targon-naq.eurobillets.com/etablissement-montagne/
301 Moved Permanently 0 B URL HTTP/1.1 targon-naq.eurobillets.com/etablissement-montagne/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /etablissement-montagne/ HTTP/1.1
Host: targon-naq.eurobillets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 12 Sep 2022 12:37:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 12 Sep 2022 13:37:34 GMT
Location: https://targon-naq.eurobillets.com/etablissement-montagne/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cFuf7R0uP0JKrmZ15sYwO5LblSjAasazv6fDvZ9e6Hq5hXwlaS272aSBcToQMqmebMv2FRf2i9WZUmr3nR6RGznV5j8pngNi5kkP2lgVyqKFNEg%2BZEnDbHXo1X5zFahhaE2TOtZqvj6QkB2%2BEw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7498b1fbdf3afac0-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 12 Sep 2022 12:08:12 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: TPI7K4ulc04p21fWnHxSU_YELKxDL6kl2Tf7ZZXjMMlw8j4mHutnlA==
Age: 1762
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 12 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: c4ocmOWx3dyYGFWtLmJB2RAMUYe3yLaiKkTK3lRnv6UytZX4OimqLg==
age: 19222
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 76d5eb597558e3dee0d99719d17e71e0
f3a0f3932fa8059f27dc9422d523b938fa9a7d09
d16de6cc9eb0e1297f53dc1137bb764bf5c21a7727be32ad05afebd1fe9501ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8301
Expires: Mon, 12 Sep 2022 14:55:55 GMT
Date: Mon, 12 Sep 2022 12:37:34 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 12:37:34 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c3d8032059a24d14d00c2ee5d8840c01
62efae1ea6aaea612a12d42b6e5b65d24be11437
2319fe90c8b4d3cc41ec9cce275c82d19fb764015196bd1c52dfb9c5d85b9b0b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 12:37:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-115920637-8
200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-115920637-8
IP
File type ASCII text, with very long lines (1615)
Hash f2ee252c41d4fe6bd3b9e1ce7c211ff4
2eb58917ba9f62c9da4382237c1467eaa3690fe5
d0e96a1210e18cb7ec373cb768f0e5fd2abd5790ab24f125f839fa9ffb824652
GET /gtag/js?id=UA-115920637-8 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://targon-naq.eurobillets.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 12 Sep 2022 12:37:35 GMT
expires: Mon, 12 Sep 2022 12:37:35 GMT
cache-control: private, max-age=900
last-modified: Mon, 12 Sep 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41968
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 43ec710eac918bed92ad89743bcdf439
4c0285aa04ccba9716e18ced3796366ed975fa96
947000ae956939bd13b32deaa0575bebcd38033abf8da8b393c0bc1b6c94ee77
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "947000AE956939BD13B32DEAA0575BEBCD38033ABF8DA8B393C0BC1B6C94EE77"
Last-Modified: Mon, 12 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3681
Expires: Mon, 12 Sep 2022 13:38:56 GMT
Date: Mon, 12 Sep 2022 12:37:35 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c3d8032059a24d14d00c2ee5d8840c01
62efae1ea6aaea612a12d42b6e5b65d24be11437
2319fe90c8b4d3cc41ec9cce275c82d19fb764015196bd1c52dfb9c5d85b9b0b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 12:37:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash bff3a3f3f4f889b08163e7d307438790
c430c7c151973fa0e63ddf52e5624e1ce2282161
bce7d12a2343d8e43fbd05522fe82807ed48933a984aa113c284267364981750
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 12:37:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
get.optad360.io/sf/prebid5.14.0.js
200 OK 481 kB URL HTTP/2 get.optad360.io/sf/prebid5.14.0.js
IP
Size 481 kB (481405 bytes)
Hash bdb22c86ef8b4eab01c11b3b84149b02
0312d8edb74929845d58117634c78b4d909ef849
c5c2d932e34f2685a530f7aa80aeb9920fbad9a4b1e56fae4c41bb9eb399dd1f
GET /sf/prebid5.14.0.js HTTP/1.1
Host: get.optad360.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://targon-naq.eurobillets.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 471445
date: Thu, 28 Jul 2022 03:43:18 GMT
last-modified: Thu, 23 Sep 2021 07:59:54 GMT
etag: "6dd0a13bde35d2daa452bba998871016"
cache-control: public, max-age=360000000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: cGmkYvHssyF4hWyUIpCvEBxrEXH7lLRhFfUFqJ-iFyzsuBinBBINmA==
age: 4006458
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash bff3a3f3f4f889b08163e7d307438790
c430c7c151973fa0e63ddf52e5624e1ce2282161
bce7d12a2343d8e43fbd05522fe82807ed48933a984aa113c284267364981750
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 12:37:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://targon-naq.eurobillets.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Mon, 12 Sep 2022 10:41:12 GMT
expires: Mon, 12 Sep 2022 12:41:12 GMT
cache-control: public, max-age=7200
age: 6983
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:400,300,700&subset=latin
200 OK 1.0 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,300,700&subset=latin
IP
Hash ce9f42ed548da692ba6a199f28aebccd
7151bfc9c62409982f214ca2f49c4c509f3c1825
55a1b2047a7e384bb9f5a586933c2993a1419899fd05bed33472f4c691b2810e
GET /css?family=Open+Sans:400,300,700&subset=latin HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://targon-naq.eurobillets.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 12 Sep 2022 12:37:35 GMT
date: Mon, 12 Sep 2022 12:37:35 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
a.tile.openstreetmap.org/16/32721/23642.png
200 OK 6.3 kB URL HTTP/1.1 a.tile.openstreetmap.org/16/32721/23642.png
IP
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash 43b242219f804ab2eda46d720b339112
c4a7abb94a6593fb18f95807d4ee1452f96e06ee
6db12a6aa9c36d5401cab7a28c468ee15b119f3a7bef09f0f3b7ffc17d242894
GET /16/32721/23642.png HTTP/1.1
Host: a.tile.openstreetmap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: https://targon-naq.eurobillets.com
Connection: keep-alive
HTTP/1.1 200 OK
Server: Apache/2.4.54 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expect-CT: max-age=0
Access-Control-Allow-Origin: *
ETag: "43b242219f804ab2eda46d720b339112"
Cache-Control: max-age=262739, stale-while-revalidate=604800, stale-if-error=604800
Expires: Thu, 15 Sep 2022 13:36:34 GMT
X-TileRender: nidhogg.openstreetmap.org
Content-Type: image/png
Content-Length: 6250
Accept-Ranges: bytes
Date: Mon, 12 Sep 2022 12:37:35 GMT
Via: 1.1 varnish
Age: 0
Connection: keep-alive
X-Served-By: cache-bma1673-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1662986256.775854,VS0,VE10
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 324364e9311c1f7cb5e4068f3d947d5d
ddb00dc97404cee267838983ce8bb4ae48d6647a
d6cc296b22c48f9e7bb3a905dd9e899441ae7c29faec4a62e71628e1f23d61a2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 12:37:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
c.tile.openstreetmap.org/16/32720/23642.png
200 OK 13 kB URL HTTP/1.1 c.tile.openstreetmap.org/16/32720/23642.png
IP
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash 1fe9f725007ad01dc3fb2e2155ad7307
f3720767e4c084b8f1710ac73842b258264c42de
8acb860ceead82f799f797bd2ca348edfd93ae0f29af3c49494ce21c1e5e855b
GET /16/32720/23642.png HTTP/1.1
Host: c.tile.openstreetmap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: https://targon-naq.eurobillets.com
Connection: keep-alive
HTTP/1.1 200 OK
Server: Apache/2.4.54 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expect-CT: max-age=0
Access-Control-Allow-Origin: *
ETag: "1fe9f725007ad01dc3fb2e2155ad7307"
Cache-Control: max-age=265412, stale-while-revalidate=604800, stale-if-error=604800
Expires: Thu, 15 Sep 2022 14:21:07 GMT
X-TileRender: nidhogg.openstreetmap.org
Content-Type: image/png
Content-Length: 12872
Accept-Ranges: bytes
Date: Mon, 12 Sep 2022 12:37:35 GMT
Via: 1.1 varnish
Age: 0
Connection: keep-alive
X-Served-By: cache-bma1632-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1662986256.775553,VS0,VE12
a.tile.openstreetmap.org/16/32720/23643.png
200 OK 204 kB URL HTTP/1.1 a.tile.openstreetmap.org/16/32720/23643.png
IP
Size 204 kB (204390 bytes)
Hash 4a431c73a2b0d5f0c418d57991595bf2
6cabab9ad24636fc7608dcd92a8d8d4db268e4d6
c08a1ee1728a53203e71e67ab01f99cfc01f8d6db724f8cff8408550ecc1ed57
GET /16/32720/23643.png HTTP/1.1
Host: a.tile.openstreetmap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: https://targon-naq.eurobillets.com
Connection: keep-alive
HTTP/1.1 200 OK
Server: Apache/2.4.54 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expect-CT: max-age=0
Access-Control-Allow-Origin: *
ETag: "66357950cf427b0928ae87a29e9e96f8"
Cache-Control: max-age=263708, stale-while-revalidate=604800, stale-if-error=604800
Expires: Thu, 15 Sep 2022 13:52:43 GMT
X-TileRender: nidhogg.openstreetmap.org
Content-Type: image/png
Content-Length: 15563
Accept-Ranges: bytes
Date: Mon, 12 Sep 2022 12:37:35 GMT
Via: 1.1 varnish
Age: 0
Connection: keep-alive
X-Served-By: cache-bma1674-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1662986256.776351,VS0,VE11
c.tile.openstreetmap.org/16/32721/23643.png
200 OK 15 kB URL HTTP/1.1 c.tile.openstreetmap.org/16/32721/23643.png
IP
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash d2d3c47532e0cc5676e71cf640e70c5c
14fea1f9d624b6edea5ae1bbf14f9ba8c8d78ca8
c3f8b931e3249c0ae9880276c9f4d063afa1aefdf42d7fdec4e80f7b23ed5749
GET /16/32721/23643.png HTTP/1.1
Host: c.tile.openstreetmap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: https://targon-naq.eurobillets.com
Connection: keep-alive
HTTP/1.1 200 OK
Server: Apache/2.4.54 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expect-CT: max-age=0
Access-Control-Allow-Origin: *
ETag: "d2d3c47532e0cc5676e71cf640e70c5c"
Cache-Control: max-age=264516, stale-while-revalidate=604800, stale-if-error=604800
Expires: Thu, 15 Sep 2022 14:06:11 GMT
X-TileRender: nidhogg.openstreetmap.org
Content-Type: image/png
Content-Length: 14630
Accept-Ranges: bytes
Date: Mon, 12 Sep 2022 12:37:35 GMT
Via: 1.1 varnish
Age: 0
Connection: keep-alive
X-Served-By: cache-bma1661-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1662986256.786274,VS0,VE11
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 4894843dd17150368f9e81305262c361
09c1036ec45f4da92b1749c5b0a76062d32ee681
5242d2bcde6e9f49b38e0749771de0388b9687af78be7b13a27e147b3e38684e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 12:37:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 4894843dd17150368f9e81305262c361
09c1036ec45f4da92b1749c5b0a76062d32ee681
5242d2bcde6e9f49b38e0749771de0388b9687af78be7b13a27e147b3e38684e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 12:37:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
b.tile.openstreetmap.org/16/32721/23644.png
200 OK 5.5 kB URL HTTP/1.1 b.tile.openstreetmap.org/16/32721/23644.png
IP
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash 9e720544fb2c5eb715ab7ac3e7a5f7d4
12a6c070fe178dce4637f1923688c6f9e6d5e407
f3cfafd394347ccc6cb7ca91fc73071b9c1bf35455cd48a35e2359b71f3c50e3
GET /16/32721/23644.png HTTP/1.1
Host: b.tile.openstreetmap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: https://targon-naq.eurobillets.com
Connection: keep-alive
HTTP/1.1 200 OK
Server: Apache/2.4.54 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expect-CT: max-age=0
Access-Control-Allow-Origin: *
ETag: "9e720544fb2c5eb715ab7ac3e7a5f7d4"
Cache-Control: max-age=260464, stale-while-revalidate=604800, stale-if-error=604800
Expires: Thu, 15 Sep 2022 12:58:39 GMT
X-TileRender: nidhogg.openstreetmap.org
Content-Type: image/png
Content-Length: 5511
Accept-Ranges: bytes
Date: Mon, 12 Sep 2022 12:37:35 GMT
Via: 1.1 varnish
Age: 0
Connection: keep-alive
X-Served-By: cache-bma1650-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1662986256.835594,VS0,VE10
b.tile.openstreetmap.org/16/32720/23644.png
200 OK 6.0 kB URL HTTP/1.1 b.tile.openstreetmap.org/16/32720/23644.png
IP
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash c3683ed077950cef3847a2c1dc39fe64
fcd92519fe8c230d28ea5287fe24ad662897912f
ea62dd9bd9972881700462cef525bc66074e0298c98c95be604b180c7e3bf9c9
GET /16/32720/23644.png HTTP/1.1
Host: b.tile.openstreetmap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: https://targon-naq.eurobillets.com
Connection: keep-alive
HTTP/1.1 200 OK
Server: Apache/2.4.54 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expect-CT: max-age=0
Access-Control-Allow-Origin: *
ETag: "c3683ed077950cef3847a2c1dc39fe64"
Cache-Control: max-age=257596, stale-while-revalidate=604800, stale-if-error=604800
Expires: Thu, 15 Sep 2022 12:10:51 GMT
X-TileRender: nidhogg.openstreetmap.org
Content-Type: image/png
Content-Length: 6027
Accept-Ranges: bytes
Date: Mon, 12 Sep 2022 12:37:35 GMT
Via: 1.1 varnish
Age: 0
Connection: keep-alive
X-Served-By: cache-bma1667-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1662986256.835774,VS0,VE10
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://targon-naq.eurobillets.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 08:31:01 GMT
expires: Wed, 06 Sep 2023 08:31:01 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
age: 533194
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
200 OK 58 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP
Hash f9703abbfe3bb5ab3aaf3d49e1b00f9e
8cfdad1b1eb00a6636873c46bb68602d6e36a703
3fe5002a3b26af26746acf9d7449c0e478c0e47304dae0f24b6fc7f9830276d2
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://targon-naq.eurobillets.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
date: Mon, 12 Sep 2022 12:37:35 GMT
expires: Mon, 12 Sep 2022 12:37:35 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 4597801612530969662
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 57422
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP
Hash 7f14145ff64cb69780b710374df093a0
a377adf25b934fbe863d4e4a43d60ba97f757422
77b70b2232479efd07c82a4c92dbb7b65bada0487f58b7b14b8773c3a432b84e
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 12:37:35 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Fri, 16 Sep 2022 09:23:46 GMT
ETag: "a377adf25b934fbe863d4e4a43d60ba97f757422"
Last-Modified: Mon, 12 Sep 2022 09:23:47 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1904
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7498b2031d82fac0-OSL
b.tile.openstreetmap.org/16/32722/23643.png
200 OK 1.9 kB URL HTTP/1.1 b.tile.openstreetmap.org/16/32722/23643.png
IP
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash db2b05f39dc28307a159806ce44ba857
fc0b4152ab9077600dd8fab299405068de08e160
0ee4bf69a9762689d542b316df4a5819c1a7c6d9bfe48ce81024231377f6a4cc
GET /16/32722/23643.png HTTP/1.1
Host: b.tile.openstreetmap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: https://targon-naq.eurobillets.com
Connection: keep-alive
HTTP/1.1 200 OK
Server: Apache/2.4.54 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expect-CT: max-age=0
Access-Control-Allow-Origin: *
ETag: "db2b05f39dc28307a159806ce44ba857"
Cache-Control: max-age=258149, stale-while-revalidate=604800, stale-if-error=604800
Expires: Thu, 15 Sep 2022 12:20:04 GMT
X-TileRender: nidhogg.openstreetmap.org
Content-Type: image/png
Content-Length: 1944
Accept-Ranges: bytes
Date: Mon, 12 Sep 2022 12:37:35 GMT
Via: 1.1 varnish
Age: 0
Connection: keep-alive
X-Served-By: cache-bma1650-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1662986256.854679,VS0,VE10
a.tile.openstreetmap.org/16/32719/23643.png
200 OK 15 kB URL HTTP/1.1 a.tile.openstreetmap.org/16/32719/23643.png
IP
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash 2b3e156078c88084fcd9d161a639daf6
a0057d8e6286421dfb137d6caa615e39ad9dd473
d5732615dd89a739aebfd019f01eaeab4be95b941585e23393492153ee09e1d2
GET /16/32719/23643.png HTTP/1.1
Host: a.tile.openstreetmap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: https://targon-naq.eurobillets.com
Connection: keep-alive
HTTP/1.1 200 OK
Server: Apache/2.4.54 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expect-CT: max-age=0
Access-Control-Allow-Origin: *
ETag: "2b3e156078c88084fcd9d161a639daf6"
Cache-Control: max-age=256674, stale-while-revalidate=604800, stale-if-error=604800
Expires: Thu, 15 Sep 2022 11:55:29 GMT
X-TileRender: culebre.openstreetmap.org
Content-Type: image/png
Content-Length: 14783
Accept-Ranges: bytes
Date: Mon, 12 Sep 2022 12:37:35 GMT
Via: 1.1 varnish
Age: 0
Connection: keep-alive
X-Served-By: cache-bma1674-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1662986256.846706,VS0,VE41
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 4894843dd17150368f9e81305262c361
09c1036ec45f4da92b1749c5b0a76062d32ee681
5242d2bcde6e9f49b38e0749771de0388b9687af78be7b13a27e147b3e38684e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 12:37:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220912
200 OK 921 B URL HTTP/2 cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220912
IP
File type JSON data\012- , ASCII text, with very long lines (1638), with no line terminators
Hash 254a828dadd7ccf5af9e974d10f180cf
baf6e66842828dee2b0688673298abc5c0251b15
3a003f468056045385b36a686bd86d5aa4e78a71f15fb5c2fced9355590362ce
GET /gh/prebid/currency-file@1/latest.json?date=20220912 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://targon-naq.eurobillets.com
Connection: keep-alive
Referer: https://targon-naq.eurobillets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json; charset=utf-8
x-jsd-version: 1.0.1460
x-jsd-version-type: version
etag: W/"666-VJ95Qhd5BntK01LLVTcCGxFnvIk"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 12 Sep 2022 12:37:36 GMT
age: 34593
x-served-by: cache-fra19152-FRA, cache-bma1626-BMA
x-cache: MISS, HIT
vary: Accept-Encoding
content-length: 921
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash cb674936db4af4be99c3c397eff8c6ae
de79d76bac3fae5799b0ff35ecc19360595dfb06
992b884b64f9f6fdb76a6ba91c48fed329325b95b99d8003b282879a52093c08
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5452
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 12:37:36 GMT
Last-Modified: Mon, 12 Sep 2022 11:06:44 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bd5f575ff063217c0d2fccf8fe11fcf0
7f89813df35912aade8d151e28c4b6c504a5cd1d
1a1ed29f4d1c5b332041575328f5616cdb7bcf727c82c94c31d2d036b90c8595
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1A1ED29F4D1C5B332041575328F5616CDB7BCF727C82C94C31D2D036B90C8595"
Last-Modified: Sat, 10 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11045
Expires: Mon, 12 Sep 2022 15:41:41 GMT
Date: Mon, 12 Sep 2022 12:37:36 GMT
Connection: keep-alive
mc.yandex.ru/metrika/watch.js
200 OK 57 kB URL HTTP/2 mc.yandex.ru/metrika/watch.js
IP
File type Unicode text, UTF-8 (with BOM) text, with very long lines (557)
Hash 1d55754e516a64479901a61dc8a0d136
7c47529b53f613bb2ffac7a32530e8fd594c194b
b4e7cd831347d3faeebe62c6e8595fc01804895f0bb5e30a5ceae7b400318649
GET /metrika/watch.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://targon-naq.eurobillets.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 57251
date: Mon, 12 Sep 2022 12:37:35 GMT
access-control-allow-origin: *
etag: "63186565-dfa3"
expires: Mon, 12 Sep 2022 13:37:35 GMT
last-modified: Wed, 07 Sep 2022 12:33:25 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash dd069d3ed07605af4b51899b2bd55569
f8aef5c36135f3e263e6a9cf1253fad9f531b168
51dfe6b79b86a7d658e31db53d794899ddfe78bec1ca4623ccc3f57a55a15eb0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5304
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 12:37:36 GMT
Last-Modified: Mon, 12 Sep 2022 11:09:12 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash a9e742cef43ca26cae997e441f7fc5a0
487734e0206365f0e76bf4d2010eee95c8603bb3
b9a1e4c65c1df743675eba6d6ba914a25046539b84060afe3e70b0afd4a7b1c1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2401
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 12:37:36 GMT
Last-Modified: Mon, 12 Sep 2022 11:57:35 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash dd069d3ed07605af4b51899b2bd55569
f8aef5c36135f3e263e6a9cf1253fad9f531b168
51dfe6b79b86a7d658e31db53d794899ddfe78bec1ca4623ccc3f57a55a15eb0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5304
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 12:37:36 GMT
Last-Modified: Mon, 12 Sep 2022 11:09:12 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
prebid.a-mo.net/a/c
204 No Content 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 697
Origin: https://targon-naq.eurobillets.com
Connection: keep-alive
Referer: https://targon-naq.eurobillets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://targon-naq.eurobillets.com
cache-control: max-age=0, private, must-revalidate
date: Mon, 12 Sep 2022 12:37:35 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2
prebid-eu.creativecdn.com/bidder/prebid/bids
204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 552
Origin: https://targon-naq.eurobillets.com
Connection: keep-alive
Referer: https://targon-naq.eurobillets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 12 Sep 2022 12:37:36 GMT
access-control-allow-origin: https://targon-naq.eurobillets.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash a9e742cef43ca26cae997e441f7fc5a0
487734e0206365f0e76bf4d2010eee95c8603bb3
b9a1e4c65c1df743675eba6d6ba914a25046539b84060afe3e70b0afd4a7b1c1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5873
Cache-Control: max-age=107357
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 12:37:36 GMT
Etag: "631e117c-1d7"
Expires: Tue, 13 Sep 2022 18:26:53 GMT
Last-Modified: Sun, 11 Sep 2022 16:49:00 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash a9e742cef43ca26cae997e441f7fc5a0
487734e0206365f0e76bf4d2010eee95c8603bb3
b9a1e4c65c1df743675eba6d6ba914a25046539b84060afe3e70b0afd4a7b1c1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3865
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 12:37:36 GMT
Last-Modified: Mon, 12 Sep 2022 11:33:11 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
prebid.a-mo.net/a/c
204 No Content 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 719
Origin: https://targon-naq.eurobillets.com
Connection: keep-alive
Referer: https://targon-naq.eurobillets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://targon-naq.eurobillets.com
cache-control: max-age=0, private, must-revalidate
date: Mon, 12 Sep 2022 12:37:36 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2
ssp.wp.pl/bidder/?cs=true&bdver=5.0&pbver=5.14.0&inver=0
204 No Content 0 B URL HTTP/2 ssp.wp.pl/bidder/?cs=true&bdver=5.0&pbver=5.14.0&inver=0
IP
ASN #12827 Wirtualna Polska Media S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/?cs=true&bdver=5.0&pbver=5.14.0&inver=0 HTTP/1.1
Host: ssp.wp.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 535
Origin: https://targon-naq.eurobillets.com
Connection: keep-alive
Referer: https://targon-naq.eurobillets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Mon, 12 Sep 2022 12:37:36 GMT
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
accept-ch-lifetime: 604800
access-control-allow-credentials: true
access-control-allow-origin: https://targon-naq.eurobillets.com
uber-trace-id: 0000000000000000385261e1ec2efa2b:9abb6df46c1043e7:0:0
vary: Origin
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
Hash 98fac6576d8dee9640aac7e8d46182db
a36ce9428f382150939a5cac9224e772f1425322
b0a70e3f1786b53a6586de55f0b87ad1d8cee0a47c16dc9e4882468c9d456a53
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 12:37:36 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "B9B6FE6131D8A096595B5BC73CE58A13B297D492"
Expires: Tue, 13 Sep 2022 00:00:00 GMT
Last-Modified: Mon, 12 Sep 2022 12:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 727
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7498b204eedefac0-OSL
b.tile.openstreetmap.org/16/32722/23642.png
200 OK 2.6 kB URL HTTP/1.1 b.tile.openstreetmap.org/16/32722/23642.png
IP
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash 53e56f11ec15275ec14edd53f6374cf7
c11949392c751a058d94a67e86b8c155d75bac59
2ab28d82ba01e4d05e4e40d560883d76e546f2928da7d79d72c5b5ec5332a170
GET /16/32722/23642.png HTTP/1.1
Host: b.tile.openstreetmap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: https://targon-naq.eurobillets.com
Connection: keep-alive
HTTP/1.1 200 OK
Server: Apache/2.4.54 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expect-CT: max-age=0
Access-Control-Allow-Origin: *
ETag: "53e56f11ec15275ec14edd53f6374cf7"
Cache-Control: max-age=260703, stale-while-revalidate=604800, stale-if-error=604800
Expires: Thu, 15 Sep 2022 13:02:39 GMT
X-TileRender: nidhogg.openstreetmap.org
Content-Type: image/png
Content-Length: 2639
Accept-Ranges: bytes
Date: Mon, 12 Sep 2022 12:37:36 GMT
Via: 1.1 varnish
Age: 0
Connection: keep-alive
X-Served-By: cache-bma1667-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1662986256.173683,VS0,VE10
a.tile.openstreetmap.org/16/32722/23644.png
200 OK 6.4 kB URL HTTP/1.1 a.tile.openstreetmap.org/16/32722/23644.png
IP
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash f8f5c12bc9c909d79b14e036e6bab67f
5193ca1d870db017708fa9e888ae2293e0877e91
447935a85fdea6bdeb549128fe2efad38335f057fc7c3a1d50b6a551320fcb21
GET /16/32722/23644.png HTTP/1.1
Host: a.tile.openstreetmap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: https://targon-naq.eurobillets.com
Connection: keep-alive
HTTP/1.1 200 OK
Server: Apache/2.4.54 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expect-CT: max-age=0
Access-Control-Allow-Origin: *
ETag: "f8f5c12bc9c909d79b14e036e6bab67f"
Cache-Control: max-age=260401, stale-while-revalidate=604800, stale-if-error=604800
Expires: Thu, 15 Sep 2022 12:57:37 GMT
X-TileRender: nidhogg.openstreetmap.org
Content-Type: image/png
Content-Length: 6448
Accept-Ranges: bytes
Date: Mon, 12 Sep 2022 12:37:36 GMT
Via: 1.1 varnish
Age: 0
Connection: keep-alive
X-Served-By: cache-bma1674-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1662986256.173746,VS0,VE13
useast.quantumdex.io/auction/apacdex
204 No Content 0 B URL HTTP/2 useast.quantumdex.io/auction/apacdex
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /auction/apacdex HTTP/1.1
Host: useast.quantumdex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 667
Origin: https://targon-naq.eurobillets.com
Connection: keep-alive
Referer: https://targon-naq.eurobillets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 12 Sep 2022 12:37:36 GMT
access-control-allow-origin: https://targon-naq.eurobillets.com
access-control-allow-credentials: true
access-control-allow-methods: POST, GET
set-cookie: uid=d9d89977-38fb-4f10-902b-3f16d76f0edc; expires=Wed, 12 Oct 2022 12:37:36 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7498b2048ee295fc-ARN
X-Firefox-Spdy: h2
prebid-eu.creativecdn.com/bidder/prebid/bids
204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 532
Origin: https://targon-naq.eurobillets.com
Connection: keep-alive
Referer: https://targon-naq.eurobillets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 12 Sep 2022 12:37:36 GMT
access-control-allow-origin: https://targon-naq.eurobillets.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
useast.quantumdex.io/auction/apacdex
204 No Content 0 B URL HTTP/2 useast.quantumdex.io/auction/apacdex
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /auction/apacdex HTTP/1.1
Host: useast.quantumdex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 689
Origin: https://targon-naq.eurobillets.com
Connection: keep-alive
Referer: https://targon-naq.eurobillets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 12 Sep 2022 12:37:36 GMT
access-control-allow-origin: https://targon-naq.eurobillets.com
access-control-allow-credentials: true
access-control-allow-methods: POST, GET
set-cookie: uid=80883395-c517-4590-9a70-5383c07300ba; expires=Wed, 12 Oct 2022 12:37:36 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7498b204cf3c95fc-ARN
X-Firefox-Spdy: h2
ssp.wp.pl/bidder/?cs=true&bdver=5.0&pbver=5.14.0&inver=0
204 No Content 0 B URL HTTP/2 ssp.wp.pl/bidder/?cs=true&bdver=5.0&pbver=5.14.0&inver=0
IP
ASN #12827 Wirtualna Polska Media S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/?cs=true&bdver=5.0&pbver=5.14.0&inver=0 HTTP/1.1
Host: ssp.wp.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 555
Origin: https://targon-naq.eurobillets.com
Connection: keep-alive
Referer: https://targon-naq.eurobillets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Mon, 12 Sep 2022 12:37:36 GMT
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
accept-ch-lifetime: 604800
access-control-allow-credentials: true
access-control-allow-origin: https://targon-naq.eurobillets.com
uber-trace-id: 00000000000000003d0851c5285666e1:baa82155721dac60:0:0
vary: Origin
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
200 OK 144 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash d192e38ad5073a793357913afd097ebc
36dcc7664df2e22641bbf845996e1747952b372d
61adbb4b0e7652ac8dd2eac37be3828eeb58a975277a02ed878f6b1b0714077c
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 694
Origin: https://targon-naq.eurobillets.com
Connection: keep-alive
Referer: https://targon-naq.eurobillets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 12 Sep 2022 12:37:36 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 144
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://targon-naq.eurobillets.com
AN-X-Request-Uuid: 11620390-27a5-4959-92b9-f880ba687416
Set-Cookie: icu=ChgI_8NdEAoYASABKAEwkND8mAY4AUABSAEQkND8mAYYAA..; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 11-Dec-2022 12:37:36 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=5650718755906777542; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 11-Dec-2022 12:37:36 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
adx.adform.net/adx/openrtb
204 No Content 0 B URL HTTP/2 adx.adform.net/adx/openrtb
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 554
Origin: https://targon-naq.eurobillets.com
Connection: keep-alive
Referer: https://targon-naq.eurobillets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Mon, 12 Sep 2022 12:37:36 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://targon-naq.eurobillets.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
adx.adform.net/adx/openrtb
204 No Content 0 B URL HTTP/2 adx.adform.net/adx/openrtb
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 573
Origin: https://targon-naq.eurobillets.com
Connection: keep-alive
Referer: https://targon-naq.eurobillets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Mon, 12 Sep 2022 12:37:36 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://targon-naq.eurobillets.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
200 OK 144 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 8a77f4f447f72ecc6bb4e7476159ced8
013527a2127e62df08d53d9b346ce7b343a437d1
e9338e76b4a96e0b76249b58ac5428ac86f8e1a6599c271125b3c672fe5854ca
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 668
Origin: https://targon-naq.eurobillets.com
Connection: keep-alive
Referer: https://targon-naq.eurobillets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 12 Sep 2022 12:37:36 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 144
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://targon-naq.eurobillets.com
AN-X-Request-Uuid: 7648ea73-ca14-472b-9a44-016d9f4f3798
Set-Cookie: icu=ChgI_8NdEAoYASABKAEwkND8mAY4AUABSAEQkND8mAYYAA..; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 11-Dec-2022 12:37:36 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=457725456267526744; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 11-Dec-2022 12:37:36 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: h0U/EGg4NKvZ4L1Dzflmug==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: N+5BdwGrLCKrtX+Px3t2oL7Yy6Y=
b.tile.openstreetmap.org/16/32723/23643.png
200 OK 2.8 kB URL HTTP/1.1 b.tile.openstreetmap.org/16/32723/23643.png
IP
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash aa2f3a195bd0f7d6509f242257358416
34ea50a42604f2656d756f59b6b44294799d5858
175a4e618d8190dbf53e5558638ae08dbdff6d0b2cdd6db7be60ff8c11d050d7
GET /16/32723/23643.png HTTP/1.1
Host: b.tile.openstreetmap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: https://targon-naq.eurobillets.com
Connection: keep-alive
HTTP/1.1 200 OK
Server: Apache/2.4.54 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expect-CT: max-age=0
Access-Control-Allow-Origin: *
ETag: "aa2f3a195bd0f7d6509f242257358416"
Cache-Control: max-age=256893, stale-while-revalidate=604800, stale-if-error=604800
Expires: Thu, 15 Sep 2022 11:59:09 GMT
X-TileRender: nidhogg.openstreetmap.org
Content-Type: image/png
Content-Length: 2764
Accept-Ranges: bytes
Date: Mon, 12 Sep 2022 12:37:36 GMT
Via: 1.1 varnish
Age: 0
Connection: keep-alive
X-Served-By: cache-bma1650-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1662986256.385178,VS0,VE10
a.tile.openstreetmap.org/16/32719/23644.png
200 OK 7.4 kB URL HTTP/1.1 a.tile.openstreetmap.org/16/32719/23644.png
IP
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash 3b7abedcc41f369668e31e45bcc709d6
3394d5b12bdbddde6856d8d13a364f65135e626f
bdb69f340ee09819db974238526c46255d05ea6f3b13c7d72c00b757c98cc21b
GET /16/32719/23644.png HTTP/1.1
Host: a.tile.openstreetmap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: https://targon-naq.eurobillets.com
Connection: keep-alive
HTTP/1.1 200 OK
Server: Apache/2.4.54 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expect-CT: max-age=0
Access-Control-Allow-Origin: *
ETag: "3b7abedcc41f369668e31e45bcc709d6"
Cache-Control: max-age=258394, stale-while-revalidate=604800, stale-if-error=604800
Expires: Thu, 15 Sep 2022 12:24:10 GMT
X-TileRender: culebre.openstreetmap.org
Content-Type: image/png
Content-Length: 7426
Accept-Ranges: bytes
Date: Mon, 12 Sep 2022 12:37:36 GMT
Via: 1.1 varnish
Age: 0
Connection: keep-alive
X-Served-By: cache-bma1674-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1662986256.372827,VS0,VE36
b.tile.openstreetmap.org/16/32719/23642.png
200 OK 18 kB URL HTTP/1.1 b.tile.openstreetmap.org/16/32719/23642.png
IP
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash cc63642f520629b2b8ff0fb44cf6100e
2a4eec43853daf0b79e677ade23a940e94046db1
19bc49ac5b0b75642f38c745106cbb2634b662d71a995bf808ea4021e824f9cd
GET /16/32719/23642.png HTTP/1.1
Host: b.tile.openstreetmap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: https://targon-naq.eurobillets.com
Connection: keep-alive
HTTP/1.1 200 OK
Server: Apache/2.4.54 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expect-CT: max-age=0
Access-Control-Allow-Origin: *
ETag: "cc63642f520629b2b8ff0fb44cf6100e"
Cache-Control: max-age=256649, stale-while-revalidate=604800, stale-if-error=604800
Expires: Thu, 15 Sep 2022 11:55:05 GMT
X-TileRender: culebre.openstreetmap.org
Content-Type: image/png
Content-Length: 18096
Accept-Ranges: bytes
Date: Mon, 12 Sep 2022 12:37:36 GMT
Via: 1.1 varnish
Age: 0
Connection: keep-alive
X-Served-By: cache-bma1667-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1662986256.371347,VS0,VE46
securepubads.g.doubleclick.net/tag/js/gpt.js
200 OK 29 kB URL HTTP/2 securepubads.g.doubleclick.net/tag/js/gpt.js
IP
File type ASCII text, with very long lines (45064)
Hash e272e18ef54648e97707c79663988715
1a395c22d0339fa01696a32af56145b545681eb0
64c579481fdbea8bedaad21af61b4aec5739243e4214d789de062962d5fd7c8c
GET /tag/js/gpt.js HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://targon-naq.eurobillets.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 28708
date: Mon, 12 Sep 2022 12:37:36 GMT
expires: Mon, 12 Sep 2022 12:37:36 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1331 / 229 of 1000 / last-modified: 1662980796"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
a.tile.openstreetmap.org/16/32718/23643.png
200 OK 8.8 kB URL HTTP/1.1 a.tile.openstreetmap.org/16/32718/23643.png
IP
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash 9c975b0e794b9f6450eaf14e95212adc
f035653bf8bf274e01f8abffada28f3071ca531d
e038808990124eb47a8a38663b689628591344696b166f95404faef9f208ed27
GET /16/32718/23643.png HTTP/1.1
Host: a.tile.openstreetmap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: https://targon-naq.eurobillets.com
Connection: keep-alive
HTTP/1.1 200 OK
Server: Apache/2.4.54 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expect-CT: max-age=0
Access-Control-Allow-Origin: *
ETag: "9c975b0e794b9f6450eaf14e95212adc"
Cache-Control: max-age=258458, stale-while-revalidate=604800, stale-if-error=604800
Expires: Thu, 15 Sep 2022 12:25:14 GMT
X-TileRender: culebre.openstreetmap.org
Content-Type: image/png
Content-Length: 8798
Accept-Ranges: bytes
Date: Mon, 12 Sep 2022 12:37:36 GMT
Via: 1.1 varnish
Age: 0
Connection: keep-alive
X-Served-By: cache-bma1673-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1662986256.387697,VS0,VE38
b.tile.openstreetmap.org/16/32723/23644.png
200 OK 8.1 kB URL HTTP/1.1 b.tile.openstreetmap.org/16/32723/23644.png
IP
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash 421615dcd839a818c1a831cd4b31df33
98ae55b5b4e929d0c93d6cbd0abee6f3f1e28ea7
38c9f1ca665a811c5fa19407e43ad8699502d439113f63835f05b8a9bf2280ec
GET /16/32723/23644.png HTTP/1.1
Host: b.tile.openstreetmap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: https://targon-naq.eurobillets.com
Connection: keep-alive
HTTP/1.1 200 OK
Server: Apache/2.4.54 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expect-CT: max-age=0
Access-Control-Allow-Origin: *
ETag: "421615dcd839a818c1a831cd4b31df33"
Cache-Control: max-age=256770, stale-while-revalidate=604800, stale-if-error=604800
Expires: Thu, 15 Sep 2022 11:57:06 GMT
X-TileRender: nidhogg.openstreetmap.org
Content-Type: image/png
Content-Length: 8067
Accept-Ranges: bytes
Date: Mon, 12 Sep 2022 12:37:36 GMT
Via: 1.1 varnish
Age: 0
Connection: keep-alive
X-Served-By: cache-bma1676-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1662986256.417060,VS0,VE11
c.tile.openstreetmap.org/16/32718/23644.png
200 OK 4.8 kB URL HTTP/1.1 c.tile.openstreetmap.org/16/32718/23644.png
IP
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash 9ad2cdf4b115fc0c1007ac2c2b7fd368
06497822c3c9cb6f4f7e1d2b4cce761bf37cbf7f
57dc5ee62d19c88e1e13c41cdfd736d604a9282231c7e14448563c7eb274e867
GET /16/32718/23644.png HTTP/1.1
Host: c.tile.openstreetmap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: https://targon-naq.eurobillets.com
Connection: keep-alive
HTTP/1.1 200 OK
Server: Apache/2.4.54 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expect-CT: max-age=0
Access-Control-Allow-Origin: *
ETag: "9ad2cdf4b115fc0c1007ac2c2b7fd368"
Cache-Control: max-age=255826, stale-while-revalidate=604800, stale-if-error=604800
Expires: Thu, 15 Sep 2022 11:41:22 GMT
X-TileRender: culebre.openstreetmap.org
Content-Type: image/png
Content-Length: 4763
Accept-Ranges: bytes
Date: Mon, 12 Sep 2022 12:37:36 GMT
Via: 1.1 varnish
Age: 0
Connection: keep-alive
X-Served-By: cache-bma1661-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1662986256.439664,VS0,VE34
b.tile.openstreetmap.org/16/32718/23642.png
200 OK 9.4 kB URL HTTP/1.1 b.tile.openstreetmap.org/16/32718/23642.png
IP
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash 2b1ca0641f48efc28447de4e82073994
e99f9dcc1b94bf355ec00296b007ccd040ab1f73
7b05aecb072ae3e78497c6ed49bf8e23e4f448c154178821eb91440eb5d9ebad
GET /16/32718/23642.png HTTP/1.1
Host: b.tile.openstreetmap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: https://targon-naq.eurobillets.com
Connection: keep-alive
HTTP/1.1 200 OK
Server: Apache/2.4.54 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Expect-CT: max-age=0
Access-Control-Allow-Origin: *
ETag: "2b1ca0641f48efc28447de4e82073994"
Cache-Control: max-age=259230, stale-while-revalidate=604800, stale-if-error=604800
Expires: Thu, 15 Sep 2022 12:38:06 GMT
X-TileRender: culebre.openstreetmap.org
Content-Type: image/png
Content-Length: 9439
Accept-Ranges: bytes
Date: Mon, 12 Sep 2022 12:37:36 GMT
Via: 1.1 varnish
Age: 0
Connection: keep-alive
X-Served-By: cache-bma1667-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1662986256.439703,VS0,VE37
mc.yandex.ru/metrika/advert.gif
200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://targon-naq.eurobillets.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Mon, 12 Sep 2022 12:37:36 GMT
access-control-allow-origin: *
etag: "63186565-2b"
expires: Mon, 12 Sep 2022 13:37:36 GMT
accept-ranges: bytes
last-modified: Wed, 07 Sep 2022 12:33:25 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash cc16b956392846e1100a913453575c87
09e81e2f60ab04ca565b73ed9060380a2229cf30
3a3eecb77d71c4f1c3d706f33f33e8df527b3653906d0086089c2e5b45fd25e9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 12:37:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 437c7ccd2c357dd83d6b9a5118d4b402
e0002389b286a960b454a92aeb3d1a1e08317ff2
9a5b3bdb7765ea21d7147a0c8022198a1be6c8256fa594b53732cf59e86532b9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 12:37:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=targon-naq.eurobillets.com
200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=targon-naq.eurobillets.com
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=targon-naq.eurobillets.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://targon-naq.eurobillets.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 12 Sep 2022 12:37:36 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=targon-naq.eurobillets.com
200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=targon-naq.eurobillets.com
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=targon-naq.eurobillets.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://targon-naq.eurobillets.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 12 Sep 2022 12:37:36 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash cc16b956392846e1100a913453575c87
09e81e2f60ab04ca565b73ed9060380a2229cf30
3a3eecb77d71c4f1c3d706f33f33e8df527b3653906d0086089c2e5b45fd25e9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 12:37:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 437c7ccd2c357dd83d6b9a5118d4b402
e0002389b286a960b454a92aeb3d1a1e08317ff2
9a5b3bdb7765ea21d7147a0c8022198a1be6c8256fa594b53732cf59e86532b9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 12:37:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 52538aa2b7a37b16824f656228e83ce5
a7ba272eef977c3a2d7315b6ee092ad04566e5fa
8f5ea00528714ab8652d84df2682c33de9e62e541c4bbbc78d6ed82e14445451
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 12:37:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=targon-naq.eurobillets.com
200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=targon-naq.eurobillets.com
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=targon-naq.eurobillets.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://targon-naq.eurobillets.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 12 Sep 2022 12:37:36 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=targon-naq.eurobillets.com
200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=targon-naq.eurobillets.com
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=targon-naq.eurobillets.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://targon-naq.eurobillets.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 12 Sep 2022 12:37:36 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adx.adform.net/adx/openrtb
200 OK 426 B URL HTTP/2 adx.adform.net/adx/openrtb
IP
File type JSON data\012- , ASCII text, with very long lines (426), with no line terminators
Hash 860f1f0670515c91df63983e3744608d
dffef57aeb9d1c06cfa101b618abecb7be98a1cc
999b2edb902b067b6e4112c6e9931647278c9a033d0da0dba34f290f7e3ec461
OPTIONS /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://targon-naq.eurobillets.com/
Origin: https://targon-naq.eurobillets.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 12:37:36 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://targon-naq.eurobillets.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
partner.googleadservices.com/gampad/cookie.js?domain=targon-naq.eurobillets.com&callback=_gfp_s_&client=ca-pub-5913989414836305
200 OK 202 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=targon-naq.eurobillets.com&callback=_gfp_s_&client=ca-pub-5913989414836305
IP
File type ASCII text, with no line terminators
Hash 0aab604b133ee00c1de5d1b24f4b7a03
79e4551f639872980d4353395a37244f9dd5fa65
cadf5aec553df45939ff8964cfe05f0625b1a280a05ce280c31c851df224df44
GET /gampad/cookie.js?domain=targon-naq.eurobillets.com&callback=_gfp_s_&client=ca-pub-5913989414836305 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://targon-naq.eurobillets.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 12 Sep 2022 12:37:36 GMT
server: cafe
cache-control: private
content-length: 202
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 52538aa2b7a37b16824f656228e83ce5
a7ba272eef977c3a2d7315b6ee092ad04566e5fa
8f5ea00528714ab8652d84df2682c33de9e62e541c4bbbc78d6ed82e14445451
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 12:37:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ca43989bcaf1c897e914d72f812e49d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
200 OK 3.1 kB URL HTTP/2 ca43989bcaf1c897e914d72f812e49d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5835)
Hash 3fa5e95a358d660ddb3c45769ae1357f
5f6164fbaf8cfbccfd061b00ae48dedfc16bbcd9
d32f4b680031c0e11222eb17385aa9d3b11d2903b05bff34c3d4eb6292631137
GET /safeframe/1-0-38/html/container.html HTTP/1.1
Host: ca43989bcaf1c897e914d72f812e49d8.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://targon-naq.eurobillets.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 12 Sep 2022 12:37:37 GMT
expires: Tue, 12 Sep 2023 12:37:37 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
script.4dex.io/localstore.js
200 OK 740 B URL HTTP/2 script.4dex.io/localstore.js
IP
File type ASCII text, with very long lines (482)
Hash fa49bf385cec3c870b4c892a590840ff
aa99f9fdea5f27e1302f98ca3fb8aa0e5d50a9e2
6301f97d145c26d8185db31e2ca87cadd218d9249b4608ccb09441062f4277fc
GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://targon-naq.eurobillets.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 12:37:36 GMT
content-type: application/javascript
x-amz-id-2: txaf6e2c1c2f9f41df87375-00631b6357
last-modified: Fri, 09 Sep 2022 16:00:45 GMT
etag: W/"922cffdd75f7192f75231d92684885aa"
cache-control: public, max-age=1800
x-amz-version-id: 1662739245697142
x-amz-request-id: txaf6e2c1c2f9f41df87375-00631b6357
cf-cache-status: HIT
age: 246969
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l8IkIp8H1iuEm4EkGqz2Klu8xzJp5HCoySKLT7TP5DzOHrE82kssVcCizRWy%2FmbGjvqKNDRMeTnvAYcURQ2sgNi5ZjxxbzlYuHvXEpRrZzxvWw3vmnHep9S0EGCEdB1S"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7498b203f8b3b4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/qs_click_protection_fy2021.js
200 OK 7.6 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/qs_click_protection_fy2021.js
IP
File type ASCII text, with very long lines (2184)
Hash 8fc1754beb27cdbcdf59d08c7fd0da07
485b36af1848b751ad094159766683b1f2cca286
b5d49fee775dbfd484dd3932044616a903a115033a0e5401c75da40775dd3789
GET /pagead/js/r20220907/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 7592
x-xss-protection: 0
date: Mon, 12 Sep 2022 12:33:24 GMT
expires: Mon, 26 Sep 2022 12:33:24 GMT
cache-control: public, max-age=1209600
etag: 7248493764890666469
content-type: text/javascript; charset=UTF-8
age: 253
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 3a03c878112c8ef85a7ed1cd100fbcb3
47491937066dc1e5d43a194ee32aa102166d0ba0
cbf573f248c8c192f9f81effe4ccce186b03e2094f8da66dd34e28e1eb9e62e6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 12:37:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/abg_lite_fy2021.js
200 OK 9.6 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20220907/r20110914/abg_lite_fy2021.js
IP
File type ASCII text, with very long lines (1621)
Hash 3c5efa479f799e66f1aec6babceef38f
156215ad7299ac993c75f6f096ee0a871a2791c4
edd903d099e731de60a28ebf0e311da7b02ee4d4435d2a905a2e5e2d336296dc
GET /pagead/js/r20220907/r20110914/abg_lite_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 9632
x-xss-protection: 0
date: Mon, 12 Sep 2022 12:04:44 GMT
expires: Mon, 26 Sep 2022 12:04:44 GMT
cache-control: public, max-age=1209600
etag: 15013890920676311251
content-type: text/javascript; charset=UTF-8
age: 1973
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6169
Expires: Mon, 12 Sep 2022 14:20:26 GMT
Date: Mon, 12 Sep 2022 12:37:37 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6169
Expires: Mon, 12 Sep 2022 14:20:26 GMT
Date: Mon, 12 Sep 2022 12:37:37 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae1f7987-7b92-4cec-85ab-243250e02a06.webp
200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae1f7987-7b92-4cec-85ab-243250e02a06.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b7ccc33ae0c85a906f2c17db281ec790
1904722d70348235d5472c54f888d2b4b991e2aa
f48edc03624f582b05b596694b76bd784f85eb9f2ca5dd025bbea9cc2ff1f096
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae1f7987-7b92-4cec-85ab-243250e02a06.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6999
x-amzn-requestid: 61e3e817-fb62-47c7-b938-2dfc6a134622
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YO1mlG3XIAMFo5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631c3629-37c2c8982c4ccf891875c59a;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 07:00:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: S2TR552YpZeEbhTSAn4vdXexYpvR4Lrr-LaJmfNd7LnO0L4QM8w-Dg==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 03:38:55 GMT
age: 32322
etag: "1904722d70348235d5472c54f888d2b4b991e2aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6169
Expires: Mon, 12 Sep 2022 14:20:26 GMT
Date: Mon, 12 Sep 2022 12:37:37 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg
IP
File type gzip compressed data, max compression\012- data
Hash ae3a0adcc8b1051ca6ffce5d3f658df5
7bfb94f069b9953ae223de814ec846a12e1074d6
094424bedb95c6f6ac00fc2bd6c50a760781892f7d41e24eabd6f717bcd77554
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9466
x-amzn-requestid: ba3f7eac-61c9-4b5f-ae8a-b372906a25ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YOTeoHMKoAMFr5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bff90-1e70e2c444242a2d46387986;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 03:08:00 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: u_jETr8miiFyuhq7R09yb0lAP-hUv_6eTRV81Xzd9gSqU31VXwC9CQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 583992e175976bd59a21b4416890271e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 03:15:48 GMT
age: 33709
etag: "05ec2076b32398d60ee77fab8c14345bc7dfe647"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7b5d084-5c6a-4cec-9577-bb8c3a155234.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7b5d084-5c6a-4cec-9577-bb8c3a155234.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5bdaf9b909a8b8fd2f02eeb8930e2d19
3df316da4ed46403a50a0cdc688613cb1334da0b
177e68bddbfdafe455c5aa1aad9c0654c83ab91500043cbc366d1397aea53e22
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7b5d084-5c6a-4cec-9577-bb8c3a155234.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10363
x-amzn-requestid: ce8239d7-9838-4fd9-9a2a-d788b2d4205b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUKcpGepIAMFvuA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e5783-38cb8ddf79347e4e7fbb1041;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:47:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cms2j1USzEq1FpNcXq9W_i3WirZXI0ElxYjQYEznccjmNhGDblVVbw==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 21:55:55 GMT
age: 52902
etag: "3df316da4ed46403a50a0cdc688613cb1334da0b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a938fd0-09b1-4550-89f4-e81e9c6a8737.jpeg
200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a938fd0-09b1-4550-89f4-e81e9c6a8737.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b674daf3dc6e85ed054ab34d69979b86
47aaf5a3af2c25820d01d613c82b7f1279a298fc
7b9993ef69d4b77c1533ada040c85563b9cf7b1f5d007177c005f6cd7fdba1d3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a938fd0-09b1-4550-89f4-e81e9c6a8737.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4162
x-amzn-requestid: 9dc27e34-69e1-439d-8974-1297584ef4d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YSIhuHlWIAMFhOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d87a4-410e9ede524aa657609a057a;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 07:00:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: jGj2al3pBpze7UQnHild4DxKndrprY4pTG_EZScw2RukQlgFEvNMkw==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 07:18:04 GMT
age: 19173
etag: "47aaf5a3af2c25820d01d613c82b7f1279a298fc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg
200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 239262b6ab17cb19414c35cd4f761092
48eddcf9838e980e67cc8f9cbb05b475df2f0331
cd27cbce632d769288d9c33c5c8e887ba02df5677f10f7a6d03139b590ba24b4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9815
x-amzn-requestid: 89243e57-94eb-4c6b-903f-aa01df030ecc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUIxnEAjoAMF_Ig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e54d6-199403e2695b214711f5117f;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:36:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: NKM6RRhJ5AuRF4NKSyBO6-KMkd1UGaw3DuZBkBao_8fzzpkMeDrn0w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 21:55:40 GMT
etag: "48eddcf9838e980e67cc8f9cbb05b475df2f0331"
content-type: image/jpeg
age: 52917
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg
200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c14088c4ca0d576e087feed41b7f1565
172b23f2ef39b6c3fdebb5441b10a95712206d0a
2699efa811ceac5420f5bd26c35a6f48b51854e29cbce7cbb62efb613db7d6b9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8799
x-amzn-requestid: 1bcdf387-9ad2-449a-861e-3352b1744d23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUI-0G6vIAMFgbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e552b-42aa46af6315148106c4fdee;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:37:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: g2mxKK8L5T4YkeD8JqNUuV_KfsIq8ypRMvxhsyzSZSEIP4gDl4zLVQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 21:41:51 GMT
age: 53746
etag: "172b23f2ef39b6c3fdebb5441b10a95712206d0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 45b55c678e2944a30a6d8160bb6e4a94
a1ac0c9681902e7d64e49bd9e146820ce2c60f4f
5a89db56a9b47aa3e426799671db9b25a42d7dd7d6881c66eca7ed37facf6bd9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 12:37:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
200 OK 513 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 760303202e0c6ff7379a3a300eae1bff
c5bb9d430d22824e56d1be383fd7d8f71e2c99ee
e996cdff72aebb9b8c1c90514a78bfbbf34f930293f6d526fd3cbb2b1570ac4e
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://targon-naq.eurobillets.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 12 Sep 2022 12:37:39 GMT
date: Mon, 12 Sep 2022 12:37:39 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-i18ORsd0RmISAGfl4XcAWQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ssp.wp.pl/bidder/usersync?tcf=2
200 OK 281 B URL HTTP/2 ssp.wp.pl/bidder/usersync?tcf=2
IP
ASN #12827 Wirtualna Polska Media S.A.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (477), with no line terminators
Hash 3cc5bd08b7a270b10e3937d69295cce8
342d412c14becbf1fecd3091e0be6355791762fa
ed13833f42b1b6b979d0e7ac1e570dddf6ed8c1ec002c4f13e421e67d3af42ef
GET /bidder/usersync?tcf=2 HTTP/1.1
Host: ssp.wp.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://targon-naq.eurobillets.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 12:37:39 GMT
content-type: text/html; charset=utf-8
content-length: 281
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
last-modified: Mon, 12 Sep 2022 11:57:55 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash ee5e64cce395a094979d3195e29a1bad
0eddd70ca13199edd92d4c1c3d7b2dab0f746cc7
a29c29cd5fe1b5e142af5040576d0525329ec8b79d4b73b6cda3c7a20bf7bfb4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5305
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 12:37:39 GMT
Last-Modified: Mon, 12 Sep 2022 11:09:14 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 313
acdn.adnxs.com/dmp/async_usersync.html
200 OK 17 kB URL HTTP/1.1 acdn.adnxs.com/dmp/async_usersync.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52990)
Hash 9c6b5ce6b3452e98573e6409c34dd73c
de607fadef62e36945a409a838eb8fc36d819b42
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
GET /dmp/async_usersync.html HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://targon-naq.eurobillets.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
ETag: "623de86a-cf34"
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Tue, 13 Sep 2022 12:37:41 GMT
Date: Mon, 12 Sep 2022 12:37:39 GMT
Connection: keep-alive
Vary: Accept-Encoding
ocsp.digicert.com/
200 OK 313 B IP
Hash ee5e64cce395a094979d3195e29a1bad
0eddd70ca13199edd92d4c1c3d7b2dab0f746cc7
a29c29cd5fe1b5e142af5040576d0525329ec8b79d4b73b6cda3c7a20bf7bfb4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5238
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 12:37:39 GMT
Last-Modified: Mon, 12 Sep 2022 11:10:21 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 313
acdn.adnxs.com/dmp/async_usersync.html
200 OK 17 kB URL HTTP/1.1 acdn.adnxs.com/dmp/async_usersync.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52990)
Hash 9c6b5ce6b3452e98573e6409c34dd73c
de607fadef62e36945a409a838eb8fc36d819b42
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
GET /dmp/async_usersync.html HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://targon-naq.eurobillets.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
ETag: "623de86a-cf34"
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Tue, 13 Sep 2022 12:37:41 GMT
Date: Mon, 12 Sep 2022 12:37:39 GMT
Connection: keep-alive
Vary: Accept-Encoding
ssp.wp.pl/bidder/usersync?tcf=2
200 OK 281 B URL HTTP/2 ssp.wp.pl/bidder/usersync?tcf=2
IP
ASN #12827 Wirtualna Polska Media S.A.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (477), with no line terminators
Hash 3cc5bd08b7a270b10e3937d69295cce8
342d412c14becbf1fecd3091e0be6355791762fa
ed13833f42b1b6b979d0e7ac1e570dddf6ed8c1ec002c4f13e421e67d3af42ef
GET /bidder/usersync?tcf=2 HTTP/1.1
Host: ssp.wp.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://targon-naq.eurobillets.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 12:37:39 GMT
content-type: text/html; charset=utf-8
content-length: 281
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
last-modified: Mon, 12 Sep 2022 11:57:55 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ib.adnxs.com/async_usersync?cbfn=queuePixels
307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Mon, 12 Sep 2022 12:37:39 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 91feb504-e782-479d-8749-df7112d9214a
Set-Cookie: uuid2=8037510823295098409; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 11-Dec-2022 12:37:39 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ftargon-naq.eurobillets.com%2F&domain=targon-naq.eurobillets.com&cw=1&lsw=1
200 OK 306 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ftargon-naq.eurobillets.com%2F&domain=targon-naq.eurobillets.com&cw=1&lsw=1
IP
File type JSON data\012- , ASCII text, with very long lines (355), with no line terminators
Hash 9bfd0cddb95cbcbbd787667a4cd6090f
f00dae69a26bde44ed921756fc75244f7c7accd4
5c8b94b996e921baf5502c862c97f83e74092c8b09f9964c5f8f9954b495b8e5
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Ftargon-naq.eurobillets.com%2F&domain=targon-naq.eurobillets.com&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://targon-naq.eurobillets.com
Connection: keep-alive
Referer: https://targon-naq.eurobillets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 12:37:39 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://targon-naq.eurobillets.com
server-processing-duration-in-ticks: 736345
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ib.adnxs.com/async_usersync?cbfn=queuePixels
307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Mon, 12 Sep 2022 12:37:40 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 64026efa-f183-4936-b4d0-16e6a09f9000
Set-Cookie: uuid2=586361397965313128; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 11-Dec-2022 12:37:40 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 12 Sep 2022 12:37:40 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 49f29868-aa48-4e90-a4c7-2fb1d9125a76
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
200 OK 5.5 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (15844), with no line terminators
Hash 7725e8e949141c8ded449d86975d4c04
8cd8c314a2002cc26f821d331ab9512f52a551a2
a0c49aacf6f552bce544eb8516404f696918253cd934a6404ebeafd71f8780ae
GET /AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=64395
expires: Tue, 13 Sep 2022 06:30:55 GMT
date: Mon, 12 Sep 2022 12:37:40 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash 1025ed71ce18fcdc9556e7540eb85397
5a2f8b667e8b26810783a069f50ff1a991cc86f1
67537e8705f8e4ec3ad64825b249f5a29d609a79bd6a9fb2c441eb2967738bf6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2675
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 12:37:40 GMT
Last-Modified: Mon, 12 Sep 2022 11:53:05 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 313
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 12 Sep 2022 12:37:40 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 2546ec4c-435d-41f3-829b-65c760755741
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.sectigo.com/
200 OK 471 B IP
Hash 7efd2702d6411b8744637dbfa72a5826
1e87e5abfe3a582288cc7c6a6079f88ee644259b
ff3b647d77d699155ba2f1308dbe62ee7e2d2882f057e2e0ce14d437725f7ad0
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 12:37:40 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 08 Sep 2022 23:23:21 GMT
Expires: Thu, 15 Sep 2022 23:23:20 GMT
Etag: "1e87e5abfe3a582288cc7c6a6079f88ee644259b"
Cache-Control: max-age=297339,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7498b21dafc0b52d-OSL
onetag-sys.com/usync/?pubId=2bb78272a859ca6
204 No Content 0 B URL HTTP/2 onetag-sys.com/usync/?pubId=2bb78272a859ca6
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/?pubId=2bb78272a859ca6 HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
sync.quantumdex.io/usersync/apacdex
200 OK 895 B URL HTTP/2 sync.quantumdex.io/usersync/apacdex
IP
Hash 9038e308c87a15e7d0e002590ce2b233
5a5da2310533054e9bd487af09b2829a2e7c7065
84433caf23844acde3e142b28e9e345f4e5bf213d4242e69f22e4d3790d17b58
GET /usersync/apacdex HTTP/1.1
Host: sync.quantumdex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://targon-naq.eurobillets.com/
Cookie: uid=80883395-c517-4590-9a70-5383c07300ba
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 12:37:39 GMT
content-type: text/html
set-cookie: uid=80883395-c517-4590-9a70-5383c07300ba; expires=Thu, 22 Sep 2022 12:37:39 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7498b21c3c9195fc-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
204 No Content 0 B URL HTTP/2 usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID HTTP/1.1
Host: usermatch.targeting.unrulymedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 12 Sep 2022 12:37:40 GMT
X-Firefox-Spdy: h2
ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Mon, 12 Sep 2022 12:37:40 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
AN-X-Request-Uuid: 549b9294-8631-43b0-81ef-c5563f49d3cb
Set-Cookie: uuid2=1301841704073498461; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 11-Dec-2022 12:37:40 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
onetag-sys.com/usync/?pubId=2bb78272a859ca6
204 No Content 0 B URL HTTP/2 onetag-sys.com/usync/?pubId=2bb78272a859ca6
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/?pubId=2bb78272a859ca6 HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
204 No Content 0 B URL HTTP/2 usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID HTTP/1.1
Host: usermatch.targeting.unrulymedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 12 Sep 2022 12:37:40 GMT
X-Firefox-Spdy: h2
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sync.quantumdex.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Mon, 12 Sep 2022 12:37:40 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=0
AN-X-Request-Uuid: 674de450-aa22-4165-809c-693e5de0c1c8
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E
302 Found 154 B URL HTTP/2 hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 52558d05355ee6e9d14ff3cf8a5a3ef0
52cfd7dd3859dc0578849a7b1c91bb8f91ad84c2
bac5546ea0f819f461c9023592ec2398a45a6c3aab78e55fed8b7c908dce6060
GET /cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E HTTP/1.1
Host: hbx.media.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: Apache
content-length: 154
content-type: text/html
location: https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
set-cookie: data-pbs=setstatuscode~~1;Expires=Tue, 12 Sep 2023 12:37:40 GMT;path=/;domain=.media.net;
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=86400 ; includeSubDomains
x-mnet-hl2: E
expires: Mon, 12 Sep 2022 12:37:40 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 12 Sep 2022 12:37:40 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash acbfb0f20908d82100016746e215722e
9d9c5c353675d1c9d74b9a3d8bb600eb23dddf7e
1bbbbfcaf15aaa4bb1e5b74b968a318d4fd05f5938936117c2505d9d3e1f1d8d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6159
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 12:37:40 GMT
Last-Modified: Mon, 12 Sep 2022 10:55:01 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4b4389d88b2e0e3bda332d28fe03d886
d0c5e1c4e2c59b97f9d9f42cf87844a4a1059557
b93fa03bc2345143b33f496096f894518122262e1c6b995fcb86bd32b954cfb6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B93FA03BC2345143B33F496096F894518122262E1C6B995FCB86BD32B954CFB6"
Last-Modified: Fri, 09 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4627
Expires: Mon, 12 Sep 2022 13:54:47 GMT
Date: Mon, 12 Sep 2022 12:37:40 GMT
Connection: keep-alive
ups.analytics.yahoo.com/ups/58424/occ
302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58424/occ
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58424/occ HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 12 Sep 2022 12:37:40 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBBQoH2MCEOmRL1cgKhgi-Tez-3qsAGkFEgEBAQF5IGMpYwAAAAAA_eMAAA&S=AQAAAkVDnbcLh6OAccXRzN1iyMg; Expires=Tue, 12 Sep 2023 18:37:40 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
200 43 B URL HTTP/1.1 id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"
set-cookie: cf=; Max-Age=300; Expires=Mon, 12-Sep-2022 12:42:40 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cip=; Max-Age=300; Expires=Mon, 12-Sep-2022 12:42:40 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cnac=; Max-Age=300; Expires=Mon, 12-Sep-2022 12:42:40 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
car=; Max-Age=300; Expires=Mon, 12-Sep-2022 12:42:40 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
gdpr=; Max-Age=300; Expires=Mon, 12-Sep-2022 12:42:40 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
callback=; Max-Age=300; Expires=Mon, 12-Sep-2022 12:42:40 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
content-type: image/gif;charset=UTF-8
transfer-encoding: chunked
date: Mon, 12 Sep 2022 12:37:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ocsp.sectigo.com/
200 OK 472 B IP
Hash 9e590928a553eff33914f18f2406efa1
2b14e5cb4572f322147050ed40f7573deddefa72
0c41809b35a1cccdd57658032ed3989c9e1b0aa5035d4f9f25a5ce30706785a7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 12:37:40 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 09 Sep 2022 16:09:19 GMT
Expires: Fri, 16 Sep 2022 16:09:18 GMT
Etag: "2b14e5cb4572f322147050ed40f7573deddefa72"
Cache-Control: max-age=357697,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7498b21e88a0b52d-OSL
ups.analytics.yahoo.com/ups/58424/occ?verify=true
204 No Content 106 B URL HTTP/2 ups.analytics.yahoo.com/ups/58424/occ?verify=true
IP
Hash a0c94a35a9c752b801307327229fb937
04287ac3bb6c5961040a98bafc366e79efb059c5
a1ca4bd6881ee8a3b90088001595eaee8cb18221308941c8b3cd6be97de3a056
GET /ups/58424/occ?verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sync.quantumdex.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 12 Sep 2022 12:37:40 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBBQoH2MCEEdEfGthZW7YhxkjkaeU6OIFEgEBAQF5IGMpYwAAAAAA_eMAAA&S=AQAAAgqO-7Aj13wZH8Z1vQq3Aao; Expires=Tue, 12 Sep 2023 18:37:40 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
sync.quantumdex.io/setuid?bidder=ix&uid=0
200 OK 43 B URL HTTP/2 sync.quantumdex.io/setuid?bidder=ix&uid=0
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
GET /setuid?bidder=ix&uid=0 HTTP/1.1
Host: sync.quantumdex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://r.casalemedia.com/
Cookie: uid=80883395-c517-4590-9a70-5383c07300ba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 12:37:40 GMT
content-type: image/gif
content-length: 43
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7498b21e5fe895fc-ARN
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
302 Found 0 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Tue, 12 Sep 2023 12:37:40 GMT; Path=/; Domain=.betweendigital.com
tuuid=5aeca0ac-231f-52ff-865c-814fe543a95b; Max-Age=31536000; Expires=Tue, 12 Sep 2023 12:37:40 GMT; Path=/; Domain=.betweendigital.com
ut=Yx8oFAAE4gCkc4o24wfwgzv8e-yoALJwxvJ16A==; Max-Age=31536000; Expires=Tue, 12 Sep 2023 12:37:40 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 2a9b5ef213ab4770dbc871728a53a646
b1a5897e89d6f69899501ebd4b58824442f693b0
c21a7fc243df53f56af198083a86d1ca24cdd93ddf8c65a2b392906076e2c11d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 12 Sep 2022 12:37:40 GMT
Last-Modified: Mon, 12 Sep 2022 11:08:50 GMT
Server: ECS (nyb/1D0D)
X-Cache: Miss from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: qH5MBOXqO8PXh8DKVAxS3pKQX1jcbDVZu--Nb-dq-RdSDpt-MqHnhA==
Age: 5331
sync.quantumdex.io/setuid?bidder=appnexus&uid=0
200 OK 43 B URL HTTP/2 sync.quantumdex.io/setuid?bidder=appnexus&uid=0
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
GET /setuid?bidder=appnexus&uid=0 HTTP/1.1
Host: sync.quantumdex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sync.quantumdex.io/
Connection: keep-alive
Cookie: uid=80883395-c517-4590-9a70-5383c07300ba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 12:37:40 GMT
content-type: image/gif
content-length: 43
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7498b21e984e95fc-ARN
X-Firefox-Spdy: h2
sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
200 OK 43 B URL HTTP/2 sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
GET /setuid?bidder=medianet&uid=0000EEA HTTP/1.1
Host: sync.quantumdex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sync.quantumdex.io/
Connection: keep-alive
Cookie: uid=80883395-c517-4590-9a70-5383c07300ba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 12:37:40 GMT
content-type: image/gif
content-length: 43
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7498b21ea85b95fc-ARN
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
200 OK 68 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
IP
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sync.quantumdex.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Tue, 12 Sep 2023 12:37:40 GMT; Path=/; Domain=.betweendigital.com
tuuid=4665cf38-0a88-52ff-a384-6d04c09b4510; Max-Age=31536000; Expires=Tue, 12 Sep 2023 12:37:40 GMT; Path=/; Domain=.betweendigital.com
ut=Yx8oFAAFbqCnojLUcMiqdpLlIaZQ_xmJCbFj2g==; Max-Age=31536000; Expires=Tue, 12 Sep 2023 12:37:40 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2
match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
204 No Content 0 B URL HTTP/2 match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 12 Sep 2022 12:37:40 GMT
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 3e0f80e88d102b59553f540c9c6ab908
4e07ca3c1c9b6d796803cfced8242b623bcb89fd
e008bc9f29f2ca73d5148aee2095338652e1396216cb4de0bfa5c75db81d892a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 12 Sep 2022 12:37:40 GMT
Last-Modified: Mon, 12 Sep 2022 12:01:49 GMT
Server: ECS (nyb/1D12)
X-Cache: Miss from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vqyX6IBzzKFPM8vMRsV6zy7V2EurXRf8EEiaWAcVWd5ffmXFuAhkuA==
Age: 2151
ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
302 Found 0 B URL HTTP/2 ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP/1.1
Host: ssp.disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 12 Sep 2022 12:37:40 GMT
content-length: 0
location: https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-7fbaab18-0036-3cb8-88c2-ce5350ae9908
vary: origin
cache-control: no-store
pragma: no-cache
expires: 0
set-cookie: zeta-ssp-user-id=ua-7fbaab18-0036-3cb8-88c2-ce5350ae9908; Max-Age=31536000; Expires=Tue, 12 Sep 2023 12:37:40 GMT; Path=/; Domain=disqus.com; Secure; SameSite=None
X-Firefox-Spdy: h2
sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-7fbaab18-0036-3cb8-88c2-ce5350ae9908
200 OK 43 B URL HTTP/2 sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-7fbaab18-0036-3cb8-88c2-ce5350ae9908
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
GET /setuid?bidder=zeta-global&uid=ua-7fbaab18-0036-3cb8-88c2-ce5350ae9908 HTTP/1.1
Host: sync.quantumdex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sync.quantumdex.io/
Connection: keep-alive
Cookie: uid=80883395-c517-4590-9a70-5383c07300ba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 12:37:40 GMT
content-type: image/gif
content-length: 43
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7498b220bb9995fc-ARN
X-Firefox-Spdy: h2
ib.adnxs.com/async_usersync?cbfn=queuePixels
307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Mon, 12 Sep 2022 12:37:40 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: c0927207-44a1-4a77-bd0d-acbc30423bee
Set-Cookie: uuid2=3215393970499776048; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 11-Dec-2022 12:37:40 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/async_usersync?cbfn=queuePixels
307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Mon, 12 Sep 2022 12:37:40 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 23a62421-fdb5-4dd5-a57d-f14a93ba1d49
Set-Cookie: uuid2=3303109949132243904; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 11-Dec-2022 12:37:40 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 12 Sep 2022 12:37:41 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: c823b968-26df-4d04-8e69-b4d6a1522e39
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 12 Sep 2022 12:37:41 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 512aa1e9-33af-486f-8440-c1df4515a4d4
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
204 No Content 0 B URL HTTP/1.1 ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP/1.1
Host: ap.lijit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
date: Mon, 12 Sep 2022 12:37:41 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
pod: X-Sovrn-Pod: ad_ap7ams1
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash b58a38fc01cdf316a94cafb69e5c42dd
d58215d178aa56395469322638a668e4b84479ce
61b7ff76d81abdc3bf2f7d4ec681b6622925cba9fb0feb80f0057c6232b5d51f
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 12 Sep 2022 12:37:42 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 11 Sep 2022 22:13:57 GMT
Expires: Mon, 12 Sep 2022 22:13:57 GMT
ETag: "d58215d178aa56395469322638a668e4b84479ce"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
targon-naq.eurobillets.com/etablissement-montagne/
200 OK 0 B URL HTTP/2 targon-naq.eurobillets.com/etablissement-montagne/
IP
GET /etablissement-montagne/ HTTP/1.1
Host: targon-naq.eurobillets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 12 Sep 2022 12:37:35 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=9smepgqe7uq9m91d7ch8087na3; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
x-ua-compatible: IE=edge
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HGl6U3jR2ycSnN%2BO%2FStm7R3M6ZLz3pJvkctAeZFAAtpkLvPDRs5Jj8qua9uqvJOuBU%2BFwb8xV36%2F%2FIWvKxyheGVZgUiFhlwPPfo6ISQT6qrpYPK9v88HMcEksUsmMoSPwhcNIH896iD9bwD5hQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7498b1fd39c9b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
get.optad360.io/sf/e260c3ca-844c-11e8-900d-06048607e8f8/plugin.min.js
200 OK 0 B URL HTTP/2 get.optad360.io/sf/e260c3ca-844c-11e8-900d-06048607e8f8/plugin.min.js
IP
GET /sf/e260c3ca-844c-11e8-900d-06048607e8f8/plugin.min.js HTTP/1.1
Host: get.optad360.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://targon-naq.eurobillets.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 12 Sep 2022 12:37:36 GMT
last-modified: Fri, 21 Jan 2022 10:23:02 GMT
etag: W/"676a0a6687fe4fe2de92a9578315ac3b"
cache-control: public, max-age=3600
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: C0JS_1f2Hij6vfUosnEJz9FxkxJTd5XI33_RQJu0cC2gz3sgLJm6-w==
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ftargon-naq.eurobillets.com%2F&domain=targon-naq.eurobillets.com&cw=1&lsw=1
200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ftargon-naq.eurobillets.com%2F&domain=targon-naq.eurobillets.com&cw=1&lsw=1
IP
OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Ftargon-naq.eurobillets.com%2F&domain=targon-naq.eurobillets.com&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://targon-naq.eurobillets.com/
Origin: https://targon-naq.eurobillets.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 12:37:39 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://targon-naq.eurobillets.com
server-processing-duration-in-ticks: 363064
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
sync.quantumdex.io/usersync/apacdex
200 OK 0 B URL HTTP/2 sync.quantumdex.io/usersync/apacdex
IP
GET /usersync/apacdex HTTP/1.1
Host: sync.quantumdex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://targon-naq.eurobillets.com/
Cookie: uid=80883395-c517-4590-9a70-5383c07300ba
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 12:37:40 GMT
content-type: text/html
set-cookie: uid=80883395-c517-4590-9a70-5383c07300ba; expires=Thu, 22 Sep 2022 12:37:40 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7498b21cfda495fc-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
us03.biz/?te=mq4wcyzyme5ha3ddf43donrt
200 OK 0 B URL HTTP/2 us03.biz/?te=mq4wcyzyme5ha3ddf43donrt
IP
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /?te=mq4wcyzyme5ha3ddf43donrt HTTP/1.1
Host: us03.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://targon-naq.eurobillets.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 12:37:35 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=75b56a09-d6ea-491f-ab23-46815460d76d; expires=Wed, 12-Oct-2022 12:37:35 GMT; Max-Age=2592000; path=/; SameSite=None; domain=us03.biz; secure
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
adx.adform.net/adx/openrtb
200 OK 0 B URL HTTP/2 adx.adform.net/adx/openrtb
IP
OPTIONS /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://targon-naq.eurobillets.com/
Origin: https://targon-naq.eurobillets.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 12:37:36 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://targon-naq.eurobillets.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
302 Found 0 B URL HTTP/2 ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
IP
GET /usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP/1.1
Host: ssum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 12 Sep 2022 12:37:40 GMT
content-type: text/html; charset=iso-8859-1
location: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
cf-ray: 7498b21d594ab518-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMID=Yx8oFH0kf29ekMfThO3loQAA;domain=casalemedia.com;path=/;expires=Tue, 12 Sep 2023 12:37:40 GMT
CMPS=4339;domain=casalemedia.com;path=/;expires=Sun, 11 Dec 2022 12:37:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=79nVf%2BGTsOgzGjQwf7EQQfQYn%2Bku1ptCiW0ymm6MwgLWDJnO4r0S0COmzulm7BjW0CZCCldxyJ1jePVlwzugBiipFsGW3yXJM04hTFVOriHUPBYpL5qg94EvkGHV9xC0%2F0ZZUXQ3TYWKHg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
script.4dex.io/adagio.js
200 OK 0 B IP
GET /adagio.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://targon-naq.eurobillets.com/
Origin: https://targon-naq.eurobillets.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 12:37:36 GMT
content-type: application/javascript
access-control-allow-headers: Authorization
access-control-max-age: 3000
x-amz-id-2: tx746f48b375c24f2592239-00631f2810
access-control-allow-credentials: true
x-amz-request-id: tx746f48b375c24f2592239-00631f2810
last-modified: Fri, 09 Sep 2022 16:00:45 GMT
etag: W/"831813ee9b2fc0d248741417a0e3b488"
cache-control: public, max-age=1800
x-amz-version-id: 1662739245061580
access-control-allow-methods: GET
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w0LhBXQE1D2i%2BjyGTsVbkb%2BOaZTPZ3l%2FTjGQndnP75%2BafQOsGbvCjNAMKoCBaC7t9lN1WDaOCfYc92WIcuRspoVN%2FUe6HrjgPQgV%2F%2BEWmHHIBssNkka%2F4HvHbpCI5mr2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7498b2052fb4b4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2
mc.yandex.ru/watch/48396329?wmode=7&page-url=https%3A%2F%2Ftargon-naq.eurobillets.com%2Fetablissement-montagne%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hj1rf2ym17zxi6fwm9k%3Afp%3A746%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A212090625799%3Ahid%3A519520735%3Az%3A0%3Ai%3A20220912123724%3Aet%3A1662986244%3Ac%3A1%3Arn%3A851614717%3Arqn%3A1%3Au%3A166298624471075414%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662986242708%3Aco%3A0%3Ads%3A0%2C29%2C104%2C1%2C273%2C0%2C%2C465%2C3%2C%2C%2C%2C918%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662986244%3At%3A%C3%89tablissement%20Montagne%20%E2%80%94%20le%20magasin%20%E2%80%94%20Targon%2C%20Nouvelle-Aquitaine&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/48396329?wmode=7&page-url=https%3A%2F%2Ftargon-naq.eurobillets.com%2Fetablissement-montagne%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hj1rf2ym17zxi6fwm9k%3Afp%3A746%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A212090625799%3Ahid%3A519520735%3Az%3A0%3Ai%3A20220912123724%3Aet%3A1662986244%3Ac%3A1%3Arn%3A851614717%3Arqn%3A1%3Au%3A166298624471075414%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662986242708%3Aco%3A0%3Ads%3A0%2C29%2C104%2C1%2C273%2C0%2C%2C465%2C3%2C%2C%2C%2C918%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662986244%3At%3A%C3%89tablissement%20Montagne%20%E2%80%94%20le%20magasin%20%E2%80%94%20Targon%2C%20Nouvelle-Aquitaine&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
IP
GET /watch/48396329?wmode=7&page-url=https%3A%2F%2Ftargon-naq.eurobillets.com%2Fetablissement-montagne%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hj1rf2ym17zxi6fwm9k%3Afp%3A746%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A212090625799%3Ahid%3A519520735%3Az%3A0%3Ai%3A20220912123724%3Aet%3A1662986244%3Ac%3A1%3Arn%3A851614717%3Arqn%3A1%3Au%3A166298624471075414%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662986242708%3Aco%3A0%3Ads%3A0%2C29%2C104%2C1%2C273%2C0%2C%2C465%2C3%2C%2C%2C%2C918%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662986244%3At%3A%C3%89tablissement%20Montagne%20%E2%80%94%20le%20magasin%20%E2%80%94%20Targon%2C%20Nouvelle-Aquitaine&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://targon-naq.eurobillets.com
Connection: keep-alive
Referer: https://targon-naq.eurobillets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/48396329/1?wmode=7&page-url=https%3A%2F%2Ftargon-naq.eurobillets.com%2Fetablissement-montagne%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hj1rf2ym17zxi6fwm9k%3Afp%3A746%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A212090625799%3Ahid%3A519520735%3Az%3A0%3Ai%3A20220912123724%3Aet%3A1662986244%3Ac%3A1%3Arn%3A851614717%3Arqn%3A1%3Au%3A166298624471075414%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662986242708%3Aco%3A0%3Ads%3A0%2C29%2C104%2C1%2C273%2C0%2C%2C465%2C3%2C%2C%2C%2C918%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662986244%3At%3A%C3%89tablissement%20Montagne%20%E2%80%94%20le%20magasin%20%E2%80%94%20Targon%2C%20Nouvelle-Aquitaine&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Mon, 12 Sep 2022 12:37:36 GMT
access-control-allow-origin: https://targon-naq.eurobillets.com
set-cookie: yandexuid=5772586921662986256; Expires=Tue, 12-Sep-2023 12:37:36 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=5772586921662986256; Expires=Tue, 12-Sep-2023 12:37:36 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=1387681611662986256; Path=/; SameSite=None; Secure
i=L0cmOBeUFVQOfzZY70FIIFn5AqAWsJZGmW4WYShJIhj6I87VWoU0E9EaLnuF3AcajsCWcnJcVpl9tPabHabDxY8OpsE=; Expires=Thu, 09-Sep-2032 12:37:36 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1694522256.yrts.1662986256#1694522256.yrtsi.1662986256; Expires=Tue, 12-Sep-2023 12:37:36 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 12-Sep-2022 12:37:36 GMT
last-modified: Mon, 12-Sep-2022 12:37:36 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
200 OK 0 B URL HTTP/2 r.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
IP
GET /usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1 HTTP/1.1
Host: r.casalemedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sync.quantumdex.io/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 12:37:40 GMT
content-type: text/html
cf-ray: 7498b21dcded1c0a-OSL
cache-control: no-cache
expires: 0
vary: Is-Traffic-Usersync, Accept-Encoding
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rZORJMMc3LBS%2FPIE81M8wfV5Tej%2Fs6uKfu7a0505GEngdeNzN9w%2F9YufUqbL53GNnoHsgbJOF6gYWADGc9byOD7kNfr4s%2Bx0%2F%2Fam9sbznJO66ARBb6anvHjRC071MlInWaMD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
std.wpcdn.pl/wpjslib6/wpjslib-sync.js
200 OK 0 B URL HTTP/2 std.wpcdn.pl/wpjslib6/wpjslib-sync.js
IP
ASN #12827 Wirtualna Polska Media S.A.
GET /wpjslib6/wpjslib-sync.js HTTP/1.1
Host: std.wpcdn.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ssp.wp.pl
Connection: keep-alive
Referer: https://ssp.wp.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 12:37:40 GMT
content-type: application/javascript
last-modified: Mon, 12 Sep 2022 10:05:53 GMT
x-rgw-object-type: Normal
etag: W/"b1ccfd493a7571b80a35514a74f42893"
cache-control: max-age=900, stale-while-revalidate=86400
content-encoding: br
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 300
timing-allow-origin: *
X-Firefox-Spdy: h2
104.21.83.238
192.124.249.36
151.101.85.229
37.252.173.22
87.250.250.119
178.250.2.146
104.22.36.96
185.184.8.90
212.77.98.32
188.42.191.196
95.101.11.115
213.19.147.45
37.157.2.234