| HTTP/1.1 307 Temporary Redirect |
| Server: nginx |
| Date: Sat, 17 Dec 2022 19:28:27 GMT |
| Content-Type: text/html |
| Content-Length: 164 |
| Connection: keep-alive |
| Location: https://traveldoo.carrefour.com/ |
| P3P: CP="Traveldoo does not have a P3P policy." |
| X-XSS-Protection: 1;mode=block |
| X-Frame-Options: ALLOW-FROM *.traveldoo.com *.tvld.tech |
| Referrer-Policy: strict-origin |
| Permissions-Policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=() |
| Content-Security-Policy-Report-Only: default-src 'self' ; script-src 'unsafe-inline' *.traveldoo.com *.tvld.tech; connect-src 'self'; img-src 'self' *.traveldoo.com *.tvld.tech; style-src 'self' ; font-src 'self' ; frame-ancestors 'self' *.traveldoo.com *.tvld.tech ; report-uri /_csp; |
| Strict-Transport-Security: max-age=63072000; includeSubDomains; |
| X-Robots-Tag: noindex, nofollow |
| HTTP/1.1 307 Temporary Redirect |
| Server: nginx |
| Date: Sat, 17 Dec 2022 19:28:28 GMT |
| Content-Type: text/html |
| Content-Length: 164 |
| Location: https://traveldoo.carrefour.com/cas/clientredirect?client_name=SHOP_CARR-carrPool |
| Connection: keep-alive |
| P3P: CP="Traveldoo does not have a P3P policy." |
| X-XSS-Protection: 1;mode=block |
| X-Frame-Options: ALLOW-FROM *.traveldoo.com *.tvld.tech |
| Referrer-Policy: strict-origin |
| Permissions-Policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=() |
| Content-Security-Policy-Report-Only: default-src 'self' ; script-src 'unsafe-inline' *.traveldoo.com *.tvld.tech; connect-src 'self'; img-src 'self' *.traveldoo.com *.tvld.tech; style-src 'self' ; font-src 'self' ; frame-ancestors 'self' *.traveldoo.com *.tvld.tech ; report-uri /_csp; |
| Strict-Transport-Security: max-age=63072000; includeSubDomains; |
| X-Robots-Tag: noindex, nofollow |
| HTTP/1.1 200 |
| Server: nginx |
| Date: Sat, 17 Dec 2022 19:28:28 GMT |
| Content-Type: text/html;charset=UTF-8 |
| Transfer-Encoding: chunked |
| Connection: keep-alive |
| Vary: Origin |
| Vary: Access-Control-Request-Method |
| Vary: Access-Control-Request-Headers |
| Cache-Control: no-cache, no-store |
| Pragma: no-cache |
| Expires: 0 |
| Strict-Transport-Security: max-age=15768000 ; includeSubDomains |
| X-Content-Type-Options: nosniff |
| X-Frame-Options: DENY |
| X-XSS-Protection: 1; mode=block |
| Set-Cookie: DISSESSION=ec96c4b1-3aed-4060-b678-0363aa56e371; Path=/cas; SameSite=None; Secure; HttpOnly |
| P3P: CP="Traveldoo does not have a P3P policy." |
| X-XSS-Protection: 1;mode=block |
| X-Frame-Options: ALLOW-FROM *.traveldoo.com *.tvld.tech |
| Referrer-Policy: strict-origin |
| Permissions-Policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=() |
| Content-Security-Policy-Report-Only: default-src 'self' ; script-src 'unsafe-inline' *.traveldoo.com *.tvld.tech; connect-src 'self'; img-src 'self' *.traveldoo.com *.tvld.tech; style-src 'self' ; font-src 'self' ; frame-ancestors 'self' *.traveldoo.com *.tvld.tech ; report-uri /_csp; |
| Strict-Transport-Security: max-age=63072000; includeSubDomains; |
| X-Robots-Tag: noindex, nofollow |
| Content-Encoding: gzip |