74ec08b33efe6005e292095e538c1400f5091832f75ac
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 10:16:30 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 27 Sep 2022 04:09:16 GMT
Expires: Tue, 04 Oct 2022 04:09:15 GMT
Etag: "430877df5ccfc02082a7a42fb7e4a8563eea4415"
Cache-Control: max-age=495764,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751bb955eeebb506-OSL
ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
188.42.196.115302 Found 0 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
IP 188.42.196.115:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Thu, 28 Sep 2023 10:16:30 GMT; Path=/; Domain=.betweendigital.com
tuuid=eba821c3-7f29-520f-88c6-c2cbebf2dc35; Max-Age=31536000; Expires=Thu, 28 Sep 2023 10:16:30 GMT; Path=/; Domain=.betweendigital.com
ut=YzQe_gAG2ehu0QiExxEBilZxxw0nXxvSbiSYzA==; Max-Age=31536000; Expires=Thu, 28 Sep 2023 10:16:30 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 492ce7b42105e6de0db3bcd363124533
a0a29d1f379e713b8b585e7cc6af4a36de9aa1c4
2b1b2f13eccc33c8ad94385768a61603e10260d7d0e22e9012c137ed5a5fb2d0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 10:16:30 GMT
Last-Modified: Wed, 28 Sep 2022 08:41:58 GMT
Server: ECS (bsa/EB11)
X-Cache: Miss from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: RiI9H65icLzTAIi5DCpWBVmp0st4byDKOUTijkcyzgqCvFGOIa5B-A==
Age: 5672
sync.quantumdex.io/setuid?bidder=ix&uid=0
104.22.37.96200 OK 43 B URL HTTP/2 sync.quantumdex.io/setuid?bidder=ix&uid=0
IP 104.22.37.96:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
GET /setuid?bidder=ix&uid=0 HTTP/1.1
Host: sync.quantumdex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ssum-sec.casalemedia.com/
Cookie: uid=e4fd7d61-a992-489a-b839-f085e6996d52
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 10:16:30 GMT
content-type: image/gif
content-length: 43
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 751bb955ce639903-ARN
X-Firefox-Spdy: h2
ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
104.18.19.126200 OK 151 B URL HTTP/2 ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
IP 104.18.19.126:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 55d4b51a74a2f6038d7cb1b43a5b4add
1c31cb81e36dbbfc8781109aead1cacf6ef803f2
95c3620b36dcc4d43e9e68b8646e7e6db2a2d15216802d75f18d16040e8f207c
GET /usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1 HTTP/1.1
Host: ssum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sync.quantumdex.io/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 10:16:30 GMT
content-type: text/html
cf-ray: 751bb9556f90b50b-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L48zIZLlyEu2vJr%2FrlslWookqoxODvurNKsHyH7E1nMrOpwPW8bP3khoEcyWgde2JY%2BvT%2F%2B2k%2FmTy9ZEg0IMEtDBwxdVS10cqJ8biND63u5HYH7hMNwx%2Fa31AFESRNo%2BxbCgJPh%2FdydXPg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sync.quantumdex.io/setuid?bidder=appnexus&uid=0
104.22.37.96200 OK 43 B URL HTTP/2 sync.quantumdex.io/setuid?bidder=appnexus&uid=0
IP 104.22.37.96:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
GET /setuid?bidder=appnexus&uid=0 HTTP/1.1
Host: sync.quantumdex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sync.quantumdex.io/
Connection: keep-alive
Cookie: uid=e4fd7d61-a992-489a-b839-f085e6996d52
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 10:16:30 GMT
content-type: image/gif
content-length: 43
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 751bb955ee939903-ARN
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
188.42.196.115200 OK 68 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
IP 188.42.196.115:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sync.quantumdex.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Thu, 28 Sep 2023 10:16:30 GMT; Path=/; Domain=.betweendigital.com
tuuid=27e9feed-dc21-520f-bfcc-2a2edcf834d0; Max-Age=31536000; Expires=Thu, 28 Sep 2023 10:16:30 GMT; Path=/; Domain=.betweendigital.com
ut=YzQe_gAHZohfi7_Knuq4KTwrEqmpbz54HEnG-Q==; Max-Age=31536000; Expires=Thu, 28 Sep 2023 10:16:30 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2
match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
18.198.13.189204 No Content 0 B URL HTTP/2 match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
IP 18.198.13.189:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 28 Sep 2022 10:16:30 GMT
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash 047e96796ab8871d0b0708c3d6aaa501
d4834f564ce695aa123d6586a3f4009922d7a15f
e7445ace11020eeb734982ce1199c28e920e9ec31eef5e942de8bfae7b2ec35f
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 28 Sep 2022 10:16:30 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 27 Sep 2022 22:16:12 GMT
Expires: Wed, 28 Sep 2022 22:16:12 GMT
ETag: "d4834f564ce695aa123d6586a3f4009922d7a15f"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 75859869fb220406a7c97eb3fe21995d
d306028fa874fdd7edb0f3bc10c9995e3e269f83
db816d4a9746a6f3b7585627ccc732bf66d4e4ca1142a5771103344ebb530189
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3941
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 10:16:30 GMT
Last-Modified: Wed, 28 Sep 2022 09:10:49 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ups.analytics.yahoo.com/ups/58424/occ
3.126.56.137302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58424/occ
IP 3.126.56.137:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58424/occ HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 28 Sep 2022 10:16:30 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBP4eNGMCEP74fqn3kS3k6fgRzRhUDy8FEgEBAQFwNWM-YwAAAAAA_eMAAA&S=AQAAAlpnTbY8KwMlwLC_fJCckV4; Expires=Thu, 28 Sep 2023 16:16:30 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
216.52.2.39204 No Content 0 B URL HTTP/1.1 ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
IP 216.52.2.39:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP/1.1
Host: ap.lijit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
date: Wed, 28 Sep 2022 10:16:30 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
pod: X-Sovrn-Pod: ad_ap7ams1
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 2b39c319881486b66e70b80408f59ec2
992ea6dbb4104f623844077e38d98b7d12cef1a9
1924bf276cd37ddc4a03b9486399e7824604d8e9a11a7e1b41afe16cb02a1aa2
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 10:16:30 GMT
Last-Modified: Wed, 28 Sep 2022 08:51:12 GMT
Server: ECS (bsa/EB14)
X-Cache: Miss from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: zI2iShkxzI9xwXCup6tfD2TUn5eeaS62X9CQXJ0Jr7b7yZT7KrAnGg==
Age: 5118
ups.analytics.yahoo.com/ups/58424/occ?verify=true
3.126.56.137204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58424/occ?verify=true
IP 3.126.56.137:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58424/occ?verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sync.quantumdex.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 28 Sep 2022 10:16:30 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBP4eNGMCEIi_OtMTkTv4zIH2cRdQGHwFEgEBAQFwNWM-YwAAAAAA_eMAAA&S=AQAAAlh1TSx-1s2AbjTDNmbC1Kc; Expires=Thu, 28 Sep 2023 16:16:30 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash f361f713c146c79185549a5d6cbc39e5
27df56408309928139bfed6d8489d3b3a261851f
9a94f573d1f290f126014860402fc82ecb69f6253207cdbaf33c1cfc89f6d8d5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 10:16:30 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 11:23:21 GMT
Expires: Mon, 03 Oct 2022 11:23:20 GMT
Etag: "27df56408309928139bfed6d8489d3b3a261851f"
Cache-Control: max-age=435409,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751bb955a8dbb4fd-OSL
ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
34.232.108.54302 Found 0 B URL HTTP/2 ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
IP 34.232.108.54:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP/1.1
Host: ssp.disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 28 Sep 2022 10:16:30 GMT
content-length: 0
location: https://ce.lijit.com/merge?pid=279534&3pid=ua-7fbaab18-0036-3cb8-88c2-ce5350ae9908&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS03ZmJhYWIxOC0wMDM2LTNjYjgtODhjMi1jZTUzNTBhZTk5MDga7AFDUGY2VE1BUGY2VE1BQkVBQ0JFTkNpQ2dBQUFBQUhfQUFBSXdBQUFSX2FfLXZfLTN2X1A5XzNfX19ibzh4cV83XzNfXzlwbkhDLTdiOTRidV8tdi1YNHZfc1ozZUx2MWJYd1ZjanhKZHUyQ1FnN2FPZE80bXBOajFSS3JYbWZZM0pzNVgyYVVULWZKTlBZMjlzNndNUDdfUDdfbi15VXozX19fX19fM19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX0FBQSpgaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj16ZXRhLWdsb2JhbCZ1aWQ9dWEtN2ZiYWFiMTgtMDAzNi0zY2I4LTg4YzItY2U1MzUwYWU5OTA4MgIMEjgB
vary: origin
cache-control: no-store
pragma: no-cache
expires: 0
set-cookie: zeta-ssp-user-id=ua-7fbaab18-0036-3cb8-88c2-ce5350ae9908; Max-Age=31536000; Expires=Thu, 28 Sep 2023 10:16:30 GMT; Path=/; Domain=disqus.com; Secure; SameSite=None
X-Firefox-Spdy: h2
ce.lijit.com/merge?pid=279534&3pid=ua-7fbaab18-0036-3cb8-88c2-ce5350ae9908&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS03ZmJhYWIxOC0wMDM2LTNjYjgtODhjMi1jZTUzNTBhZTk5MDga7AFDUGY2VE1BUGY2VE1BQkVBQ0JFTkNpQ2dBQUFBQUhfQUFBSXdBQUFSX2FfLXZfLTN2X1A5XzNfX19ibzh4cV83XzNfXzlwbkhDLTdiOTRidV8tdi1YNHZfc1ozZUx2MWJYd1ZjanhKZHUyQ1FnN2FPZE80bXBOajFSS3JYbWZZM0pzNVgyYVVULWZKTlBZMjlzNndNUDdfUDdfbi15VXozX19fX19fM19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX0FBQSpgaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj16ZXRhLWdsb2JhbCZ1aWQ9dWEtN2ZiYWFiMTgtMDAzNi0zY2I4LTg4YzItY2U1MzUwYWU5OTA4MgIMEjgB
72.251.249.13302 Found 0 B URL HTTP/1.1 ce.lijit.com/merge?pid=279534&3pid=ua-7fbaab18-0036-3cb8-88c2-ce5350ae9908&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS03ZmJhYWIxOC0wMDM2LTNjYjgtODhjMi1jZTUzNTBhZTk5MDga7AFDUGY2VE1BUGY2VE1BQkVBQ0JFTkNpQ2dBQUFBQUhfQUFBSXdBQUFSX2FfLXZfLTN2X1A5XzNfX19ibzh4cV83XzNfXzlwbkhDLTdiOTRidV8tdi1YNHZfc1ozZUx2MWJYd1ZjanhKZHUyQ1FnN2FPZE80bXBOajFSS3JYbWZZM0pzNVgyYVVULWZKTlBZMjlzNndNUDdfUDdfbi15VXozX19fX19fM19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX0FBQSpgaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj16ZXRhLWdsb2JhbCZ1aWQ9dWEtN2ZiYWFiMTgtMDAzNi0zY2I4LTg4YzItY2U1MzUwYWU5OTA4MgIMEjgB
IP 72.251.249.13:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /merge?pid=279534&3pid=ua-7fbaab18-0036-3cb8-88c2-ce5350ae9908&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS03ZmJhYWIxOC0wMDM2LTNjYjgtODhjMi1jZTUzNTBhZTk5MDga7AFDUGY2VE1BUGY2VE1BQkVBQ0JFTkNpQ2dBQUFBQUhfQUFBSXdBQUFSX2FfLXZfLTN2X1A5XzNfX19ibzh4cV83XzNfXzlwbkhDLTdiOTRidV8tdi1YNHZfc1ozZUx2MWJYd1ZjanhKZHUyQ1FnN2FPZE80bXBOajFSS3JYbWZZM0pzNVgyYVVULWZKTlBZMjlzNndNUDdfUDdfbi15VXozX19fX19fM19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX0FBQSpgaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj16ZXRhLWdsb2JhbCZ1aWQ9dWEtN2ZiYWFiMTgtMDAzNi0zY2I4LTg4YzItY2U1MzUwYWU5OTA4MgIMEjgB HTTP/1.1
Host: ce.lijit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sync.quantumdex.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Wed, 28 Sep 2022 10:16:31 GMT
Set-Cookie: ljt_reader=FZCIqRZHqT273WOWTIeyqpnB; Path=/; Domain=.lijit.com; Expires=Thu, 28-Sep-2023 10:16:31 GMT; Max-Age=31536000;Secure;SameSite=None
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=279534&3pid=ua-7fbaab18-0036-3cb8-88c2-ce5350ae9908&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS03ZmJhYWIxOC0wMDM2LTNjYjgtODhjMi1jZTUzNTBhZTk5MDga7AFDUGY2VE1BUGY2VE1BQkVBQ0JFTkNpQ2dBQUFBQUhfQUFBSXdBQUFSX2FfLXZfLTN2X1A5XzNfX19ibzh4cV83XzNfXzlwbkhDLTdiOTRidV8tdi1YNHZfc1ozZUx2MWJYd1ZjanhKZHUyQ1FnN2FPZE80bXBOajFSS3JYbWZZM0pzNVgyYVVULWZKTlBZMjlzNndNUDdfUDdfbi15VXozX19fX19fM19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX0FBQSpgaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj16ZXRhLWdsb2JhbCZ1aWQ9dWEtN2ZiYWFiMTgtMDAzNi0zY2I4LTg4YzItY2U1MzUwYWU5OTA4MgIMEjgB&dnr=1
Content-Length: 0
X-Sovrn-Pod: ad_ap2ams1
ce.lijit.com/merge?pid=279534&3pid=ua-7fbaab18-0036-3cb8-88c2-ce5350ae9908&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS03ZmJhYWIxOC0wMDM2LTNjYjgtODhjMi1jZTUzNTBhZTk5MDga7AFDUGY2VE1BUGY2VE1BQkVBQ0JFTkNpQ2dBQUFBQUhfQUFBSXdBQUFSX2FfLXZfLTN2X1A5XzNfX19ibzh4cV83XzNfXzlwbkhDLTdiOTRidV8tdi1YNHZfc1ozZUx2MWJYd1ZjanhKZHUyQ1FnN2FPZE80bXBOajFSS3JYbWZZM0pzNVgyYVVULWZKTlBZMjlzNndNUDdfUDdfbi15VXozX19fX19fM19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX0FBQSpgaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj16ZXRhLWdsb2JhbCZ1aWQ9dWEtN2ZiYWFiMTgtMDAzNi0zY2I4LTg4YzItY2U1MzUwYWU5OTA4MgIMEjgB&dnr=1
72.251.249.13204 No Content 0 B URL HTTP/1.1 ce.lijit.com/merge?pid=279534&3pid=ua-7fbaab18-0036-3cb8-88c2-ce5350ae9908&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS03ZmJhYWIxOC0wMDM2LTNjYjgtODhjMi1jZTUzNTBhZTk5MDga7AFDUGY2VE1BUGY2VE1BQkVBQ0JFTkNpQ2dBQUFBQUhfQUFBSXdBQUFSX2FfLXZfLTN2X1A5XzNfX19ibzh4cV83XzNfXzlwbkhDLTdiOTRidV8tdi1YNHZfc1ozZUx2MWJYd1ZjanhKZHUyQ1FnN2FPZE80bXBOajFSS3JYbWZZM0pzNVgyYVVULWZKTlBZMjlzNndNUDdfUDdfbi15VXozX19fX19fM19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX0FBQSpgaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj16ZXRhLWdsb2JhbCZ1aWQ9dWEtN2ZiYWFiMTgtMDAzNi0zY2I4LTg4YzItY2U1MzUwYWU5OTA4MgIMEjgB&dnr=1
IP 72.251.249.13:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /merge?pid=279534&3pid=ua-7fbaab18-0036-3cb8-88c2-ce5350ae9908&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS03ZmJhYWIxOC0wMDM2LTNjYjgtODhjMi1jZTUzNTBhZTk5MDga7AFDUGY2VE1BUGY2VE1BQkVBQ0JFTkNpQ2dBQUFBQUhfQUFBSXdBQUFSX2FfLXZfLTN2X1A5XzNfX19ibzh4cV83XzNfXzlwbkhDLTdiOTRidV8tdi1YNHZfc1ozZUx2MWJYd1ZjanhKZHUyQ1FnN2FPZE80bXBOajFSS3JYbWZZM0pzNVgyYVVULWZKTlBZMjlzNndNUDdfUDdfbi15VXozX19fX19fM19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX0FBQSpgaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj16ZXRhLWdsb2JhbCZ1aWQ9dWEtN2ZiYWFiMTgtMDAzNi0zY2I4LTg4YzItY2U1MzUwYWU5OTA4MgIMEjgB&dnr=1 HTTP/1.1
Host: ce.lijit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sync.quantumdex.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Wed, 28 Sep 2022 10:16:31 GMT
Set-Cookie: ljt_reader=FZCIqRZHRin4CpB1QLyABCpR; Path=/; Domain=.lijit.com; Expires=Thu, 28-Sep-2023 10:16:31 GMT; Max-Age=31536000;Secure;SameSite=None
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
X-Sovrn-Pod: ad_ap2ams1
ib.adnxs.com/async_usersync?cbfn=queuePixels
37.252.173.215307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 37.252.173.215:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 28 Sep 2022 10:16:31 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 0216a7bb-acd9-4d09-9435-1d8059b40df4
Set-Cookie: uuid2=8555778166948604466; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 27-Dec-2022 10:16:31 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
37.252.173.215200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 37.252.173.215:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 28 Sep 2022 10:16:31 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 98a432d4-39d8-41a8-a4be-5e9a8dd96678
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/async_usersync?cbfn=queuePixels
37.252.173.215307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 37.252.173.215:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 28 Sep 2022 10:16:31 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: c724bc9d-e4dd-4e0e-8fda-bd615df2146f
Set-Cookie: uuid2=5260676253353087874; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 27-Dec-2022 10:16:31 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
37.252.173.215200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 37.252.173.215:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 28 Sep 2022 10:16:31 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 43fc1016-6eee-435c-9660-0403d5858b31
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
sync.quantumdex.io/usersync/apacdex
104.22.37.96200 OK 0 B URL HTTP/2 sync.quantumdex.io/usersync/apacdex
IP 104.22.37.96:0
GET /usersync/apacdex HTTP/1.1
Host: sync.quantumdex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chaumont-en-vexin-hdf.eurobillets.com/
Cookie: uid=e4fd7d61-a992-489a-b839-f085e6996d52
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 10:16:30 GMT
content-type: text/html
set-cookie: uid=e4fd7d61-a992-489a-b839-f085e6996d52; expires=Sat, 08 Oct 2022 10:16:30 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 751bb9539a6a9903-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
sync.quantumdex.io/usersync/apacdex
104.22.37.96200 OK 0 B URL HTTP/2 sync.quantumdex.io/usersync/apacdex
IP 104.22.37.96:0
GET /usersync/apacdex HTTP/1.1
Host: sync.quantumdex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chaumont-en-vexin-hdf.eurobillets.com/
Cookie: uid=e4fd7d61-a992-489a-b839-f085e6996d52
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 10:16:30 GMT
content-type: text/html
set-cookie: uid=e4fd7d61-a992-489a-b839-f085e6996d52; expires=Sat, 08 Oct 2022 10:16:30 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 751bb9545c0d9903-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
std.wpcdn.pl/wpjslib6/wpjslib-sync.js
212.77.98.32200 OK 0 B URL HTTP/2 std.wpcdn.pl/wpjslib6/wpjslib-sync.js
IP 212.77.98.32:0
ASN #12827 Wirtualna Polska Media S.A.
GET /wpjslib6/wpjslib-sync.js HTTP/1.1
Host: std.wpcdn.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ssp.wp.pl
Connection: keep-alive
Referer: https://ssp.wp.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 10:16:30 GMT
content-type: application/javascript
last-modified: Tue, 27 Sep 2022 12:53:41 GMT
x-rgw-object-type: Normal
etag: W/"6f707d62df9c619a9aa3aa2efcb82678"
cache-control: max-age=900, stale-while-revalidate=86400
content-encoding: br
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 300
timing-allow-origin: *
X-Firefox-Spdy: h2
chaumont-en-vexin-hdf.eurobillets.com/supermarches-match-8
104.21.83.238200 OK 0 B URL HTTP/2 chaumont-en-vexin-hdf.eurobillets.com/supermarches-match-8
IP 104.21.83.238:0
GET /supermarches-match-8 HTTP/1.1
Host: chaumont-en-vexin-hdf.eurobillets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 28 Sep 2022 10:16:25 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=qvlsc2m53sjuh4asrem4r94q62; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
x-ua-compatible: IE=edge
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mqv%2FJwzY7bTR72wYmsnSPEumoNKRy08TnsAlPJheYEfDTN0JTLXAngWSp2rc3NfQ3w1iftWuwY3RyMmmeu%2B5lxqImhNCU5%2BQ5yVX1xtCylysgvQ%2FbRlHqwS%2FvbNgFwoQ5z62KB8J9c4F0GiwRV4YhKXkYv1tR1bc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751bb93429efb523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
script.4dex.io/adagio.js
104.26.8.169200 OK 0 B IP 104.26.8.169:0
GET /adagio.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaumont-en-vexin-hdf.eurobillets.com/
Origin: https://chaumont-en-vexin-hdf.eurobillets.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 10:16:26 GMT
content-type: application/javascript
access-control-allow-headers: Authorization
access-control-max-age: 3000
x-amz-id-2: txe110cde0646b45be9a3c6-0063341efa
access-control-allow-credentials: true
x-amz-request-id: txe110cde0646b45be9a3c6-0063341efa
last-modified: Mon, 26 Sep 2022 09:01:16 GMT
etag: W/"def38d7482d5ca96063df889ba7bcc30"
cache-control: public, max-age=1800
x-amz-version-id: 1664182876082916
access-control-allow-methods: GET
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HSs8eAF0g9qfHrnM%2BYVGcwZFW8DMzEb9hFr7ZqoWBhPMPOh0bNHyTEnhQ8bvra2%2F8%2FZLV7Ro3xeAsf5YxQaa2Z5Ng%2FF6cpOpG806kvfAqYR5Cn4OEcB7c0ot4dDpQPlM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751bb93bcb11b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
adx.adform.net/adx/openrtb
37.157.3.29200 OK 0 B URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.3.29:0
OPTIONS /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://chaumont-en-vexin-hdf.eurobillets.com/
Origin: https://chaumont-en-vexin-hdf.eurobillets.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 10:16:26 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://chaumont-en-vexin-hdf.eurobillets.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
mc.yandex.ru/watch/48396329?wmode=7&page-url=https%3A%2F%2Fchaumont-en-vexin-hdf.eurobillets.com%2Fsupermarches-match-8&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hff9a0%3Afp%3A1030%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1218770283740%3Ahid%3A834448753%3Az%3A0%3Ai%3A20220928101623%3Aet%3A1664360184%3Ac%3A1%3Arn%3A467697353%3Arqn%3A1%3Au%3A166436018418832940%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A1%2C220%2C132%2C1%2C324%2C0%2C%2C521%2C5%2C%2C%2C%2C1224%3Ans%3A1664360181976%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664360184%3At%3ASupermarch%C3%A9s%20Match%20%E2%80%94%20le%20magasin%20and%20supermarch%C3%A9%20%E2%80%94%20Chaumont-en-Vexin%2C%20Hauts-de-France&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
93.158.134.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/48396329?wmode=7&page-url=https%3A%2F%2Fchaumont-en-vexin-hdf.eurobillets.com%2Fsupermarches-match-8&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hff9a0%3Afp%3A1030%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1218770283740%3Ahid%3A834448753%3Az%3A0%3Ai%3A20220928101623%3Aet%3A1664360184%3Ac%3A1%3Arn%3A467697353%3Arqn%3A1%3Au%3A166436018418832940%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A1%2C220%2C132%2C1%2C324%2C0%2C%2C521%2C5%2C%2C%2C%2C1224%3Ans%3A1664360181976%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664360184%3At%3ASupermarch%C3%A9s%20Match%20%E2%80%94%20le%20magasin%20and%20supermarch%C3%A9%20%E2%80%94%20Chaumont-en-Vexin%2C%20Hauts-de-France&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
IP 93.158.134.119:0
GET /watch/48396329?wmode=7&page-url=https%3A%2F%2Fchaumont-en-vexin-hdf.eurobillets.com%2Fsupermarches-match-8&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hff9a0%3Afp%3A1030%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1218770283740%3Ahid%3A834448753%3Az%3A0%3Ai%3A20220928101623%3Aet%3A1664360184%3Ac%3A1%3Arn%3A467697353%3Arqn%3A1%3Au%3A166436018418832940%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A1%2C220%2C132%2C1%2C324%2C0%2C%2C521%2C5%2C%2C%2C%2C1224%3Ans%3A1664360181976%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664360184%3At%3ASupermarch%C3%A9s%20Match%20%E2%80%94%20le%20magasin%20and%20supermarch%C3%A9%20%E2%80%94%20Chaumont-en-Vexin%2C%20Hauts-de-France&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://chaumont-en-vexin-hdf.eurobillets.com
Connection: keep-alive
Referer: https://chaumont-en-vexin-hdf.eurobillets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/48396329/1?wmode=7&page-url=https%3A%2F%2Fchaumont-en-vexin-hdf.eurobillets.com%2Fsupermarches-match-8&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hff9a0%3Afp%3A1030%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1218770283740%3Ahid%3A834448753%3Az%3A0%3Ai%3A20220928101623%3Aet%3A1664360184%3Ac%3A1%3Arn%3A467697353%3Arqn%3A1%3Au%3A166436018418832940%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A1%2C220%2C132%2C1%2C324%2C0%2C%2C521%2C5%2C%2C%2C%2C1224%3Ans%3A1664360181976%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664360184%3At%3ASupermarch%C3%A9s%20Match%20%E2%80%94%20le%20magasin%20and%20supermarch%C3%A9%20%E2%80%94%20Chaumont-en-Vexin%2C%20Hauts-de-France&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Wed, 28 Sep 2022 10:16:26 GMT
access-control-allow-origin: https://chaumont-en-vexin-hdf.eurobillets.com
set-cookie: yandexuid=3214219711664360186; Expires=Thu, 28-Sep-2023 10:16:26 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=3214219711664360186; Expires=Thu, 28-Sep-2023 10:16:26 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=446746891664360186; Path=/; SameSite=None; Secure
i=HK+nRpwtR34IIWOLTqj4K8n3BSpcMjGRTbrj2uX13S6OYuxI+3fNqJBAeozBTAgxEYSKh8Inch00uxUeybP8ZJYA9Zo=; Expires=Sat, 25-Sep-2032 10:16:25 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1695896186.yrts.1664360186#1695896186.yrtsi.1664360186; Expires=Thu, 28-Sep-2023 10:16:26 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 28-Sep-2022 10:16:26 GMT
last-modified: Wed, 28-Sep-2022 10:16:26 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2