test-billetterie.zoobeauval.com Open in urlscan Pro
193.72.147.242 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://test-billetterie.zoobeauval.com/
Effective URL:
https://test-billetterie.zoobeauval.com/content
Submission: On July 19 via automatic, source certstream-suspicious (July 19th 2022, 7:09:18 am UTC) — Scanned from DE

Summary HTTP 130 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 70 IPs in 12 countries across 59 domains to perform 130 HTTP transactions. The main IP is 193.72.147.242, located in Lausanne, Switzerland and belongs to SAFEHOSTNET Colocation center in Geneva, CH. The main domain is test-billetterie.zoobeauval.com.
TLS certificate: Issued by R3 on July 19th 2022. Valid for: 3 months.

This is the only time test-billetterie.zoobeauval.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 8	193.72.147.242 193.72.147.242	21217 (SAFEHOSTN...) (SAFEHOSTNET Colocation center in Geneva)
4	2600:9000:225... 2600:9000:225a:a00:15:3831:ac40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
2	52.213.248.76 52.213.248.76	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	18.66.2.17 18.66.2.17	16509 (AMAZON-02) (AMAZON-02)
2	89.185.38.89 89.185.38.89	8426 (CLARANET-...) (CLARANET-AS ClaraNET LTD)
1	199.232.188.157 199.232.188.157	54113 (FASTLY) (FASTLY)
1	151.101.65.108 151.101.65.108	54113 (FASTLY) (FASTLY)
2	104.254.152.3 104.254.152.3	399041 (RSI-FR-SITE2) (RSI-FR-SITE2)
13	2001:41d0:301... 2001:41d0:301:100:145:239:193:53	16276 (OVH) (OVH)
1	108.128.115.204 108.128.115.204	16509 (AMAZON-02) (AMAZON-02)
1	34.239.191.205 34.239.191.205	14618 (AMAZON-AES) (AMAZON-AES)
2 3	185.89.211.116 185.89.211.116	29990 (ASN-APPNEX) (ASN-APPNEX)
1	34.195.1.78 34.195.1.78	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:400c:c0a::9a	15169 (GOOGLE) (GOOGLE)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1	18.66.112.122 18.66.112.122	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1 2	144.76.104.53 144.76.104.53	24940 (HETZNER-AS) (HETZNER-AS)
1 1	51.158.29.13 51.158.29.13	12876 (Online SAS) (Online SAS)
1 2	51.158.29.12 51.158.29.12	12876 (Online SAS) (Online SAS)
1 2	88.99.219.174 88.99.219.174	24940 (HETZNER-AS) (HETZNER-AS)
3	52.219.47.27 52.219.47.27	16509 (AMAZON-02) (AMAZON-02)
1	18.66.139.40 18.66.139.40	16509 (AMAZON-02) (AMAZON-02)
1	99.80.161.153 99.80.161.153	16509 (AMAZON-02) (AMAZON-02)
4	104.90.104.250 104.90.104.250	16625 (AKAMAI-AS) (AKAMAI-AS)
5 10	142.250.185.134 142.250.185.134	15169 (GOOGLE) (GOOGLE)
2 3	37.157.6.242 37.157.6.242	198622 (ADFORM) (ADFORM)
1	37.157.5.73 37.157.5.73	198622 (ADFORM) (ADFORM)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2 4	15.237.16.53 15.237.16.53	16509 (AMAZON-02) (AMAZON-02)
2 2	54.38.25.75 54.38.25.75	16276 (OVH) (OVH)
1	18.200.221.133 18.200.221.133	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2 2	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 8	185.89.211.84 185.89.211.84	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 3	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.139 74.119.119.139	19750 (AS-CRITEO) (AS-CRITEO)
1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	3.73.227.228 3.73.227.228	16509 (AMAZON-02) (AMAZON-02)
1 1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
3	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	64.202.112.127 64.202.112.127	23352 (SERVERCEN...) (SERVERCENTRAL)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	141.226.124.48 141.226.124.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	185.86.139.57 185.86.139.57	201081 (SMARTADSE...) (SMARTADSERVER)
1 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1 2	54.76.193.17 54.76.193.17	16509 (AMAZON-02) (AMAZON-02)
1	104.36.113.107 104.36.113.107	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1	37.157.6.241 37.157.6.241	198622 (ADFORM) (ADFORM)
1 3	18.157.234.113 18.157.234.113	16509 (AMAZON-02) (AMAZON-02)
1	185.255.84.152 185.255.84.152	200271 (IGUANE-) (IGUANE-)
1	3.121.205.163 3.121.205.163	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	193.108.153.18 193.108.153.18	34164 (AKAMAI-LON) (AKAMAI-LON)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3b	20446 (STACKPATH...) (STACKPATH-CDN)
1	3.124.231.32 3.124.231.32	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:225f:400:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	54.165.212.22 54.165.212.22	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:444... 2600:1f18:444a:4680:4331:5d42:7c5e:9273	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:612... 2600:1f18:612b:4200:91e2:be0:268c:1b25	14618 (AMAZON-AES) (AMAZON-AES)
1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
130	70

8 193.72.147.242 (Lausanne, Switzerland) 1 redirects

ASN21217 (SAFEHOSTNET Colocation center in Geneva, CH)
PTR: p20-shop.secutix.com

test-billetterie.zoobeauval.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:225a:a00:15:3831:ac40:93a1 (United States)

ASN16509 (AMAZON-02, US)

zpdb.widgets.secutix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.213.248.76 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-248-76.eu-west-1.compute.amazonaws.com

u360.d-bi.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.2.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-2-17.txl50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.185.38.89 (Paris, France)

ASN8426 (CLARANET-AS ClaraNET LTD, GB)

u.logbor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.188.157 (Munich, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.254.152.3 (Canada)

ASN399041 (RSI-FR-SITE2, CA)
PTR: t.mydialoginsight.com

t.mydialoginsight.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2001:41d0:301:100:145:239:193:53 (France)

ASN16276 (OVH, FR)

asset.easydmp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sqdt.mconso.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sq.chichaylimona.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.128.115.204 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-115-204.eu-west-1.compute.amazonaws.com

api.optinproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.239.191.205 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-191-205.compute-1.amazonaws.com

ads.mediasmart.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.211.116 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.195.1.78 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-1-78.compute-1.amazonaws.com

3ma79ae7cua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0a::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-122.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 144.76.104.53 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.53.104.76.144.clients.your-server.de

ad.ad-srv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.158.29.13 (Paris, France) 1 redirects

ASN12876 (Online SAS, FR)
PTR: 51-158-29-13.rev.poneytelecom.eu

js.cookieless-data.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.158.29.12 (Paris, France) 1 redirects

ASN12876 (Online SAS, FR)
PTR: 51-158-29-12.rev.poneytelecom.eu

js.sddan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.99.219.174 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.174.219.99.88.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.219.47.27 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: s3.eu-central-1.amazonaws.com

s3.eu-central-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.139.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-40.fra60.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.80.161.153 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-161-153.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.90.104.250 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-104-250.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.134 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
11868943.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
10165143.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.6.242 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.5.73 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 15.237.16.53 (Paris, France) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-15-237-16-53.eu-west-3.compute.amazonaws.com

sync.commander1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.38.25.75 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ip75.ip-54-38-25.eu

p.crm4d.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.200.221.133 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-221-133.eu-west-1.compute.amazonaws.com

v3.api.optinproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::3 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

trk.datnova.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.89.211.84 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::13 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.73.227.228 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-227-228.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.127 (Harrodsburg, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.124.48 (Israel)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.57 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.76.193.17 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-193-17.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.36.113.107 (United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.19.126 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.241 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.157.234.113 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-234-113.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.152 (Ivry-sur-Seine, France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.121.205.163 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-205-163.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.108.153.18 (Frankfurt am Main, Germany) 1 redirects

ASN34164 (AKAMAI-LON, NL)
PTR: a193-108-153-18.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

cdn.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.231.32 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-231-32.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225f:400:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.165.212.22 (United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-212-22.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:444a:4680:4331:5d42:7c5e:9273 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4200:91e2:be0:268c:1b25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	doubleclick.net 6 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 138 5994599.fls.doubleclick.net — Cisco Umbrella Rank: 71880 11868943.fls.doubleclick.net — Cisco Umbrella Rank: 79094 10165143.fls.doubleclick.net cm.g.doubleclick.net — Cisco Umbrella Rank: 223	6 KB
12	adnxs.com 6 redirects acdn.adnxs.com — Cisco Umbrella Rank: 623 ib.adnxs.com — Cisco Umbrella Rank: 257 secure.adnxs.com — Cisco Umbrella Rank: 436	14 KB
11	easydmp.net asset.easydmp.net — Cisco Umbrella Rank: 55251	23 KB
8	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 410 mug.criteo.com — Cisco Umbrella Rank: 2434 sslwidget.criteo.com — Cisco Umbrella Rank: 1616 dis.criteo.com — Cisco Umbrella Rank: 775	13 KB
8	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 69	20 KB
8	zoobeauval.com 1 redirects test-billetterie.zoobeauval.com	62 KB
7	google.de www.google.de — Cisco Umbrella Rank: 4915 adservice.google.de — Cisco Umbrella Rank: 6937	2 KB
7	google.com www.google.com — Cisco Umbrella Rank: 17 adservice.google.com — Cisco Umbrella Rank: 103	3 KB
5	adform.net 2 redirects track.adform.net — Cisco Umbrella Rank: 4360 s2.adform.net — Cisco Umbrella Rank: 5824 cm.adform.net — Cisco Umbrella Rank: 1718	32 KB
5	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 698 script.hotjar.com — Cisco Umbrella Rank: 1004 vars.hotjar.com — Cisco Umbrella Rank: 1019 in.hotjar.com — Cisco Umbrella Rank: 1681	71 KB
4	commander1.com 2 redirects sync.commander1.com — Cisco Umbrella Rank: 27004	3 KB
4	mathtag.com pixel.mathtag.com — Cisco Umbrella Rank: 1130	4 KB
4	secutix.com zpdb.widgets.secutix.com	2 MB
3	liadm.com 2 redirects i.liadm.com — Cisco Umbrella Rank: 580 i6.liadm.com — Cisco Umbrella Rank: 1601	1 KB
3	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 315	1 KB
3	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 290 ads.yahoo.com — Cisco Umbrella Rank: 1244	699 B
3	amazonaws.com s3.eu-central-1.amazonaws.com	57 KB
2	stickyadstv.com 1 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 732 cdn.stickyadstv.com — Cisco Umbrella Rank: 2644	1 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 850	2 KB
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 692	851 B
2	datnova.com 2 redirects trk.datnova.com — Cisco Umbrella Rank: 188937	1 KB
2	crm4d.com 2 redirects p.crm4d.com — Cisco Umbrella Rank: 148413	1 KB
2	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 33738	2 KB
2	sddan.com 1 redirects js.sddan.com — Cisco Umbrella Rank: 32412	5 KB
2	ad-srv.net 1 redirects ad.ad-srv.net — Cisco Umbrella Rank: 33058	1 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	388 B
2	optinproject.com api.optinproject.com — Cisco Umbrella Rank: 222237 v3.api.optinproject.com — Cisco Umbrella Rank: 339579	928 B
2	mydialoginsight.com t.mydialoginsight.com — Cisco Umbrella Rank: 687477	10 KB
2	logbor.com u.logbor.com — Cisco Umbrella Rank: 138755	5 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 164	110 KB
2	d-bi.fr u360.d-bi.fr — Cisco Umbrella Rank: 91782	5 KB
1	bing.com c.bing.com — Cisco Umbrella Rank: 235	595 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2471	183 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 681	240 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1467	40 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 10873	274 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 563	35 B
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 1382	235 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 566	785 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 1686	172 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 664	245 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 448	140 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 663	163 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1227	100 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 372	239 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 750	476 B
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 1061	134 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 365	98 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 649	14 KB
1	chichaylimona.com sq.chichaylimona.com — Cisco Umbrella Rank: 589003	414 B
1	mconso.fr sqdt.mconso.fr — Cisco Umbrella Rank: 564797	415 B
1	adsrvr.org insight.adsrvr.org — Cisco Umbrella Rank: 685	261 B
1	cookieless-data.com 1 redirects js.cookieless-data.com — Cisco Umbrella Rank: 7340	754 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 543	354 B
1	t.co t.co — Cisco Umbrella Rank: 441	337 B
1	3ma79ae7cua.com 3ma79ae7cua.com — Cisco Umbrella Rank: 325089	216 B
1	mediasmart.es ads.mediasmart.es — Cisco Umbrella Rank: 593045	216 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 683	15 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 101	81 KB
130	59

	Domain	Requested by
11	asset.easydmp.net	test-billetterie.zoobeauval.com asset.easydmp.net
8	secure.adnxs.com	4 redirects test-billetterie.zoobeauval.com
8	www.google-analytics.com	www.googletagmanager.com test-billetterie.zoobeauval.com www.google-analytics.com
8	test-billetterie.zoobeauval.com	1 redirects test-billetterie.zoobeauval.com zpdb.widgets.secutix.com
5	adservice.google.de	adservice.google.com
5	adservice.google.com	5994599.fls.doubleclick.net 10165143.fls.doubleclick.net 11868943.fls.doubleclick.net
4	sync.commander1.com	2 redirects test-billetterie.zoobeauval.com
4	11868943.fls.doubleclick.net	2 redirects hal9000.redintelligence.net
4	5994599.fls.doubleclick.net	2 redirects hal9000.redintelligence.net
4	pixel.mathtag.com	hal9000.redintelligence.net
4	zpdb.widgets.secutix.com	test-billetterie.zoobeauval.com zpdb.widgets.secutix.com
3	x.bidswitch.net	1 redirects
3	dis.criteo.com
3	gum.criteo.com	2 redirects static.criteo.net
3	track.adform.net	2 redirects hal9000.redintelligence.net
3	s3.eu-central-1.amazonaws.com	test-billetterie.zoobeauval.com zpdb.widgets.secutix.com
3	ib.adnxs.com	2 redirects test-billetterie.zoobeauval.com
2	i.liadm.com	2 redirects
2	r.casalemedia.com	1 redirects
2	ad.360yield.com	1 redirects
2	ups.analytics.yahoo.com	1 redirects
2	trk.datnova.com	2 redirects
2	p.crm4d.com	2 redirects
2	10165143.fls.doubleclick.net	1 redirects ad.ad-srv.net
2	hal9000.redintelligence.net	1 redirects test-billetterie.zoobeauval.com
2	js.sddan.com	1 redirects test-billetterie.zoobeauval.com
2	ad.ad-srv.net	1 redirects u.logbor.com
2	www.google.de	test-billetterie.zoobeauval.com
2	www.google.com	test-billetterie.zoobeauval.com
2	www.facebook.com	test-billetterie.zoobeauval.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	t.mydialoginsight.com	www.googletagmanager.com
2	u.logbor.com	test-billetterie.zoobeauval.com u.logbor.com
2	static.hotjar.com	test-billetterie.zoobeauval.com
2	connect.facebook.net	test-billetterie.zoobeauval.com connect.facebook.net
2	u360.d-bi.fr	test-billetterie.zoobeauval.com
1	c.bing.com
1	criteo-partners.tremorhub.com
1	i6.liadm.com
1	s.ad.smaato.net
1	exchange.mediavine.com
1	cdn.stickyadstv.com
1	ads.stickyadstv.com	1 redirects
1	matching.ivitrack.com
1	match.sharethrough.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	contextual.media.net
1	criteo-sync.teads.tv
1	simage2.pubmatic.com
1	eb2.3lift.com
1	ads.yahoo.com
1	rtb-csync.smartadserver.com
1	sync-t1.taboola.com
1	pixel.rubiconproject.com
1	sync.outbrain.com
1	cm.g.doubleclick.net	1 redirects
1	e1.emxdgt.com
1	idsync.rlcdn.com
1	sslwidget.criteo.com	static.criteo.net
1	mug.criteo.com
1	static.criteo.net	www.googletagmanager.com
1	sq.chichaylimona.com	asset.easydmp.net
1	sqdt.mconso.fr	asset.easydmp.net
1	v3.api.optinproject.com	test-billetterie.zoobeauval.com
1	insight.adsrvr.org	ad.ad-srv.net
1	s2.adform.net	hal9000.redintelligence.net
1	in.hotjar.com	script.hotjar.com
1	vars.hotjar.com	static.hotjar.com
1	js.cookieless-data.com	1 redirects
1	script.hotjar.com	static.hotjar.com
1	analytics.twitter.com	test-billetterie.zoobeauval.com
1	t.co	test-billetterie.zoobeauval.com
1	3ma79ae7cua.com	test-billetterie.zoobeauval.com
1	ads.mediasmart.es	test-billetterie.zoobeauval.com
1	api.optinproject.com	test-billetterie.zoobeauval.com
1	acdn.adnxs.com	test-billetterie.zoobeauval.com
1	static.ads-twitter.com	test-billetterie.zoobeauval.com
1	www.googletagmanager.com	test-billetterie.zoobeauval.com
130	79

This site contains links to these domains. Also see Links.

Domain
www.secutix.com
www.zoobeauval.com

Subject Issuer	Validity	Valid
test-billetterie.zoobeauval.com R3	`2022-07-19` - `2022-10-17`	3 months	crt.sh
*.widgets.secutix.com Amazon	`2022-01-31` - `2023-02-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
d-bi.fr Amazon	`2022-04-27` - `2023-05-26`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-27` - `2022-07-26`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.logbor.com R3	`2022-07-05` - `2022-10-03`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh
t.mydialoginsight.com RapidSSL TLS RSA CA G1	`2022-05-16` - `2023-05-16`	a year	crt.sh
icd.easydmp.net R3	`2022-05-26` - `2022-08-24`	3 months	crt.sh
optinproject.com Amazon	`2022-02-15` - `2023-03-16`	a year	crt.sh
ads.mediasmart.es Sectigo RSA Domain Validation Secure Server CA	`2022-04-26` - `2023-05-08`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
3ma79ae7cua.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-27` - `2022-11-08`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
ad-srv.net R3	`2022-05-30` - `2022-08-28`	3 months	crt.sh
redintelligence.net R3	`2022-05-31` - `2022-08-29`	3 months	crt.sh
*.s3.eu-central-1.amazonaws.com Amazon	`2021-12-09` - `2022-12-06`	a year	crt.sh
pixel.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-05`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
core.api.optincollect.com Amazon	`2021-09-14` - `2022-10-12`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
asset.azdmp.com R3	`2022-06-29` - `2022-09-27`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-21` - `2022-09-23`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-15` - `2022-09-18`	3 months	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2022-05-18` - `2023-06-19`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2021-10-24` - `2022-11-24`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
ui.aps.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-06-18` - `2022-08-03`	2 months	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
teads.tv R3	`2022-06-01` - `2022-08-30`	3 months	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-16`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
*.sharethrough.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
itm.ivitrack.com R3	`2022-06-08` - `2022-09-06`	3 months	crt.sh
exchange.mediavine.com Amazon	`2022-07-06` - `2023-08-04`	a year	crt.sh
s.ad.smaato.net Amazon	`2021-09-21` - `2022-10-20`	a year	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-06-10` - `2022-12-10`	6 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh

This page contains 24 frames:

Primary Page: https://test-billetterie.zoobeauval.com/content
Frame ID: CE2CFA33360A61F56D2E7A277427B4FF
Requests: 61 HTTP requests in this frame

Frame: https://ad.ad-srv.net/retarget?a=51897&version=1&segment=&redirected=1
Frame ID: 599133B61B08B332D73A95F08EB27F5F
Requests: 2 HTTP requests in this frame

Frame: https://hal9000.redintelligence.net/retarget?a=52807&version=1&segment=&redirected=1
Frame ID: DFA7C53BC5AECA6684D6C4E0E22D3190
Requests: 7 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-0004cb77850b00d4aa7e1e08ff61e8f0.html
Frame ID: 8A0526BA52506F6D5AF48950B2B9FA2C
Requests: 1 HTTP requests in this frame

Frame: https://asset.easydmp.net/client_iframe.html?t=230308
Frame ID: 76AAB5968B23441F6895EA6890C1D62A
Requests: 12 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CMG8p8uyhPkCFfL-1QodQm4L1w;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=2148678597874.616
Frame ID: 82BF21D008389ACFD9932BA511FEEE3A
Requests: 1 HTTP requests in this frame

Frame: https://11868943.fls.doubleclick.net/activityi;dc_pre=CJKYqMuyhPkCFUOr1QodfvMBKQ;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=3076420229520.145
Frame ID: 142D23A4B9B4B31EE1225A775A7CC5F3
Requests: 1 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJK9p8uyhPkCFWYWBgAdQhwAtw;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=9041292214334.014
Frame ID: C5F9BAD3677A7496363910EC1A3D2AE2
Requests: 1 HTTP requests in this frame

Frame: https://11868943.fls.doubleclick.net/activityi;dc_pre=CJmXqMuyhPkCFQPC1QodROYLKA;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=2582991028522.53
Frame ID: 99ADBE7440E952FA1AD06810AA0886EE
Requests: 1 HTTP requests in this frame

Frame: https://10165143.fls.doubleclick.net/activityi;dc_pre=CPmjqMuyhPkCFQPC1QodROYLKA;src=10165143;type=invmedia;cat=zoode0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=6654397948324.111
Frame ID: F68B2505279AC17B8744EF850AA5DBD1
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CMG8p8uyhPkCFfL-1QodQm4L1w;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=2148678597874.616;~oref=https://hal9000.redintelligence.net/
Frame ID: B584B7D5CBC5F67F737AF374FD0FD7C2
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CJK9p8uyhPkCFWYWBgAdQhwAtw;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=9041292214334.014;~oref=https://hal9000.redintelligence.net/
Frame ID: CD106C43FD9E3136E8473B5D4609927D
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CPmjqMuyhPkCFQPC1QodROYLKA;src=10165143;type=invmedia;cat=zoode0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=6654397948324.111;~oref=https://ad.ad-srv.net/
Frame ID: 5DE7EBADFEB1740F7417050E3E1734B1
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CJmXqMuyhPkCFQPC1QodROYLKA;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=2582991028522.53;~oref=https://hal9000.redintelligence.net/
Frame ID: E71B8185B783FB0B59D8825F560AD56D
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CJKYqMuyhPkCFUOr1QodfvMBKQ;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=3076420229520.145;~oref=https://hal9000.redintelligence.net/
Frame ID: 068F5C0531928F7A717AA93390B49DD0
Requests: 1 HTTP requests in this frame

Frame: https://asset.easydmp.net/collect_v2.img.php?dmp=emdmpeasy&p=graphinium&c4d_uid=83tB55VRy-P2wj18I3Dy-Z2jYPSTFpFV2JY8CM9bd5E
Frame ID: 143145D8174F5B657D4E53813D74604E
Requests: 1 HTTP requests in this frame

Frame: https://v3.api.optinproject.com/sqdt/picking
Frame ID: 9898470073DB2C0CC961CC9255D28143
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CJKYqMuyhPkCFUOr1QodfvMBKQ;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=3076420229520.145;~oref=https://hal9000.redintelligence.net/
Frame ID: 779ECF5B282A54E124CC4BB417CC6270
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CJK9p8uyhPkCFWYWBgAdQhwAtw;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=9041292214334.014;~oref=https://hal9000.redintelligence.net/
Frame ID: F4840C5D0F6C3CF0F58A9595C8972563
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CPmjqMuyhPkCFQPC1QodROYLKA;src=10165143;type=invmedia;cat=zoode0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=6654397948324.111;~oref=https://ad.ad-srv.net/
Frame ID: F8478FFBD0698AB2DF8474C0D35D9A7A
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CJmXqMuyhPkCFQPC1QodROYLKA;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=2582991028522.53;~oref=https://hal9000.redintelligence.net/
Frame ID: 44715E417567072AA6CBFEAF9457372D
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CMG8p8uyhPkCFfL-1QodQm4L1w;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=2148678597874.616;~oref=https://hal9000.redintelligence.net/
Frame ID: 48EFAE7B8790F36C937DCF67EEFDED85
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=test-billetterie.zoobeauval.com&origin=onetag
Frame ID: 068FEB700F24996EB091220C32A84EE0
Requests: 2 HTTP requests in this frame

Frame: https://idsync.rlcdn.com/397596.gif?partner_uid=NUd2vHxv3NnCax-oPLcfFjjnJVI07Zi6
Frame ID: 5956D54B6FB4A717D30D3F90DDB68D54
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ZooParc de Beauval - Ventes de billets en ligne

Page URL History Show full URLs

https://test-billetterie.zoobeauval.com/ HTTP 302
https://test-billetterie.zoobeauval.com/content Page URL

Detected technologies

Cart Functionality (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

<a[^>]*href=[^>]*/Cart

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

130
Requests

85 %
HTTPS

27 %
IPv6

59
Domains

79
Subdomains

70
IPs

12
Countries

2514 kB
Transfer

3394 kB
Size

71
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.secutix.com/
Title: Créé par SecuTix

Search URL Search Domain Scan URL

URL: http://www.zoobeauval.com/conditions-generales-de-vente
Title: Conditions générales

Search URL Search Domain Scan URL

URL: http://www.zoobeauval.com/preparez-votre-visite/questions-frequentes
Title: FAQ

Search URL Search Domain Scan URL

URL: http://www.zoobeauval.com/contact
Title: Contactez-nous

Search URL Search Domain Scan URL

URL: https://www.zoobeauval.com/mentions-legales
Title: En savoir plus.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://test-billetterie.zoobeauval.com/ HTTP 302
https://test-billetterie.zoobeauval.com/content Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://ad.ad-srv.net/retarget?a=51897&version=1&segment= HTTP 302
https://ad.ad-srv.net/retarget?a=51897&version=1&segment=&redirected=1

Request Chain 32

https://js.cookieless-data.com/product.d?pa=22808&u=https%3A%2F%2Ftest-billetterie.zoobeauval.com%2Fcontent&r=&product_id=%7BproductID%7D&product_name=PRODUCT_NAME&product_price=PRODUCT_PRICE&cat_name= HTTP 307
https://js.sddan.com/product.d?pa=22808&u=https%3A%2F%2Ftest-billetterie.zoobeauval.com%2Fcontent&r=&product_id=%7BproductID%7D&product_name=PRODUCT_NAME&product_price=PRODUCT_PRICE&cat_name= HTTP 307
https://js.sddan.com/product.d?pa=22808&u=https%3A%2F%2Ftest-billetterie.zoobeauval.com%2Fcontent&r=&product_id=%7BproductID%7D&product_name=PRODUCT_NAME&product_price=PRODUCT_PRICE&cat_name=&bounce=1

Request Chain 33

https://hal9000.redintelligence.net/retarget?a=52807&version=1&segment= HTTP 302
https://hal9000.redintelligence.net/retarget?a=52807&version=1&segment=&redirected=1

Request Chain 42

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=2148678597874.616 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CMG8p8uyhPkCFfL-1QodQm4L1w;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=2148678597874.616

Request Chain 43

https://11868943.fls.doubleclick.net/activityi;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=3076420229520.145 HTTP 302
https://11868943.fls.doubleclick.net/activityi;dc_pre=CJKYqMuyhPkCFUOr1QodfvMBKQ;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=3076420229520.145

Request Chain 44

https://track.adform.net/serving/scripts/trackpoint/async/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 45

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=9041292214334.014 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CJK9p8uyhPkCFWYWBgAdQhwAtw;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=9041292214334.014

Request Chain 46

https://11868943.fls.doubleclick.net/activityi;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=2582991028522.53 HTTP 302
https://11868943.fls.doubleclick.net/activityi;dc_pre=CJmXqMuyhPkCFQPC1QodROYLKA;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=2582991028522.53

Request Chain 48

https://10165143.fls.doubleclick.net/activityi;src=10165143;type=invmedia;cat=zoode0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=6654397948324.111 HTTP 302
https://10165143.fls.doubleclick.net/activityi;dc_pre=CPmjqMuyhPkCFQPC1QodROYLKA;src=10165143;type=invmedia;cat=zoode0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=6654397948324.111

Request Chain 60

https://sync.commander1.com/z2520P95U56206LPR8IfM6d95X4152EF/getuid&callback=sqdComActOnGetTcId HTTP 302
https://sync.commander1.com/z2520P95U56206LPR8IfM6d95X4152EF/getuid&callback=sqdComActOnGetTcId&firsttime=1

Request Chain 61

https://p.crm4d.com/sync/ematch/getuid?uid=165821455338453280&redirect=https://asset.easydmp.net/collect_v2.img.php?dmp%3Demdmpeasy%26p%3Dgraphinium%26c4d_uid%3D$C4D_UID HTTP 303
https://p.crm4d.com/sync/ematch/getuid?uid=165821455338453280&redirect=https%3A%2F%2Fasset.easydmp.net%2Fcollect_v2.img.php%3Fdmp%3Demdmpeasy%26p%3Dgraphinium%26c4d_uid%3D%24C4D_UID&bounce=1 HTTP 303
https://asset.easydmp.net/collect_v2.img.php?dmp=emdmpeasy&p=graphinium&c4d_uid=83tB55VRy-P2wj18I3Dy-Z2jYPSTFpFV2JY8CM9bd5E

Request Chain 63

https://sync.commander1.com/z2520P95U56206LPR8IfM6d95X4152EF/165821455338453280 HTTP 302
https://sync.commander1.com/z2520P95U56206LPR8IfM6d95X4152EF/165821455338453280&firsttime=1

Request Chain 80

https://track.adform.net/Serving/TrackPoint/?pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=622299340622&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Ftest-billetterie.zoobeauval.com%2F&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintelligence.net%2Fretarget%3Fa%3D52807%26version%3D1%26segment%3D%26redirected%3D1 HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=622299340622&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Ftest-billetterie.zoobeauval.com%2F&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintelligence.net%2Fretarget%3Fa%3D52807%26version%3D1%26segment%3D%26redirected%3D1

Request Chain 83

https://trk.datnova.com/tech_cookie.php HTTP 302
https://trk.datnova.com/bot_check.php HTTP 302
https://secure.adnxs.com/seg?add=30331980&t=2

Request Chain 84

https://secure.adnxs.com/seg?add=3149911:22808&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D3149911%3A22808%26t%3D2

Request Chain 85

https://secure.adnxs.com/seg?add=19746819&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19746819%26t%3D2

Request Chain 99

https://gum.criteo.com/sid/json?origin=onetag&domain=zoobeauval.com&sn=ChromeSyncframe&so=0&topUrl=test-billetterie.zoobeauval.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=e8pnUHxRZi95U1kwWi9mYzIrREFNTmNuTHRmblZPSDJRalVsQ0loQUZpaFB4SElpWDh6cHpvWnIrbkVmbWZMdVRlSHlweDQ0UERHQ2QrTnJTbnA2SGhsQmZGN1kxamtjWDRCZVZOVzU4K1JtNlhLem5WSUo3YkxKQXpFQVVyQ2xXZHpXY1JGQ0VhenZIUWZsaFA2L1ZpSE1NWW51WWxlMTV4N3VHYzRoWDc5c2tKa1VkbUd3ZUkzdk04UE5JcHoxY09XekN3M1FybFdhM0hrcTJTU0xGWXRHL21ScyttZ1RIL1JvY25wV1NyYUt0NkNzWXdjcytyMWRyaVl6Zjd3QXNIOXJVdEtYUXp4MUF6WXJkWFV6eFBBQ0tteXZRM2pNbkpUTnRjV1VLR0w4VG9uND18&cppv=2

Request Chain 101

https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 HTTP 302
https://idsync.rlcdn.com/397596.gif?partner_uid=NUd2vHxv3NnCax-oPLcfFjjnJVI07Zi6

Request Chain 103

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-lCsG1a0L2XlKnvv2Ikgvawg2Eew-WIW9WTisHQ&google_cm&google_hm=ay1sQ3NHMWEwTDJYbEtudnYySWtndmF3ZzJFZXctV0lXOVdUaXNIUQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-lCsG1a0L2XlKnvv2Ikgvawg2Eew-WIW9WTisHQ&google_gid=CAESEIS-uEOAqoG2QHvSMbQ7JPI&google_cver=1&google_ula=913071,0

Request Chain 108

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-QZPTVK0L2XlKnvv2Ikgvawg2Eey8eUUHarLL0Q HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-QZPTVK0L2XlKnvv2Ikgvawg2Eey8eUUHarLL0Q&verify=true

Request Chain 111

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-TOVAs60L2XlKnvv2Ikgvawg2EewGM82MqPpUCg HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-TOVAs60L2XlKnvv2Ikgvawg2EewGM82MqPpUCg

Request Chain 112

https://secure.adnxs.com/seg?add=130915&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2472414332832298951

Request Chain 113

https://ib.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2472414332832298951

Request Chain 115

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-n09DmK0L2XlKnvv2Ikgvawg2EezJs9Qy1OCyRw HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-n09DmK0L2XlKnvv2Ikgvawg2EezJs9Qy1OCyRw&C=1

Request Chain 119

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-GjGh-60L2XlKnvv2Ikgvawg2Eeyj645oLS86Cg&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-GjGh-60L2XlKnvv2Ikgvawg2Eeyj645oLS86Cg&expires=30

Request Chain 123

https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-_xbT3q0L2XlKnvv2Ikgvawg2EexwU3MjQ03NQQ&redirectId=69 HTTP 302
https://cdn.stickyadstv.com/one-shot/empty.gif

Request Chain 126

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-ZmUQUK0L2XlKnvv2Ikgvawg2EezJopHJI4sLQA HTTP 303
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-ZmUQUK0L2XlKnvv2Ikgvawg2EezJopHJI4sLQA&_li_chk=true&previous_uuid=7e391ac14efd44d1bfbd578ed053333d HTTP 303
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-ZmUQUK0L2XlKnvv2Ikgvawg2EezJopHJI4sLQA

130 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request content Show response
test-billetterie.zoobeauval.com/
Redirect Chain

https://test-billetterie.zoobeauval.com/
https://test-billetterie.zoobeauval.com/content

22 KB
8 KB

175ms
174ms

Document
text/html

193.72.147.242
SAFEHOSTNET Coloc...

General

Check archive.org

Show headers Download Go to

Full URL

https://test-billetterie.zoobeauval.com/content

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.72.147.242 Lausanne, Switzerland, ASN21217 (SAFEHOSTNET Colocation center in Geneva, CH),

Reverse DNS

p20-shop.secutix.com

Software

nginx /

Resource Hash

70e0e35578e759995ebf1f76629c358fc92164e86d68d853e752084b8eabdfec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: no-store, no-cache
content-encoding: gzip
content-type: text/html;charset=utf-8
date: Tue, 19 Jul 2022 07:09:12 GMT
expires: 0
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
via: 1.1 varnish (Varnish/6.5)
x-amzn-trace-id: Root=1-00000000-000000000000000000000000;
x-content-type-options: nosniff
x-frame-options: DENY
x-time: 0.147
x-varnish: 13825427
x-xss-protection: 1; mode=block

Redirect headers

age: 0
cache-control: no-store, no-cache
content-language: fr
content-length: 0
date: Tue, 19 Jul 2022 07:09:12 GMT
expires: Fri, 01 Jan 2010 12:00:00 GMT
location: /content
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000 ; includeSubDomains
via: 1.1 varnish (Varnish/6.5)
x-auth-token: 716671bb-f209-4a77-a2fb-ee021c9e09da
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-time: 0.092
x-varnish: 13598248
x-xss-protection: 1; mode=block

GET
H2 200 custom.css
test-billetterie.zoobeauval.com/custom/ZPDB_TSTP/ 12 KB
2 KB 21ms
21ms Stylesheet
text/css 193.72.147.242
SAFEHOSTNET Coloc...

General

Check archive.org

Show headers Download Go to

Full URL

https://test-billetterie.zoobeauval.com/custom/ZPDB_TSTP/custom.css

Requested by

Host: test-billetterie.zoobeauval.com
URL: https://test-billetterie.zoobeauval.com/content

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.72.147.242 Lausanne, Switzerland, ASN21217 (SAFEHOSTNET Colocation center in Geneva, CH),

Reverse DNS

p20-shop.secutix.com

Software

nginx /

Resource Hash

5434598852699f37a50956d6eae426068b7010eb08f9be365f7a304c79e07ee3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://test-billetterie.zoobeauval.com/content
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 07:09:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1
x-auth-token: aefc3974-26b6-4189-8e56-312e04876f71
content-disposition: inline;filename=f.txt
vary: Accept-Encoding
content-length: 1676
x-xss-protection: 1; mode=block
pragma: Public
last-modified: Sun, 17 Jul 2022 20:23:10 GMT
server: nginx
x-amzn-trace-id: Root=1-00000000-000000000000000000000000;
strict-transport-security: max-age=31536000 ; includeSubDomains
x-varnish: 14367035 13925976
via: 1.1 varnish (Varnish/6.5)
cache-control: public, max-age=900
accept-ranges: bytes
content-type: text/css;charset=UTF-8
x-time: 0.020
expires: Tue, 19 Jul 2022 07:24:11 GMT

GET
H2 200 custom.js Show response
test-billetterie.zoobeauval.com/custom/ZPDB_TSTP/ 1 KB
1 KB 22ms
21ms Script
application/x-javascript 193.72.147.242
SAFEHOSTNET Coloc...

General

Check archive.org

Show headers Download Go to

Full URL

https://test-billetterie.zoobeauval.com/custom/ZPDB_TSTP/custom.js

Requested by

Host: test-billetterie.zoobeauval.com
URL: https://test-billetterie.zoobeauval.com/content

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.72.147.242 Lausanne, Switzerland, ASN21217 (SAFEHOSTNET Colocation center in Geneva, CH),

Reverse DNS

p20-shop.secutix.com

Software

nginx /

Resource Hash

fb99aa63424ac93343a114266ecab50f1083b340ff1c636e0c5be13dd03551ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://test-billetterie.zoobeauval.com/content
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 07:09:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1
x-auth-token: c05fa86e-d883-4d48-bf03-898dabc0c872
content-disposition: inline;filename=f.txt
vary: Accept-Encoding
content-length: 604
x-xss-protection: 1; mode=block
pragma: Public
last-modified: Sun, 17 Jul 2022 20:23:10 GMT
server: nginx
x-amzn-trace-id: Root=1-00000000-000000000000000000000000;
strict-transport-security: max-age=31536000 ; includeSubDomains
x-varnish: 14019570 13825415
via: 1.1 varnish (Varnish/6.5)
cache-control: public, max-age=900
accept-ranges: bytes
content-type: application/x-javascript;charset=UTF-8
x-time: 0.020
expires: Tue, 19 Jul 2022 07:24:11 GMT

GET
H2 200 Widgets.js Show response
zpdb.widgets.secutix.com/stx-widgets/v2/ 152 KB
153 KB 124ms
18ms Script
application/javascript 2600:9000:225a:a00:15:3831:ac40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://zpdb.widgets.secutix.com/stx-widgets/v2/Widgets.js
Requested by: Host: test-billetterie.zoobeauval.com
URL: https://test-billetterie.zoobeauval.com/content
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225a:a00:15:3831:ac40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5831408c97d8c827a8095b24b803a3886d0e6719feab4816aa1db9166b0e4e4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://test-billetterie.zoobeauval.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 06:46:55 GMT
content-encoding: utf-8
last-modified: Thu, 14 Jul 2022 04:13:47 GMT
server: AmazonS3
age: 1338
etag: "5a0b7acbf8aa31ff72d0c9590c5b6d9b"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b7fabb5a327e018775ea26a6f65c6e10.cloudfront.net (CloudFront)
cache-control: public, max-age=900, must-revalidate
x-amz-cf-pop: TXL50-P1
accept-ranges: bytes
content-length: 155925
x-amz-cf-id: Sz1b7B3iUVnj0ZI7RiUxPgEmCu6iyLxwCl0MGEfObyJrCQOY5ETh4w==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 258 KB
81 KB 61ms
38ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TP4FF5

Requested by

Host: test-billetterie.zoobeauval.com
URL: https://test-billetterie.zoobeauval.com/content

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3c572ac614697fd3d72efa64f8d268f2ecccfab8f99acb375c40df685ff9f1a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://test-billetterie.zoobeauval.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 07:09:12 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82599
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 19 Jul 2022 07:09:12 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 31ms
8ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TP4FF5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://test-billetterie.zoobeauval.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 196
date: Tue, 19 Jul 2022 07:05:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 19 Jul 2022 09:05:57 GMT

GET
H2 200 hmx000000000157.js Show response
u360.d-bi.fr/ 10 KB
4 KB 125ms
30ms Script
application/javascript 52.213.248.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://u360.d-bi.fr/hmx000000000157.js

Requested by

Host: test-billetterie.zoobeauval.com
URL: https://test-billetterie.zoobeauval.com/content

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.248.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-248-76.eu-west-1.compute.amazonaws.com

Software

hmxps /

Resource Hash

084446bdd8ce8081d5514f2ea07553650584fc133790d769df53a072486a495f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://test-billetterie.zoobeauval.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 07:09:13 GMT
cache-control: public, max-age=60
x-myname: 0241a83f107dc0534
server: hmxps
content-encoding: gzip
strict-transport-security: max-age=63072000
content-type: application/javascript

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 27ms
9ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: test-billetterie.zoobeauval.com
URL: https://test-billetterie.zoobeauval.com/content

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6e164ad4aa1f1905c44c2e4e57088f313738d18320a99a7e6a984b862523d96d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://test-billetterie.zoobeauval.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26001
x-xss-protection: 0
pragma: public
x-fb-debug: EyqYVUzcTjsY2zBYpCqwgKrDc98hyStuCX0YfIume5X6AeI9qmipo3gfEULX0xzZlcbV9sxSLHq8Qk9GUKGfXQ==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 19 Jul 2022 07:09:13 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 hotjar-1259905.js Show response
static.hotjar.com/c/ 6 KB
3 KB 80ms
28ms Script
application/javascript 18.66.2.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1259905.js?sv=6

Requested by

Host: test-billetterie.zoobeauval.com
URL: https://test-billetterie.zoobeauval.com/content

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.2.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-2-17.txl50.r.cloudfront.net

Software

Resource Hash

2ab87ad1b50c6951428239d5b72838f6a28387f44083a1acf6c91e190c998a11

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://test-billetterie.zoobeauval.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 07:08:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-origin: *
x-cache-hit: 1
etag: W/6ae842eafca4b18c28710abff2383223
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 1444224b4b97d67af7507c4e96f65844.cloudfront.net (CloudFront)
cache-control: max-age=60
x-amz-cf-pop: TXL50-P1
x-amz-cf-id: puhSGVecA9ZnQhqOWAiV72hPq9o4vavCez8Zn2Y_jBe7evwRtakAyw==

GET
H/1.1 200
OK / Show response
u.logbor.com/p/ 6 KB
3 KB 104ms
35ms Script
text/javascript 89.185.38.89
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL

https://u.logbor.com/p/?i=3096&n=__dot

Requested by

Host: test-billetterie.zoobeauval.com
URL: https://test-billetterie.zoobeauval.com/content

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

89.185.38.89 Paris, France, ASN8426 (CLARANET-AS ClaraNET LTD, GB),

Reverse DNS

Software

nginx /

Resource Hash

24f5d63c24e5d79084f242fbe8f2c179d8229e4192b8c6cd6c1a691774e6690b

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://test-billetterie.zoobeauval.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 07:09:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
ETag: W/"181e-OZXwEmFvwHeJNpNZjKfOl1ZCh3I"
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Connection: keep-alive
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=86400
X-DNS-Prefetch-Control: off
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H2 200 hotjar-1506934.js Show response
static.hotjar.com/c/ 4 KB
2 KB 80ms
29ms Script
application/javascript 18.66.2.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1506934.js?sv=6

Requested by

Host: test-billetterie.zoobeauval.com
URL: https://test-billetterie.zoobeauval.com/content

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.2.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-2-17.txl50.r.cloudfront.net

Software

Resource Hash

f052a607071522abcd0cf22b96a37b83bfe48667249645724762445315954fc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://test-billetterie.zoobeauval.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
age: 37
x-cache: Hit from cloudfront
date: Tue, 19 Jul 2022 07:09:13 GMT
cross-origin-resource-policy: cross-origin
via: 1.1 1444224b4b97d67af7507c4e96f65844.cloudfront.net (CloudFront)
cache-control: max-age=60
etag: W/384c461c5bdfffd042f5ab334d631ef3
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-pop: TXL50-P1
x-amz-cf-id: j00UuYXrtHF7mOD_shuLyvD8SVVHz1S7MEE6ejkHgp7qofegxNJsNQ==

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 55 KB
15 KB 61ms
13ms Script
application/javascript 199.232.188.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: test-billetterie.zoobeauval.com
URL: https://test-billetterie.zoobeauval.com/content
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: aa6959acd3d64822ef7379e437fce6b84a5cd3169003e955e2fffbdb2526d086

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://test-billetterie.zoobeauval.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 07:09:13 GMT
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 16:20:35 GMT
etag: "f345fa1999011d396bda3b2c6fafc302+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 15166
x-served-by: cache-iad-kiad7000059-IAD, cache-muc13925-MUC

GET
H/1.1 200
OK pixie.js Show response
acdn.adnxs.com/dmp/up/ 9 KB
4 KB 29ms
7ms Script
application/javascript 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/up/pixie.js
Requested by: Host: test-billetterie.zoobeauval.com
URL: https://test-billetterie.zoobeauval.com/content
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://test-billetterie.zoobeauval.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 07:09:13 GMT
Content-Encoding: gzip
Age: 4418
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 3340
X-Served-By: cache-lga21969-LGA, cache-hhn4071-HHN
Access-Control-Allow-Origin: *
Last-Modified: Wed, 02 Jun 2021 15:04:00 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Timer: S1658214553.027801,VS0,VE0
ETag: W/"60b79de0-23b3"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Fri, 01 Oct 2021 05:45:37 GMT
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 1, 1158

GET
H/1.1 200
OK DI.Journey-min.js Show response
t.mydialoginsight.com/js/Journey/1/pgUAAGZ1ZDFXR6s0AABsbjhMN1WMAQAA/ 37 KB
10 KB 140ms
26ms Script
application/javascript 104.254.152.3
RSI-FR-SITE2

General

Check archive.org

Show headers Download Go to

Full URL: https://t.mydialoginsight.com/js/Journey/1/pgUAAGZ1ZDFXR6s0AABsbjhMN1WMAQAA/DI.Journey-min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TP4FF5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 104.254.152.3 , Canada, ASN399041 (RSI-FR-SITE2, CA),
Reverse DNS: t.mydialoginsight.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5d42d2032306b32565dcb4d7131b7d9d12331e80e91182586b5d0fcfb4bcd920

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://test-billetterie.zoobeauval.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 07:09:12 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
ETag: -448400872
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=900
Content-Length: 9697

GET
H/1.1 200
OK mt.js Show response
asset.easydmp.net/mt/squadata/ 8 KB
4 KB 115ms
18ms Script
application/javascript 2001:41d0:301:100:145:239:193:53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://asset.easydmp.net/mt/squadata/mt.js?t=230308

Requested by

Host: test-billetterie.zoobeauval.com
URL: https://test-billetterie.zoobeauval.com/content

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:301:100:145:239:193:53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

d3808618a578edbd95df72fb31f62c1b0d51add9affe0ea9704997b9a442bf10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://test-billetterie.zoobeauval.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 07:09:13 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Jul 2022 15:28:39 GMT
X-IPLB-Request-ID: 00000000:AB0C_00000000:01BB_62D65899_4E6CC8A:2F341
ETag: "62d57c27-c54"
X-IPLB-Instance: 25256
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: max-age=900, s-maxage=900, public
Content-Type: application/javascript; charset=utf-8
Content-Length: 3156

GET
H2 200 zoobeauval.gif
api.optinproject.com/rt/visit/ 43 B
689 B 118ms
37ms Image
image/gif 108.128.115.204
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.optinproject.com/rt/visit/zoobeauval.gif?gtmcb=694552923
Requested by: Host: test-billetterie.zoobeauval.com
URL: https://test-billetterie.zoobeauval.com/content
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.115.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-115-204.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://test-billetterie.zoobeauval.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 07:09:13 GMT
cache-control: must_revalidate, no_cache, no_store, post_check="", pre_check="", private
x-correlation-id: e4ea79f9-d738-4c7b-a892-133222ac2bcf
server: nginx
content-type: image/gif

GET
H/1.1 200
OK open
ads.mediasmart.es/m/ 3 B
216 B 402ms
96ms Image
text/plain 34.239.191.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.mediasmart.es/m/open?id=&ms_event_num=1&udid=s%3A%2F%2Ftest-billetterie.zoobeauval.com%2Fcontent&burst=1658214552998
Requested by: Host: test-billetterie.zoobeauval.com
URL: https://test-billetterie.zoobeauval.com/content
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.191.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-191-205.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://test-billetterie.zoobeauval.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Tue, 19 Jul 2022 07:09:13 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 3
Expires: 0

GET
H2 200 manifest.json Show response
zpdb.widgets.secutix.com/stx-widgets/v2/ 2 KB
3 KB 126ms
93ms XHR
application/json 2600:9000:225a:a00:15:3831:ac40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://zpdb.widgets.secutix.com/stx-widgets/v2/manifest.json?ts=1658214553059
Requested by: Host: zpdb.widgets.secutix.com
URL: https://zpdb.widgets.secutix.com/stx-widgets/v2/Widgets.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225a:a00:15:3831:ac40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 345f2ed529695b036e90be5fdc3fb9e4f1cd8e1c4ee7d55961735474a459d62c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://test-billetterie.zoobeauval.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 07:09:14 GMT
content-encoding: utf-8
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: TXL50-P1
x-cache: Miss from cloudfront
content-length: 2372
access-control-allow-origin: *
last-modified: Thu, 14 Jul 2022 04:13:47 GMT
server: AmazonS3
etag: "31887746a20050a9fb8d50ffb47d441d"
access-control-max-age: 0
access-control-allow-methods: GET, POST
content-type: application/json
via: 1.1 22aa51e74fb02e10dd4d8353100e9be0.cloudfront.net (CloudFront)
cache-control: public, max-age=900, must-revalidate
accept-ranges: bytes
x-amz-cf-id: 7HF3-iglWZvuVtw9POslhIgvMlfWgAJIonArao5TwQUx4NXGyFPLYg==

GET
H/1.1 200
OK pixie
ib.adnxs.com/ 42 B
349 B 49ms
13ms Image
image/gif 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/pixie?e=PageView&pi=ddcec27a-9898-4455-b7e5-278e2e83c650&it=1658214553061&v=0.0.20&u=https%3A%2F%2Ftest-billetterie.zoobeauval.com%2Fcontent&st=1658214553061&et=1658214553061&if=0
Requested by: Host: test-billetterie.zoobeauval.com
URL: https://test-billetterie.zoobeauval.com/content
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software: nginx/1.21.3 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://test-billetterie.zoobeauval.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 07:09:13 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx/1.21.3
Connection: keep-alive
X-Proxy-Origin: 138.199.38.133; 138.199.38.133; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 200
OK open
3ma79ae7cua.com/m/ 3 B
216 B 396ms
95ms Image
text/plain 34.195.1.78
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3ma79ae7cua.com/m/open?id=&ms_event_num=1&udid=s://test-billetterie.zoobeauval.com/content&burst=1658214553066
Requested by: Host: test-billetterie.zoobeauval.com
URL: https://test-billetterie.zoobeauval.com/content
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.1.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-1-78.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://test-billetterie.zoobeauval.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Tue, 19 Jul 2022 07:09:13 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 3
Expires: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
452 B 53ms
18ms XHR
text/plain 2a00:1450:400c:c0a::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-6469860-5&cid=1593462165.1658214553&jid=988129081&gjid=1188276168&_gid=906297427.1658214553&_u=YGBAiEABBAAAAE~&z=1808977711

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://test-billetterie.zoobeauval.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 19 Jul 2022 07:09:13 GMT
content-type: text/plain
access-control-allow-origin: https://test-billetterie.zoobeauval.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 7ms
7ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=403856866&t=pageview&_s=1&dl=https%3A%2F%2Ftest-billetterie.zoobeauval.com%2Fcontent&ul=en-us&de=UTF-8&dt=ZooParc%20de%20Beauval%20-%20Ventes%20de%20billets%20en%20ligne&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEABB~&jid=988129081&gjid=1188276168&cid=1593462165.1658214553&tid=UA-6469860-5&_gid=906297427.1658214553&gtm=2wg7i0TP4FF5&z=1439245074

Requested by

Host: test-billetterie.zoobeauval.com
URL: https://test-billetterie.zoobeauval.com/content

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://test-billetterie.zoobeauval.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Jul 2022 21:57:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 33124
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 484022875128661 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/484022875128661?v=2.9.65&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d6a2d499cffaaba0547f2f429fb4c8969b1cc9f11589f92d93d223f0b95cb33c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://test-billetterie.zoobeauval.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85637
x-xss-protection: 0
pragma: public
x-fb-debug: xoGdCd18BhRS7F0+WIeuuAggwFtprSwbu/w40TzA9B7XpXY96kv8NGBhDZKjqxI6t96gqqZavXul91z6dgpZ0w==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 19 Jul 2022 07:09:13 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
337 B 143ms
119ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=ce821868-3b56-4f27-b272-c2ea91980664&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=41fa4956-ed68-4f21-bf7b-c6f1cab35fb7&tw_document_href=https%3A%2F%2Ftest-billetterie.zoobeauval.com%2Fcontent&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o394g&type=javascript&version=2.4.12

Requested by

Host: test-billetterie.zoobeauval.com
URL: https://test-billetterie.zoobeauval.com/content

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://test-billetterie.zoobeauval.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-response-time: 112
date: Tue, 19 Jul 2022 07:09:12 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: fe1907c3aab2065cc78a44dfd0bd8bd7ccf417a2d626de8f870652a200ba589f
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
354 B 147ms
113ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=ce821868-3b56-4f27-b272-c2ea91980664&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=41fa4956-ed68-4f21-bf7b-c6f1cab35fb7&tw_document_href=https%3A%2F%2Ftest-billetterie.zoobeauval.com%2Fcontent&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o394g&type=javascript&version=2.4.12

Requested by

Host: test-billetterie.zoobeauval.com
URL: https://test-billetterie.zoobeauval.com/content

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://test-billetterie.zoobeauval.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-response-time: 105
date: Tue, 19 Jul 2022 07:09:12 GMT
server: tsa_o
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 007bed179ec5e510820246acf5405d0fdc0c8108a7a1109c036fa79de1525a48
content-length: 43

GET
H2 200 modules.19a1bc5ec8df84a3470e.js Show response
script.hotjar.com/ 246 KB
64 KB 34ms
8ms Script
application/javascript 18.66.112.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.19a1bc5ec8df84a3470e.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1259905.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-122.fra56.r.cloudfront.net

Software

Resource Hash

1d44c70e9b719bf6984e7cbaaf6027d12d05ada6ffdebd0bea9ce018b28b10e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://test-billetterie.zoobeauval.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 10:25:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74647
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains
content-length: 64601
access-control-allow-origin: *
last-modified: Mon, 18 Jul 2022 10:24:19 GMT
etag: "818397aba2bb3d5a64e919a30e128d23"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: fgwk82yNkjZS_4f8nlDK5rbyffUlBr1IneRca3RTUt5KKHN6UzS-Vg==

GET
H/1.1 200
OK tcs Show response
u.logbor.com/ 7 KB
2 KB 28ms
27ms Script
text/javascript 89.185.38.89
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL

https://u.logbor.com/tcs?cxid=3096&cu=https%3A%2F%2Ftest-billetterie.zoobeauval.com%2Fcontent&d_categoryID=

Requested by

Host: u.logbor.com
URL: https://u.logbor.com/p/?i=3096&n=__dot

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

89.185.38.89 Paris, France, ASN8426 (CLARANET-AS ClaraNET LTD, GB),

Reverse DNS

Software

nginx /

Resource Hash

2cf85235b77c575da50ef4ddf35f85f781825a3a3be8e976542d49b8247630d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://test-billetterie.zoobeauval.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 07:09:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
ETag: W/"1dcf-saI2a5uZ0r3HAhUaGv9o658Wc28"
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Connection: keep-alive
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=86400
X-DNS-Prefetch-Control: off
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 27ms
5ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=484022875128661&ev=PageView&dl=https%3A%2F%2Ftest-billetterie.zoobeauval.com%2Fcontent&rl=&if=false&ts=1658214553120&sw=1600&sh=1200&v=2.9.65&r=stable&ec=0&o=30&fbp=fb.1.1658214553119.76592923&it=1658214553083&coo=false&exp=u0&rqm=GET

Requested by

Host: test-billetterie.zoobeauval.com
URL: https://test-billetterie.zoobeauval.com/content

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://test-billetterie.zoobeauval.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 07:09:13 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Tue, 19 Jul 2022 07:09:13 GMT

GET
H/1.1 200
OK client.js Show response
asset.easydmp.net/js/ 11 KB
5 KB 18ms
18ms Script
application/javascript 2001:41d0:301:100:145:239:193:53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://asset.easydmp.net/js/client.js?t=230308

Requested by

Host: asset.easydmp.net
URL: https://asset.easydmp.net/mt/squadata/mt.js?t=230308

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:301:100:145:239:193:53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

77760c8bd5c4a66cd047d267874d928bfbc0ca249afc3c9422b33f1351b090b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://test-billetterie.zoobeauval.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 07:09:13 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Jul 2022 15:28:39 GMT
X-IPLB-Request-ID: 00000000:AB0C_00000000:01BB_62D65899_4E6CC8D:2F341
ETag: "62d57c27-104a"
X-IPLB-Instance: 25256
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: max-age=900, s-maxage=900, public
Content-Type: application/javascript; charset=utf-8
Content-Length: 4170

GET
H2 200 000000000157.gif
u360.d-bi.fr/ 43 B
255 B 31ms
30ms Image
image/gif 52.213.248.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u360.d-bi.fr/000000000157.gif?c=7C8CDBCA9DDEEFCC6944D7D81377BF94-55346d9d2972&cgen=1&step=b3RoZXI=&hmxtagid=4.3.0&u=aHR0cHM6Ly90ZXN0LWJpbGxldHRlcmllLnpvb2JlYXV2YWwuY29tL2NvbnRlbnQ=&hmxts=1658214553125&hmxtzoffset=MA==&hmxtzname=RXRjL1Vua25vd24=&navlang=ZW4tVVM=&hmxdnt=MA==&r=&hmx_send_ts=1658214553128&hmx_new_session=1
Requested by: Host: test-billetterie.zoobeauval.com
URL: https://test-billetterie.zoobeauval.com/content
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.248.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-248-76.eu-west-1.compute.amazonaws.com
Software: hmxps /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://test-billetterie.zoobeauval.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 19 Jul 2022 07:09:13 GMT
cache-control: private, no-cache, no-cache=Set-Cookie, must-revalidate, proxy-revalidate
server: hmxps
content-type: image/gif
x-myname: 0086a0ce806663935
expires: Mon, 21 Jan 1980 12:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 59ms
31ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-6469860-5&cid=1593462165.1658214553&jid=988129081&_u=YGBAiEABBAAAAE~&z=12322139

Requested by

Host: test-billetterie.zoobeauval.com
URL: https://test-billetterie.zoobeauval.com/content

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://test-billetterie.zoobeauval.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 07:09:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 52ms
28ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-6469860-5&cid=1593462165.1658214553&jid=988129081&_u=YGBAiEABBAAAAE~&z=12322139

Requested by

Host: test-billetterie.zoobeauval.com
URL: https://test-billetterie.zoobeauval.com/content

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://test-billetterie.zoobeauval.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 07:09:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

retarget Show response
ad.ad-srv.net/ Frame 5991
Redirect Chain

https://ad.ad-srv.net/retarget?a=51897&version=1&segment=
https://ad.ad-srv.net/retarget?a=51897&version=1&segment=&redirected=1

856 B
923 B

57ms
32ms

Document
text/html

144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/retarget?a=51897&version=1&segment=&redirected=1
Requested by: Host: u.logbor.com
URL: https://u.logbor.com/p/?i=3096&n=__dot
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 7f6b4e736d48ac648dc094befb833dc88b801fcec0169685ddfa4283e3cb40e7

Request headers

Referer: https://test-billetterie.zoobeauval.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: close
Content-Encoding: gzip
Content-Length: 403
Content-Type: text/html; charset=UTF-8
Date: Tue, 19 Jul 2022 07:09:13 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Tue, 19 Jul 2022 07:09:13 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Location: ?a=51897&version=1&segment=&redirected=1
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache

GET
H/1.1

200
OK

product.d Show response
js.sddan.com/
Redirect Chain

https://js.cookieless-data.com/product.d?pa=22808&u=https%3A%2F%2Ftest-billetterie.zoobeauval.com%2Fcontent&r=&product_id=%7BproductID%7D&product_name=PRODUCT_NAME&product_price=PRODUCT_PRICE&cat_n...
https://js.sddan.com/product.d?pa=22808&u=https%3A%2F%2Ftest-billetterie.zoobeauval.com%2Fcontent&r=&product_id=%7BproductID%7D&product_name=PRODUCT_NAME&product_price=PRODUCT_PRICE&cat_name=
https://js.sddan.com/product.d?pa=22808&u=https%3A%2F%2Ftest-billetterie.zoobeauval.com%2Fcontent&r=&product_id=%7BproductID%7D&product_name=PRODUCT_NAME&product_price=PRODUCT_PRICE&cat_name=&bounce=1

10 KB
4 KB

34ms
34ms

Script
text/javascript

51.158.29.12
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://js.sddan.com/product.d?pa=22808&u=https%3A%2F%2Ftest-billetterie.zoobeauval.com%2Fcontent&r=&product_id=%7BproductID%7D&product_name=PRODUCT_NAME&product_price=PRODUCT_PRICE&cat_name=&bounce=1

Requested by

Host: test-billetterie.zoobeauval.com
URL: https://test-billetterie.zoobeauval.com/content

Protocol

HTTP/1.1

Server

51.158.29.12 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

51-158-29-12.rev.poneytelecom.eu

Software

nginx/1.20.2 /

Resource Hash

6adbf9825bc30f83630f065d7900115b63f8a4c0519a0c30806331cc30d14353

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://test-billetterie.zoobeauval.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Jul 2022 07:09:13 GMT
Content-Encoding: gzip
Server: nginx/1.20.2
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
P3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Type: text/javascript
X-Xss-Protection: 0
Expires: Tue, 01 Jan 2000 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 19 Jul 2022 07:09:13 GMT
Server: nginx/1.20.2
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
P3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://js.sddan.com/product.d?pa=22808&u=https%3A%2F%2Ftest-billetterie.zoobeauval.com%2Fcontent&r=&product_id=%7BproductID%7D&product_name=PRODUCT_NAME&product_price=PRODUCT_PRICE&cat_name=&bounce=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 0
X-Xss-Protection: 0
Expires: Tue, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

retarget Show response
hal9000.redintelligence.net/ Frame DFA7
Redirect Chain

https://hal9000.redintelligence.net/retarget?a=52807&version=1&segment=
https://hal9000.redintelligence.net/retarget?a=52807&version=1&segment=&redirected=1

3 KB
1 KB

50ms
26ms

Document
text/html

88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/retarget?a=52807&version=1&segment=&redirected=1
Requested by: Host: test-billetterie.zoobeauval.com
URL: https://test-billetterie.zoobeauval.com/content
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 03fe7a72e5acc16271263cdbc81ffd4e906ed18d1f921144aae6b61676769257

Request headers

Referer: https://test-billetterie.zoobeauval.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: close
Content-Encoding: gzip
Content-Length: 872
Content-Type: text/html; charset=UTF-8
Date: Tue, 19 Jul 2022 07:09:13 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Tue, 19 Jul 2022 07:09:13 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Location: ?a=52807&version=1&segment=&redirected=1
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache

GET
H/1.1 200
OK MerriweatherSans-Regular.woff2
s3.eu-central-1.amazonaws.com/content-secutix-com/ZPDB/fonts/MerriweatherSans/ 27 KB
28 KB 62ms
23ms Font
binary/octet-stream 52.219.47.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.eu-central-1.amazonaws.com/content-secutix-com/ZPDB/fonts/MerriweatherSans/MerriweatherSans-Regular.woff2
Requested by: Host: test-billetterie.zoobeauval.com
URL: https://test-billetterie.zoobeauval.com/custom/ZPDB_TSTP/custom.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.47.27 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.eu-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e77125f3854327ee6cefbb1c71632ee3f3f3ccafc6f94dd90e2c761de71e0144

Request headers

Referer: https://test-billetterie.zoobeauval.com/
Origin: https://test-billetterie.zoobeauval.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 07:09:14 GMT
Last-Modified: Thu, 19 Mar 2020 04:18:12 GMT
Server: AmazonS3
x-amz-request-id: 1T5S21P39ZN3Q4YF
ETag: "0687797cdedb69a76c271d2c24ecc48a"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Accept-Ranges: bytes
Content-Length: 28036
x-amz-id-2: BNIjPDmuaXKOdkv0eYS6CGMH2qv5TieMxR1LqROhXz4G8ZIouOdgLA7SDaXx68s1+BdYRlrMnGs=

GET
H2 200 box-0004cb77850b00d4aa7e1e08ff61e8f0.html Show response
vars.hotjar.com/ Frame 8A05 2 KB
1 KB 35ms
7ms Document
text/html 18.66.139.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-0004cb77850b00d4aa7e1e08ff61e8f0.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1259905.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-40.fra60.r.cloudfront.net

Software

Resource Hash

cbbfda74ce57788b9a3877e57fb6ccd91c2e8db043acc08b0091a4ee7509f489

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://test-billetterie.zoobeauval.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 320226
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 15 Jul 2022 14:12:07 GMT
etag: "d2caf2e569940c65a88268a169f3facf"
last-modified: Fri, 15 Jul 2022 14:11:55 GMT
strict-transport-security: max-age=86400; includeSubDomains
vary: Accept-Encoding
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
x-amz-cf-id: 3D5thiU8sZlIeTehLPpCAD5Cyp-_Ocr_Sx7lI2oIkVHG2xqgrdEdyw==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H/1.1 200
OK client_iframe.html Show response
asset.easydmp.net/ Frame 76AA 26 KB
9 KB 38ms
37ms Document
text/html 2001:41d0:301:100:145:239:193:53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://asset.easydmp.net/client_iframe.html?t=230308

Requested by

Host: asset.easydmp.net
URL: https://asset.easydmp.net/js/client.js?t=230308

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:301:100:145:239:193:53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

57c13ea5f4d0389107637297dbea055387d8c611892739671df017456668d9c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://test-billetterie.zoobeauval.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=900, s-maxage=900, public
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 19 Jul 2022 07:09:13 GMT
ETag: W/"62d57c27-6431"
Last-Modified: Mon, 18 Jul 2022 15:28:39 GMT
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
X-IPLB-Instance: 25256
X-IPLB-Request-ID: 00000000:AB0C_00000000:01BB_62D65899_4E6CC91:2F341

GET
H2 200 vendor.04cc4a6b27a702ef16d4.js Show response
zpdb.widgets.secutix.com/stx-widgets/v2/ 210 KB
211 KB 19ms
19ms Script
application/javascript 2600:9000:225a:a00:15:3831:ac40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://zpdb.widgets.secutix.com/stx-widgets/v2/vendor.04cc4a6b27a702ef16d4.js
Requested by: Host: zpdb.widgets.secutix.com
URL: https://zpdb.widgets.secutix.com/stx-widgets/v2/Widgets.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225a:a00:15:3831:ac40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e29983eaa22792abf3d5807830565ac48c3a1b3e55b90fd12652a498346971e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://test-billetterie.zoobeauval.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 06:46:55 GMT
content-encoding: utf-8
last-modified: Thu, 14 Jul 2022 04:13:47 GMT
server: AmazonS3
age: 1339
etag: "cb36c524340a391d61e0aa16b723c03a"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b7fabb5a327e018775ea26a6f65c6e10.cloudfront.net (CloudFront)
cache-control: public, max-age=900, must-revalidate
x-amz-cf-pop: TXL50-P1
accept-ranges: bytes
content-length: 214947
x-amz-cf-id: kIW_hEaXNH0qc2EH8htf1jlaHCmxuzyzGJRd6PvVl3LX7vmINHBSAw==

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1259905/ 147 B
323 B 102ms
34ms XHR
application/json 99.80.161.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1259905/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.19a1bc5ec8df84a3470e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.161.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-161-153.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d2e4914ae962acd061798de5379f9e74b461e90543002cf3f284d6a29dcd5f23

Request headers

Referer: https://test-billetterie.zoobeauval.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Tue, 19 Jul 2022 07:09:13 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame DFA7 671 B
1 KB 53ms
22ms Script
text/javascript 104.90.104.250
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1551320&mt_adid=246964&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=52807&version=1&segment=&redirected=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.90.104.250 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-104-250.deploy.static.akamaitechnologies.com
Software: MT3 4475 c1dc35a master cdg-pixel-x34 config:1.0.0 /
Resource Hash: b612d85c77aed8c058d29f0e53519b09cab7cbd4576c6f22595bd00bcd740b5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 07:09:13 GMT
Server: MT3 4475 c1dc35a master cdg-pixel-x34 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 671
Expires: Tue, 19 Jul 2022 07:09:12 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame DFA7 671 B
1 KB 52ms
21ms Script
text/javascript 104.90.104.250
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1406081&mt_adid=216536&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=52807&version=1&segment=&redirected=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.90.104.250 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-104-250.deploy.static.akamaitechnologies.com
Software: MT3 4475 c1dc35a master zrh-pixel-x2 config:1.0.0 /
Resource Hash: b612d85c77aed8c058d29f0e53519b09cab7cbd4576c6f22595bd00bcd740b5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 07:09:13 GMT
Server: MT3 4475 c1dc35a master zrh-pixel-x2 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 671
Expires: Tue, 19 Jul 2022 07:09:12 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame DFA7 671 B
1 KB 67ms
44ms Script
text/javascript 104.90.104.250
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1393997&mt_adid=216536&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=52807&version=1&segment=&redirected=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.90.104.250 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-104-250.deploy.static.akamaitechnologies.com
Software: MT3 4475 c1dc35a master zrh-pixel-x11 config:1.0.0 /
Resource Hash: b612d85c77aed8c058d29f0e53519b09cab7cbd4576c6f22595bd00bcd740b5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 07:09:13 GMT
Server: MT3 4475 c1dc35a master zrh-pixel-x11 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 671
Expires: Tue, 19 Jul 2022 07:09:12 GMT

GET
H3

200

activityi;dc_pre=CMG8p8uyhPkCFfL-1QodQm4L1w;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;... Show response
5994599.fls.doubleclick.net/ Frame 82BF
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7...
https://5994599.fls.doubleclick.net/activityi;dc_pre=CMG8p8uyhPkCFfL-1QodQm4L1w;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;g...

566 B
456 B

31ms
18ms

Document
text/html

142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CMG8p8uyhPkCFfL-1QodQm4L1w;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=2148678597874.616?

Requested by

Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=52807&version=1&segment=&redirected=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

d203f4cb5fdf611d2bb896535a553c540f2daae370237449fb7079e1a669e208

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hal9000.redintelligence.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 431
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Jul 2022 07:09:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Jul 2022 07:09:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CMG8p8uyhPkCFfL-1QodQm4L1w;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=2148678597874.616?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

activityi;dc_pre=CJKYqMuyhPkCFUOr1QodfvMBKQ;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%... Show response
11868943.fls.doubleclick.net/ Frame 142D
Redirect Chain

https://11868943.fls.doubleclick.net/activityi;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_7...
https://11868943.fls.doubleclick.net/activityi;dc_pre=CJKYqMuyhPkCFUOr1QodfvMBKQ;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%...

569 B
460 B

33ms
20ms

Document
text/html

142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11868943.fls.doubleclick.net/activityi;dc_pre=CJKYqMuyhPkCFUOr1QodfvMBKQ;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=3076420229520.145?

Requested by

Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=52807&version=1&segment=&redirected=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

2ea045647b325726bcb678d2d2b31722ba18c4928466e7a46af6aed0c8aabf25

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hal9000.redintelligence.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 435
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Jul 2022 07:09:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Jul 2022 07:09:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11868943.fls.doubleclick.net/activityi;dc_pre=CJKYqMuyhPkCFUOr1QodfvMBKQ;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=3076420229520.145?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ Frame DFA7
Redirect Chain

https://track.adform.net/serving/scripts/trackpoint/async/
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

81 KB
30 KB

131ms
17ms

Script
application/javascript

37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=52807&version=1&segment=&redirected=1
Protocol: H2
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: ee94251fea8b03da5d0dc6f8489a529c1a2d2a031d874b0ec61866784e3c73c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 07:09:13 GMT
content-encoding: gzip
last-modified: Wed, 25 May 2022 11:34:23 GMT
server: nginx
x-amz-request-id: tx000000000000046c5f2bb-0062d65429-323354ba-default
etag: W/"552eeb5f0620fb6f56733d625b5e719e"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800

Redirect headers

location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date: Tue, 19 Jul 2022 07:09:13 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html

GET
H3

200

activityi;dc_pre=CJK9p8uyhPkCFWYWBgAdQhwAtw;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7... Show response
5994599.fls.doubleclick.net/ Frame C5F9
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755...
https://5994599.fls.doubleclick.net/activityi;dc_pre=CJK9p8uyhPkCFWYWBgAdQhwAtw;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D...

568 B
458 B

34ms
19ms

Document
text/html

142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CJK9p8uyhPkCFWYWBgAdQhwAtw;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=9041292214334.014?

Requested by

Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=52807&version=1&segment=&redirected=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

8daf41c9bdc939bf38a09b3018c88cda8b42140c95aef3f14af7a24244f16f29

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hal9000.redintelligence.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 433
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Jul 2022 07:09:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Jul 2022 07:09:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJK9p8uyhPkCFWYWBgAdQhwAtw;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=9041292214334.014?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

activityi;dc_pre=CJmXqMuyhPkCFQPC1QodROYLKA;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D... Show response
11868943.fls.doubleclick.net/ Frame 99AD
Redirect Chain

https://11868943.fls.doubleclick.net/activityi;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755...
https://11868943.fls.doubleclick.net/activityi;dc_pre=CJmXqMuyhPkCFQPC1QodROYLKA;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D...

566 B
459 B

35ms
19ms

Document
text/html

142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11868943.fls.doubleclick.net/activityi;dc_pre=CJmXqMuyhPkCFQPC1QodROYLKA;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=2582991028522.53?

Requested by

Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=52807&version=1&segment=&redirected=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

9f8d5940525680bbf16c7d8141cba069095dced3a16ca8c9d95636ad4d2edec8

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hal9000.redintelligence.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 434
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Jul 2022 07:09:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Jul 2022 07:09:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11868943.fls.doubleclick.net/activityi;dc_pre=CJmXqMuyhPkCFQPC1QodROYLKA;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=2582991028522.53?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
insight.adsrvr.org/track/pxl/ Frame 5991 70 B
261 B 110ms
35ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=2x96f27&ct=0:wwdtz02&fmt=4&gdpr=&gdpr_consent=
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/retarget?a=51897&version=1&segment=&redirected=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 07:09:13 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

activityi;dc_pre=CPmjqMuyhPkCFQPC1QodROYLKA;src=10165143;type=invmedia;cat=zoode0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=6654397948324.111 Show response
10165143.fls.doubleclick.net/ Frame F68B
Redirect Chain

https://10165143.fls.doubleclick.net/activityi;src=10165143;type=invmedia;cat=zoode0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=6654397948324.111?
https://10165143.fls.doubleclick.net/activityi;dc_pre=CPmjqMuyhPkCFQPC1QodROYLKA;src=10165143;type=invmedia;cat=zoode0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_conse...

519 B
423 B

21ms
20ms

Document
text/html

142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10165143.fls.doubleclick.net/activityi;dc_pre=CPmjqMuyhPkCFQPC1QodROYLKA;src=10165143;type=invmedia;cat=zoode0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=6654397948324.111?

Requested by

Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/retarget?a=51897&version=1&segment=&redirected=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

4377d600e17c606dabd4080abb902d27ae67db675ff4a1b6cc83bbc29452665d

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.ad-srv.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 398
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Jul 2022 07:09:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Jul 2022 07:09:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10165143.fls.doubleclick.net/activityi;dc_pre=CPmjqMuyhPkCFQPC1QodROYLKA;src=10165143;type=invmedia;cat=zoode0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=6654397948324.111?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 TicketShop.aff3f9e00b1eb879e679.js Show response
zpdb.widgets.secutix.com/stx-widgets/v2/ 2 MB
2 MB 19ms
18ms Script
application/javascript 2600:9000:225a:a00:15:3831:ac40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://zpdb.widgets.secutix.com/stx-widgets/v2/TicketShop.aff3f9e00b1eb879e679.js
Requested by: Host: zpdb.widgets.secutix.com
URL: https://zpdb.widgets.secutix.com/stx-widgets/v2/Widgets.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225a:a00:15:3831:ac40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b549d1e0a2cc26077a3fc10ad8d3a662fabea4b24b34f5c93ddfbf4aa7690b18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://test-billetterie.zoobeauval.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 06:46:56 GMT
content-encoding: utf-8
last-modified: Thu, 14 Jul 2022 04:13:47 GMT
server: AmazonS3
age: 1338
etag: "8429d2413f383180a2bba1e0cc2e00d0"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b7fabb5a327e018775ea26a6f65c6e10.cloudfront.net (CloudFront)
cache-control: public, max-age=900, must-revalidate
x-amz-cf-pop: TXL50-P1
accept-ranges: bytes
content-length: 1629588
x-amz-cf-id: eYGPoyXHoUgiG4wJ32auWsixddmu-LBn6jxseOvkYr8ParQjKc6R1Q==

GET
H/1.1 200
OK etag.php Show response
asset.easydmp.net/ Frame 76AA 0
416 B 34ms
34ms XHR
text/html 2001:41d0:301:100:145:239:193:53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://asset.easydmp.net/etag.php

Requested by

Host: asset.easydmp.net
URL: https://asset.easydmp.net/client_iframe.html?t=230308

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:301:100:145:239:193:53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/javascript, text/html, application/xml, text/xml, */*
Cache-Control: only-if-cached
Referer: https://asset.easydmp.net/client_iframe.html?t=230308
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 07:09:13 GMT
Content-Encoding: gzip
X-IPLB-Request-ID: 00000000:AB0C_00000000:01BB_62D65899_4E6CC93:2F341
X-IPLB-Instance: 25256
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: private, max-age=31536000
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame DFA7 43 B
525 B 21ms
21ms Image
image/gif 104.90.104.250
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=52807&version=1&segment=&redirected=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.90.104.250 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-104-250.deploy.static.akamaitechnologies.com
Software: MT3 4475 c1dc35a master cdg-pixel-x28 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 07:09:13 GMT
Server: MT3 4475 c1dc35a master cdg-pixel-x28 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 19 Jul 2022 07:09:12 GMT

POST
H/1.1 200
OK collect_v3.php Show response
asset.easydmp.net/ Frame 76AA 109 B
569 B 27ms
27ms XHR
application/json 2001:41d0:301:100:145:239:193:53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://asset.easydmp.net/collect_v3.php

Requested by

Host: asset.easydmp.net
URL: https://asset.easydmp.net/client_iframe.html?t=230308

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:301:100:145:239:193:53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

3cc8437ce1286f586951d2da50636884d8c176d3074c4b90b16f73cafa31e537

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

X-Em-Info: {"storage":"none","testMode":false,"consentData":{"usedTcf":false,"consent":true}}
Accept: text/javascript, text/html, application/xml, text/xml, */*
Referer: https://asset.easydmp.net/client_iframe.html?t=230308
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Tue, 19 Jul 2022 07:09:13 GMT
Content-Encoding: gzip
X-IPLB-Request-ID: 00000000:AB0C_00000000:01BB_62D65899_4E6CC9F:2F341
X-UID: 165821455338453280
X-IPLB-Instance: 25256
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Content-Type: application/json
Expires: 0

GET
H/1.1 200
OK etag.php Show response
asset.easydmp.net/ Frame 76AA 84 B
530 B 18ms
18ms XHR
text/html 2001:41d0:301:100:145:239:193:53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://asset.easydmp.net/etag.php

Requested by

Host: asset.easydmp.net
URL: https://asset.easydmp.net/client_iframe.html?t=230308

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:301:100:145:239:193:53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

d092c748ae256adfdc021f3cc9bbcffbe43c9fc4a65b64bf64c2117c3d05b5ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/javascript, text/html, application/xml, text/xml, */*
Cache-Control: no-cache
FullWarning0: 000000000000000002:s:0:eJwLCnIT4cnkEOQrK08slpVm9WCO4Y0u8swrD6nj9JIvEBcptM6XBgCrKwld;
Referer: https://asset.easydmp.net/client_iframe.html?t=230308
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Warning: set

Response headers

Date: Tue, 19 Jul 2022 07:09:13 GMT
Content-Encoding: gzip
X-IPLB-Request-ID: 00000000:AB0C_00000000:01BB_62D65899_4E6CCA2:2F341
Etag: W/"1f1581880cfc3d3017fcd44b98cf438f"
X-IPLB-Instance: 25256
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: private, max-age=31536000
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CMG8p8uyhPkCFfL-1QodQm4L1w;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7... Frame B584 565 B
500 B 81ms
58ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CMG8p8uyhPkCFfL-1QodQm4L1w;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=2148678597874.616;~oref=https://hal9000.redintelligence.net/

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CMG8p8uyhPkCFfL-1QodQm4L1w;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=2148678597874.616?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb1bfb1fb991adf4f0fba74cb1546dd78f1898cf813cabfce1e66ced52d2d334

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5994599.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 430
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Jul 2022 07:09:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CJK9p8uyhPkCFWYWBgAdQhwAtw;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$... Frame CD10 567 B
501 B 64ms
56ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CJK9p8uyhPkCFWYWBgAdQhwAtw;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=9041292214334.014;~oref=https://hal9000.redintelligence.net/

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJK9p8uyhPkCFWYWBgAdQhwAtw;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=9041292214334.014?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63d148687b5d6c4c6f5d338f4204685ab19a21bb969f14b669365731250d122c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5994599.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 431
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Jul 2022 07:09:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CPmjqMuyhPkCFQPC1QodROYLKA;src=10165143;type=invmedia;cat=zoode0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=66543979... Frame 5DE7 518 B
467 B 63ms
57ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CPmjqMuyhPkCFQPC1QodROYLKA;src=10165143;type=invmedia;cat=zoode0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=6654397948324.111;~oref=https://ad.ad-srv.net/

Requested by

Host: 10165143.fls.doubleclick.net
URL: https://10165143.fls.doubleclick.net/activityi;dc_pre=CPmjqMuyhPkCFQPC1QodROYLKA;src=10165143;type=invmedia;cat=zoode0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=6654397948324.111?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4560f44c5872371bab68541e5006e773cf4da7c776319031a9c6460e8627e078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://10165143.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 397
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Jul 2022 07:09:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CJmXqMuyhPkCFQPC1QodROYLKA;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%... Frame E71B 565 B
502 B 62ms
57ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CJmXqMuyhPkCFQPC1QodROYLKA;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=2582991028522.53;~oref=https://hal9000.redintelligence.net/

Requested by

Host: 11868943.fls.doubleclick.net
URL: https://11868943.fls.doubleclick.net/activityi;dc_pre=CJmXqMuyhPkCFQPC1QodROYLKA;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=2582991028522.53?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa5a05e924f1c3bdd0570cdb6a5416baab50ab4314e5b9d5ff248105ae8d5524

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://11868943.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 432
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Jul 2022 07:09:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CJKYqMuyhPkCFUOr1QodfvMBKQ;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=... Frame 068F 568 B
902 B 60ms
56ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CJKYqMuyhPkCFUOr1QodfvMBKQ;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=3076420229520.145;~oref=https://hal9000.redintelligence.net/

Requested by

Host: 11868943.fls.doubleclick.net
URL: https://11868943.fls.doubleclick.net/activityi;dc_pre=CJKYqMuyhPkCFUOr1QodfvMBKQ;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=3076420229520.145?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

301b7ce5eeb65f044fc4066bc121982be99b4a1c555012afb40d3529a6f4e0ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://11868943.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 433
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Jul 2022 07:09:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK get_delivery_data.php Show response
asset.easydmp.net/ Frame 76AA 1 KB
1 KB 25ms
25ms XHR
application/json 2001:41d0:301:100:145:239:193:53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://asset.easydmp.net/get_delivery_data.php

Requested by

Host: asset.easydmp.net
URL: https://asset.easydmp.net/client_iframe.html?t=230308

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:301:100:145:239:193:53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

009dce7ee7388fd46107ab40c30612d259fcc3b6ccf871d859061c1af4d124d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

X-Em-Info: {"storage":"none","testMode":false,"consentData":{"usedTcf":false,"consent":true}}
Accept: text/javascript, text/html, application/xml, text/xml, */*
Referer: https://asset.easydmp.net/client_iframe.html?t=230308
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Tue, 19 Jul 2022 07:09:13 GMT
Content-Encoding: gzip
X-IPLB-Request-ID: 00000000:AB0C_00000000:01BB_62D65899_4E6CCA5:2F341
X-UID: 165821455338453280
X-IPLB-Instance: 25256
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Content-Type: application/json
Expires: 0

GET
H/1.1

200
OK

getuid&callback=sqdComActOnGetTcId&firsttime=1 Show response
sync.commander1.com/z2520P95U56206LPR8IfM6d95X4152EF/ Frame 76AA
Redirect Chain

https://sync.commander1.com/z2520P95U56206LPR8IfM6d95X4152EF/getuid&callback=sqdComActOnGetTcId
https://sync.commander1.com/z2520P95U56206LPR8IfM6d95X4152EF/getuid&callback=sqdComActOnGetTcId&firsttime=1

126 B
764 B

19ms
19ms

Script
text/javascript

15.237.16.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.commander1.com/z2520P95U56206LPR8IfM6d95X4152EF/getuid&callback=sqdComActOnGetTcId&firsttime=1
Requested by: Host: test-billetterie.zoobeauval.com
URL: https://test-billetterie.zoobeauval.com/content
Protocol: HTTP/1.1
Server: 15.237.16.53 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-15-237-16-53.eu-west-3.compute.amazonaws.com
Software: web /
Resource Hash: 30eab980ba3a67305e5abae5fec995477c603cf40882848547827bce786a9099

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://asset.easydmp.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: private
Date: Tue, 19 Jul 2022 07:09:13 GMT
Content-Encoding: gzip
Server: web
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=486000, pre-check=486000
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/javascript; charset=UTF-8', true
Expires: Mon, 17 Oct 22 09:09:13 +0200

Redirect headers

Pragma: private
Date: Tue, 19 Jul 2022 07:09:13 GMT
Server: web
location: https://sync.commander1.com/z2520P95U56206LPR8IfM6d95X4152EF/getuid&callback=sqdComActOnGetTcId&firsttime=1
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=486000, pre-check=486000
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Expires: Mon, 17 Oct 22 09:09:13 +0200

GET
H/1.1

200
OK

collect_v2.img.php
asset.easydmp.net/ Frame 1431
Redirect Chain

https://p.crm4d.com/sync/ematch/getuid?uid=165821455338453280&redirect=https://asset.easydmp.net/collect_v2.img.php?dmp%3Demdmpeasy%26p%3Dgraphinium%26c4d_uid%3D$C4D_UID
https://p.crm4d.com/sync/ematch/getuid?uid=165821455338453280&redirect=https%3A%2F%2Fasset.easydmp.net%2Fcollect_v2.img.php%3Fdmp%3Demdmpeasy%26p%3Dgraphinium%26c4d_uid%3D%24C4D_UID&bounce=1
https://asset.easydmp.net/collect_v2.img.php?dmp=emdmpeasy&p=graphinium&c4d_uid=83tB55VRy-P2wj18I3Dy-Z2jYPSTFpFV2JY8CM9bd5E

43 B
747 B

32ms
32ms

Image
image/gif

2001:41d0:301:100:145:239:193:53
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://asset.easydmp.net/collect_v2.img.php?dmp=emdmpeasy&p=graphinium&c4d_uid=83tB55VRy-P2wj18I3Dy-Z2jYPSTFpFV2JY8CM9bd5E

Requested by

Host: test-billetterie.zoobeauval.com
URL: https://test-billetterie.zoobeauval.com/content

Protocol

HTTP/1.1

Server

2001:41d0:301:100:145:239:193:53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 07:09:13 GMT
X-IPLB-Request-ID: 00000000:AB0C_00000000:01BB_62D65899_4E6CCAB:2F341
X-IPLB-Instance: 25256
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: no-store, no-cache
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

Location: https://asset.easydmp.net/collect_v2.img.php?dmp=emdmpeasy&p=graphinium&c4d_uid=83tB55VRy-P2wj18I3Dy-Z2jYPSTFpFV2JY8CM9bd5E
Date: Tue, 19 Jul 2022 07:09:13 GMT
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"

GET
H2 200 picking
v3.api.optinproject.com/sqdt/ Frame 9898 43 B
239 B 113ms
36ms Image
image/gif 18.200.221.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v3.api.optinproject.com/sqdt/picking
Requested by: Host: test-billetterie.zoobeauval.com
URL: https://test-billetterie.zoobeauval.com/content
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.200.221.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-221-133.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 07:09:13 GMT
cache-control: must_revalidate, no_cache, no_store, post_check="", pre_check="", private
x-correlation-id: 200ad5f8-476f-4513-8c6c-1351cc29e8bb
server: nginx
content-type: image/gif

GET
H/1.1

200
OK

165821455338453280&firsttime=1
sync.commander1.com/z2520P95U56206LPR8IfM6d95X4152EF/ Frame 76AA
Redirect Chain

https://sync.commander1.com/z2520P95U56206LPR8IfM6d95X4152EF/165821455338453280
https://sync.commander1.com/z2520P95U56206LPR8IfM6d95X4152EF/165821455338453280&firsttime=1

95 B
705 B

27ms
27ms

Image
image/png

15.237.16.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.commander1.com/z2520P95U56206LPR8IfM6d95X4152EF/165821455338453280&firsttime=1
Requested by: Host: test-billetterie.zoobeauval.com
URL: https://test-billetterie.zoobeauval.com/content
Protocol: HTTP/1.1
Server: 15.237.16.53 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-15-237-16-53.eu-west-3.compute.amazonaws.com
Software: web /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://asset.easydmp.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: private
Date: Tue, 19 Jul 2022 07:09:13 GMT
Content-Encoding: gzip
Server: web
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=486000, pre-check=486000
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: image/png
Expires: Mon, 17 Oct 22 09:09:13 +0200

Redirect headers

Pragma: private
Date: Tue, 19 Jul 2022 07:09:13 GMT
Server: web
location: https://sync.commander1.com/z2520P95U56206LPR8IfM6d95X4152EF/165821455338453280&firsttime=1
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=486000, pre-check=486000
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Expires: Mon, 17 Oct 22 09:09:13 +0200

POST
H/1.1 200
OK get_delivery_data.php Show response
asset.easydmp.net/ Frame 76AA 130 B
871 B 20ms
20ms XHR
application/json 2001:41d0:301:100:145:239:193:53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://asset.easydmp.net/get_delivery_data.php

Requested by

Host: asset.easydmp.net
URL: https://asset.easydmp.net/client_iframe.html?t=230308

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:301:100:145:239:193:53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

adf6533df334c6f73f5cca03557b25a6ff7237440de2413a0c2c4b615e8b39f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

X-Em-Info: {"storage":"none","testMode":false,"consentData":{"usedTcf":false,"consent":true}}
Accept: text/javascript, text/html, application/xml, text/xml, */*
Referer: https://asset.easydmp.net/client_iframe.html?t=230308
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Tue, 19 Jul 2022 07:09:13 GMT
Content-Encoding: gzip
X-IPLB-Request-ID: 00000000:AB0C_00000000:01BB_62D65899_4E6CCA7:2F341
X-UID: 165821455338453280
X-IPLB-Instance: 25256
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Content-Type: application/json
Expires: 0

GET
H2 200 / Show response
adservice.google.de/ddm/fls/i/dc_pre=CJKYqMuyhPkCFUOr1QodfvMBKQ;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$... Frame 779E 194 B
242 B 69ms
46ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CJKYqMuyhPkCFUOr1QodfvMBKQ;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=3076420229520.145;~oref=https://hal9000.redintelligence.net/

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CJKYqMuyhPkCFUOr1QodfvMBKQ;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=3076420229520.145;~oref=https://hal9000.redintelligence.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 177
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Jul 2022 07:09:13 GMT
expires: Tue, 19 Jul 2022 07:09:13 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
adservice.google.de/ddm/fls/i/dc_pre=CJK9p8uyhPkCFWYWBgAdQhwAtw;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%... Frame F484 194 B
242 B 68ms
46ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CJK9p8uyhPkCFWYWBgAdQhwAtw;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=9041292214334.014;~oref=https://hal9000.redintelligence.net/

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CJK9p8uyhPkCFWYWBgAdQhwAtw;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=9041292214334.014;~oref=https://hal9000.redintelligence.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 177
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Jul 2022 07:09:13 GMT
expires: Tue, 19 Jul 2022 07:09:13 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
adservice.google.de/ddm/fls/i/dc_pre=CPmjqMuyhPkCFQPC1QodROYLKA;src=10165143;type=invmedia;cat=zoode0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=665439794... Frame F847 194 B
242 B 65ms
45ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CPmjqMuyhPkCFQPC1QodROYLKA;src=10165143;type=invmedia;cat=zoode0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=6654397948324.111;~oref=https://ad.ad-srv.net/

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CPmjqMuyhPkCFQPC1QodROYLKA;src=10165143;type=invmedia;cat=zoode0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=6654397948324.111;~oref=https://ad.ad-srv.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 177
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Jul 2022 07:09:13 GMT
expires: Tue, 19 Jul 2022 07:09:13 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
adservice.google.de/ddm/fls/i/dc_pre=CJmXqMuyhPkCFQPC1QodROYLKA;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7... Frame 4471 194 B
870 B 64ms
45ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CJmXqMuyhPkCFQPC1QodROYLKA;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=2582991028522.53;~oref=https://hal9000.redintelligence.net/

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CJmXqMuyhPkCFQPC1QodROYLKA;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=2582991028522.53;~oref=https://hal9000.redintelligence.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 177
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Jul 2022 07:09:13 GMT
expires: Tue, 19 Jul 2022 07:09:13 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
adservice.google.de/ddm/fls/i/dc_pre=CMG8p8uyhPkCFfL-1QodQm4L1w;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7B... Frame 48EF 194 B
242 B 65ms
47ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CMG8p8uyhPkCFfL-1QodQm4L1w;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=2148678597874.616;~oref=https://hal9000.redintelligence.net/

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CMG8p8uyhPkCFfL-1QodQm4L1w;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=2148678597874.616;~oref=https://hal9000.redintelligence.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 177
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Jul 2022 07:09:13 GMT
expires: Tue, 19 Jul 2022 07:09:13 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK get Show response
sqdt.mconso.fr/tmpPds/ Frame 76AA 28 B
415 B 171ms
20ms Script
application/javascript 2001:41d0:301:100:145:239:193:53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://sqdt.mconso.fr/tmpPds/get?callback=callback835372427

Requested by

Host: asset.easydmp.net
URL: https://asset.easydmp.net/client_iframe.html?t=230308

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:301:100:145:239:193:53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

bd6efbd507cf48494d2e2183718b1b3c6eaed119568b2ad2b340e41aa01c50f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://asset.easydmp.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-IPLB-Request-ID: 00000000:ABB0_00000000:01BB_62D65899_4E76E57:2F340
Date: Tue, 19 Jul 2022 07:09:13 GMT
X-IPLB-Instance: 25256
Transfer-Encoding: chunked
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Content-Type: application/javascript; charset=utf-8

POST
H2 200 widgetInfo Show response
test-billetterie.zoobeauval.com/tnwr/v1/monitoring/ 2 B
410 B 114ms
113ms XHR
application/json 193.72.147.242
SAFEHOSTNET Coloc...

General

Check archive.org

Show headers Download Go to

Full URL

https://test-billetterie.zoobeauval.com/tnwr/v1/monitoring/widgetInfo

Requested by

Host: zpdb.widgets.secutix.com
URL: https://zpdb.widgets.secutix.com/stx-widgets/v2/Widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.72.147.242 Lausanne, Switzerland, ASN21217 (SAFEHOSTNET Colocation center in Geneva, CH),

Reverse DNS

p20-shop.secutix.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

X-CSRF-Token: cfc5304a-45d0-4a17-a2f1-e891aeda3ff7
Accept-Language: de-DE,de;q=0.9
X-Secutix-Host: test-billetterie.zoobeauval.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://test-billetterie.zoobeauval.com/content
X-API-Key: false

Response headers

date: Tue, 19 Jul 2022 07:09:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
vary: Accept-Encoding
content-length: 22
x-xss-protection: 1; mode=block
pragma: no-cache
server: nginx
x-frame-options: DENY
strict-transport-security: max-age=31536000 ; includeSubDomains
x-varnish: 13825431
via: 1.1 varnish (Varnish/6.5)
cache-control: no-cache, no-store, max-age=0, must-revalidate
accept-ranges: bytes
content-type: application/json;charset=UTF-8
x-time: 0.086
expires: 0

GET
H/1.1 200
OK labels-ea39cca5-aa47-4324-80b2-61c34d206deb-labels_en.json Show response
s3.eu-central-1.amazonaws.com/pub.zpdb.p20-s3.secutix.com/tnwi/TSTP/B2CT/ 177 B
781 B 74ms
74ms XHR
application/octet-stream 52.219.47.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.eu-central-1.amazonaws.com/pub.zpdb.p20-s3.secutix.com/tnwi/TSTP/B2CT/labels-ea39cca5-aa47-4324-80b2-61c34d206deb-labels_en.json
Requested by: Host: zpdb.widgets.secutix.com
URL: https://zpdb.widgets.secutix.com/stx-widgets/v2/TicketShop.aff3f9e00b1eb879e679.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.47.27 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.eu-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 98426aac934c1b740490a72b4cdbf4b45e8f23b89e84e4f9b9a892bfd335e2d0

Request headers

Accept: application/json, text/plain, */*
Referer: https://test-billetterie.zoobeauval.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 07:09:14 GMT
Last-Modified: Thu, 14 Jul 2022 04:06:38 GMT
Server: AmazonS3
x-amz-request-id: 1T5GEKCTJXAVEV31
ETag: "296135d949d02bf3c48e962adb26284f"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
x-amz-version-id: i52W7hdgOCmBd4mr7vX5Eh1nQuUIhdAF
Access-Control-Allow-Origin: *
x-amz-replication-status: COMPLETED
Accept-Ranges: bytes
Content-Type: application/octet-stream
Content-Length: 177
x-amz-id-2: 0CHhIDscsflvQ8ZH0cTvs4d+5wst7W7+AsL+DM4rLhOchJIruOuO9oq4tdPRW/AIsAHunRiR5DM=

GET
H2 200 logo_zpdb.png
test-billetterie.zoobeauval.com/light_custom/lightTheme/ 48 KB
48 KB 41ms
40ms Image
image/png 193.72.147.242
SAFEHOSTNET Coloc...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://test-billetterie.zoobeauval.com/light_custom/lightTheme/logo_zpdb.png

Requested by

Host: test-billetterie.zoobeauval.com
URL: https://test-billetterie.zoobeauval.com/content

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.72.147.242 Lausanne, Switzerland, ASN21217 (SAFEHOSTNET Colocation center in Geneva, CH),

Reverse DNS

p20-shop.secutix.com

Software

nginx /

Resource Hash

86326b7c4fceec23319ff98cdb89b14c2fad67406843669223af07b9299a0666

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://test-billetterie.zoobeauval.com/content
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 07:09:12 GMT
via: 1.1 varnish (Varnish/6.5)
x-content-type-options: nosniff
age: 0
x-auth-token: bb42ccdb-7ba1-40ed-a9f9-dadb689919be
content-length: 48999
x-xss-protection: 1; mode=block
pragma: Public
last-modified: Thu, 14 Jul 2022 04:06:37 GMT
server: nginx
x-frame-options: DENY
x-amzn-trace-id: Root=1-00000000-000000000000000000000000;
strict-transport-security: max-age=31536000 ; includeSubDomains
x-varnish: 13925994 14367033
cache-control: public, max-age=900
accept-ranges: bytes
content-type: image/png;charset=UTF-8
x-time: 0.032
expires: Tue, 19 Jul 2022 07:24:12 GMT

GET
DATA 200
OK truncated
/ 296 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 078950e85bd66d61dc679d6dfab356d0d29b2c6dda237fc6e4cadd3777a9b5ea

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 847 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 23fbf64b37a97058d0e4c52b4e12bb9cdec255b612a4fb4863eadb5b9b82cedb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 catalog Show response
test-billetterie.zoobeauval.com/tnwr/v1/ 15 B
423 B 62ms
61ms XHR
application/json 193.72.147.242
SAFEHOSTNET Coloc...

General

Check archive.org

Show headers Download Go to

Full URL

https://test-billetterie.zoobeauval.com/tnwr/v1/catalog?maxPerformances=50&maxTimeslots=50&maxPerformanceDays=3&maxTimeslotDays=3&includeMetadata=true

Requested by

Host: zpdb.widgets.secutix.com
URL: https://zpdb.widgets.secutix.com/stx-widgets/v2/TicketShop.aff3f9e00b1eb879e679.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.72.147.242 Lausanne, Switzerland, ASN21217 (SAFEHOSTNET Colocation center in Geneva, CH),

Reverse DNS

p20-shop.secutix.com

Software

nginx /

Resource Hash

777b5863d801327b008f5610aa3eb3a4fb47554f056e0961b393075db17a4274

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://test-billetterie.zoobeauval.com/content
X-CSRF-Token: cfc5304a-45d0-4a17-a2f1-e891aeda3ff7
Accept-Language: de-DE,de;q=0.9
X-Secutix-Host: test-billetterie.zoobeauval.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
X-API-Key: false

Response headers

date: Tue, 19 Jul 2022 07:09:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
vary: Accept-Encoding
content-length: 35
x-xss-protection: 1; mode=block
pragma: no-cache
server: nginx
x-frame-options: DENY
strict-transport-security: max-age=31536000 ; includeSubDomains
x-varnish: 14748301
via: 1.1 varnish (Varnish/6.5)
cache-control: no-cache, no-store, max-age=0, must-revalidate
accept-ranges: bytes
content-type: application/json;charset=UTF-8
x-time: 0.030
expires: 0

GET
H2 200 resale-configuration Show response
test-billetterie.zoobeauval.com/tnwr/v1/catalog/ 125 B
507 B 61ms
60ms XHR
application/json 193.72.147.242
SAFEHOSTNET Coloc...

General

Check archive.org

Show headers Download Go to

Full URL

https://test-billetterie.zoobeauval.com/tnwr/v1/catalog/resale-configuration

Requested by

Host: zpdb.widgets.secutix.com
URL: https://zpdb.widgets.secutix.com/stx-widgets/v2/TicketShop.aff3f9e00b1eb879e679.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.72.147.242 Lausanne, Switzerland, ASN21217 (SAFEHOSTNET Colocation center in Geneva, CH),

Reverse DNS

p20-shop.secutix.com

Software

nginx /

Resource Hash

5f16216ca8976169749c152377989231185c22a2a88381d69c72b201cc48ece4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://test-billetterie.zoobeauval.com/content
X-CSRF-Token: cfc5304a-45d0-4a17-a2f1-e891aeda3ff7
Accept-Language: de-DE,de;q=0.9
X-Secutix-Host: test-billetterie.zoobeauval.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
X-API-Key: false

Response headers

date: Tue, 19 Jul 2022 07:09:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
vary: Accept-Encoding
content-length: 118
x-xss-protection: 1; mode=block
pragma: no-cache
server: nginx
x-frame-options: DENY
strict-transport-security: max-age=31536000 ; includeSubDomains
x-varnish: 13459906
via: 1.1 varnish (Varnish/6.5)
cache-control: no-cache, no-store, max-age=0, must-revalidate
accept-ranges: bytes
content-type: application/json;charset=UTF-8
x-time: 0.028
expires: 0

GET
H/1.1 200
OK MerriweatherSans-Bold.woff2
s3.eu-central-1.amazonaws.com/content-secutix-com/ZPDB/fonts/MerriweatherSans/ 28 KB
28 KB 43ms
22ms Font
binary/octet-stream 52.219.47.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.eu-central-1.amazonaws.com/content-secutix-com/ZPDB/fonts/MerriweatherSans/MerriweatherSans-Bold.woff2
Requested by: Host: test-billetterie.zoobeauval.com
URL: https://test-billetterie.zoobeauval.com/custom/ZPDB_TSTP/custom.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.47.27 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.eu-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e983f73bc35d343902fb74279546c83f201cfce2fb33b42577cc2c3e9dd2705a

Request headers

Referer: https://test-billetterie.zoobeauval.com/
Origin: https://test-billetterie.zoobeauval.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 07:09:14 GMT
Last-Modified: Thu, 19 Mar 2020 04:18:12 GMT
Server: AmazonS3
x-amz-request-id: 1T5YZDS8YGPEBSZV
ETag: "aa6ed55e454052ffe056752669d6a033"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Accept-Ranges: bytes
Content-Length: 28464
x-amz-id-2: 2n2a/HLY2CUiUR+Z5q0NOcrBDszdaoUSLCE71j67BgzpNvYeMxhT6qvLLbAOLyoUdkywUQOu3wk=

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 24ms
11ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=484022875128661&ev=Microdata&dl=https%3A%2F%2Ftest-billetterie.zoobeauval.com%2Fcontent&rl=&if=false&ts=1658214553799&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22ZooParc%20de%20Beauval%20-%20Ventes%20de%20billets%20en%20ligne%22%2C%22meta%3Adescription%22%3A%22Achetez%20vos%20billets%20en%20ligne%20pour%20ZooParc%20de%20Beauval%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22https%3A%2F%2Ftest-billetterie.zoobeauval.com%2Flight_custom%2FlightTheme%2Flogo_zpdb.png%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Adescription%22%3A%22ZooParc%20de%20Beauval%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.65&r=stable&ec=1&o=30&fbp=fb.1.1658214553119.76592923&it=1658214553083&coo=false&es=automatic&tm=3&exp=u0&rqm=GET

Requested by

Host: test-billetterie.zoobeauval.com
URL: https://test-billetterie.zoobeauval.com/content

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://test-billetterie.zoobeauval.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 07:09:13 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 19 Jul 2022 07:09:13 GMT

GET
H2

200

/ Show response
track.adform.net/Serving/TrackPoint/ Frame DFA7
Redirect Chain

https://track.adform.net/Serving/TrackPoint/?pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=622299340622&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Ftest-billetterie.zoobeauva...
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=622299340622&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Ftest-billetterie.zoob...

111 B
592 B

20ms
19ms

Script
text/javascript

37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=622299340622&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Ftest-billetterie.zoobeauval.com%2F&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintelligence.net%2Fretarget%3Fa%3D52807%26version%3D1%26segment%3D%26redirected%3D1

Requested by

Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=52807&version=1&segment=&redirected=1

Protocol

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

6ac3327f188a75ff18f3a723a4db374fc75716467e90d552b9943d3cad40cff5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 07:09:13 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 186
expires: -1

Redirect headers

pragma: no-cache
date: Tue, 19 Jul 2022 07:09:13 GMT
server: nginx
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=622299340622&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Ftest-billetterie.zoobeauval.com%2F&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintelligence.net%2Fretarget%3Fa%3D52807%26version%3D1%26segment%3D%26redirected%3D1
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

POST
H/1.1 200
OK collect_v3.php Show response
asset.easydmp.net/ Frame 76AA 265 B
699 B 40ms
31ms XHR
application/json 2001:41d0:301:100:145:239:193:53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://asset.easydmp.net/collect_v3.php

Requested by

Host: asset.easydmp.net
URL: https://asset.easydmp.net/client_iframe.html?t=230308

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:301:100:145:239:193:53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

7303f03a39bd926c6fada689aa758835dcf3fad964798bfe05a4b58a70a755f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

X-Em-Info: {"storage":"none","testMode":false,"consentData":{"usedTcf":false,"consent":true}}
Accept: text/javascript, text/html, application/xml, text/xml, */*
Referer: https://asset.easydmp.net/client_iframe.html?t=230308
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Tue, 19 Jul 2022 07:09:13 GMT
Content-Encoding: gzip
X-IPLB-Request-ID: 00000000:AB0C_00000000:01BB_62D65899_4E6CCC0:2F341
X-UID: 165821455338453280
X-IPLB-Instance: 25256
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Content-Type: application/json
Expires: 0

GET
H/1.1 200
OK etag.php Show response
asset.easydmp.net/ Frame 76AA 240 B
663 B 38ms
37ms XHR
text/html 2001:41d0:301:100:145:239:193:53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://asset.easydmp.net/etag.php

Requested by

Host: asset.easydmp.net
URL: https://asset.easydmp.net/client_iframe.html?t=230308

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:301:100:145:239:193:53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

2912bf5b7b358109b11c9eb60b2292b894de416755357ba706dda3682b6eb1ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/javascript, text/html, application/xml, text/xml, */*
Cache-Control: no-cache
FullWarning0: 000000000000000002:s:0:eJwLCnIT4cnkEOQrK08slpVm9WCO4Y0u8swrD6nj9JIvEBcplBZgVvWQd2cK5fOJ4eaTdxe1j3DzdOSUCqqVcmNnDbF3C5JKKjEu9HMLdgiOjuFTdc+vZqsP9WAzcGXVC2ZmrfUVYwlklWT2CRDjZBANZnTjd3Jk4K6QdhXiyWVkEwxPrU6tlRJi9mGKEgso8cyuDhXMYffT5wMAQcUhsw==;
Referer: https://asset.easydmp.net/client_iframe.html?t=230308
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Warning: set

Response headers

Date: Tue, 19 Jul 2022 07:09:13 GMT
Content-Encoding: gzip
X-IPLB-Request-ID: 00000000:AB0C_00000000:01BB_62D65899_4E6CCC3:2F341
Etag: W/"3fd6135153a8c1c985ec443a07e5a0bf"
X-IPLB-Instance: 25256
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: private, max-age=31536000
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

seg
secure.adnxs.com/
Redirect Chain

https://trk.datnova.com/tech_cookie.php
https://trk.datnova.com/bot_check.php
https://secure.adnxs.com/seg?add=30331980&t=2

43 B
1 KB

33ms
33ms

Image
image/gif

185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/seg?add=30331980&t=2

Requested by

Host: test-billetterie.zoobeauval.com
URL: https://test-billetterie.zoobeauval.com/content

Protocol

HTTP/1.1

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://test-billetterie.zoobeauval.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Jul 2022 07:09:14 GMT
X-Proxy-Origin: 138.199.38.133; 138.199.38.133; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: ff89eb41-d1bc-49ff-acc3-0e4a6267aa78
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

date: Tue, 19 Jul 2022 07:09:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aYGvVEUf%2BKnSzYN1940sxUvuGt%2BJbAE1ZC7GmVMJh%2BjrcSI98oH%2BAzKnjkASSds9QGQZsNT2K3YgSwA7xV3T8ymyKbQyhg6WuuvHVu%2FZTBLGNIC45qU7wbNjZyc9%2FFo4WrfO8mkqwQ3i6j6DPvw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://secure.adnxs.com/seg?add=30331980&t=2
cf-ray: 72d1a162db979b8c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=3149911:22808&t=2
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D3149911%3A22808%26t%3D2

43 B
1 KB

14ms
14ms

Image
image/gif

185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D3149911%3A22808%26t%3D2

Requested by

Host: test-billetterie.zoobeauval.com
URL: https://test-billetterie.zoobeauval.com/content

Protocol

HTTP/1.1

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://test-billetterie.zoobeauval.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Jul 2022 07:09:14 GMT
X-Proxy-Origin: 138.199.38.133; 138.199.38.133; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: e2e99744-148a-44ee-b97f-054e49b5e98e
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 19 Jul 2022 07:09:14 GMT
X-Proxy-Origin: 138.199.38.133; 138.199.38.133; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 37373eae-f507-428a-92aa-8e122b778fd6
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D3149911%3A22808%26t%3D2
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=19746819&t=2
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19746819%26t%3D2

43 B
1 KB

17ms
17ms

Image
image/gif

185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19746819%26t%3D2

Requested by

Host: test-billetterie.zoobeauval.com
URL: https://test-billetterie.zoobeauval.com/content

Protocol

HTTP/1.1

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://test-billetterie.zoobeauval.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Jul 2022 07:09:14 GMT
X-Proxy-Origin: 138.199.38.133; 138.199.38.133; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: aafb8299-59d7-4432-8680-e2ceca925da3
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 19 Jul 2022 07:09:14 GMT
X-Proxy-Origin: 138.199.38.133; 138.199.38.133; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: e963bc2d-194b-4224-808b-afc8c3ef6187
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19746819%26t%3D2
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK get Show response
sq.chichaylimona.com/tmpPds/ Frame 76AA 28 B
414 B 110ms
19ms Script
application/javascript 2001:41d0:301:100:145:239:193:53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://sq.chichaylimona.com/tmpPds/get?callback=callback336269347

Requested by

Host: asset.easydmp.net
URL: https://asset.easydmp.net/client_iframe.html?t=230308

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:301:100:145:239:193:53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

5103b2a4b6c90c58272e5684a1e60e57f506f1f4e109523cd57b39193017b567

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://asset.easydmp.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-IPLB-Request-ID: 00000000:ABDC_00000000:01BB_62D6589A_32852F3:D5FB
Date: Tue, 19 Jul 2022 07:09:14 GMT
X-IPLB-Instance: 25143
Transfer-Encoding: chunked
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Content-Type: application/javascript; charset=utf-8

GET
H/1.1 200
OK journey.gif
t.mydialoginsight.com/C/pgUAAGZ1ZDFXR6s0AABsbjhMN1WMAQAA/1.00/2711508650/ 43 B
280 B 24ms
24ms Image
image/gif 104.254.152.3
RSI-FR-SITE2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.mydialoginsight.com/C/pgUAAGZ1ZDFXR6s0AABsbjhMN1WMAQAA/1.00/2711508650/journey.gif?cache=1658214554124&d=T0ZTWVNfQ3VycmVudFVSTA)aHR0cHM6Ly90ZXN0LWJpbGxldHRlcmllLnpvb2JlYXV2YWwuY29tL2NvbnRlbnQ(U2NyZWVuSGVpZ2h0)MTIwMA(U2NyZWVuV2lkdGg)MTYwMA(T0ZTWVNfUmVmZXJyZXI)(dmlzaXRvcktleQ)V29QdW1GNXM(dmlzaXRLZXk)a0lnNjJnekY
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 104.254.152.3 , Canada, ASN399041 (RSI-FR-SITE2, CA),
Reverse DNS: t.mydialoginsight.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://test-billetterie.zoobeauval.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Jul 2022 07:09:14 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: no-cache
Content-Length: 43
Expires: -1

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 42 KB
14 KB 133ms
14ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TP4FF5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

dfc6678e3b812f3097334f84e4f7ed816c8339cd0f1a5e5b90281e8c3374d463

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://test-billetterie.zoobeauval.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 07:09:14 GMT
content-encoding: gzip
last-modified: Tue, 31 May 2022 05:07:22 GMT
server: nginx
etag: W/"6295a28a-a708"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 20 Jul 2022 07:09:14 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 15ms
15ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=403856866&t=event&ni=0&_s=1&dl=https%3A%2F%2Ftest-billetterie.zoobeauval.com%2Fcontent&ul=en-us&de=UTF-8&dt=ZooParc%20de%20Beauval%20-%20Ventes%20de%20billets%20en%20ligne&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=Scroll%20-%20Vertical&el=25&_u=aGDACEABBAAAAG~&jid=1699354028&gjid=1764832664&cid=1593462165.1658214553&tid=UA-6469860-5&_gid=906297427.1658214553&_r=1&gtm=2wg7i0TP4FF5&z=1139070461

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://test-billetterie.zoobeauval.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 07:09:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://test-billetterie.zoobeauval.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=403856866&t=event&ni=0&_s=1&dl=https%3A%2F%2Ftest-billetterie.zoobeauval.com%2Fcontent&ul=en-us&de=UTF-8&dt=ZooParc%20de%20Beauval%20-%20Ventes%20de%20billets%20en%20ligne&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=Scroll%20-%20Vertical&el=50&_u=aGDACEABBAAAAG~&jid=&gjid=&cid=1593462165.1658214553&tid=UA-6469860-5&_gid=906297427.1658214553&gtm=2wg7i0TP4FF5&z=1139463773

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://test-billetterie.zoobeauval.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Jul 2022 22:09:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 32388
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=403856866&t=event&ni=0&_s=1&dl=https%3A%2F%2Ftest-billetterie.zoobeauval.com%2Fcontent&ul=en-us&de=UTF-8&dt=ZooParc%20de%20Beauval%20-%20Ventes%20de%20billets%20en%20ligne&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=Scroll%20-%20Vertical&el=75&_u=aGDACEABBAAAAG~&jid=&gjid=&cid=1593462165.1658214553&tid=UA-6469860-5&_gid=906297427.1658214553&gtm=2wg7i0TP4FF5&z=546821110

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://test-billetterie.zoobeauval.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Jul 2022 22:09:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 32388
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
8ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=403856866&t=event&ni=0&_s=1&dl=https%3A%2F%2Ftest-billetterie.zoobeauval.com%2Fcontent&ul=en-us&de=UTF-8&dt=ZooParc%20de%20Beauval%20-%20Ventes%20de%20billets%20en%20ligne&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=Scroll%20-%20Vertical&el=90&_u=aGDACEABBAAAAG~&jid=&gjid=&cid=1593462165.1658214553&tid=UA-6469860-5&_gid=906297427.1658214553&gtm=2wg7i0TP4FF5&z=1836945465

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://test-billetterie.zoobeauval.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Jul 2022 22:09:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 32388
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
9ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=403856866&t=event&ni=0&_s=1&dl=https%3A%2F%2Ftest-billetterie.zoobeauval.com%2Fcontent&ul=en-us&de=UTF-8&dt=ZooParc%20de%20Beauval%20-%20Ventes%20de%20billets%20en%20ligne&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=Scroll%20-%20Vertical&el=100&_u=aGDACEABBAAAAG~&jid=&gjid=&cid=1593462165.1658214553&tid=UA-6469860-5&_gid=906297427.1658214553&gtm=2wg7i0TP4FF5&z=1619699735

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://test-billetterie.zoobeauval.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Jul 2022 22:09:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 32388
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
8ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=403856866&t=timing&_s=2&dl=https%3A%2F%2Ftest-billetterie.zoobeauval.com%2Fcontent&ul=en-us&de=UTF-8&dt=ZooParc%20de%20Beauval%20-%20Ventes%20de%20billets%20en%20ligne&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1657&pdt=1&dns=0&rrt=211&srt=174&tcp=0&dit=595&clt=595&_gst=528&_gbt=602&_cst=405&_cbt=517&_u=aGDAiEABBAAAAG~&jid=&gjid=&cid=1593462165.1658214553&tid=UA-6469860-5&_gid=906297427.1658214553&gtm=2wg7i0TP4FF5&z=10733164

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://test-billetterie.zoobeauval.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Jul 2022 22:09:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 32388
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 52ms
17ms XHR
text/plain 2a00:1450:400c:c0a::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-6469860-5&cid=1593462165.1658214553&jid=1699354028&gjid=1764832664&_gid=906297427.1658214553&_u=aGDACEABBAAAAG~&z=190067982

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://test-billetterie.zoobeauval.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 19 Jul 2022 07:09:14 GMT
content-type: text/plain
access-control-allow-origin: https://test-billetterie.zoobeauval.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 068F 15 KB
6 KB 45ms
16ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=test-billetterie.zoobeauval.com&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

6f87cd86c391c6361adca474b987f3e4b6d81d281795120c584d0a0c1ca7f5ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://test-billetterie.zoobeauval.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6144
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 19 Jul 2022 07:09:14 GMT
server-processing-duration-in-ticks: 2158
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 54ms
33ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-6469860-5&cid=1593462165.1658214553&jid=1699354028&_u=aGDACEABBAAAAG~&z=1508094838

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://test-billetterie.zoobeauval.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 07:09:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 47ms
29ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-6469860-5&cid=1593462165.1658214553&jid=1699354028&_u=aGDACEABBAAAAG~&z=1508094838

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://test-billetterie.zoobeauval.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 07:09:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 068F
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=zoobeauval.com&sn=ChromeSyncframe&so=0&topUrl=test-billetterie.zoobeauval.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=e8pnUHxRZi95U1kwWi9mYzIrREFNTmNuTHRmblZPSDJRalVsQ0loQUZpaFB4SElpWDh6cHpvWnIrbkVmbWZMdVRlSHlweDQ0UERHQ2QrTnJTbnA2SGhsQmZGN1kxamtjWDRCZVZOVzU4K1JtNlhLem5WSUo3YkxKQXpFQV...

441 B
638 B

320ms
96ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=e8pnUHxRZi95U1kwWi9mYzIrREFNTmNuTHRmblZPSDJRalVsQ0loQUZpaFB4SElpWDh6cHpvWnIrbkVmbWZMdVRlSHlweDQ0UERHQ2QrTnJTbnA2SGhsQmZGN1kxamtjWDRCZVZOVzU4K1JtNlhLem5WSUo3YkxKQXpFQVVyQ2xXZHpXY1JGQ0VhenZIUWZsaFA2L1ZpSE1NWW51WWxlMTV4N3VHYzRoWDc5c2tKa1VkbUd3ZUkzdk04UE5JcHoxY09XekN3M1FybFdhM0hrcTJTU0xGWXRHL21ScyttZ1RIL1JvY25wV1NyYUt0NkNzWXdjcytyMWRyaVl6Zjd3QXNIOXJVdEtYUXp4MUF6WXJkWFV6eFBBQ0tteXZRM2pNbkpUTnRjV1VLR0w4VG9uND18&cppv=2

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Resource Hash

3b7abae8fc1e3a18364c2846fdf52f096b0344d1c104596f37b07438a09463e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 07:09:13 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4900
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 19 Jul 2022 07:09:13 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=e8pnUHxRZi95U1kwWi9mYzIrREFNTmNuTHRmblZPSDJRalVsQ0loQUZpaFB4SElpWDh6cHpvWnIrbkVmbWZMdVRlSHlweDQ0UERHQ2QrTnJTbnA2SGhsQmZGN1kxamtjWDRCZVZOVzU4K1JtNlhLem5WSUo3YkxKQXpFQVVyQ2xXZHpXY1JGQ0VhenZIUWZsaFA2L1ZpSE1NWW51WWxlMTV4N3VHYzRoWDc5c2tKa1VkbUd3ZUkzdk04UE5JcHoxY09XekN3M1FybFdhM0hrcTJTU0xGWXRHL21ScyttZ1RIL1JvY25wV1NyYUt0NkNzWXdjcytyMWRyaVl6Zjd3QXNIOXJVdEtYUXp4MUF6WXJkWFV6eFBBQ0tteXZRM2pNbkpUTnRjV1VLR0w4VG9uND18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1542
content-length: 567
expires: 0

GET
H2 200 event Show response
sslwidget.criteo.com/ 9 KB
4 KB 132ms
29ms Script
application/x-javascript 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://sslwidget.criteo.com/event?a=51246&v=5.11.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvl%26p%3D%255B%255D&p3=e%3Ddis&adce=1&bundle=tBNhMV9OWDhKeEo4VUxWc2RpOWsybGxDb3plc1prbU15Z0JjZmo0aCUyRmxZU3pZdGpIdXklMkZoZFo1WVM3Z1djZE5TNDMlMkY4TjFHY2NQRiUyQldtRndMRTNIMDRJSTFic2NYUnpMeSUyQm9BQ0QwZnVSSE8lMkJFdDN0dExWcEY4SGtYRnJXem45RUpWUWJHRTVYS01jMXR3Q1laJTJCZUFrMnIlMkJ3JTNEJTNE&tld=zoobeauval.com&fu=https%3A%2F%2Ftest-billetterie.zoobeauval.com%2Fcontent&dtycbr=4918

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d595815780860c6009c944bfe8ff476b475850725ac0db3279b820f55265f82a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://test-billetterie.zoobeauval.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 07:09:14 GMT
content-encoding: gzip
server: Kestrel
timing-allow-origin: *
strict-transport-security: max-age=31536000; preload;
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 15832525
content-type: application/x-javascript
expires: 0

GET
H2

451

397596.gif
idsync.rlcdn.com/ Frame 5956
Redirect Chain

https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
https://idsync.rlcdn.com/397596.gif?partner_uid=NUd2vHxv3NnCax-oPLcfFjjnJVI07Zi6

0
98 B

42ms
20ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/397596.gif?partner_uid=NUd2vHxv3NnCax-oPLcfFjjnJVI07Zi6
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 07:09:14 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

location: https://idsync.rlcdn.com/397596.gif?partner_uid=NUd2vHxv3NnCax-oPLcfFjjnJVI07Zi6
date: Tue, 19 Jul 2022 07:09:14 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2229
content-length: 197
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8

GET
H/1.1 204
No Content put
e1.emxdgt.com/ Frame 5956 0
134 B 48ms
7ms Image
text/html 3.73.227.228
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d53&uid=k-lCsG1a0L2XlKnvv2Ikgvawg2Eew-WIW9WTisHQ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.73.227.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-73-227-228.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 07:09:13 GMT
Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 5956
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-lCsG1a0L2XlKnvv2Ikgvawg2Eew-WIW9WTisHQ&google_cm&google_hm=ay1sQ3NHMWEwTDJYbEtudnYySWtndmF3ZzJFZXctV0lXO...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-lCsG1a0L2XlKnvv2Ikgvawg2Eew-WIW9WTisHQ&google_gid=CAESEIS-uEOAqoG2QHvSMbQ7JPI&google_cver=1&google_ula=913071,0

43 B
371 B

57ms
17ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-lCsG1a0L2XlKnvv2Ikgvawg2Eew-WIW9WTisHQ&google_gid=CAESEIS-uEOAqoG2QHvSMbQ7JPI&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 07:09:14 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1092970
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 19 Jul 2022 07:09:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-lCsG1a0L2XlKnvv2Ikgvawg2Eew-WIW9WTisHQ&google_gid=CAESEIS-uEOAqoG2QHvSMbQ7JPI&google_cver=1&google_ula=913071,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 5956 0
476 B 377ms
88ms Image
text/plain 64.202.112.127
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-Fe5HAq0L2XlKnvv2Ikgvawg2EeyU3SjLzWdgLw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.127 Harrodsburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 07:09:15 GMT
Cache-Control: no-cache
X-TraceId: 730630c8a8fa7f319ed857d6d6c7366f
Content-Length: 0

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 5956 0
239 B 65ms
11ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-TCG6U60L2XlKnvv2Ikgvawg2EewkuPekTZPz9g&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 5956 0
100 B 352ms
104ms Image
text/plain 141.226.124.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-vNt41q0L2XlKnvv2Ikgvawg2EexSjnZje3RqCA
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.124.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 07:09:15 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 103488

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 5956 43 B
163 B 66ms
17ms Image
image/gif 185.86.139.57
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-NpoZga0L2XlKnvv2Ikgvawg2Eewo6ziMfsT5pg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.57 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 07:09:14 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame 5956
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-QZPTVK0L2XlKnvv2Ikgvawg2Eey8eUUHarLL0Q
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-QZPTVK0L2XlKnvv2Ikgvawg2Eey8eUUHarLL0Q&verify=true

0
121 B

14ms
13ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-QZPTVK0L2XlKnvv2Ikgvawg2Eey8eUUHarLL0Q&verify=true

Protocol

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.46 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 07:09:14 GMT
server: ATS/9.1.0.46
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-QZPTVK0L2XlKnvv2Ikgvawg2Eey8eUUHarLL0Q&verify=true
date: Tue, 19 Jul 2022 07:09:14 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 v1
ads.yahoo.com/cms/ Frame 5956 0
194 B 75ms
20ms Image
text/plain 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 07:09:14 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H2 200 xuid
eb2.3lift.com/ Frame 5956 37 B
140 B 41ms
9ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-YsTW6a0L2XlKnvv2Ikgvawg2EezErWM9SBSeZw&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 07:09:14 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 5956
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-TOVAs60L2XlKnvv2Ikgvawg2EewGM82MqPpUCg
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-TOVAs60L2XlKnvv2Ikgvawg2EewGM82MqPpUCg

43 B
445 B

32ms
32ms

Image
image/gif

54.76.193.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-TOVAs60L2XlKnvv2Ikgvawg2EewGM82MqPpUCg
Protocol: H2
Server: 54.76.193.17 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-193-17.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 19 Jul 2022 07:09:14 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-TOVAs60L2XlKnvv2Ikgvawg2EewGM82MqPpUCg
date: Tue, 19 Jul 2022 07:09:14 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 5956
Redirect Chain

https://secure.adnxs.com/seg?add=130915&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2472414332832298951

43 B
370 B

47ms
19ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2472414332832298951

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 07:09:14 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3312201
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 19 Jul 2022 07:09:14 GMT
X-Proxy-Origin: 138.199.38.133; 138.199.38.133; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: e0063d1e-9005-4aa9-8e04-e480ce72e883
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2472414332832298951
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 5956
Redirect Chain

https://ib.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2472414332832298951

43 B
370 B

44ms
18ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2472414332832298951

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 07:09:14 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2490474
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 19 Jul 2022 07:09:14 GMT
X-Proxy-Origin: 138.199.38.133; 138.199.38.133; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: c630eb55-d13f-4329-9206-309c02c68207
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2472414332832298951
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 5956 42 B
245 B 611ms
154ms Image
image/gif 104.36.113.107
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI0NTImdGw9NDMyMDA=&piggybackCookie=uid:k-ObC3Uq0L2XlKnvv2Ikgvawg2EezG8ec0XBulOw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 07:09:14 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

rum
r.casalemedia.com/ Frame 5956
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-n09DmK0L2XlKnvv2Ikgvawg2EezJs9Qy1OCyRw
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-n09DmK0L2XlKnvv2Ikgvawg2EezJs9Qy1OCyRw&C=1

43 B
637 B

350ms
48ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-n09DmK0L2XlKnvv2Ikgvawg2EezJs9Qy1OCyRw&C=1
Protocol: H2
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 72d1a16a58bc5bf5-FRA
pragma: no-cache
date: Tue, 19 Jul 2022 07:09:15 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fLnd9dU3vmr3n4qOuO5lDINL7JkoXGDA3cWX0AixDKXxfrcSx900k%2Blfijl8ED5Vo0hq9N%2BrnmyREWKZgE7c9urYnSdA7UMe4em9GJ3vEt%2B72I9i4M4mO7Jf3SHV6sizApuw"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 19 Jul 2022 07:09:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zgiTx5ABEFqsuRvN1ydPfNQttSRYbu784AMYl8iq35mYeKWFak8l%2FodfvlmrcNNTWC5q%2FxwCL8xy5Ki4NdX0mt1m66fpldK8q5Bil8KA2xsgZ1H537tgmo3%2BuNCMmasX8oe5"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=20&external_user_id=k-n09DmK0L2XlKnvv2Ikgvawg2EezJs9Qy1OCyRw&C=1
cache-control: no-cache
cf-ray: 72d1a1685dbf5bf5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 um
criteo-sync.teads.tv/ Frame 5956 23 B
172 B 94ms
35ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k--XIWoa0L2XlKnvv2Ikgvawg2EezQD_gziHhLiA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 07:09:14 GMT
cache-control: max-age=0, no-cache, no-store
expires: Tue, 19 Jul 2022 07:09:14 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H2 200 cksync.php
contextual.media.net/ Frame 5956 45 B
785 B 197ms
171ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-OgHoLa0L2XlKnvv2Ikgvawg2EezE9m-cQrUOQg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
server: Apache
date: Tue, 19 Jul 2022 07:09:15 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Tue, 19 Jul 2022 07:09:15 GMT

GET
H2 200 pixel
cm.adform.net/ Frame 5956 43 B
163 B 58ms
18ms Image
image/gif 37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-OI5U660L2XlKnvv2Ikgvawg2EeyMfIhyrvIL0Q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 07:09:14 GMT
last-modified: Thu, 11 Apr 2019 06:08:57 GMT
server: nginx
accept-ranges: bytes
etag: "5caed9f9-2b"
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame 5956
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-GjGh-60L2XlKnvv2Ikgvawg2Eeyj645oLS86Cg&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-GjGh-60L2XlKnvv2Ikgvawg2Eeyj645oLS86Cg&expires=30

43 B
495 B

10ms
10ms

Image
image/gif

18.157.234.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-GjGh-60L2XlKnvv2Ikgvawg2Eeyj645oLS86Cg&expires=30
Protocol: HTTP/1.1
Server: 18.157.234.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-234-113.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 07:09:15 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-GjGh-60L2XlKnvv2Ikgvawg2Eeyj645oLS86Cg&expires=30
Date: Tue, 19 Jul 2022 07:09:14 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame 5956 49 B
235 B 57ms
17ms Image
image/gif 185.255.84.152
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-AyXlCa0L2XlKnvv2Ikgvawg2EezkY8SvoDzWGQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.152 Ivry-sur-Seine, France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 07:09:14 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 0
content-length: 49
expires: 0

GET
H2 204 v1
match.sharethrough.com/sync/ Frame 5956 0
35 B 57ms
7ms Image
text/plain 3.121.205.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-iyFW_60L2XlKnvv2Ikgvawg2EezFrsxR59FYsw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.205.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-205-163.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 07:09:15 GMT

GET
H2 200 sync
matching.ivitrack.com/ Frame 5956 42 B
274 B 67ms
31ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-Gn2-L60L2XlKnvv2Ikgvawg2EezDtAcr6gAvJA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 07:09:14 GMT
via: 1.1 google
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H/1.1

200
OK

empty.gif
cdn.stickyadstv.com/one-shot/ Frame 5956
Redirect Chain

https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-_xbT3q0L2XlKnvv2Ikgvawg2EexwU3MjQ03NQQ&redirectId=69
https://cdn.stickyadstv.com/one-shot/empty.gif?

43 B
438 B

66ms
9ms

Image
image/gif

2001:4de0:ac19::1:b:3b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.stickyadstv.com/one-shot/empty.gif?
Protocol: HTTP/1.1
Server: 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 07:09:15 GMT
Last-Modified: Thu, 28 Feb 2013 15:45:35 GMT
ETag: "1362066335"
X-HW: 1658214555.dop129.fr8.t,1658214555.cds131.fr8.shn,1658214555.cds131.fr8.c
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=7200
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 43

Redirect headers

Pragma: no-cache
Date: Tue, 19 Jul 2022 07:09:15 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cdn.stickyadstv.com/one-shot/empty.gif?
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1658214555030011-558
Expires: Tue, 19 Jul 2022 07:09:15 GMT

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 5956 40 B
40 B 36ms
10ms Image
text/html 3.124.231.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-Rum3Qa0L2XlKnvv2Ikgvawg2EeycEfSpnR8biQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.231.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-231-32.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 07:09:15 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 204 /
s.ad.smaato.net/c/ Frame 5956 0
240 B 58ms
16ms Image
text/plain 2600:9000:225f:400:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-ngQSk60L2XlKnvv2Ikgvawg2EeyliKs9do3eJg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225f:400:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 07:09:15 GMT
via: 1.1 f03ada864fbb3bc735df571a1aa182ec.cloudfront.net (CloudFront)
server: CloudFront
cache-control: no-cache, must-revalidate
x-amz-cf-pop: TXL50-P2
x-amz-cf-id: 2Pl0aUzQ8iWtbnCtB2_N5VzWHpM0oFdrfU6w-JvlRQ4XL-Bz4CSD4Q==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H/1.1

200
OK

28292
i6.liadm.com/s/ Frame 5956
Redirect Chain

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-ZmUQUK0L2XlKnvv2Ikgvawg2EezJopHJI4sLQA
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-ZmUQUK0L2XlKnvv2Ikgvawg2EezJopHJI4sLQA&_li_chk=true&previous_uuid=7e391ac14efd44d1bfbd578ed053333d
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-ZmUQUK0L2XlKnvv2Ikgvawg2EezJopHJI4sLQA

43 B
419 B

295ms
97ms

Image
image/gif

2600:1f18:444a:4680:4331:5d42:7c5e:9273
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-ZmUQUK0L2XlKnvv2Ikgvawg2EezJopHJI4sLQA

Protocol

HTTP/1.1

Server

2600:1f18:444a:4680:4331:5d42:7c5e:9273 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 07:09:15 GMT
Cache-Control: no-store
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-ZmUQUK0L2XlKnvv2Ikgvawg2EezJopHJI4sLQA
Date: Tue, 19 Jul 2022 07:09:14 GMT
Connection: keep-alive
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame 5956 43 B
183 B 291ms
92ms Image
image/gif 2600:1f18:612b:4200:91e2:be0:268c:1b25
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-sGiz360L2XlKnvv2Ikgvawg2Eeyi8q5j0Pv9ow
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:91e2:be0:268c:1b25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 07:09:15 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 200 c.gif
c.bing.com/ Frame 5956 42 B
595 B 69ms
31ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-6Wx7Na0L2XlKnvv2Ikgvawg2EewfCqLdOrEf_w
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 07:09:14 GMT
etag: "96611cd5e096d81:0"
last-modified: Wed, 13 Jul 2022 17:48:59 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F8B31D2BEE434994AA9C433368BC1D01 Ref B: FRA31EDGE0721 Ref C: 2022-07-19T07:09:15Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H/1.1 200
OK setuid
secure.adnxs.com/ Frame 5956 43 B
1 KB 16ms
15ms Image
image/gif 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=52&code=k-nOmtHq0L2XlKnvv2Ikgvawg2Eex6vpU5ZWG9oQ&seg=130915

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Jul 2022 07:09:15 GMT
X-Proxy-Origin: 138.199.38.133; 138.199.38.133; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 114903e2-9c57-4097-a9bb-f4713a3bdb68
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 5956 43 B
220 B 13ms
9ms Image
image/gif 18.157.234.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=117&user_id=k-GjGh-60L2XlKnvv2Ikgvawg2Eeyj645oLS86Cg&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.234.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-234-113.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 07:09:15 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

71 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.liadm.com/s	1970-01-20 05:20:06	Name: _li_ss Value: MgkI_____wcQ5hI
.zoobeauval.com/	1969-12-31 23:59:59	Name: AcpAT-v3-q-zpdb Value: IA-p20pkpbox1a-ed56df287dd494525b2a8a6eb2d63aede88ab8c2528c95ac64b809b7e805fb146451739e808e5c692e02bb0a66d77a5211361c6bb3baf68333b41a4bbda3b34c
test-billetterie.zoobeauval.com/	1969-12-31 23:59:59	Name: STX_SESSION Value: NzE2NjcxYmItZjIwOS00YTc3LWEyZmItZWUwMjFjOWUwOWRh
test-billetterie.zoobeauval.com/	1969-12-31 23:59:59	Name: lang Value: fr
test-billetterie.zoobeauval.com/	1969-12-31 23:59:59	Name: SERVERID-BE-INTERNET1-9050 Value: 74779af906d6d97fc15e7f710a9fa83b
.zoobeauval.com/	1970-01-20 06:46:30	Name: _gcl_au Value: 1.1.1623163055.1658214553
.zoobeauval.com/	1970-01-20 22:08:06	Name: _ga Value: GA1.2.1593462165.1658214553
.zoobeauval.com/	1970-01-20 04:38:20	Name: _gid Value: GA1.2.906297427.1658214553
.zoobeauval.com/	1970-01-20 04:36:54	Name: _dc_gtm_UA-6469860-5 Value: 1
.zoobeauval.com/	1970-01-20 06:46:30	Name: _fbp Value: fb.1.1658214553119.76592923
test-billetterie.zoobeauval.com/	1970-01-20 04:36:56	Name: sqd_nwvst Value: 1
test-billetterie.zoobeauval.com/	1970-01-20 04:51:20	Name: sqd_vst Value: 1
.zoobeauval.com/	1970-01-20 13:22:30	Name: C360i Value: 7C8CDBCA9DDEEFCC6944D7D81377BF94\|eyJjcmVhdGVkIjoxNjU4MjE0NTUzMTI0LCJ1cGRhdGVkIjoxNjU4MjE0NTUzMTI1LCJ0YWdfaWQiOiI0LjMuMCIsImNvdW50IjoxLCJleHAiOjE2ODk3NTA1NTMxMjV9
.api.optinproject.com/	1970-01-20 13:15:18	Name: OPTINSESSIONUID Value: 1658214553
.api.optinproject.com/	1970-01-20 13:15:18	Name: OPTINPUID Value: 62d65899202136z07315179
.ad-srv.net/	1970-01-20 06:46:30	Name: kdb0xdq3ls8m_uid Value: 8253758213d20e03
.redintelligence.net/	1970-01-20 06:46:30	Name: 8lcfmzhxc8d6_uid Value: 0a59d792a9aab3c9
.t.co/	1970-01-20 22:08:06	Name: muc_ads Value: 8dffb922-1d4f-457e-8537-3c5f6d8a63e5
.twitter.com/	1970-01-20 22:08:06	Name: personalization_id Value: "v1_xtF0JIEOqRBQQynLCz/ejA=="
.zoobeauval.com/	1970-01-20 13:22:30	Name: _hjSessionUser_1259905 Value: eyJpZCI6IjMwNjFiOWJjLTdlODgtNWE5NS1hMGIwLTcxMWM4MTVhOTg4MiIsImNyZWF0ZWQiOjE2NTgyMTQ1NTMxOTgsImV4aXN0aW5nIjpmYWxzZX0=
.zoobeauval.com/	1970-01-20 04:36:56	Name: _hjFirstSeen Value: 1
test-billetterie.zoobeauval.com/	1970-01-20 04:36:54	Name: _hjIncludedInSessionSample Value: 0
.zoobeauval.com/	1970-01-20 04:36:56	Name: _hjSession_1259905 Value: eyJpZCI6IjRjMzY2ZWJlLTFhZTktNDdiMS05NGY2LWI1YTZhYjgyZDEyNyIsImNyZWF0ZWQiOjE2NTgyMTQ1NTMyNDAsImluU2FtcGxlIjpmYWxzZX0=
test-billetterie.zoobeauval.com/	1970-01-20 04:36:54	Name: _hjIncludedInPageviewSample Value: 1
.zoobeauval.com/	1970-01-20 04:36:56	Name: _hjAbsoluteSessionInProgress Value: 0
.mathtag.com/	1970-01-20 14:02:49	Name: uuid Value: 939e62d6-5899-4200-aae4-79135a6387cb
.mathtag.com/	1970-01-20 05:20:06	Name: mt_misc Value: mt_bt:1
.easydmp.net/	1970-01-20 13:21:57	Name: capping Value: eyJlbWRtcGVhc3k6ZWFzeWRtcHN5bmN1aWQiOiIxNjU4MjE0NTUzIiwiZW1kbXBlYXN5OmdyYXBoaW5pdW1fc3luYyI6IjE2NTgyMTQ1NTMiLCJlbWRtcGVhc3k6d2Vicml2YWdlX3BpY2tpbmciOiIxNjU4MjE0NTUzIn0%3D
.crm4d.com/	1970-01-20 11:48:54	Name: c4d Value: iBM3GFU8swxR33Wa6NB74mpSYisKrArO55grTAn5ALdrQ6n7oBhgAIE6IS
.commander1.com/	1970-01-20 13:22:30	Name: TCID Value: 202207190909137142079062
.easydmp.net/	1970-01-20 13:21:57	Name: livraison Value: 000000000000000002%3As%3A0%3AeJwLCnIT4cnkEOQrK08slpVm9WCO4Y0u8swrD6nj9JIvEBcplBZgVvWQd2cK5fOJ4eaTD3BiyQtnkg9g8sgWdHYJYc4PcmSqtE0ychLiF2DhdXS1djawFrd3lXE2YWVRlORiVRUVCA4KjOdXzQqPchQXiPRmFWIPFUyVcGPlY8kWYPNLT84olxVh8MkycRW14QEApKYdnA%3D%3D%3B
.adform.net/	1970-01-20 05:21:32	Name: C Value: 1
.sddan.com/	1970-01-20 04:36:55	Name: techcookie Value: 1
.adform.net/	1970-01-20 06:03:18	Name: uid Value: 7458322658234062189
.easydmp.net/	1970-01-20 04:55:37	Name: ecdstpds1 Value: 000000000000000002%3As%3A0%3AeJwLCnIT4cnkEOQrK08slpVm9WCO4Y0u8swrD6nj9JIvEBcplBZgVvWQd2cK5fOJ4eaTdxe1j3DzdOSUCqqVcmNnDbF3C5JKKjEu9HMLdgiOjuFTdc%2BvZqsP9WAzcGXVC2ZmrfUVYwlklWT2CRDjZBANZnTjd3Jk4K6QdhXiyWVkEwxPrU6tlRJi9mGKEgso8cyuDhXMYffT5wMAQcUhsw%3D%3D%3B
.sddan.com/	1970-01-20 04:36:55	Name: newu Value: 1
.sddan.com/	1970-01-20 13:22:30	Name: SDDAN Value: 20220719_8e1c0080b40d8f7da7356d98538ddd7d
.datnova.com/	1970-01-20 05:20:06	Name: tech-cookie Value: 1
.adnxs.com/	1970-01-20 06:46:30	Name: uuid2 Value: 2472414332832298951
.datnova.com/	1970-01-20 05:20:06	Name: ishuman Value: 0
.zoobeauval.com/	1970-01-20 04:36:54	Name: _gat_UA-6469860-5 Value: 1
.criteo.com/	1970-01-20 13:58:30	Name: uid Value: 199ca8da-abad-434d-8189-cc11adbeca48
.zoobeauval.com/	1970-01-20 14:06:18	Name: cto_bundle Value: tBNhMV9OWDhKeEo4VUxWc2RpOWsybGxDb3plc1prbU15Z0JjZmo0aCUyRmxZU3pZdGpIdXklMkZoZFo1WVM3Z1djZE5TNDMlMkY4TjFHY2NQRiUyQldtRndMRTNIMDRJSTFic2NYUnpMeSUyQm9BQ0QwZnVSSE8lMkJFdDN0dExWcEY4SGtYRnJXem45RUpWUWJHRTVYS01jMXR3Q1laJTJCZUFrMnIlMkJ3JTNEJTNE
.yahoo.com/	1970-01-20 13:22:52	Name: A3 Value: d=AQABBJpY1mICEMHEm6nuZn0d0-Wwa1v9kJ4FEgEBAQGq12LgYgAAAAAA_eMAAA&S=AQAAAoYlH3IERrVgIuenkEc8L0s
.doubleclick.net/	1970-01-20 13:58:30	Name: IDE Value: AHWqTUleXblFz1ZKeb__P-smTlHsi3j7A0ATXY3hnPEQkebqfUGIS7edALVkkdKQz9E
.analytics.yahoo.com/	1970-01-20 13:22:30	Name: IDSYNC Value: 18zh~263j
.casalemedia.com/	1970-01-20 13:22:30	Name: CMID Value: YtZYmoEIcCVyOF6TS7TIkQAA
.casalemedia.com/	1970-01-20 06:46:30	Name: CMPS Value: 5129
.casalemedia.com/	1970-01-20 06:46:30	Name: CMPRO Value: 5129
.360yield.com/	1970-01-20 06:46:30	Name: tuuid Value: 2b8140be-30e7-4092-823d-bbe51989b884
.360yield.com/	1970-01-20 06:46:30	Name: tuuid_lu Value: 1658214554
.360yield.com/	1970-01-20 06:46:30	Name: um Value: !38,cE7XLYa47Nti8goetmqu3mTx4MtwTuGI6tl9tu-UNWHILaYcGxvuJaAq9QvQr2gmJ2Q-dX50,1665990554
.360yield.com/	1970-01-20 06:46:30	Name: umeh Value: !38,0,1720422554,-1
.bidswitch.net/	1970-01-20 13:22:30	Name: tuuid Value: 0f786a07-be80-4aa6-8362-6f6394a428c9
.bidswitch.net/	1970-01-20 13:22:30	Name: c Value: 1658214554
.bidswitch.net/	1970-01-20 13:22:30	Name: tuuid_lu Value: 1658214555
exchange.mediavine.com/	1970-01-20 04:57:04	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%22b2a7b280-0731-11ed-a170-bf4563b38632%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 04:57:04	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22b2a7b280-0731-11ed-a170-bf4563b38632%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 04:57:04	Name: criteo Value: %7B%22id%22%3A%22k-Rum3Qa0L2XlKnvv2Ikgvawg2EeycEfSpnR8biQ%22%2C%22version%22%3A%22criteo%22%7D
ads.stickyadstv.com/	1970-01-20 05:20:06	Name: UID Value: 6e3e5e575f67c55915e9871ec4d2e8
ads.stickyadstv.com/	1970-01-20 05:20:06	Name: uid-bp-11554 Value: k-_xbT3q0L2XlKnvv2Ikgvawg2EexwU3MjQ03NQQ
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: a198352726d950c4e3df35aaaaa128da
.media.net/	1970-01-20 13:22:30	Name: visitor-id Value: 3012161550733308000V10
.media.net/	1970-01-20 05:20:06	Name: data-c-ts Value: 1658214555
.media.net/	1970-01-20 05:20:06	Name: data-c Value: k-OgHoLa0L2XlKnvv2Ikgvawg2EezE9m-cQrUOQg~~3
.adnxs.com/	1970-01-20 06:46:30	Name: anj Value: dTM7k!M4/rD>6NRF']wIg2GVLiEJ@9!fst<+n4oZo5i@?nrTu!h4F:8sP09e3tJ)Fh:>H%t$xnc=1[oyId[^n1p>qdRA)rAgV^HXc'*8E5D8-@P)[Q]P)j.gQyN/E
.bing.com/	1970-01-20 13:58:30	Name: MUID Value: 1DC56BF501016A37378A7A1300AD6B34
.outbrain.com/	1970-01-20 06:46:30	Name: obuid Value: 7745b8c4-ba54-4d44-9a61-322da92a1bdc
.outbrain.com/	1970-01-20 04:57:04	Name: criteo Value: k-Fe5HAq0L2XlKnvv2Ikgvawg2EeyU3SjLzWdgLw
.casalemedia.com/	1970-01-20 06:46:30	Name: CMTS Value: 1185
.liadm.com/	1970-01-20 22:08:06	Name: lidid Value: 7e391ac1-4efd-44d1-bfbd-578ed053333d

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://static.criteo.net/js/ld/ld.js Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://idsync.rlcdn.com/397596.gif?partner_uid=NUd2vHxv3NnCax-oPLcfFjjnJVI07Zi6 Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10165143.fls.doubleclick.net
11868943.fls.doubleclick.net
3ma79ae7cua.com
5994599.fls.doubleclick.net
acdn.adnxs.com
ad.360yield.com
ad.ad-srv.net
ads.mediasmart.es
ads.stickyadstv.com
ads.yahoo.com
adservice.google.com
adservice.google.de
analytics.twitter.com
api.optinproject.com
asset.easydmp.net
c.bing.com
cdn.stickyadstv.com
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
dis.criteo.com
e1.emxdgt.com
eb2.3lift.com
exchange.mediavine.com
gum.criteo.com
hal9000.redintelligence.net
i.liadm.com
i6.liadm.com
ib.adnxs.com
idsync.rlcdn.com
in.hotjar.com
insight.adsrvr.org
js.cookieless-data.com
js.sddan.com
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
p.crm4d.com
pixel.mathtag.com
pixel.rubiconproject.com
r.casalemedia.com
rtb-csync.smartadserver.com
s.ad.smaato.net
s2.adform.net
s3.eu-central-1.amazonaws.com
script.hotjar.com
secure.adnxs.com
simage2.pubmatic.com
sq.chichaylimona.com
sqdt.mconso.fr
sslwidget.criteo.com
static.ads-twitter.com
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
sync-t1.taboola.com
sync.commander1.com
sync.outbrain.com
t.co
t.mydialoginsight.com
test-billetterie.zoobeauval.com
track.adform.net
trk.datnova.com
u.logbor.com
u360.d-bi.fr
ups.analytics.yahoo.com
v3.api.optinproject.com
vars.hotjar.com
visitor.omnitagjs.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
x.bidswitch.net
zpdb.widgets.secutix.com
104.111.242.245
104.18.19.126
104.244.42.5
104.244.42.67
104.254.152.3
104.36.113.107
104.90.104.250
108.128.115.204
13.248.245.213
141.226.124.48
142.250.185.134
142.250.186.66
144.76.104.53
15.237.16.53
151.101.65.108
178.250.0.163
178.250.2.151
18.156.0.31
18.157.234.113
18.200.221.133
18.66.112.122
18.66.139.40
18.66.2.17
185.255.84.152
185.86.139.57
185.89.211.116
185.89.211.84
193.108.153.18
193.72.147.242
199.232.188.157
2.18.235.93
2001:41d0:301:100:145:239:193:53
2001:4de0:ac19::1:b:3b
2600:1f18:444a:4680:4331:5d42:7c5e:9273
2600:1f18:612b:4200:91e2:be0:268c:1b25
2600:9000:225a:a00:15:3831:ac40:93a1
2600:9000:225f:400:1b:5138:8a40:93a1
2620:1ec:c11::200
2a00:1288:80:807::2
2a00:1450:4001:801::2008
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:827::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82f::2004
2a00:1450:400c:c0a::9a
2a02:2638:1::13
2a02:2638:1::3
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a06:98c1:3121::3
3.121.205.163
3.124.231.32
3.33.220.150
3.73.227.228
34.117.157.22
34.195.1.78
34.239.191.205
35.244.174.68
37.157.5.73
37.157.6.241
37.157.6.242
51.158.29.12
51.158.29.13
52.213.248.76
52.219.47.27
54.165.212.22
54.38.25.75
54.76.193.17
64.202.112.127
69.173.144.165
74.119.119.139
88.99.219.174
89.185.38.89
99.80.161.153
009dce7ee7388fd46107ab40c30612d259fcc3b6ccf871d859061c1af4d124d9
03fe7a72e5acc16271263cdbc81ffd4e906ed18d1f921144aae6b61676769257
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
078950e85bd66d61dc679d6dfab356d0d29b2c6dda237fc6e4cadd3777a9b5ea
084446bdd8ce8081d5514f2ea07553650584fc133790d769df53a072486a495f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1d44c70e9b719bf6984e7cbaaf6027d12d05ada6ffdebd0bea9ce018b28b10e5
23fbf64b37a97058d0e4c52b4e12bb9cdec255b612a4fb4863eadb5b9b82cedb
24f5d63c24e5d79084f242fbe8f2c179d8229e4192b8c6cd6c1a691774e6690b
2912bf5b7b358109b11c9eb60b2292b894de416755357ba706dda3682b6eb1ca
2ab87ad1b50c6951428239d5b72838f6a28387f44083a1acf6c91e190c998a11
2cf85235b77c575da50ef4ddf35f85f781825a3a3be8e976542d49b8247630d4
2e29983eaa22792abf3d5807830565ac48c3a1b3e55b90fd12652a498346971e
2ea045647b325726bcb678d2d2b31722ba18c4928466e7a46af6aed0c8aabf25
301b7ce5eeb65f044fc4066bc121982be99b4a1c555012afb40d3529a6f4e0ed
30eab980ba3a67305e5abae5fec995477c603cf40882848547827bce786a9099
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
345f2ed529695b036e90be5fdc3fb9e4f1cd8e1c4ee7d55961735474a459d62c
3b7abae8fc1e3a18364c2846fdf52f096b0344d1c104596f37b07438a09463e7
3c572ac614697fd3d72efa64f8d268f2ecccfab8f99acb375c40df685ff9f1a4
3cc8437ce1286f586951d2da50636884d8c176d3074c4b90b16f73cafa31e537
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
4377d600e17c606dabd4080abb902d27ae67db675ff4a1b6cc83bbc29452665d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4560f44c5872371bab68541e5006e773cf4da7c776319031a9c6460e8627e078
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5103b2a4b6c90c58272e5684a1e60e57f506f1f4e109523cd57b39193017b567
5434598852699f37a50956d6eae426068b7010eb08f9be365f7a304c79e07ee3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57c13ea5f4d0389107637297dbea055387d8c611892739671df017456668d9c7
5831408c97d8c827a8095b24b803a3886d0e6719feab4816aa1db9166b0e4e4f
5d42d2032306b32565dcb4d7131b7d9d12331e80e91182586b5d0fcfb4bcd920
5f16216ca8976169749c152377989231185c22a2a88381d69c72b201cc48ece4
63d148687b5d6c4c6f5d338f4204685ab19a21bb969f14b669365731250d122c
6ac3327f188a75ff18f3a723a4db374fc75716467e90d552b9943d3cad40cff5
6adbf9825bc30f83630f065d7900115b63f8a4c0519a0c30806331cc30d14353
6e164ad4aa1f1905c44c2e4e57088f313738d18320a99a7e6a984b862523d96d
6f87cd86c391c6361adca474b987f3e4b6d81d281795120c584d0a0c1ca7f5ba
70e0e35578e759995ebf1f76629c358fc92164e86d68d853e752084b8eabdfec
7303f03a39bd926c6fada689aa758835dcf3fad964798bfe05a4b58a70a755f1
77760c8bd5c4a66cd047d267874d928bfbc0ca249afc3c9422b33f1351b090b3
777b5863d801327b008f5610aa3eb3a4fb47554f056e0961b393075db17a4274
7f6b4e736d48ac648dc094befb833dc88b801fcec0169685ddfa4283e3cb40e7
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86326b7c4fceec23319ff98cdb89b14c2fad67406843669223af07b9299a0666
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8daf41c9bdc939bf38a09b3018c88cda8b42140c95aef3f14af7a24244f16f29
98426aac934c1b740490a72b4cdbf4b45e8f23b89e84e4f9b9a892bfd335e2d0
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9f8d5940525680bbf16c7d8141cba069095dced3a16ca8c9d95636ad4d2edec8
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
aa5a05e924f1c3bdd0570cdb6a5416baab50ab4314e5b9d5ff248105ae8d5524
aa6959acd3d64822ef7379e437fce6b84a5cd3169003e955e2fffbdb2526d086
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
adf6533df334c6f73f5cca03557b25a6ff7237440de2413a0c2c4b615e8b39f4
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b549d1e0a2cc26077a3fc10ad8d3a662fabea4b24b34f5c93ddfbf4aa7690b18
b612d85c77aed8c058d29f0e53519b09cab7cbd4576c6f22595bd00bcd740b5f
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd6efbd507cf48494d2e2183718b1b3c6eaed119568b2ad2b340e41aa01c50f9
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb1bfb1fb991adf4f0fba74cb1546dd78f1898cf813cabfce1e66ced52d2d334
cbbfda74ce57788b9a3877e57fb6ccd91c2e8db043acc08b0091a4ee7509f489
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d092c748ae256adfdc021f3cc9bbcffbe43c9fc4a65b64bf64c2117c3d05b5ed
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d203f4cb5fdf611d2bb896535a553c540f2daae370237449fb7079e1a669e208
d2e4914ae962acd061798de5379f9e74b461e90543002cf3f284d6a29dcd5f23
d3808618a578edbd95df72fb31f62c1b0d51add9affe0ea9704997b9a442bf10
d595815780860c6009c944bfe8ff476b475850725ac0db3279b820f55265f82a
d6a2d499cffaaba0547f2f429fb4c8969b1cc9f11589f92d93d223f0b95cb33c
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfc6678e3b812f3097334f84e4f7ed816c8339cd0f1a5e5b90281e8c3374d463
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e77125f3854327ee6cefbb1c71632ee3f3f3ccafc6f94dd90e2c761de71e0144
e983f73bc35d343902fb74279546c83f201cfce2fb33b42577cc2c3e9dd2705a
ee94251fea8b03da5d0dc6f8489a529c1a2d2a031d874b0ec61866784e3c73c3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e
f052a607071522abcd0cf22b96a37b83bfe48667249645724762445315954fc1
fb99aa63424ac93343a114266ecab50f1083b340ff1c636e0c5be13dd03551ee

test-billetterie.zoobeauval.com Open in urlscan Pro 193.72.147.242 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

130 Requests

85 %HTTPS

27 %IPv6

59 Domains

79 Subdomains

70 IPs

12 Countries

2514 kBTransfer

3394 kBSize

71 Cookies

5 Outgoing links

Page URL History

Redirected requests

130 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

test-billetterie.zoobeauval.com Open in urlscan Pro
193.72.147.242 Public Scan

Screenshot
Live screenshot

Full Image

130
Requests

85 %
HTTPS

27 %
IPv6

59
Domains

79
Subdomains

70
IPs

12
Countries

2514 kB
Transfer

3394 kB
Size

71
Cookies

130 HTTP transactions
2 data transactions