flaviar.5d3x.net/c/10813/1215604/3334?SubId1=1170913584&SharedId=105141&level=1&srcref=flaviar.5d3x.net&brwsr=64621bfa-76db-11ed-85af-8fe9b136c302&brwsrsig=w0myjlV7eXo10pfXKJxEkzDDWA4UXF
301 Moved Permanently 0 B URL HTTP/1.1 flaviar.5d3x.net/c/10813/1215604/3334?SubId1=1170913584&SharedId=105141&level=1&srcref=flaviar.5d3x.net&brwsr=64621bfa-76db-11ed-85af-8fe9b136c302&brwsrsig=w0myjlV7eXo10pfXKJxEkzDDWA4UXF
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/10813/1215604/3334?SubId1=1170913584&SharedId=105141&level=1&srcref=flaviar.5d3x.net&brwsr=64621bfa-76db-11ed-85af-8fe9b136c302&brwsrsig=w0myjlV7eXo10pfXKJxEkzDDWA4UXF HTTP/1.1
Host: flaviar.5d3x.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: AWSALB=p8IUp8nmhWlYKsRytYY1B/r/LC1E7OSfS136C0jheLnBpwCfU+ZIKt55HcJ7dz/UF4g6bkfDflZHw2nTMQweM86ZS/MxI4uWcDt8ZeAbPCb58IiZmGf6B1+K2trn
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 08 Dec 2022 09:33:54 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: AWSALB=mQcyONmwx0wrY+u4h9AK+DMyXqdwLSyaH0AlYUyR6YkSH44dchkYv30N3n/qNzrrQLaWDyPDP9sp6uXonrN8UK1fGYHYJOrsV8Wfp8oAd/863qHLC1vAoRy0OHgZ; Expires=Thu, 15 Dec 2022 09:33:54 GMT; Path=/
AWSALBCORS=mQcyONmwx0wrY+u4h9AK+DMyXqdwLSyaH0AlYUyR6YkSH44dchkYv30N3n/qNzrrQLaWDyPDP9sp6uXonrN8UK1fGYHYJOrsV8Wfp8oAd/863qHLC1vAoRy0OHgZ; Expires=Thu, 15 Dec 2022 09:33:54 GMT; Path=/; SameSite=None
Cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Expires: Thu, 08 Dec 2022 09:33:54 GMT
P3P: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
Location: https://flaviar.5d3x.net/c/10813/1215604/3334?SubId1=1170913584&SharedId=105141&level=2&srcref=flaviar.5d3x.net
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16337
Expires: Thu, 08 Dec 2022 14:06:11 GMT
Date: Thu, 08 Dec 2022 09:33:54 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 388f6fea5bafa378266622b72311a6ee
447f102dc12172ce1ba44c5e94e1d7bb49d43372
a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5227
Expires: Thu, 08 Dec 2022 11:01:01 GMT
Date: Thu, 08 Dec 2022 09:33:54 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 08 Dec 2022 09:08:09 GMT
content-type: application/json
age: 1545
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 00e7703bd74975689fc9050356aaca6b
9788fe6a36d6f278e8da329ebc5dd87bcd212317
593bc437ff8a8233516c62613d50220fcb25b9f967ed5fb384c253f0db135103
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "593BC437FF8A8233516C62613D50220FCB25B9F967ED5FB384C253F0DB135103"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2747
Expires: Thu, 08 Dec 2022 10:19:41 GMT
Date: Thu, 08 Dec 2022 09:33:54 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 9epFPJ8/ZoxAAwrEZRq0f3JCJ7WZPOzwoJQX6UAgP5pjn5eR7vmNLhfV6rWex7kAuTyXFaZ5/MA=
x-amz-request-id: H82SVW8A8NAP00C2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 08 Dec 2022 08:47:51 GMT
age: 2763
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 09:33:54 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 8d8f536f7907f436a00abed98a13b628
700a4e4bb29f934d45fcf61217a70b91e9228f48
67488e4ac891e56036b1ece063febc19ab79adb3c972283339a12d828d0c6a66
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=143134
Date: Thu, 08 Dec 2022 09:33:54 GMT
Etag: "63913464-1d7"
Expires: Sat, 10 Dec 2022 01:19:28 GMT
Last-Modified: Thu, 08 Dec 2022 00:48:36 GMT
Server: ECS (dcb/7F84)
X-Cache: Miss from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: zMkHRDDjq8jZHTYtCUfg3-Envdo2RQtoZM4s6hCyOktY28rsUC_uAg==
Age: 1852
flaviar.5d3x.net/c/10813/1215604/3334?SubId1=1170913584&SharedId=105141&level=2&srcref=flaviar.5d3x.net
301 Moved Permanently 0 B URL HTTP/2 flaviar.5d3x.net/c/10813/1215604/3334?SubId1=1170913584&SharedId=105141&level=2&srcref=flaviar.5d3x.net
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/10813/1215604/3334?SubId1=1170913584&SharedId=105141&level=2&srcref=flaviar.5d3x.net HTTP/1.1
Host: flaviar.5d3x.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: AWSALB=mQcyONmwx0wrY+u4h9AK+DMyXqdwLSyaH0AlYUyR6YkSH44dchkYv30N3n/qNzrrQLaWDyPDP9sp6uXonrN8UK1fGYHYJOrsV8Wfp8oAd/863qHLC1vAoRy0OHgZ; AWSALBCORS=p8IUp8nmhWlYKsRytYY1B/r/LC1E7OSfS136C0jheLnBpwCfU+ZIKt55HcJ7dz/UF4g6bkfDflZHw2nTMQweM86ZS/MxI4uWcDt8ZeAbPCb58IiZmGf6B1+K2trn; brwsr=5fbd4bb6-76db-11ed-9ec9-d90eb3934b0f; irld=LR0FXdAUGEQuPT2cwbDX1lUfa
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Thu, 08 Dec 2022 09:33:55 GMT
content-length: 0
location: https://flaviar.com?irclickid=1-9wPfyDDxyNR7RVoXTXjwISUkAxH4UVD1MORM0&ir_cid=3334&ir_affid=10813&utm_medium=affiliates&utm_source=MaxBounty.com%20ULC&ir_partnerid=10813&ir_adid=1215604&ir_campaignid=3334
set-cookie: AWSALB=OVRShoErV3iaijjLrMqzwTLzt+U1Hq17BqLHD3Sw7uTpZtOIupKSjUwbzr0baJtKW9izk4pWXAC21pvrvq1wwJ5LDVUCH1hJ5HLZXB8JqhMJKXJ3tx73n5Ck4IyA; Expires=Thu, 15 Dec 2022 09:33:55 GMT; Path=/
AWSALBCORS=OVRShoErV3iaijjLrMqzwTLzt+U1Hq17BqLHD3Sw7uTpZtOIupKSjUwbzr0baJtKW9izk4pWXAC21pvrvq1wwJ5LDVUCH1hJ5HLZXB8JqhMJKXJ3tx73n5Ck4IyA; Expires=Thu, 15 Dec 2022 09:33:55 GMT; Path=/; SameSite=None; Secure
brwsr=5fbd4bb6-76db-11ed-9ec9-d90eb3934b0f; Domain=.5d3x.net; Path=/; Secure; Max-Age=62208000; Expires=Wed, 27 Nov 2024 09:33:55 GMT; HttpOnly; SameSite=None
irld=LVRe35gzKdxojS%3A41kTzTByp6; Path=/; Secure; Max-Age=15552000; Expires=Tue, 6 Jun 2023 09:33:55 GMT; HttpOnly; SameSite=None
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
expires: Thu, 08 Dec 2022 09:33:55 GMT
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 33f625c9a3e35163f8d45b81cf7706e7
579fca99715be65ce43803685a7464d023f7380e
214a42daecaf171b42ada1db201e1c705ad89ae556a6d40a64b67e5d6d6c32d5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5558
Cache-Control: max-age=149394
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:55 GMT
Etag: "63913e60-117"
Expires: Sat, 10 Dec 2022 03:03:49 GMT
Last-Modified: Thu, 08 Dec 2022 01:31:12 GMT
Server: ECS (amb/6B8D)
X-Cache: HIT
Content-Length: 279
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 08 Dec 2022 09:07:58 GMT
age: 1557
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 053aff7451e55d4269dd9610ab070f3f
b3376256d11d159b0c7280ba1515b78d7d9e12ca
24114ca560fe70d03185bd66985603fd5a03dc310aa9a8ea7a7b3723ed46ce3e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3688
Cache-Control: max-age=88463
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:55 GMT
Etag: "639057aa-1d7"
Expires: Fri, 09 Dec 2022 10:08:18 GMT
Last-Modified: Wed, 07 Dec 2022 09:06:50 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
200 OK 6.1 kB URL HTTP/2 widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
IP
File type Unicode text, UTF-8 (with BOM) text, with very long lines (19239)
Hash 5add60196e5f96a414fb4b9586764e5d
633f471b3c2fcedeef9cad90cb5bf56f5fe55588
5370f4ba91dda790c7cae92817b812fcbd1ab367cbb4862f5669960ae4e2c9e0
GET /bootstrap/v5/tp.widget.bootstrap.min.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 6124
last-modified: Mon, 30 May 2022 14:38:02 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Thu, 08 Dec 2022 01:28:24 GMT
cache-control: max-age=86400
etag: "5add60196e5f96a414fb4b9586764e5d"
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 6SpEeGnaKu-sTKafiKnQh3GI0-qt6ZPpxL7gHeWQ_Po94Ih-PgbxXA==
age: 29132
X-Firefox-Spdy: h2
use.typekit.net/bne0epn.js
200 OK 6.7 kB URL HTTP/2 use.typekit.net/bne0epn.js
IP
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (2258)
Hash 56c323529b45591f153e4f5a72d75c0e
cfada07aa803d4651a773d0e4536e036bcfd134c
2953f691618da33aef7c7b909532b8a918bf95dc02c9d44816c526fd40bed81d
GET /bne0epn.js HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/javascript;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: public, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 6730
date: Thu, 08 Dec 2022 09:33:55 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 0c89743226644fddacbe5d50c110b950
b343ae9eb9047cf764b518083d612ffd3652b209
1bf675bb6e12e913a98cd8849c1af9a0c50b0bb8bfa670c86419b41782e06e47
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: RHvf+RxcMzVGoARMLG728Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: KNKK714YUXQ/JoFk4prihrylAc4=
ocsp.sectigo.com/
200 OK 4.0 kB IP
Hash 4ffeb73dfd2ebd3c645710cb196836b8
a5151f9dfcd6e333e5383eeb2b6406fa139963e7
c1392de37e67642d7ad8316893214b74f2cb38b438dd1c123a6696e061e42df2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 09:33:56 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 02:06:55 GMT
Expires: Mon, 12 Dec 2022 02:06:54 GMT
Etag: "88a59c502d394ca3b4799373e7af34188af0545a"
Cache-Control: max-age=318177,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77648099ed6a1bfa-OSL
cdn.segmentify.com/v3/push/sw.js
200 OK 6.4 kB URL HTTP/2 cdn.segmentify.com/v3/push/sw.js
IP
File type ASCII text, with very long lines (6376), with no line terminators
Hash f58f18034dbc029ed1ee76f170f68ecb
b5a5c068af9fee0271dec6d4f80ab62e52fa342c
0f9e91983c8a0b1bfa231eb5b9ced47a735eed0423f027342a2bea1629f214e5
GET /v3/push/sw.js HTTP/1.1
Host: cdn.segmentify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdt1bDgTDnl9rv9GzF45ubF7d2h-wMTziHQXZs2Lia_yHNP3ttsrtENGRliX90V3Bixf2ZrlQb3tHisOOTqpPPPmkbiJvnki
date: Thu, 08 Dec 2022 09:33:56 GMT
cache-control: no-store
expires: Fri, 08 Dec 2023 09:33:56 GMT
last-modified: Fri, 16 Sep 2022 13:57:32 GMT
etag: "f58f18034dbc029ed1ee76f170f68ecb"
x-goog-generation: 1663336652455717
x-goog-metageneration: 23851
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 6376
content-type: text/javascript
x-goog-hash: crc32c=m5UnpQ==, md5=9Y8YA028Ap7R7nbxcPaOyw==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 6376
access-control-allow-origin: *
access-control-expose-headers: Origin, Accept, Content-Type, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
use.typekit.net/af/8de6d2/00000000000000003b9adc6b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
200 OK 47 kB URL HTTP/2 use.typekit.net/af/8de6d2/00000000000000003b9adc6b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
IP
ASN #20940 Akamai International B.V.
Hash d0a7ba0726411d34de8eb5edc2b65981
4bb1facc648d3f4aa328a5c695bf9d2f1cb7e0c3
a363a99798a183746b7470ef1ea00354cb328c86fc26e8323f630860cbb3ec46
GET /af/8de6d2/00000000000000003b9adc6b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 29392
etag: "2bd51188b101f4cf29ce1d8dfdbe91d00fc07ba6"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Thu, 08 Dec 2022 09:33:56 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/85d455/00000000000000003b9adc6a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
200 OK 31 kB URL HTTP/2 use.typekit.net/af/85d455/00000000000000003b9adc6a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
IP
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 30656, version 1.0\012- data
Hash 09848390b847375a8dbf4a3808750013
d8b5db5923705fba6073a52d2145d086c5030527
ead661c1cd323f4f9a023be4cea810a9bcbc3498871593a256fc9221a52f1417
GET /af/85d455/00000000000000003b9adc6a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 30656
etag: "374d4e049d59d33f7c1b988631b115ad96597d60"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Thu, 08 Dec 2022 09:33:56 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/379cfa/00000000000000003b9adc6d/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
200 OK 60 kB URL HTTP/2 use.typekit.net/af/379cfa/00000000000000003b9adc6d/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
IP
ASN #20940 Akamai International B.V.
Hash edb65b6a79eb336ec3aa7d26b33147b9
02f2a6cc9b825b638078647a3988740009eb6212
8c98497d7be4781738b8528683585a25a89eeda8b8de7a013e9890a767b24fc7
GET /af/379cfa/00000000000000003b9adc6d/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 11668
etag: "a53237c24cbd279f0405e007f31ec7f47234819b"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Thu, 08 Dec 2022 09:33:56 GMT
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 611 B IP
Hash b8993e72e987056b13d30658fec74996
5ecbaf9617729f3f3a78b11df7b6c629d89ac1ec
09c577fd1455dc897148b677e6ccdc50b22e127137a55b526efab8d3773176e5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 09:33:56 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 02:06:55 GMT
Expires: Mon, 12 Dec 2022 02:06:54 GMT
Etag: "88a59c502d394ca3b4799373e7af34188af0545a"
Cache-Control: max-age=318177,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7764809bcf7c1bfa-OSL
widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7
200 OK 3.9 kB URL HTTP/2 widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7
IP
Hash 032a532cb25eaa14da17959c90ec836c
873192e6f4fe6ff30b52e25339e75177e000475e
3a2ee0ea0b23349abb453405a6093cf79f1bcc647cc92a09e37494ced2dd8740
GET /trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7 HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 2144
last-modified: Tue, 04 Oct 2022 10:34:09 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Thu, 08 Dec 2022 08:30:09 GMT
cache-control: max-age=86400
etag: "1307e3fd5846bacc989c2fd05996f010"
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ckd6v6Vn01F9GsDLsgpujPso1UcsU775u9E2fj1cjtovHAXtTPEESw==
age: 15515
X-Firefox-Spdy: h2
widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7
200 OK 2.1 kB URL HTTP/2 widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (6826)
Hash 1307e3fd5846bacc989c2fd05996f010
3fd96ecea8c4a91980939fe1e1efe9ec0f47eebc
39f14c526d9f43a24b5c1e219e7ee63500f90b39517d18085573dcf73eb33d87
GET /trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7 HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 2144
last-modified: Tue, 04 Oct 2022 10:34:09 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Thu, 08 Dec 2022 08:30:09 GMT
cache-control: max-age=86400
etag: "1307e3fd5846bacc989c2fd05996f010"
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: a-TPAtjmuo9z8M5EYv9f5ElyA8AzA3_ps6Ff0h-3gf570R_0zb2PwA==
age: 15515
X-Firefox-Spdy: h2
widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/main.js
200 OK 41 kB URL HTTP/2 widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/main.js
IP
Hash 40eb2f2647259c784e772546324c9256
6e918007c84b0e460e699e4d8ed3e5c846a34c60
55e6f32ebcd3ffd51ac434ee5719cd54a207b080e514f9677bc751d92737e61b
GET /trustboxes/5419b6ffb0d04a076446a9af/main.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 17072
last-modified: Tue, 04 Oct 2022 10:34:10 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Wed, 07 Dec 2022 19:03:34 GMT
cache-control: max-age=86400
etag: "93d7d7afc794dd57add6ab0e6cb1e7a5"
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 2jccIXQEB_YIeaMJ4BLDg0O6PcgXnVjcPyE7408iqFx8Uy0BKk4viA==
age: 52223
X-Firefox-Spdy: h2
p.typekit.net/p.gif?s=1&k=bne0epn&ht=tk&h=flaviar.com&f=28578.28579.28736&a=7301736&js=1.21.0&app=typekit&e=js&_=1670492036292
200 OK 35 B URL HTTP/2 p.typekit.net/p.gif?s=1&k=bne0epn&ht=tk&h=flaviar.com&f=28578.28579.28736&a=7301736&js=1.21.0&app=typekit&e=js&_=1670492036292
IP
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 81144d75b3e69e9aa2fa3e9d83a64d03
f0fbc60b50edf5b2a0b76e0aa0537b76bf346ffc
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
GET /p.gif?s=1&k=bne0epn&ht=tk&h=flaviar.com&f=28578.28579.28736&a=7301736&js=1.21.0&app=typekit&e=js&_=1670492036292 HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: image/gif
cross-origin-resource-policy: cross-origin
etag: "61c32ad2-23"
last-modified: Wed, 22 Dec 2021 13:40:34 GMT
server: nginx
content-length: 35
unused62: 8096267
date: Thu, 08 Dec 2022 09:33:56 GMT
X-Firefox-Spdy: h2
beacon-v2.helpscout.net/
200 OK 327 B IP
File type ASCII text, with very long lines (458), with no line terminators
Hash 6d9443571334d5ef59eae244740d9a0a
a167a6fb04ab106285c75c3112469e8b356aea1f
1a7bff3797831200ec74e1933f96e0f633bc5c652939abcc8a55ec78d3772cc0
GET / HTTP/1.1
Host: beacon-v2.helpscout.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 327
date: Thu, 08 Dec 2022 09:33:08 GMT
last-modified: Thu, 08 Dec 2022 09:31:47 GMT
etag: "6d9443571334d5ef59eae244740d9a0a"
cache-control: max-age=120, s-maxage=120, public
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: F0WRfMYKAcp_h1udfzvY5BzCS7NVdfkMq4lPkekwV4A5P-ylRF0jCw==
age: 50
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2734
Expires: Thu, 08 Dec 2022 10:19:31 GMT
Date: Thu, 08 Dec 2022 09:33:57 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2734
Expires: Thu, 08 Dec 2022 10:19:31 GMT
Date: Thu, 08 Dec 2022 09:33:57 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2734
Expires: Thu, 08 Dec 2022 10:19:31 GMT
Date: Thu, 08 Dec 2022 09:33:57 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2734
Expires: Thu, 08 Dec 2022 10:19:31 GMT
Date: Thu, 08 Dec 2022 09:33:57 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg
200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b87d6543345f73653ed4a49b37d7c959
c4f26846b8b72293368ff16915d49297cf12bbb9
aee6aa42e4b5b83b81f74801ff8f0039fc6d38036f42ee81875813c856cf5eef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8659
x-amzn-requestid: 6f420d07-65d5-4bb2-9f1f-e56025de497b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFSYFArIAMF46w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911c0f-0a295e5c48228d5806b4f107;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TSh1BNzzIPhWCfYEiqvQJckSPAyhHobe-HK6msEVeEJ1ruX-_rMSSA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:33:19 GMT
age: 36038
etag: "c4f26846b8b72293368ff16915d49297cf12bbb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
beacon-v2.helpscout.net/static/js/vendor.ddc3f9c8.js
200 OK 22 kB URL HTTP/2 beacon-v2.helpscout.net/static/js/vendor.ddc3f9c8.js
IP
File type ASCII text, with very long lines (64495), with no line terminators
Hash 4c71758a7a3b1975809a202503770fb0
1382704a13f28aa2587efe4a019ef0ba7c9be07b
925cfc228dff8aad3a5fbe4ec924715835df033a32ad06660d90d1abd243bcc9
GET /static/js/vendor.ddc3f9c8.js HTTP/1.1
Host: beacon-v2.helpscout.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 22295
last-modified: Tue, 29 Nov 2022 15:46:59 GMT
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Thu, 08 Dec 2022 07:36:35 GMT
cache-control: max-age=315360000, s-maxage=7200, public
etag: "4c71758a7a3b1975809a202503770fb0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: tZgRf7JsRQcut1I1IjkHMsris1bg9ckwoccIOs5kXMWP4PxE8rkWQQ==
age: 7043
X-Firefox-Spdy: h2
beacon-v2.helpscout.net/static/js/main.7d3bf394.js
200 OK 9.7 kB URL HTTP/2 beacon-v2.helpscout.net/static/js/main.7d3bf394.js
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (24954)
Hash cf8b7ac5e004ffb1b19029e806efcfa6
540158ac1be4ad68c04de79d4253a01a5ad9235f
70de5489b80cdc341061b62d3a2dcea8870d9532c1e4046a66a0891a55677ffb
GET /static/js/main.7d3bf394.js HTTP/1.1
Host: beacon-v2.helpscout.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 9699
date: Thu, 08 Dec 2022 09:33:08 GMT
last-modified: Thu, 08 Dec 2022 09:31:47 GMT
etag: "cf8b7ac5e004ffb1b19029e806efcfa6"
cache-control: max-age=315360000, s-maxage=7200, public
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 3CAVVLJEkg-DTIF8ttOZYvABYj7J0s5aWE-qeISYvVVQGTm0sJeGDg==
age: 50
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a21d707-1bf7-4b7f-a23b-7e8f38dd40c5.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a21d707-1bf7-4b7f-a23b-7e8f38dd40c5.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3d44d17585c9a536c8da0e75ed90d175
9dc35d0f6b251004bc1ddc83aea9ee71c95aedd1
6d14a5b5c43b39244434560a83a2bfea6604a4d072943b6147293b7adfd1b7b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a21d707-1bf7-4b7f-a23b-7e8f38dd40c5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10164
x-amzn-requestid: a0cb7259-0a07-44f5-91cd-e96b8d9c9cac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cnAPOGSnoAMFUUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c472e-799b6ee425e29fb70ff7e4ea;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 07:07:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5Q2LRCrEYVZz_KldQARUQ26O1mv0G7rMAPQXGkBzUnERF-WjtZPMJA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 10:23:11 GMT
age: 83446
etag: "9dc35d0f6b251004bc1ddc83aea9ee71c95aedd1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15e59c3f-fa3a-4698-96c2-2e89662ffa9f.webp
200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15e59c3f-fa3a-4698-96c2-2e89662ffa9f.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 311cb4353566dfb426dbc692fde93223
979910df445a5c4d3513c8c25e289800335f646d
5ecd5c12620c0b8b6bbf456cb6c016168479a735f4eb67a9a1047677b9d798fb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15e59c3f-fa3a-4698-96c2-2e89662ffa9f.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8179
x-amzn-requestid: 39aa4016-4f48-4d2a-b94b-05432980d66a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czCruHckIAMFkHg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639117e4-1953985a5c8d2da8239ec8e8;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 22:47:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qKaRX4QpQU2U8J-jk1lWjhAooObsgxfHuNXv5Bbc69IEMCXAyIESeQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:50:01 GMT
age: 38636
etag: "979910df445a5c4d3513c8c25e289800335f646d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e6c8e9d-aef1-4772-8747-82ef7e4ceeb1.jpeg
200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e6c8e9d-aef1-4772-8747-82ef7e4ceeb1.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fb1ea0161d261518c99909aff49e6f58
c3b915cb579b651db25442fea0bbedd0d292c0fc
d877a21abfd883a368da0136c4e56d7f590fa9e9ea09dec3675823211fe56385
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e6c8e9d-aef1-4772-8747-82ef7e4ceeb1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6110
x-amzn-requestid: 2ebf542a-dacc-472a-81c0-0c69cb1ec143
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctEQAH2doAMFljA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb3ff-7173ff7941b57fa163e3cc6b;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:16:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Bo1JGLLmbH9LRrcXA4i8qVD1ilMqHxNWq1u52RhGMAdAhywK42lMPA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 01:57:38 GMT
age: 27379
etag: "c3b915cb579b651db25442fea0bbedd0d292c0fc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb40390-82ef-453b-afca-e37aa7674ed3.jpeg
200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb40390-82ef-453b-afca-e37aa7674ed3.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f0c8a8dbe6c3ae6eaa2e464296708f5c
98556b27bc3759d0ceb8200ff5bc7b9567e428a5
bfc64a0e18c0137360f746eca256f464e26d23a04521ea629c46ae50ea6af173
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb40390-82ef-453b-afca-e37aa7674ed3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9058
x-amzn-requestid: 1f7fdd3d-1e65-46f7-8ef2-d164bf81e72b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctlz4FtuIAMFjsg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee9b2-4866b3fd61fdb35d34317038;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:05:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6ET1Tfo1QXRpjkWyOE7jfYnWToK8h7ojB31efNc09awacwlCIYEPjA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 05:05:36 GMT
age: 16101
etag: "98556b27bc3759d0ceb8200ff5bc7b9567e428a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F234796b8-a59e-4174-a03a-b127b03b60eb.jpeg
200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F234796b8-a59e-4174-a03a-b127b03b60eb.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 57a992ab666f21c6da0057fefb622ff2
c36381d6744ae44360b2a37ca7586028e980714b
afe4050d9b07dcab509c95eb8d75ca410db74bd59f39561e5d190550cb61503e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F234796b8-a59e-4174-a03a-b127b03b60eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13556
x-amzn-requestid: 3e79e2da-80ea-404c-8d87-939c7682dbe8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy4h8EuUIAMFkIQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639107a5-68318f164708882a43fb0f12;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:37:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7RZTh3iQHGp_XffXQQw13UUWqPNZQFJ_e4pIvNPgAaA1aGy_cXMueA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:18:20 GMT
age: 40537
etag: "c36381d6744ae44360b2a37ca7586028e980714b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
widget.trustpilot.com/trustbox-data/5419b6ffb0d04a076446a9af?businessUnitId=5c63d6134064df0001fff3b7&locale=en-US
200 OK 483 B URL HTTP/2 widget.trustpilot.com/trustbox-data/5419b6ffb0d04a076446a9af?businessUnitId=5c63d6134064df0001fff3b7&locale=en-US
IP
File type JSON data\012- , ASCII text, with very long lines (1051), with no line terminators
Hash 8f5d4dc9a089c81f510a0b825d378c1c
3bcd8db2b27faf1ffbfb718ba805522501ce7d67
8867d2c1c95533ff0fa36793a80a10241f5072542458ef892bc868c60f03ac27
GET /trustbox-data/5419b6ffb0d04a076446a9af?businessUnitId=5c63d6134064df0001fff3b7&locale=en-US HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
content-length: 483
cache-control: public,max-age=1800
content-encoding: gzip
date: Thu, 08 Dec 2022 09:15:37 GMT
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
etag: "08e87214eb69163a7a023284ad38e8ae"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: yOmgjmbMMrjd_CfYxNY_jNBkUDc0zdYZKF5Ji4IOj2o93aNMJgORlA==
age: 1099
X-Firefox-Spdy: h2
widget.trustpilot.com/trustbox-data/5419b6ffb0d04a076446a9af?businessUnitId=5c63d6134064df0001fff3b7&locale=en-US
200 OK 483 B URL HTTP/2 widget.trustpilot.com/trustbox-data/5419b6ffb0d04a076446a9af?businessUnitId=5c63d6134064df0001fff3b7&locale=en-US
IP
File type JSON data\012- , ASCII text, with very long lines (1051), with no line terminators
Hash 8f5d4dc9a089c81f510a0b825d378c1c
3bcd8db2b27faf1ffbfb718ba805522501ce7d67
8867d2c1c95533ff0fa36793a80a10241f5072542458ef892bc868c60f03ac27
GET /trustbox-data/5419b6ffb0d04a076446a9af?businessUnitId=5c63d6134064df0001fff3b7&locale=en-US HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
content-length: 483
cache-control: public,max-age=1800
content-encoding: gzip
date: Thu, 08 Dec 2022 09:15:37 GMT
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
etag: "08e87214eb69163a7a023284ad38e8ae"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 8BdVQTVYS5Omo4aEGTMHrmF5P-CPWOVK4ZqlY-GjyBDub3YG7nt_5A==
age: 1099
X-Firefox-Spdy: h2
beacon-v2.helpscout.net/static/js/full-beacon-init.d46881fe.chunk.js
200 OK 102 kB URL HTTP/2 beacon-v2.helpscout.net/static/js/full-beacon-init.d46881fe.chunk.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Size 102 kB (102404 bytes)
Hash 9798dba76a6c2140a6f72f6c931535e5
6750e80ec40b7255c5f5c2e4ef7dfa44db8cd103
0651e033b434f7ddd3e1f1713c60ee8287fdfbb79f4c42145bc4483ca051911c
GET /static/js/full-beacon-init.d46881fe.chunk.js HTTP/1.1
Host: beacon-v2.helpscout.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 102404
date: Thu, 08 Dec 2022 09:33:09 GMT
last-modified: Thu, 08 Dec 2022 09:31:47 GMT
etag: "9798dba76a6c2140a6f72f6c931535e5"
cache-control: max-age=315360000, s-maxage=7200, public
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: NKiyaeh2wEdrECRbbO7Zs0xx4zOeYX0_0qSqYs-D0q6mKX7MkbETxA==
age: 49
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 2b80fe68b192c6a0dde701c880acc101
3d1b732d7cc2d71c4582b1ba1baf1437f1e900de
8475b8802299a3c7ba173076294374e747593f29d78f284bd19706f69bdefa04
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "8475B8802299A3C7BA173076294374E747593F29D78F284BD19706F69BDEFA04"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3369
Expires: Thu, 08 Dec 2022 10:30:06 GMT
Date: Thu, 08 Dec 2022 09:33:57 GMT
Connection: keep-alive
widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=28px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH4UVD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5c63d6134064df0001fff3b7&widgetId=5419b6ffb0d04a076446a9af
204 No Content 0 B URL HTTP/2 widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=28px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH4UVD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5c63d6134064df0001fff3b7&widgetId=5419b6ffb0d04a076446a9af
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stats/TrustboxImpression?locale=en-US&styleHeight=28px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH4UVD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5c63d6134064df0001fff3b7&widgetId=5419b6ffb0d04a076446a9af HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
cache-control: no-store,no-cache
date: Thu, 08 Dec 2022 09:33:56 GMT
pragma: no-cache
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: NN6sWTrpLGyUWY4K7h9Iip2Bxv_QUvH--B9y5KqBCOYHtX2fHnxSFQ==
X-Firefox-Spdy: h2
widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=42px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH4UVD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5c63d6134064df0001fff3b7&widgetId=5419b6ffb0d04a076446a9af
204 No Content 0 B URL HTTP/2 widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=42px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH4UVD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5c63d6134064df0001fff3b7&widgetId=5419b6ffb0d04a076446a9af
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stats/TrustboxImpression?locale=en-US&styleHeight=42px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH4UVD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5c63d6134064df0001fff3b7&widgetId=5419b6ffb0d04a076446a9af HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
cache-control: no-store,no-cache
date: Thu, 08 Dec 2022 09:33:56 GMT
pragma: no-cache
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 9R3r30S7H9H_HFGwy2s6StBDflSwpSSql86KsRKnX6W0XAnUzIZ0Fg==
X-Firefox-Spdy: h2
consent.cookiebot.com/uc.js?cbid=d053bff0-f51a-4434-ab3e-b7ec8831e3ed
200 OK 32 kB URL HTTP/2 consent.cookiebot.com/uc.js?cbid=d053bff0-f51a-4434-ab3e-b7ec8831e3ed
IP
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65499)
Hash c8f7ad4768a16672f57131490149c3d0
c943c68aaa059f06744868bb239f06d900d41464
b5a1e40fab60b20e8b25517f6a7e6d27f21af0788959cdf3d52f5b94164cba0c
GET /uc.js?cbid=d053bff0-f51a-4434-ab3e-b7ec8831e3ed HTTP/1.1
Host: consent.cookiebot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Tue, 22 Nov 2022 07:34:39 GMT
accept-ranges: bytes
etag: "db2e3fe144fed81:0"
vary: Accept-Encoding
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
access-control-expose-headers: Request-Context
content-length: 31718
cache-control: public, max-age=442
expires: Thu, 08 Dec 2022 09:41:19 GMT
date: Thu, 08 Dec 2022 09:33:57 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 7d047c6733f9c8d5998cae08d314f084
c23a8dce8a76dd01e22650fc1c19af2bae963008
d13c4f663e010387e21eece93c733faf5f2c3f9ff8ffca7aad99235aa990bea5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4144
Cache-Control: max-age=154416
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:57 GMT
Etag: "63915785-1d7"
Expires: Sat, 10 Dec 2022 04:27:33 GMT
Last-Modified: Thu, 08 Dec 2022 03:18:29 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
widget.trustpilot.com/stats/TrustboxView?locale=en-US&styleHeight=42px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH4UVD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5c63d6134064df0001fff3b7&widgetId=5419b6ffb0d04a076446a9af
204 No Content 0 B URL HTTP/2 widget.trustpilot.com/stats/TrustboxView?locale=en-US&styleHeight=42px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH4UVD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5c63d6134064df0001fff3b7&widgetId=5419b6ffb0d04a076446a9af
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stats/TrustboxView?locale=en-US&styleHeight=42px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH4UVD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5c63d6134064df0001fff3b7&widgetId=5419b6ffb0d04a076446a9af HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
cache-control: no-store,no-cache
date: Thu, 08 Dec 2022 09:33:56 GMT
pragma: no-cache
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: DwYMOn4n8sbjQpsJ_Q2FHRdd6d2vTbj5hsc_c-GlhpM6my2509Fsug==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6ec5f6261a8262e9f94b29627f54cefe
7ac766cf2ac8c2d960ec033388a767ff8a7d45e2
5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
200 OK 471 B IP
Hash 1a4c9caa1f185238a62ae27597aaeb15
5dbe1febb6fa2f17962013b1c5656b0c61626be9
21d53250b5135a5a50628638e5e6f73ef42a370340f9ca99a5b8ef693b9b9f32
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 09:33:57 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 20:28:58 GMT
Expires: Mon, 12 Dec 2022 20:28:57 GMT
Etag: "5dbe1febb6fa2f17962013b1c5656b0c61626be9"
Cache-Control: max-age=384299,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 776480a19b9d1c16-OSL
sc-static.net/scevent.min.js
200 OK 12 kB URL HTTP/2 sc-static.net/scevent.min.js
IP
File type ASCII text, with very long lines (27646), with no line terminators
Hash 62585b7e4a4eab6ba3984a2cd4de5365
14e3b07044b095c9b8fd7b84bf00adb32233edb0
8e0a43da6d5b986bdf45ccdc4bfc11742086d59e2dbf2ae3a04701602c6b8bb7
GET /scevent.min.js HTTP/1.1
Host: sc-static.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Cookie: X-AB=0d6e407936704bd380072f5891d28b0e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 11972
server: CloudFront
date: Wed, 07 Dec 2022 15:14:42 GMT
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Content-Type
cache-control: public, s-maxage=86400, max-age=600
etag: 0d6e407936704bd380072f5891d28b0e
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _FmjivvznuOBkPL-WX6tPUVxYNzjDvfH6bm5NmfVqTk6YlBZOS9ZaQ==
age: 65955
X-Firefox-Spdy: h2
cdn.sgmntfy.com/pa.js
200 OK 3.7 kB IP
File type ASCII text, with very long lines (3744), with no line terminators
Hash 7327381bba6f249fe470d17c0dca2cb4
b6fac12855c66c4841a38d07934fc22302e881ef
393195c622ffdab45d8f71e6988cdcc65ef85102061defa603882dc9f80d11ec
Analyzer Verdict Alert quad9 Sinkholed
GET /pa.js HTTP/1.1
Host: cdn.sgmntfy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: 0
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycduflDE4clQ4fDz8EIBW5y1K-BTUmTrK7-hLTExJCUMAKcPjs_f5oGCiCvkFeqELB979acTEBS8t4kx8RUSLjLgKiztN3ITo
x-goog-generation: 1654598345914433
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 3744
content-language: en
x-goog-hash: crc32c=EasKAQ==, md5=cyc4G7pvJJ/kcNF8DcostA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 3744
server: UploadServer
date: Thu, 08 Dec 2022 09:13:17 GMT
expires: Thu, 08 Dec 2022 10:13:17 GMT
cache-control: public, max-age=3600
age: 1240
last-modified: Tue, 07 Jun 2022 10:39:06 GMT
etag: "7327381bba6f249fe470d17c0dca2cb4"
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 67a1b2d7be614f35c45650267a65ea9e
277747c3e204693e166be7a28825191e0dcfd4f9
b345785422d52f2272722477f8bd0cf8ee6fee15957b8c656f04bc33879a2f35
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4304
Cache-Control: max-age=154213
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:57 GMT
Etag: "6391561a-117"
Expires: Sat, 10 Dec 2022 04:24:10 GMT
Last-Modified: Thu, 08 Dec 2022 03:12:26 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 727 B IP
Hash ad77e561f35835d6b900b05a711f9bda
407939caf4b8dcd5b0aa011f0681d97dd9a733ff
b069cbc831574621c19ad9855029bb9f54620cfd2dd6cc87db8f7e324cbf9924
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1126
Cache-Control: max-age=124074
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:57 GMT
Etag: "6390ecc9-2d7"
Expires: Fri, 09 Dec 2022 20:01:51 GMT
Last-Modified: Wed, 07 Dec 2022 19:43:05 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 727
consentcdn.cookiebot.com/sdk/bc-v4.min.html
200 OK 392 B URL HTTP/2 consentcdn.cookiebot.com/sdk/bc-v4.min.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (627), with no line terminators
Hash e7268eccad39bd651697fa793a52cc5c
47299cefa2397b0c1d0c5bf232390a5cf1bcc4d3
907e16c84d35556e4ed841a3511915e6d4bb4e9d68cfca178a740e90b4d80e35
GET /sdk/bc-v4.min.html HTTP/1.1
Host: consentcdn.cookiebot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: text/html
etag: "3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
last-modified: Mon, 04 Apr 2022 07:23:49 GMT
server: AkamaiNetStorage
x-akamai-transformed: 9 - 0 pmb=mRUM,1
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=29771517
expires: Fri, 17 Nov 2023 23:25:54 GMT
date: Thu, 08 Dec 2022 09:33:57 GMT
content-length: 392
server-timing: cdn-cache; desc=HIT, edge; dur=1
X-Firefox-Spdy: h2
www.redditstatic.com/ads/pixel.js
200 OK 7.7 kB URL HTTP/2 www.redditstatic.com/ads/pixel.js
IP
File type ASCII text, with very long lines (25224)
Hash 3528fd00b652f61a266eb584d96f4fcc
d89e16aa1323c6c4f1ed3941122020684a599361
77efa9f2ddfdca7a45df37bbcd22fdaeb7b97161a2acd87e21eb78bdeaad1332
GET /ads/pixel.js HTTP/1.1
Host: www.redditstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Mon, 07 Nov 2022 16:45:46 GMT
etag: "3528fd00b652f61a266eb584d96f4fcc"
cache-control: public, max-age=60
content-encoding: gzip
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 08 Dec 2022 09:33:57 GMT
vary: Accept-Encoding,Origin
server: snooserv
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-length: 7722
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash aa9e9cc4cf21d2f8e869a92e65a45506
32bac4c290787256eb7362fd11b4342d20a6c8ab
b82203e3d34d3cd6c7b013b8887a74af649ef07edccacf3a1874a670951a915b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3527
Cache-Control: max-age=95494
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:57 GMT
Etag: "639073c4-139"
Expires: Fri, 09 Dec 2022 12:05:31 GMT
Last-Modified: Wed, 07 Dec 2022 11:06:44 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
200 OK 471 B IP
Hash ef33445fcdc482844e5258994c63ac51
53513592e183978e20120956e968ff7350d7f454
256ace03c34ca196887e6bdb12c08e0ef5da178b5d96d756f367b4cc89dedf8b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1896
Cache-Control: max-age=164805
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:57 GMT
Etag: "639188e2-1d7"
Expires: Sat, 10 Dec 2022 07:20:42 GMT
Last-Modified: Thu, 08 Dec 2022 06:49:06 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
aacdn.nagich.com/assets/locale/en.json
200 OK 370 B URL HTTP/2 aacdn.nagich.com/assets/locale/en.json
IP
File type JSON data\012- , ASCII text, with CRLF line terminators
Hash 61447564bfaf9d8a95a15cb94e8bb3ea
34812ad3bab899ae83364d9ee0175fe028b18929
3e76d5fd806b30a50ebc1275c50a9d5a53f899a8ed193db0b3f7ee4f928f6893
GET /assets/locale/en.json HTTP/1.1
Host: aacdn.nagich.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:33:57 GMT
content-type: application/json
cache-control: public, max-age=2204800
last-modified: Tue, 15 Jun 2021 15:40:09 GMT
etag: W/"f45920b9fc61d71:0"
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: deny
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v3ZVMicpnOF16BLnhZgK2q9oz%2B3sfMtw5mgoauVMKu0MnU%2FXpqWdbItVnp59CIXXhw647lljmym%2BjTxM%2FifJo31RzATZEDNu54XwlL6ovStrKdYvQII%2BiUEc1KnimnUgLEo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776480a24a19b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 1a4c9caa1f185238a62ae27597aaeb15
5dbe1febb6fa2f17962013b1c5656b0c61626be9
21d53250b5135a5a50628638e5e6f73ef42a370340f9ca99a5b8ef693b9b9f32
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 09:33:57 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 20:28:58 GMT
Expires: Mon, 12 Dec 2022 20:28:57 GMT
Etag: "5dbe1febb6fa2f17962013b1c5656b0c61626be9"
Cache-Control: max-age=384299,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 776480a0fc651bfa-OSL
aacdn.nagich.com/style/style.css
200 OK 3.9 kB URL HTTP/2 aacdn.nagich.com/style/style.css
IP
File type ASCII text, with very long lines (18524), with no line terminators
Hash 2e6d74021f54def3d8823135423c566e
8b3975f069378758dc1473657d55362da0462916
99b70fcaf4d1ca50f9e2c38cb8f7623ef1d64a9c96ca8560222317b2148f47f5
GET /style/style.css HTTP/1.1
Host: aacdn.nagich.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:33:57 GMT
content-type: text/css
cache-control: public, max-age=2204800
last-modified: Sun, 02 Oct 2022 09:01:39 GMT
etag: W/"809b15953dd6d81:0"
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: deny
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 297099
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jGNe0c566Oq1mhuFZ9G3h722sM4eWRkJ%2Bya2W1jyliiVDo5Tq5CwpGLfmKxd9eVerPrUJB9RsoZNNEEjVittfXVbLKjEvewlz0WYUm3dsG9NKj7PqN2kND125%2B2b9hqT%2FoQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776480a24a02b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
d3hb14vkzrxvla.cloudfront.net/v1/00e580f3-b08f-44e2-b7b0-5949db5bfaf3
200 OK 101 B URL HTTP/2 d3hb14vkzrxvla.cloudfront.net/v1/00e580f3-b08f-44e2-b7b0-5949db5bfaf3
IP
File type gzip compressed data, from Unix\012- data
Hash 3e63a9b2f00d47c6e630c44d65d4d2f3
5e86dc9ccade25260e7cc663a57a506a2ccc94b9
d6111c821b4d5f1016b72d7de508d357bfbd17d46eb58793ef46997ff1cae9c0
OPTIONS /v1/00e580f3-b08f-44e2-b7b0-5949db5bfaf3 HTTP/1.1
Host: d3hb14vkzrxvla.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: beacon-device-id,correlationid,helpscout-origin,helpscout-release
Referer: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
date: Thu, 08 Dec 2022 09:33:57 GMT
access-control-allow-origin: https://flaviar.com
access-control-allow-methods: GET
access-control-allow-headers: beacon-device-id, correlationid, helpscout-origin, helpscout-release
access-control-allow-credentials: true
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
x-ratelimit-limit-identify-hour: 25
x-ratelimit-remaining-identify-hour: 25
x-ratelimit-limit-general-minute: 60
x-ratelimit-remaining-general-minute: 60
x-ratelimit-limit-conversations-hour: 10
x-ratelimit-remaining-conversations-hour: 10
x-ratelimit-limit-attachments-hour: 10
x-ratelimit-remaining-attachments-hour: 10
x-ratelimit-limit-chat-tokens-hour: 25
x-ratelimit-remaining-chat-tokens-hour: 25
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin,Access-Control-Request-Method
x-cache: Miss from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: apYb8zb7JfLa__jtjLFRNl_RRqyrLiaWStrvolkOCsbBt3uvFQgQ0w==
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash f08546b9cf4cb596e50d1cb506f6996a
e1db743ef1aeafeaf52f44b35809d6f624aea214
2aeac4734a8deb4b22fdaa4ba7c349a1846f84f74933da73e0968369d7772e83
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=153336
Date: Thu, 08 Dec 2022 09:33:57 GMT
Etag: "639157ab-1d7"
Expires: Sat, 10 Dec 2022 04:09:33 GMT
Last-Modified: Thu, 08 Dec 2022 03:19:07 GMT
Server: ECS (nyb/1D16)
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 1nntHMMv50QRLu0-VL7rxNKBb6TIrCgDotGzNmryGhsRJ8Ii-ojzWQ==
Age: 3026
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 20f976f1a4421c0fae8ec58b24600703
14efafebd65a59a6f6b29ad778573546df4fca93
6fe0f2d44718761be652135835c003bc41589987d013e3fda3d52e708d42232a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=153443
Date: Thu, 08 Dec 2022 09:33:57 GMT
Etag: "639157ab-1d7"
Expires: Sat, 10 Dec 2022 04:11:20 GMT
Last-Modified: Thu, 08 Dec 2022 03:19:07 GMT
Server: ECS (bsa/EB12)
X-Cache: Miss from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: -EAxEkHwuOuGFdS6MxBNcKgmMYMN5pecqp4YVrzCNQq89JZ_Cefytg==
Age: 3133
api.sail-personalize.com/v1/personalize/simple?pageviews=2&isMobile=0&page=irclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH4UVD1MORM0&page=ir_cid%3D3334&page=ir_affid%3D10813&page=utm_medium%3Daffiliates&page=utm_source%3DMaxBounty.com%20ULC&page=ir_partnerid%3D10813&page=ir_adid%3D1215604&page=ir_campaignid%3D3334&visitorId=9b02278f-ed52-4eea-b80d-e52f3b3d0c31&content=37da707040a8b4a5cb5d2df8389bc612
200 OK 2.3 kB URL HTTP/2 api.sail-personalize.com/v1/personalize/simple?pageviews=2&isMobile=0&page=irclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH4UVD1MORM0&page=ir_cid%3D3334&page=ir_affid%3D10813&page=utm_medium%3Daffiliates&page=utm_source%3DMaxBounty.com%20ULC&page=ir_partnerid%3D10813&page=ir_adid%3D1215604&page=ir_campaignid%3D3334&visitorId=9b02278f-ed52-4eea-b80d-e52f3b3d0c31&content=37da707040a8b4a5cb5d2df8389bc612
IP
Hash 5f4c4ad8d26dd2ca3b7086f6527dc490
54a6d9e0b7d363fcdfe57d08ed3fb043ddb599b9
0d5831bcc1f7993e2f33b95b9fdb7274a1311a9bfecae8c2087a27f26d8b41d8
OPTIONS /v1/personalize/simple?pageviews=2&isMobile=0&page=irclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH4UVD1MORM0&page=ir_cid%3D3334&page=ir_affid%3D10813&page=utm_medium%3Daffiliates&page=utm_source%3DMaxBounty.com%20ULC&page=ir_partnerid%3D10813&page=ir_adid%3D1215604&page=ir_campaignid%3D3334&visitorId=9b02278f-ed52-4eea-b80d-e52f3b3d0c31&content=37da707040a8b4a5cb5d2df8389bc612 HTTP/1.1
Host: api.sail-personalize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-lib-version,x-referring-url
Referer: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:33:57 GMT
content-type: text/plain
content-length: 18
access-control-allow-origin: https://flaviar.com
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: OPTIONS,GET,POST,PUT,DELETE
access-control-allow-headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
allow: HEAD,GET,OPTIONS
X-Firefox-Spdy: h2
rb9yp8py.flaviar.com/assets/wxyz.rb.js
200 OK 10 kB URL HTTP/1.1 rb9yp8py.flaviar.com/assets/wxyz.rb.js
IP
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (347)
Hash 46f395d8bdc29802f09a64a95a192e39
bf4266cdba32c81498002bef7c746bb20df0ac6d
b9c74b5f30111282496c5860c76e8e73697c52e94a939898ea2dae9a6a5314e0
GET /assets/wxyz.rb.js HTTP/1.1
Host: rb9yp8py.flaviar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaviar.com/
Connection: keep-alive
Cookie: rbuid=rbos-b4d2c969-1bc3-42e5-bf62-0e65f88d75f7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Thu, 08 Dec 2022 09:33:58 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
api.sail-personalize.com/v1/personalize/simple?pageviews=2&isMobile=0&page=irclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH4UVD1MORM0&page=ir_cid%3D3334&page=ir_affid%3D10813&page=utm_medium%3Daffiliates&page=utm_source%3DMaxBounty.com%20ULC&page=ir_partnerid%3D10813&page=ir_adid%3D1215604&page=ir_campaignid%3D3334&visitorId=9b02278f-ed52-4eea-b80d-e52f3b3d0c31&content=37da707040a8b4a5cb5d2df8389bc612
200 OK 196 B URL HTTP/2 api.sail-personalize.com/v1/personalize/simple?pageviews=2&isMobile=0&page=irclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH4UVD1MORM0&page=ir_cid%3D3334&page=ir_affid%3D10813&page=utm_medium%3Daffiliates&page=utm_source%3DMaxBounty.com%20ULC&page=ir_partnerid%3D10813&page=ir_adid%3D1215604&page=ir_campaignid%3D3334&visitorId=9b02278f-ed52-4eea-b80d-e52f3b3d0c31&content=37da707040a8b4a5cb5d2df8389bc612
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 6b25b1c01e1e871de684b9469b876344
1baec1e0c9afd1d3f29bbecf1f408822e1e8c0cc
4a8d5f6554a9a7f946aeeceab2076dca84f431e6c3419160fd2ba7f3d07f407c
GET /v1/personalize/simple?pageviews=2&isMobile=0&page=irclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH4UVD1MORM0&page=ir_cid%3D3334&page=ir_affid%3D10813&page=utm_medium%3Daffiliates&page=utm_source%3DMaxBounty.com%20ULC&page=ir_partnerid%3D10813&page=ir_adid%3D1215604&page=ir_campaignid%3D3334&visitorId=9b02278f-ed52-4eea-b80d-e52f3b3d0c31&content=37da707040a8b4a5cb5d2df8389bc612 HTTP/1.1
Host: api.sail-personalize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaviar.com/
authorization: Bearer 65de79281e7de94b00f804e81e0d65c0
content-type: application/json
x-lib-version: v1.0.1
x-referring-url: https://flaviar.com/?irclickid=1-9wPfyDDxyNR7RVoXTXjwISUkAxH4UVD1MORM0&ir_cid=3334&ir_affid=10813&utm_medium=affiliates&utm_source=MaxBounty.com%20ULC&ir_partnerid=10813&ir_adid=1215604&ir_campaignid=3334
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:33:58 GMT
content-type: application/json
content-length: 196
access-control-allow-origin: *
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-store
expires: -1
allowedheaders: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
allowedorigins: *
allowedmethods: GET,OPTIONS
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
rb9yp8py.flaviar.com/integrations?source=flaviar
200 OK 59 B URL HTTP/1.1 rb9yp8py.flaviar.com/integrations?source=flaviar
IP
ASN #14061 DIGITALOCEAN-ASN
Hash b13b075ac18d7ecbf705dad11323402e
124e2c4307c6beabfd3e751f14a4f7acb02eb6ce
03db7011ba06ed159ca1b7dee62dc5a01ee2d0a3d6f3b0294004cd455251b7f2
GET /integrations?source=flaviar HTTP/1.1
Host: rb9yp8py.flaviar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Cookie: _ga_94QYBVSJNV=GS1.1.1670492011.1.1.1670492036.35.0.0; _ga=GA1.2.1294024320.1670492011; _gid=GA1.2.1637181157.1670492011; _dc_gtm_UA-28959768-20=1; _dc_gtm_UA-28959768-1=1; _fbp=fb.1.1670492011820.1778092284; _sgf_user_id=3126534455214081; _gcl_au=1.1.1737174899.1670492012; _rdt_uuid=1670492012330.21a5c4c1-9e0f-4329-8302-465ac8ea2dbb; _scid=8dd82155-24a2-4068-ba1b-32a10ddf8dbd; rbuid=rbos-b4d2c969-1bc3-42e5-bf62-0e65f88d75f7; cto_bundle=shVULV9Rb2Zuc1NnWHNmZDN6SjNtMUU5cWNzeDVtSVkyNHRrS2JMaElQT2RHR3hTVyUyQm9HcFJxaDhqTEVtb2h0M0ZJam56aTlSOUZ0VUNlSzVzeEhxM2QyUHFWTmlSTSUyQkdtbFd0cHVINCUyRjFFNkJXUlhwYWROc1NkdXRwaG1idDlZcGJtRlF2ciUyQmFOV3ZBSjlCcEN0TGlIQW10ZyUzRCUzRA; _uetsid=61e20a4076db11eda125751ff19e3517; _uetvid=61e2303076db11ed9f741fecbc8faa24; _sgf_exp=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: openresty
Date: Thu, 08 Dec 2022 09:33:58 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
aacdn.nagich.com/assets/images/11.svg
200 OK 885 B URL HTTP/2 aacdn.nagich.com/assets/images/11.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators
Hash fdd1e53a02d0c87596006894983346b0
f861f31c078e3e35d582f9f531b7202116b6b0ed
2459fb4940fdea78c3e4e5ef35b64fbac6bf471a2971d2f05738ec49ff593468
GET /assets/images/11.svg HTTP/1.1
Host: aacdn.nagich.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:33:57 GMT
content-type: image/svg+xml
cache-control: public, max-age=2204800
last-modified: Thu, 01 Aug 2019 12:47:47 GMT
etag: W/"42b27526748d51:0"
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: deny
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 297098
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sBLkSXU9bYzVdLL7V9%2BceQ3yk%2BljgTRqqpirKg77GQdKWD8K1TVm5Ih9zauxvmkzkcwulEA%2FetCwZzkxuU8ZPPEem4reaB08GYG8SPsTiLKhuCGSB6Z5riSfFu7CJSLYwq4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776480a3ec70b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
rb9yp8py.flaviar.com/v2/rb?url=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH4UVD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&action=view&source=flaviar&rb_source=flaviar&script_version=wxyz.rb.js&sessionId=585ecc87-a56a-4e95-bf51-51d5c36142f5&uid=rbos-b4d2c969-1bc3-42e5-bf62-0e65f88d75f7
200 OK 44 B URL HTTP/1.1 rb9yp8py.flaviar.com/v2/rb?url=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH4UVD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&action=view&source=flaviar&rb_source=flaviar&script_version=wxyz.rb.js&sessionId=585ecc87-a56a-4e95-bf51-51d5c36142f5&uid=rbos-b4d2c969-1bc3-42e5-bf62-0e65f88d75f7
IP
ASN #14061 DIGITALOCEAN-ASN
File type GIF image data, version 89a, 1 x 1\012- data
Hash 75e9566b8523b76993b790444d697848
46bcf0fe72739cd1bc11b7d525d6fdaf4533a845
039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d
GET /v2/rb?url=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH4UVD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&action=view&source=flaviar&rb_source=flaviar&script_version=wxyz.rb.js&sessionId=585ecc87-a56a-4e95-bf51-51d5c36142f5&uid=rbos-b4d2c969-1bc3-42e5-bf62-0e65f88d75f7 HTTP/1.1
Host: rb9yp8py.flaviar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Cookie: _ga_94QYBVSJNV=GS1.1.1670492011.1.1.1670492036.35.0.0; _ga=GA1.2.1294024320.1670492011; _gid=GA1.2.1637181157.1670492011; _dc_gtm_UA-28959768-20=1; _dc_gtm_UA-28959768-1=1; _fbp=fb.1.1670492011820.1778092284; _sgf_user_id=3126534455214081; _gcl_au=1.1.1737174899.1670492012; _rdt_uuid=1670492012330.21a5c4c1-9e0f-4329-8302-465ac8ea2dbb; _scid=8dd82155-24a2-4068-ba1b-32a10ddf8dbd; rbuid=rbos-b4d2c969-1bc3-42e5-bf62-0e65f88d75f7; cto_bundle=shVULV9Rb2Zuc1NnWHNmZDN6SjNtMUU5cWNzeDVtSVkyNHRrS2JMaElQT2RHR3hTVyUyQm9HcFJxaDhqTEVtb2h0M0ZJam56aTlSOUZ0VUNlSzVzeEhxM2QyUHFWTmlSTSUyQkdtbFd0cHVINCUyRjFFNkJXUlhwYWROc1NkdXRwaG1idDlZcGJtRlF2ciUyQmFOV3ZBSjlCcEN0TGlIQW10ZyUzRCUzRA; _uetsid=61e20a4076db11eda125751ff19e3517; _uetvid=61e2303076db11ed9f741fecbc8faa24; _sgf_exp=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: openresty
Date: Thu, 08 Dec 2022 09:33:58 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: rbuid=rbos-b4d2c969-1bc3-42e5-bf62-0e65f88d75f7; domain=flaviar.com; path=/;Max-Age=2592000; SameSite=None; Secure
ocsp.digicert.com/
200 OK 313 B IP
Hash 5814ad3b7f0d449d58b5505e41a3f293
66fe5d7620cc08430e8c06b981dd034307dbbc8d
aac640fcca4acaf55321ba49f1eb08c3a29d771445b35a33213aa627900d2579
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3559
Cache-Control: max-age=91579
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:58 GMT
Etag: "6390645a-139"
Expires: Fri, 09 Dec 2022 11:00:17 GMT
Last-Modified: Wed, 07 Dec 2022 10:00:58 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 313
amplify.outbrain.com/cp/obtp.js
200 OK 5.3 kB URL HTTP/1.1 amplify.outbrain.com/cp/obtp.js
IP
File type ASCII text, with very long lines (16574), with no line terminators
Hash 5cdda5ed80a4ee13f700ae502f7cd4ec
0e6aa932abf3c56561a686aa3e8d069aaa3ca228
d54fc3e1792330cc768902f861f0a79ecffbfd23b8db14f354e8fcefd1c831c1
GET /cp/obtp.js HTTP/1.1
Host: amplify.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "fe80c55f1e1387116ff9765261ed192c:1669645506.686439"
Last-Modified: Mon, 28 Nov 2022 14:22:05 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1200
Expires: Thu, 08 Dec 2022 09:53:58 GMT
Date: Thu, 08 Dec 2022 09:33:58 GMT
Content-Length: 5269
Connection: keep-alive
d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
200 OK 905 B URL HTTP/2 d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
IP
File type ASCII text, with very long lines (559)
Hash 8f9a4e574f11ca1ea10db98fd6687660
24524c8493f0ca5573f353600dd66ba22406cd9c
f16fda04be22fc56edd4df978a54704d27b942f694ba82fab5a7d3b1c13428b8
GET /widget/widget_async.js HTTP/1.1
Host: d3rr3d0n31t48m.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 905
last-modified: Tue, 15 Nov 2022 21:39:30 GMT
content-encoding: gzip
x-amz-meta-mtime: 1668548367.69
accept-ranges: bytes
server: AmazonS3
date: Thu, 08 Dec 2022 09:28:02 GMT
cache-control: max-age=3600, public
etag: "8f9a4e574f11ca1ea10db98fd6687660"
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: xnqaOQP1aF3RuCtac0Z8cH5z3vnwPCIhbpRvUQ-tRo5PiIHRH1z5Ow==
age: 357
X-Firefox-Spdy: h2
static.ads-twitter.com/uwt.js
200 OK 15 kB URL HTTP/2 static.ads-twitter.com/uwt.js
IP
File type ASCII text, with very long lines (57596), with no line terminators
Hash 573e6a7f86f6f3063763360ef0672c01
b12eab3b4ac8872d49ac6e15f9cd17741765c0cf
02445eb022a04139531f0ce8d8980c31083a1c670936f1477f5cfc4d252133f7
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
cache-control: no-cache
content-type: application/javascript; charset=utf-8
content-encoding: gzip
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
accept-ranges: bytes
date: Thu, 08 Dec 2022 09:33:58 GMT
x-served-by: cache-iad-kjyo7100147-IAD, cache-hel1410029-HEL
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15375
X-Firefox-Spdy: h2
bat.bing.com/bat.js
200 OK 12 kB IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (39124), with no line terminators
Hash d925a898de26295fdebfc90203ef46fa
77dd3f5893b76530e08058d50e8f9aef017e80c7
8f4a413fec7e48f5ac290f4596fef33b6396e7fb31080ec0203a5ec817d140c8
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11460
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 05 Dec 2022 17:15:50 GMT
accept-ranges: bytes
etag: "027e538cd8d91:0"
vary: Accept-Encoding
set-cookie: MUID=1987574CC2A8651B33184538C3FF64CE; domain=.bing.com; expires=Tue, 02-Jan-2024 09:33:58 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2CEFA2DDCC7A46A687E922A99DE9C24E Ref B: OSL30EDGE0308 Ref C: 2022-12-08T09:33:58Z
date: Thu, 08 Dec 2022 09:33:58 GMT
X-Firefox-Spdy: h2
sslwidget.criteo.com/event?a=95340&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3Dundefined%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.1.0&p3=e%3Ddis&adce=1&bundle=shVULV9Rb2Zuc1NnWHNmZDN6SjNtMUU5cWNzeDVtSVkyNHRrS2JMaElQT2RHR3hTVyUyQm9HcFJxaDhqTEVtb2h0M0ZJam56aTlSOUZ0VUNlSzVzeEhxM2QyUHFWTmlSTSUyQkdtbFd0cHVINCUyRjFFNkJXUlhwYWROc1NkdXRwaG1idDlZcGJtRlF2ciUyQmFOV3ZBSjlCcEN0TGlIQW10ZyUzRCUzRA&tld=flaviar.com&dy=1&fu=https%253A%252F%252Fflaviar.com%252F%253Firclickid%253D1-9wPfyDDxyNR7RVoXTXjwISUkAxH4UVD1MORM0%2526ir_cid%253D3334%2526ir_affid%253D10813%2526utm_medium%253Daffiliates%2526utm_source%253DMaxBounty.com%252520ULC%2526ir_partnerid%253D10813%2526ir_adid%253D1215604%2526ir_campaignid%253D3334&dtycbr=97715&cs=1---&cv=1
302 Found 0 B URL HTTP/2 sslwidget.criteo.com/event?a=95340&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3Dundefined%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.1.0&p3=e%3Ddis&adce=1&bundle=shVULV9Rb2Zuc1NnWHNmZDN6SjNtMUU5cWNzeDVtSVkyNHRrS2JMaElQT2RHR3hTVyUyQm9HcFJxaDhqTEVtb2h0M0ZJam56aTlSOUZ0VUNlSzVzeEhxM2QyUHFWTmlSTSUyQkdtbFd0cHVINCUyRjFFNkJXUlhwYWROc1NkdXRwaG1idDlZcGJtRlF2ciUyQmFOV3ZBSjlCcEN0TGlIQW10ZyUzRCUzRA&tld=flaviar.com&dy=1&fu=https%253A%252F%252Fflaviar.com%252F%253Firclickid%253D1-9wPfyDDxyNR7RVoXTXjwISUkAxH4UVD1MORM0%2526ir_cid%253D3334%2526ir_affid%253D10813%2526utm_medium%253Daffiliates%2526utm_source%253DMaxBounty.com%252520ULC%2526ir_partnerid%253D10813%2526ir_adid%253D1215604%2526ir_campaignid%253D3334&dtycbr=97715&cs=1---&cv=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event?a=95340&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3Dundefined%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.1.0&p3=e%3Ddis&adce=1&bundle=shVULV9Rb2Zuc1NnWHNmZDN6SjNtMUU5cWNzeDVtSVkyNHRrS2JMaElQT2RHR3hTVyUyQm9HcFJxaDhqTEVtb2h0M0ZJam56aTlSOUZ0VUNlSzVzeEhxM2QyUHFWTmlSTSUyQkdtbFd0cHVINCUyRjFFNkJXUlhwYWROc1NkdXRwaG1idDlZcGJtRlF2ciUyQmFOV3ZBSjlCcEN0TGlIQW10ZyUzRCUzRA&tld=flaviar.com&dy=1&fu=https%253A%252F%252Fflaviar.com%252F%253Firclickid%253D1-9wPfyDDxyNR7RVoXTXjwISUkAxH4UVD1MORM0%2526ir_cid%253D3334%2526ir_affid%253D10813%2526utm_medium%253Daffiliates%2526utm_source%253DMaxBounty.com%252520ULC%2526ir_partnerid%253D10813%2526ir_adid%253D1215604%2526ir_campaignid%253D3334&dtycbr=97715&cs=1---&cv=1 HTTP/1.1
Host: sslwidget.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 08 Dec 2022 09:33:57 GMT
server: Kestrel
content-length: 0
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
expires: 0
location: https://widget.us.criteo.com/event?a=95340&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3Dundefined%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.1.0&p3=e%3Ddis&adce=1&bundle=shVULV9Rb2Zuc1NnWHNmZDN6SjNtMUU5cWNzeDVtSVkyNHRrS2JMaElQT2RHR3hTVyUyQm9HcFJxaDhqTEVtb2h0M0ZJam56aTlSOUZ0VUNlSzVzeEhxM2QyUHFWTmlSTSUyQkdtbFd0cHVINCUyRjFFNkJXUlhwYWROc1NkdXRwaG1idDlZcGJtRlF2ciUyQmFOV3ZBSjlCcEN0TGlIQW10ZyUzRCUzRA&tld=flaviar.com&dy=1&fu=https%253A%252F%252Fflaviar.com%252F%253Firclickid%253D1-9wPfyDDxyNR7RVoXTXjwISUkAxH4UVD1MORM0%2526ir_cid%253D3334%2526ir_affid%253D10813%2526utm_medium%253Daffiliates%2526utm_source%253DMaxBounty.com%252520ULC%2526ir_partnerid%253D10813%2526ir_adid%253D1215604%2526ir_campaignid%253D3334&dtycbr=97715&cs=1---&cv=1
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
server-processing-duration-in-ticks: 4104373
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
alb.reddit.com/rp.gif?ts=1670492037026&id=t2_h2e6q&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=21a5c4c1-9e0f-4329-8302-465ac8ea2dbb&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1280&sw=1024&v=rdt_1967aea8
200 OK 42 B URL HTTP/2 alb.reddit.com/rp.gif?ts=1670492037026&id=t2_h2e6q&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=21a5c4c1-9e0f-4329-8302-465ac8ea2dbb&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1280&sw=1024&v=rdt_1967aea8
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /rp.gif?ts=1670492037026&id=t2_h2e6q&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=21a5c4c1-9e0f-4329-8302-465ac8ea2dbb&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1280&sw=1024&v=rdt_1967aea8 HTTP/1.1
Host: alb.reddit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
cross-origin-resource-policy: cross-origin
content-type: image/gif
accept-ranges: bytes
date: Thu, 08 Dec 2022 09:33:58 GMT
via: 1.1 varnish
content-length: 42
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 314 B IP
Hash 2feb06685a118d55ccaeafc7ee017d8d
3d174b55d7ad8354fa4311fd50c00e548b9f58af
f0d8e6761e27796374ca50f8c6c0b46f2027eede275538207e90ad10522072ed
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4343
Cache-Control: max-age=99194
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:58 GMT
Etag: "63907f09-13a"
Expires: Fri, 09 Dec 2022 13:07:12 GMT
Last-Modified: Wed, 07 Dec 2022 11:54:49 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 314
status.thawte.com/
200 OK 471 B IP
Hash 463bcaef421199f7ea4216405d409f3a
51a32bdb4a049502cc7154910c257acc5b748292
66560b89ac85ab969d7e5b602f460b18f44de66574668faed3da61dcbd12858c
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6232
Cache-Control: max-age=134590
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:58 GMT
Etag: "639101ec-1d7"
Expires: Fri, 09 Dec 2022 22:57:08 GMT
Last-Modified: Wed, 07 Dec 2022 21:13:16 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
200 OK 472 B IP
Hash 7354e62fa39d17a8c644a678143d5683
88a59c502d394ca3b4799373e7af34188af0545a
4cb96b2ecbdfbd891f0e410c2d4666b9a8acdc96d3c78e0c8f6d7ea013691f88
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 09:33:58 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 02:06:55 GMT
Expires: Mon, 12 Dec 2022 02:06:54 GMT
Etag: "88a59c502d394ca3b4799373e7af34188af0545a"
Cache-Control: max-age=318175,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 776480a86b6a1bfa-OSL
gum.criteo.com/sid/json?origin=onetag&domain=flaviar.com&sn=FirefoxSyncframe&so=3&topUrl=flaviar.com&bundle=shVULV9Rb2Zuc1NnWHNmZDN6SjNtMUU5cWNzeDVtSVkyNHRrS2JMaElQT2RHR3hTVyUyQm9HcFJxaDhqTEVtb2h0M0ZJam56aTlSOUZ0VUNlSzVzeEhxM2QyUHFWTmlSTSUyQkdtbFd0cHVINCUyRjFFNkJXUlhwYWROc1NkdXRwaG1idDlZcGJtRlF2ciUyQmFOV3ZBSjlCcEN0TGlIQW10ZyUzRCUzRA&info=dEG5Sl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czJVclFzVUozdzFnVUI5ZnZvenZzbnZDMGRCNVhlTWFSbW1vUTYyTGltSEU&idsd=422569297,1372520355&cw=1&lsw=1
200 OK 357 B URL HTTP/2 gum.criteo.com/sid/json?origin=onetag&domain=flaviar.com&sn=FirefoxSyncframe&so=3&topUrl=flaviar.com&bundle=shVULV9Rb2Zuc1NnWHNmZDN6SjNtMUU5cWNzeDVtSVkyNHRrS2JMaElQT2RHR3hTVyUyQm9HcFJxaDhqTEVtb2h0M0ZJam56aTlSOUZ0VUNlSzVzeEhxM2QyUHFWTmlSTSUyQkdtbFd0cHVINCUyRjFFNkJXUlhwYWROc1NkdXRwaG1idDlZcGJtRlF2ciUyQmFOV3ZBSjlCcEN0TGlIQW10ZyUzRCUzRA&info=dEG5Sl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czJVclFzVUozdzFnVUI5ZnZvenZzbnZDMGRCNVhlTWFSbW1vUTYyTGltSEU&idsd=422569297,1372520355&cw=1&lsw=1
IP
Hash c15674d29a9a8bb0b5636b2b1df7d1ed
8cdabaea991b953c625a65cd63cd82e68c2f17bc
fdc9d9814c3ee047f008e94a60cba54de08fdf6dac4afb1747053a5cb66c0e0b
GET /sid/json?origin=onetag&domain=flaviar.com&sn=FirefoxSyncframe&so=3&topUrl=flaviar.com&bundle=shVULV9Rb2Zuc1NnWHNmZDN6SjNtMUU5cWNzeDVtSVkyNHRrS2JMaElQT2RHR3hTVyUyQm9HcFJxaDhqTEVtb2h0M0ZJam56aTlSOUZ0VUNlSzVzeEhxM2QyUHFWTmlSTSUyQkdtbFd0cHVINCUyRjFFNkJXUlhwYWROc1NkdXRwaG1idDlZcGJtRlF2ciUyQmFOV3ZBSjlCcEN0TGlIQW10ZyUzRCUzRA&info=dEG5Sl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czJVclFzVUozdzFnVUI5ZnZvenZzbnZDMGRCNVhlTWFSbW1vUTYyTGltSEU&idsd=422569297,1372520355&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?topUrl=flaviar.com&origin=onetag&us_privacy=1---
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:33:57 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1316274
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gandalf-eu.segmentify.com//get/key/v1.json?count=1
200 206 B URL HTTP/1.1 gandalf-eu.segmentify.com//get/key/v1.json?count=1
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash c4e9600cfbd85eb519dc384f59110c7a
14dbc0572f015f715b29038a3e6edf8ab2aaa2ac
a64b5041ff3ea69a69b51c41fc2ebc627365d5ea1cbcc4bcbac19c94e43f4792
GET //get/key/v1.json?count=1 HTTP/1.1
Host: gandalf-eu.segmentify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Encoding: br
Content-Type: application/json;charset=UTF-8
Date: Thu, 08 Dec 2022 09:33:58 GMT
Server: nginx
Transfer-Encoding: chunked
X-Server-Name: 7bc30e0e2a5e4039e53cb85fca96879b
tr.outbrain.com/unifiedPixel?marketerId=00cf895e7b627a414bdcc05c54e01b7ae7&apiObjVersion=1.1&obtpVersion=2.0.5&name=Pageview&dl=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH4UVD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&optOut=false&bust=010342424082158086&referrer=
200 OK 60 B URL HTTP/1.1 tr.outbrain.com/unifiedPixel?marketerId=00cf895e7b627a414bdcc05c54e01b7ae7&apiObjVersion=1.1&obtpVersion=2.0.5&name=Pageview&dl=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH4UVD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&optOut=false&bust=010342424082158086&referrer=
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash fb0fc5c090282e372b8bf8ff13ae3ee2
2de3834253ece606ce4d2a6f10a59654b6fa378b
90a8ffa59ad6227daafa10083d4cff2e9b295c9c82135b5f5cedd65b2e7c8ceb
GET /unifiedPixel?marketerId=00cf895e7b627a414bdcc05c54e01b7ae7&apiObjVersion=1.1&obtpVersion=2.0.5&name=Pageview&dl=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH4UVD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&optOut=false&bust=010342424082158086&referrer= HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 09:33:58 GMT
Content-Type: image/gif;
Content-Length: 60
Cache-Control: no-cache
X-TraceId: 84cdcaabde0fc7580152a345dceee5cc
content-encoding: gzip
d3rr3d0n31t48m.cloudfront.net/widget/triggerRunner.js?v=c317b78
200 OK 3.8 kB URL HTTP/2 d3rr3d0n31t48m.cloudfront.net/widget/triggerRunner.js?v=c317b78
IP
File type ASCII text, with very long lines (583)
Hash 6f8d2d39d5726872bebba803a41bb024
2b7c6aa4941537ae52e1f32bfe642dfd440f5cbc
1de43985c42cfd2c6d39a3b7b30957bc1dde1208bd5bbbc94695d4c357383a01
GET /widget/triggerRunner.js?v=c317b78 HTTP/1.1
Host: d3rr3d0n31t48m.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 3772
date: Tue, 15 Nov 2022 21:40:34 GMT
last-modified: Tue, 15 Nov 2022 21:39:30 GMT
etag: "6f8d2d39d5726872bebba803a41bb024"
cache-control: max-age=2592000, public
content-encoding: gzip
x-amz-meta-mtime: 1668548367.68
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: bDcgZZMddQ3UoYi_WmsdTStJX2TSPFCfhzIcNuPasdUoUEO8KvI0_w==
age: 1943605
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=5715081&tm=gtm002&Ver=2&mid=453b616c-f14e-462d-8fa3-815f05d40093&sid=61e20a4076db11eda125751ff19e3517&vid=61e2303076db11ed9f741fecbc8faa24&vids=0&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar&p=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH4UVD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&r=<=2543&evt=pageLoad&sv=1&rn=333408
204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=5715081&tm=gtm002&Ver=2&mid=453b616c-f14e-462d-8fa3-815f05d40093&sid=61e20a4076db11eda125751ff19e3517&vid=61e2303076db11ed9f741fecbc8faa24&vids=0&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar&p=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH4UVD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&r=<=2543&evt=pageLoad&sv=1&rn=333408
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=5715081&tm=gtm002&Ver=2&mid=453b616c-f14e-462d-8fa3-815f05d40093&sid=61e20a4076db11eda125751ff19e3517&vid=61e2303076db11ed9f741fecbc8faa24&vids=0&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar&p=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH4UVD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&r=<=2543&evt=pageLoad&sv=1&rn=333408 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=023F7C0E4B9E65A43AD16E7A4AC96466; domain=.bing.com; expires=Tue, 02-Jan-2024 09:33:58 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 10E9DDFCBB97464F9BC2898634C86966 Ref B: OSL30EDGE0308 Ref C: 2022-12-08T09:33:58Z
date: Thu, 08 Dec 2022 09:33:58 GMT
X-Firefox-Spdy: h2
gandalf-eu.segmentify.com//add/events/v1.json?apiKey=06e2e4b6-5e17-4dbf-9574-c462c3d742d7
200 OK 0 B URL HTTP/1.1 gandalf-eu.segmentify.com//add/events/v1.json?apiKey=06e2e4b6-5e17-4dbf-9574-c462c3d742d7
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS //add/events/v1.json?apiKey=06e2e4b6-5e17-4dbf-9574-c462c3d742d7 HTTP/1.1
Host: gandalf-eu.segmentify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-sfy-api-key
Referer: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type, Accept, Authorization, X-Switch-User, X-Switch-Account, X-Switch-Region, X-Sfy-Api-Key
Access-Control-Allow-Methods: GET, POST, PUT, DELETE
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3600
Connection: keep-alive
Content-Length: 0
Content-Type: application/json
Date: Thu, 08 Dec 2022 09:33:58 GMT
Server: nginx
X-Server-Name: e50eafe57688af3a47ec4fb3140ed864
ocsp.digicert.com/
200 OK 313 B IP
Hash ec20b9880a4b5706b3348131a233593b
cb8d0cccf87a4c4299e16a4c46120ec0ac870a26
99bbc3b1bb7d5ff8e29c389ed6c36e4e43ee7b86d0a28e299ff146d5a2981ab7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5067
Cache-Control: max-age=140949
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:58 GMT
Etag: "63911f50-139"
Expires: Sat, 10 Dec 2022 00:43:07 GMT
Last-Modified: Wed, 07 Dec 2022 23:18:40 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 313
gandalf-eu.segmentify.com//add/events/v1.json?apiKey=06e2e4b6-5e17-4dbf-9574-c462c3d742d7
200 7.9 kB URL HTTP/1.1 gandalf-eu.segmentify.com//add/events/v1.json?apiKey=06e2e4b6-5e17-4dbf-9574-c462c3d742d7
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type JSON data\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (34712), with no line terminators
Hash 56cdfcf1fbb16cb115a2a260b91b6ad0
7b53b543d5ffdc537fcee7413eb92a35ee56c084
265178c32ac66e8fd850e2bf4cde5580a2754311869e6bd9999661aac6e97ab6
POST //add/events/v1.json?apiKey=06e2e4b6-5e17-4dbf-9574-c462c3d742d7 HTTP/1.1
Host: gandalf-eu.segmentify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
X-Sfy-Api-Key: 06e2e4b6-5e17-4dbf-9574-c462c3d742d7
Content-Length: 1546
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Encoding: br
Content-Type: application/json;charset=UTF-8
Date: Thu, 08 Dec 2022 09:33:58 GMT
Server: nginx
Transfer-Encoding: chunked
X-Server-Name: e50eafe57688af3a47ec4fb3140ed864
bat.bing.com/p/action/5715081.js
204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/5715081.js
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/5715081.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=1330A18C2D3162DE0010B3F82C6663FE; domain=.bing.com; expires=Tue, 02-Jan-2024 09:33:58 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 84DDABFF4CEA4436AB1AC9356D12FB60 Ref B: OSL30EDGE0308 Ref C: 2022-12-08T09:33:58Z
date: Thu, 08 Dec 2022 09:33:58 GMT
X-Firefox-Spdy: h2
d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=90709db
200 OK 48 kB URL HTTP/2 d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=90709db
IP
File type ASCII text, with very long lines (778)
Hash db6577d43efa27de385813e4eb9bf7a8
8a6816a745cf7445b211d08c7a0741e1e3e33e93
e946a88e3447423c1cea32a407f7f060ce07bf2947c2e1c56ee6e3041bced35f
GET /widget/widget.js?v=90709db HTTP/1.1
Host: d3rr3d0n31t48m.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 47685
date: Tue, 15 Nov 2022 21:40:33 GMT
last-modified: Tue, 15 Nov 2022 21:39:31 GMT
etag: "db6577d43efa27de385813e4eb9bf7a8"
cache-control: max-age=2592000, public
content-encoding: gzip
x-amz-meta-mtime: 1668548366.14
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: il9E-v2kEgq9ovyMgH6_ngr4PvANaLVcJ1jLX_fpA5tG0vpjykHpUg==
age: 1943607
X-Firefox-Spdy: h2
analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=92604068-fc9d-453f-895d-a492d2322743&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=a99ad90f-5f90-4ee3-b83b-4b3404454c56&tw_document_href=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH4UVD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv73t&type=javascript&version=2.3.29
200 OK 43 B URL HTTP/2 analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=92604068-fc9d-453f-895d-a492d2322743&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=a99ad90f-5f90-4ee3-b83b-4b3404454c56&tw_document_href=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH4UVD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv73t&type=javascript&version=2.3.29
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=92604068-fc9d-453f-895d-a492d2322743&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=a99ad90f-5f90-4ee3-b83b-4b3404454c56&tw_document_href=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH4UVD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv73t&type=javascript&version=2.3.29 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:33:58 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_x8sRHMSiQr/u+GfBEx9wrw=="; Max-Age=63072000; Expires=Sat, 07 Dec 2024 09:33:59 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 1688930332e1462d
strict-transport-security: max-age=631138519
x-response-time: 113
x-connection-hash: 62dedced8f0e02817e3712b2f52735b4b51516237ba8f750e9970b16f4a7764e
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f214b15409d770d63fcaa5fb6ada0ce0
3a7d52f77a69e6d8fe437fae6b9ff666c2fe2d70
4d4b24a16efefcb234a5bff3196914b00059f04f463c8a049723dd9087d7e05c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D4B24A16EFEFCB234A5BFF3196914B00059F04F463C8A049723DD9087D7E05C"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10082
Expires: Thu, 08 Dec 2022 12:22:01 GMT
Date: Thu, 08 Dec 2022 09:33:59 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c3624eec3b06c9ee00d4237a31df0a61
744cf6f591286faba0e2fc6dc53db8797fd9d4e8
4ce67f7cf06a81565fe740fb3e95162004ed5bf9eb70992e28acdb05f671511c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4CE67F7CF06A81565FE740FB3E95162004ED5BF9EB70992E28ACDB05F671511C"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8592
Expires: Thu, 08 Dec 2022 11:57:11 GMT
Date: Thu, 08 Dec 2022 09:33:59 GMT
Connection: keep-alive
fbcapi.flaviar.com/events
200 OK 0 B URL HTTP/2 fbcapi.flaviar.com/events
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /events HTTP/1.1
Host: fbcapi.flaviar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 506
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Cookie: _ga_94QYBVSJNV=GS1.1.1670492011.1.1.1670492036.35.0.0; _ga=GA1.2.1294024320.1670492011; _gid=GA1.2.1637181157.1670492011; _dc_gtm_UA-28959768-20=1; _dc_gtm_UA-28959768-1=1; _fbp=fb.1.1670492011820.1778092284; _sgf_user_id=3126534455214081; _gcl_au=1.1.1737174899.1670492012; _rdt_uuid=1670492012330.21a5c4c1-9e0f-4329-8302-465ac8ea2dbb; _scid=8dd82155-24a2-4068-ba1b-32a10ddf8dbd; rbuid=rbos-b4d2c969-1bc3-42e5-bf62-0e65f88d75f7; cto_bundle=OFvmh19VenFtdmdkaWYwZklSTXZmTyUyRkk4d0dYRkNnWUYyZ2F3QWhPbWYxVnJGTWFQMjRTSTQycFVrc1Y3R3RHSkFVYXlvYXpCanlyZFVJaE45Q0NpQnFXVFVEcHZub2l5d1A1NFN6WGRtSEtBRUFNNkc1RU96dmxyQnB0WUxZVVpCS0ZnMWVJU1Y2MnRocDZVeWlOSnlxaFNkQSUzRCUzRA; _sgf_exp=; _uetsid=61e20a4076db11eda125751ff19e3517; _uetvid=61e2303076db11ed9f741fecbc8faa24; _sgf_session_id=3126534668640256
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:33:59 GMT
content-length: 0
vary: origin
access-control-allow-credentials: true
access-control-allow-origin: https://flaviar.com
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Thu, 08 Dec 2022 09:33:59 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
AN-X-Request-Uuid: dd437235-a2db-470d-9df1-033ccbdbef25
Set-Cookie: uuid2=8008425100506968068; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 08-Mar-2023 09:33:59 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 32182af83a271ac7d1db2e0b23999222
25986806629e386b5b5edb285365ce41e099dd8a
df461b61bd809ca282ed0c544f1c1164b07b2f9b8eb9f279b2d4fb60c180cba0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=160755
Date: Thu, 08 Dec 2022 09:33:59 GMT
Etag: "639173a4-1d7"
Expires: Sat, 10 Dec 2022 06:13:14 GMT
Last-Modified: Thu, 08 Dec 2022 05:18:28 GMT
Server: ECS (nyb/1D28)
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: nk3uQAPucAJyZxQ86fDlgb88PoQfJrrRbuGb3mFeIlgWRGvn2cO1Cg==
Age: 3286
gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 08 Dec 2022 09:33:58 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=
server-processing-duration-in-ticks: 735589
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 07a86cf9d9c8389ebd9c52303c83b27f
fd3524d701bdf111c541b6fc9e038bffcc3b5d6c
de08c944b2cb2671078e452d870757622e286f7214d736ab2c1b1d1c2ab8dcfb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-xQRSImvW20rLP0pJdCVypQvrKXRmO3IlTag7Cw
200 OK 45 B URL HTTP/2 contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-xQRSImvW20rLP0pJdCVypQvrKXRmO3IlTag7Cw
IP
File type GIF image data, version 87a, 1 x 1\012- data
Hash 99cceceaed4d575484b69ddaf9ed66a7
1e3a3b15296b585833a22d987a387aa58aa1642d
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
GET /cksync.php?cs=3&type=crt&ovsid=k-xQRSImvW20rLP0pJdCVypQvrKXRmO3IlTag7Cw HTTP/1.1
Host: contextual.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
content-length: 45
content-type: image/gif
set-cookie: visitor-id=3134936393580241000V10; Expires=Fri, 08 Dec 2023 09:33:59 GMT; domain=.media.net; Path=/;
data-c-ts=1670492039;Expires=Sat, 07 Jan 2023 09:33:59 GMT;path=/;domain=.media.net;
data-c=k-xQRSImvW20rLP0pJdCVypQvrKXRmO3IlTag7Cw~~3;Expires=Sat, 07 Jan 2023 09:33:59 GMT;path=/;domain=.media.net;
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=31536000
x-mnet-hl2: E
expires: Thu, 08 Dec 2022 09:33:59 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 08 Dec 2022 09:33:59 GMT
X-Firefox-Spdy: h2
criteo-sync.teads.tv/um?eid=80&uid=k-pcdhLmvW20rLP0pJdCVypQvrKXQJPEXPRsWeuQ
200 OK 23 B URL HTTP/2 criteo-sync.teads.tv/um?eid=80&uid=k-pcdhLmvW20rLP0pJdCVypQvrKXQJPEXPRsWeuQ
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash da5b449fff36752a93779fa4067cd2eb
71a96eea77f21ab5f1819b96c4cedd5cd34476ca
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
GET /um?eid=80&uid=k-pcdhLmvW20rLP0pJdCVypQvrKXQJPEXPRsWeuQ HTTP/1.1
Host: criteo-sync.teads.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
server: akka-http/10.2.9
content-length: 23
expires: Thu, 08 Dec 2022 09:33:59 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 08 Dec 2022 09:33:59 GMT
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 884686fa80413218eeb7acabcbf24672
2318eb5d62ec0ba651eda1fbc3159158e8b7c172
3eca5d88c4990f8a582590eb87f1e3382690a1954e0b1c410c4e5cc5f6702d70
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=102538
Date: Thu, 08 Dec 2022 09:33:59 GMT
Etag: "63908ea1-1d7"
Expires: Fri, 09 Dec 2022 14:02:57 GMT
Last-Modified: Wed, 07 Dec 2022 13:01:21 GMT
Server: ECS (bsa/EB16)
X-Cache: Miss from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: JwyCzbWxSwXoLpjsaIdMoGcJ6VbTay_3hp_paFcCQMTg5x23m5wyOg==
Age: 3696
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
302 Found 588 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
IP
File type gzip compressed data, from Unix\012- data
Hash 940eb47f3008071aaca0d941ca2ada7d
384a7f1371c6062c6f12d0cb9374d4fb83f807c4
cfdbf451c23b029fcdffb9acd59c58f00e54b491029698129448723818175ad3
GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Thu, 08 Dec 2022 09:33:59 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
AN-X-Request-Uuid: 6f21b899-e181-4b4c-a297-83332183416f
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
eb2.3lift.com/xuid?mid=2711&xuid=k-pRU8OmvW20rLP0pJdCVypQvrKXRf0Q1FUqmH0w&dongle=013b
200 OK 37 B URL HTTP/2 eb2.3lift.com/xuid?mid=2711&xuid=k-pRU8OmvW20rLP0pJdCVypQvrKXRf0Q1FUqmH0w&dongle=013b
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /xuid?mid=2711&xuid=k-pRU8OmvW20rLP0pJdCVypQvrKXRf0Q1FUqmH0w&dongle=013b HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:33:59 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 10ae015a481b29d89da500c7d98243cf
11c12f0aeda31b6da539b9e6022033e29a124307
d654fa17b63be027de9d2554c7dc0c2d83bd57c8b343734e7f5d9d73bd87d8ee
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2604
Cache-Control: max-age=144982
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:59 GMT
Etag: "639138b1-1d7"
Expires: Sat, 10 Dec 2022 01:50:21 GMT
Last-Modified: Thu, 08 Dec 2022 01:06:57 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
200 OK 471 B IP
Hash 9dfb6f98524703cb28aa777c06f8307d
0259f1b07774b87d9bf5d69228f549946a1dd747
7b5ecd4e9bf216f4c71747b9eab5f135a610972adeb28d4f61118fab6decc065
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 09:33:59 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 13:56:48 GMT
Expires: Tue, 13 Dec 2022 13:56:47 GMT
Etag: "0259f1b07774b87d9bf5d69228f549946a1dd747"
Cache-Control: max-age=447167,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 776480afcb2c1bfa-OSL
ocsp.digicert.com/
200 OK 312 B IP
Hash b42ccbeb034ec7fff08b997734fd1e9a
02a910876f2f78b312b41afdb724e7bf323f97dc
ddb2658d02242ece014057e03325405f08b6909bb9702f0153ee232eeea0aa01
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3325
Cache-Control: max-age=112565
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:59 GMT
Etag: "6390b73f-138"
Expires: Fri, 09 Dec 2022 16:50:04 GMT
Last-Modified: Wed, 07 Dec 2022 15:54:39 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 312
pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-gEUiTGvW20rLP0pJdCVypQvrKXTw1z9aCtuQaQ&expires=30
204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-gEUiTGvW20rLP0pJdCVypQvrKXTw1z9aCtuQaQ&expires=30
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=6434&nid=2149&put=k-gEUiTGvW20rLP0pJdCVypQvrKXTw1z9aCtuQaQ&expires=30 HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/gif
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 6b922b43e7799945fcfd26346a3adcac
35e81b1efb6039081248efe4ccfd54aa09a0ef7c
bc22d1a77105d049043995ebd882d774dfbc4b76647b8b27e9c370a2d3e3f523
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 08 Dec 2022 09:33:59 GMT
Last-Modified: Thu, 08 Dec 2022 08:41:53 GMT
Server: ECS (bsa/EB1D)
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: CbIZM8yPRTygCE4SBsFojeO77wBk4mAV71GyFv1fTFaT87R8xlpVBw==
Age: 3126
x.bidswitch.net/sync?dsp_id=46&user_id=k-kvIZs2vW20rLP0pJdCVypQvrKXQRRqdLgVE6bQ&expires=30
302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?dsp_id=46&user_id=k-kvIZs2vW20rLP0pJdCVypQvrKXQRRqdLgVE6bQ&expires=30
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=46&user_id=k-kvIZs2vW20rLP0pJdCVypQvrKXQRRqdLgVE6bQ&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 08 Dec 2022 09:33:59 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-kvIZs2vW20rLP0pJdCVypQvrKXQRRqdLgVE6bQ&expires=30
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=d83b6e32-7aec-4f42-a754-3078c2d11640; path=/; expires=Fri, 08-Dec-2023 09:33:59 GMT; domain=.bidswitch.net; samesite=none; secure
c=1670492039; path=/; expires=Fri, 08-Dec-2023 09:33:59 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1670492039; path=/; expires=Fri, 08-Dec-2023 09:33:59 GMT; domain=.bidswitch.net; samesite=none; secure
c=1670492039; path=/; expires=Fri, 08-Dec-2023 09:33:59 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash b60308da5db74a4cd12cd968a05bbb77
f09035594d289c6b8035309b75db9af099fbf2b9
86a5dd458438ae74a14bef1727780afeac7e1ab53fbfbe0d493e62634138f9bb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3152
Cache-Control: max-age=109858
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:59 GMT
Etag: "6390ad59-1d7"
Expires: Fri, 09 Dec 2022 16:04:57 GMT
Last-Modified: Wed, 07 Dec 2022 15:12:25 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash 51f8feae4038be3c50f308ae97c8fdea
3182909e4b164e3ef590b25c11d44d623223e862
a6f87ed576e452b6b56c8fd5438f352e8741c89afe810edfadbe2e0f751f196a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2040
Cache-Control: max-age=107672
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:59 GMT
Etag: "6390a927-1d7"
Expires: Fri, 09 Dec 2022 15:28:31 GMT
Last-Modified: Wed, 07 Dec 2022 14:54:31 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-HFzLemvW20rLP0pJdCVypQvrKXTGN3hCKf4Ekg
200 OK 43 B URL HTTP/1.1 rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-HFzLemvW20rLP0pJdCVypQvrKXTGN3hCKf4Ekg
IP
ASN #201081 SmartAdServer SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /redir/?partnerid=79&partneruserid=k-HFzLemvW20rLP0pJdCVypQvrKXTGN3hCKf4Ekg HTTP/1.1
Host: rtb-csync.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: image/gif
date: Thu, 08 Dec 2022 09:33:58 GMT
cache-control: no-cache,no-store
pragma: no-cache
set-cookie: pid=8373146474612014576; expires=Mon, 08 Jan 2024 09:33:59 GMT; domain=smartadserver.com; path=/
TestIfCookieP=ok; expires=Mon, 08 Jan 2024 09:33:59 GMT; domain=smartadserver.com; path=/
csync=79:k-HFzLemvW20rLP0pJdCVypQvrKXTGN3hCKf4Ekg; expires=Fri, 08 Dec 2023 09:33:59 GMT; domain=smartadserver.com; path=/
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 32922f835a72a4939b1a595f942be9dc
84184a058c1e3a2bf3c9105df342e38d91e64411
eacbeb14bd7e0c1ecd83a9c3410e7e89cfd2b5b5cb74a383b9d612eaffc13191
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=160120
Date: Thu, 08 Dec 2022 09:33:59 GMT
Etag: "63916f7b-1d7"
Expires: Sat, 10 Dec 2022 06:02:39 GMT
Last-Modified: Thu, 08 Dec 2022 05:00:43 GMT
Server: ECS (nyb/1D1D)
X-Cache: Miss from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: h4I5Ta5ASLL4mc5OL9bEcKDrV-sc5Q4CbVeZZC1h3nHhxhsoY-_bpw==
Age: 3716
x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-kvIZs2vW20rLP0pJdCVypQvrKXQRRqdLgVE6bQ&expires=30
200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-kvIZs2vW20rLP0pJdCVypQvrKXQRRqdLgVE6bQ&expires=30
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/sync?dsp_id=46&user_id=k-kvIZs2vW20rLP0pJdCVypQvrKXQRRqdLgVE6bQ&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:33:59 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-j3A9Z2vW20rLP0pJdCVypQvrKXSjRA8QpVTluQ
302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-j3A9Z2vW20rLP0pJdCVypQvrKXSjRA8QpVTluQ
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58301/sync?_origin=1&uid=k-j3A9Z2vW20rLP0pJdCVypQvrKXSjRA8QpVTluQ HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 08 Dec 2022 09:33:59 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-j3A9Z2vW20rLP0pJdCVypQvrKXSjRA8QpVTluQ&verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBIevkWMCEIuIQlkL87YNlJ4-aUh5v0wFEgEBAQEBk2ObYwAAAAAA_eMAAA&S=AQAAAoLLPVV0zc-w-XsDqDeObP4; Expires=Fri, 8 Dec 2023 15:33:59 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fb44b614b8381a20ddc7cac6e5228f29
b8c381ae5dea1755066f7d450fdc5b7046e5d441
b4ffb9c2ea3aae0c8d2f1d713c10be2d4c008518a0c30e166da9f1e4ef58ba23
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B4FFB9C2EA3AAE0C8D2F1D713C10BE2D4C008518A0C30E166DA9F1E4EF58BA23"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5128
Expires: Thu, 08 Dec 2022 10:59:27 GMT
Date: Thu, 08 Dec 2022 09:33:59 GMT
Connection: keep-alive
cm.adform.net/pixel?adform_pid=15&adform_pc=k-7k5PeWvW20rLP0pJdCVypQvrKXScMvwbuEBoMw
200 OK 43 B URL HTTP/2 cm.adform.net/pixel?adform_pid=15&adform_pc=k-7k5PeWvW20rLP0pJdCVypQvrKXScMvwbuEBoMw
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /pixel?adform_pid=15&adform_pc=k-7k5PeWvW20rLP0pJdCVypQvrKXScMvwbuEBoMw HTTP/1.1
Host: cm.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 09:33:59 GMT
content-type: image/gif
content-length: 43
last-modified: Wed, 20 Jul 2016 08:04:05 GMT
etag: "578f3075-2b"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash f0bc063ee14a287a2f76000075b166ae
01c46ed1f7e7d7bc8b54c9a886d167cd5ceb4033
e3681ed6e457e6ee825bfb0e1fe2b9982e07ed9461abfd78fcb9a1e58f889876
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3214
Cache-Control: max-age=163590
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:59 GMT
Etag: "63917eff-1d7"
Expires: Sat, 10 Dec 2022 07:00:29 GMT
Last-Modified: Thu, 08 Dec 2022 06:06:55 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-8lzYhmvW20rLP0pJdCVypQvrKXSsh-EwJz3Pow
204 No Content 0 B URL HTTP/2 match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-8lzYhmvW20rLP0pJdCVypQvrKXSsh-EwJz3Pow
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-8lzYhmvW20rLP0pJdCVypQvrKXSsh-EwJz3Pow HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 08 Dec 2022 09:33:59 GMT
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash ed255ae6b5dc25fcffb6e87fc1fef758
1b4122e009b54d78867a357753a330d4034f86ed
7ad022e9f592187b8e2b4a9e6118f9f5326d8e82736d70eeed22058c7562a831
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=105471
Date: Thu, 08 Dec 2022 09:33:59 GMT
Etag: "639099d2-1d7"
Expires: Fri, 09 Dec 2022 14:51:50 GMT
Last-Modified: Wed, 07 Dec 2022 13:49:06 GMT
Server: ECS (bsa/EB1D)
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: MUXW-Jst77GCsMS6Y0mFm7Rv152csQkFU3Taoo7i3NcHzMfauTDNpw==
Age: 3764
id5-sync.com/s/966/9.gif?puid=k-6KgfSmvW20rLP0pJdCVypQvrKXSkqClYkmlS0g
200 43 B URL HTTP/1.1 id5-sync.com/s/966/9.gif?puid=k-6KgfSmvW20rLP0pJdCVypQvrKXSkqClYkmlS0g
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /s/966/9.gif?puid=k-6KgfSmvW20rLP0pJdCVypQvrKXSkqClYkmlS0g HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"
set-cookie: cf=; Max-Age=300; Expires=Thu, 08-Dec-2022 09:38:59 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cip=; Max-Age=300; Expires=Thu, 08-Dec-2022 09:38:59 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cnac=; Max-Age=300; Expires=Thu, 08-Dec-2022 09:38:59 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
car=; Max-Age=300; Expires=Thu, 08-Dec-2022 09:38:59 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
gdpr=; Max-Age=300; Expires=Thu, 08-Dec-2022 09:38:59 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
callback=; Max-Age=300; Expires=Thu, 08-Dec-2022 09:38:59 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
content-type: image/gif;charset=UTF-8
transfer-encoding: chunked
date: Thu, 08 Dec 2022 09:33:59 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ad.yieldlab.net/m?dt_id=8664&ext_id=k-ACFu2mvW20rLP0pJdCVypQvrKXRcCTaNQC8Ofw
204 No Content 0 B URL HTTP/1.1 ad.yieldlab.net/m?dt_id=8664&ext_id=k-ACFu2mvW20rLP0pJdCVypQvrKXRcCTaNQC8Ofw
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /m?dt_id=8664&ext_id=k-ACFu2mvW20rLP0pJdCVypQvrKXRcCTaNQC8Ofw HTTP/1.1
Host: ad.yieldlab.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
x-application-context: application
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Pragma: no-cache
Expires: Wed, 07 Dec 2022 09:33:59 GMT
Date: Thu, 08 Dec 2022 09:33:59 GMT
Connection: keep-alive
Set-Cookie: id=81eb117c-03cd-47a1-8feb-9379e6bf96a1; Path=/; Domain=prod.svc.y6b.de; Expires=Fri, 08-Dec-2023 09:33:59 GMT; Max-Age=31536000; Secure; SameSite=None
ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-j3A9Z2vW20rLP0pJdCVypQvrKXSjRA8QpVTluQ&verify=true
204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-j3A9Z2vW20rLP0pJdCVypQvrKXSjRA8QpVTluQ&verify=true
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58301/sync?_origin=1&uid=k-j3A9Z2vW20rLP0pJdCVypQvrKXSjRA8QpVTluQ&verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 08 Dec 2022 09:33:59 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBIevkWMCEKa_7l_tbu6jvn_BW1N0chQFEgEBAQEBk2ObYwAAAAAA_eMAAA&S=AQAAAnGkpuaEDMZD3Ill1mDZKUQ; Expires=Fri, 8 Dec 2023 15:33:59 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-pDf-vWvW20rLP0pJdCVypQvrKXQpP3fL22X6eA&google_error=3
200 OK 514 B URL HTTP/2 dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-pDf-vWvW20rLP0pJdCVypQvrKXQpP3fL22X6eA&google_error=3
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash a20446e8fccba3f0de95c58d6f600772
6a3b792df4aaee64487f766ee2e0efabfb3d8305
0c1084bc6629d6053968410268766a0973d01afff131fe783fdf8549c16ea5f1
GET /dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-pDf-vWvW20rLP0pJdCVypQvrKXQpP3fL22X6eA&google_error=3 HTTP/1.1
Host: dis.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:33:58 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
timing-allow-origin: *
server-processing-duration-in-ticks: 323530
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 5ed935cfadef72c8c0ef9ea0fc353f65
247b558ac8d7ca8d913ea41b3a9b2434aa58abd3
01c2a3855094778f40f63849cfaaa2399031a392a339701b012bfc040de7dfd2
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 08 Dec 2022 09:33:59 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 08 Dec 2022 08:46:39 GMT
Expires: Fri, 09 Dec 2022 08:46:39 GMT
ETag: "247b558ac8d7ca8d913ea41b3a9b2434aa58abd3"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
dpm.demdex.net/ibs:dpid=28645&dpuuid=
302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=28645&dpuuid=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=28645&dpuuid= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v045-093807daf.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=16928900179527801753423756852640743505; Max-Age=15552000; Expires=Tue, 06 Jun 2023 09:33:59 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: /GElQC20Stg=
Content-Length: 0
Connection: keep-alive
simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-CSvTqWvW20rLP0pJdCVypQvrKXRD8GprSsBMAQ
200 OK 42 B URL HTTP/2 simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-CSvTqWvW20rLP0pJdCVypQvrKXRD8GprSsBMAQ
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-CSvTqWvW20rLP0pJdCVypQvrKXRD8GprSsBMAQ HTTP/1.1
Host: simage2.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 09:33:59 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_97=3385-uid:k-CSvTqWvW20rLP0pJdCVypQvrKXRD8GprSsBMAQ&KRTB&23144-uid:k-CSvTqWvW20rLP0pJdCVypQvrKXRD8GprSsBMAQ&KRTB&23286-uid:k-CSvTqWvW20rLP0pJdCVypQvrKXRD8GprSsBMAQ&KRTB&23287-uid:k-CSvTqWvW20rLP0pJdCVypQvrKXRD8GprSsBMAQ; domain=pubmatic.com; secure; expires=Sat, 07-Jan-2023 09:33:59 GMT; path=/
PugT=1670492039; domain=pubmatic.com; secure; expires=Sat, 07-Jan-2023 09:33:59 GMT; path=/
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
X-Firefox-Spdy: h2
e1.emxdgt.com/put?d=d53&uid=k-2YU0AmvW20rLP0pJdCVypQvrKXSmApum4iLpZKdb4Z1oFw3n
204 No Content 0 B URL HTTP/2 e1.emxdgt.com/put?d=d53&uid=k-2YU0AmvW20rLP0pJdCVypQvrKXSmApum4iLpZKdb4Z1oFw3n
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /put?d=d53&uid=k-2YU0AmvW20rLP0pJdCVypQvrKXSmApum4iLpZKdb4Z1oFw3n HTTP/1.1
Host: e1.emxdgt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
content-type: text/html
date: Thu, 08 Dec 2022 09:33:59 GMT
content-length: 0
X-Firefox-Spdy: h2
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-2-v045-05ee5fd88.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: 8d8DqdgARSk=
Content-Length: 59
Connection: keep-alive
sync.outbrain.com/cookie-sync?p=criteo&uid=k-QJl9AWvW20rLP0pJdCVypQvrKXQDkIihG0Sv0A
200 OK 0 B URL HTTP/1.1 sync.outbrain.com/cookie-sync?p=criteo&uid=k-QJl9AWvW20rLP0pJdCVypQvrKXQDkIihG0Sv0A
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie-sync?p=criteo&uid=k-QJl9AWvW20rLP0pJdCVypQvrKXQDkIihG0Sv0A HTTP/1.1
Host: sync.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 09:33:59 GMT
Content-Length: 0
Cache-Control: no-cache
X-TraceId: 706b51aea6be6a297fb645c247f493df
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash e2a880777201cd52592f5649a4763bfc
c0301503c652721b0b3fae742223f4a873456df8
b6cbe7a377078205eca9cf15e5e929affeca110baedcafd7a4c7694c79812a7b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=98533
Date: Thu, 08 Dec 2022 09:33:59 GMT
Etag: "63908085-1d7"
Expires: Fri, 09 Dec 2022 12:56:12 GMT
Last-Modified: Wed, 07 Dec 2022 12:01:09 GMT
Server: ECS (nyb/1D1F)
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: KaFhDH-a6rIeZHwIHvO09TmiD5mMG3lZOqDXJRwl7OKb5A6wwz38nA==
Age: 3303
ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-NPVBsWvW20rLP0pJdCVypQvrKXTCop90f91zoA
302 Found 0 B URL HTTP/2 ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-NPVBsWvW20rLP0pJdCVypQvrKXTCop90f91zoA
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?publisher_dsp_id=38&external_user_id=k-NPVBsWvW20rLP0pJdCVypQvrKXTCop90f91zoA HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 08 Dec 2022 09:33:59 GMT
content-type: text/plain
content-length: 0
location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-NPVBsWvW20rLP0pJdCVypQvrKXTCop90f91zoA
set-cookie: tuuid=96e45370-0528-45ee-808e-8f3521ad3526; Expires=Wed, 08 Mar 2023 09:33:59 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
tuuid_lu=1670492039; Expires=Wed, 08 Mar 2023 09:33:59 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 7c2aad8c4cad31317636d014510b3f5c
f347ee7a9ab918abbd722a8fcd5d5a2e2afab0d1
eead3554b391dd84ceed2ac4f07adc61b22a1911f47b3aa5c3df59866aa05c7d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=117671
Date: Thu, 08 Dec 2022 09:33:59 GMT
Etag: "6390c9a9-1d7"
Expires: Fri, 09 Dec 2022 18:15:10 GMT
Last-Modified: Wed, 07 Dec 2022 17:13:13 GMT
Server: ECS (nyb/1D0D)
X-Cache: Miss from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 7Du-9O_PetjDSS_t6h8Yj2x49ai6JKv6RdszQEd9EdWBC3CsyaFo3g==
Age: 3717
addshoppers.s3.amazonaws.com/customize/632b240c36963004c36631fb/95a70ba5ad45471ab18a70910459026d.js?_t=1670353484
200 OK 1.6 kB URL HTTP/1.1 addshoppers.s3.amazonaws.com/customize/632b240c36963004c36631fb/95a70ba5ad45471ab18a70910459026d.js?_t=1670353484
IP
File type ASCII text, with very long lines (7951), with no line terminators
Hash 95f2876e39fe955498f724ce1c71af35
8a3c432ead82ae4365e448d11b5253c216cd267c
d7f24a52f782f79107e3d7d155f8484f4a852dac52be1ee95f87f2c434837556
GET /customize/632b240c36963004c36631fb/95a70ba5ad45471ab18a70910459026d.js?_t=1670353484 HTTP/1.1
Host: addshoppers.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: LFl5fbHMxSXgAp41NNwhCVYgcvHPKYCpWhuLrhqQjjfMOLaZ1B6RJSvJ+whmtzX+C1yx41cTMYU=
x-amz-request-id: R1SHWCT07AXPE29Y
Date: Thu, 08 Dec 2022 09:34:00 GMT
Last-Modified: Tue, 06 Dec 2022 19:04:45 GMT
ETag: "95f2876e39fe955498f724ce1c71af35"
Cache-Control: max-age=2592000, public
Content-Encoding: gzip
x-amz-version-id: Z.WdgiG1pvSrqMR_z0ice8xW0UxXDJeo
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
Server: AmazonS3
Content-Length: 1553
gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 08 Dec 2022 09:33:59 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
server-processing-duration-in-ticks: 716006
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
sync-criteo.ads.yieldmo.com/sync?id=k-23n_BWvW20rLP0pJdCVypQvrKXQh20iwyhi8aw&pn_id=criteo&ext=1
200 OK 43 B URL HTTP/2 sync-criteo.ads.yieldmo.com/sync?id=k-23n_BWvW20rLP0pJdCVypQvrKXQh20iwyhi8aw&pn_id=criteo&ext=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /sync?id=k-23n_BWvW20rLP0pJdCVypQvrKXQh20iwyhi8aw&pn_id=criteo&ext=1 HTTP/1.1
Host: sync-criteo.ads.yieldmo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:33:59 GMT
content-type: image/gif
content-length: 43
set-cookie: yieldmo_id=g143b721c7c8e2883ffb%7C1670492039930%7C0%7C; Domain=.yieldmo.com; Expires=Fri, 08-Dec-2023 09:33:59 GMT; Path=/; Secure; SameSite=None; Secure
ptrcriteo=k-23n_BWvW20rLP0pJdCVypQvrKXQh20iwyhi8aw; Domain=ads.yieldmo.com; Expires=Fri, 08-Dec-2023 09:33:59 GMT; Path=/; Secure; SameSite=None; Secure
access-control-allow-origin: *
access-control-request-headers: Cache-Control, Pragma
access-control-allow-methods: GET, OPTIONS
pragma: no-cache
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash eb3ada812f0727a3c3c20655e43c20ab
2766d9dd26318e92c32ec924383ec39a9669b56b
5608fdbb0ddf0610e19db1f02ca3210c89a9bbd530c806c065d0d6e3dd4649d5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 09:33:59 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 07 Dec 2022 03:11:57 GMT
Expires: Wed, 14 Dec 2022 03:11:56 GMT
Etag: "2766d9dd26318e92c32ec924383ec39a9669b56b"
Cache-Control: max-age=494876,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 776480b07bdd1bfa-OSL
ocsp.digicert.com/
200 OK 471 B IP
Hash 50596c352614ac34197ef22f2b1751a8
469911ca4a7d9bb4d52cd99b9bb546f1ece549ce
a1f8eab0897f94325f42351c5ab7845d00d045b59710deab89761a2975b9cd81
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6566
Cache-Control: max-age=101792
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:34:00 GMT
Etag: "63908082-1d7"
Expires: Fri, 09 Dec 2022 13:50:32 GMT
Last-Modified: Wed, 07 Dec 2022 12:01:06 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-maHQ02vW20rLP0pJdCVypQvrKXTF5BidOxoKkA
200 OK 49 B URL HTTP/2 visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-maHQ02vW20rLP0pJdCVypQvrKXTF5BidOxoKkA
IP
ASN #200271 Iguane Solutions SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 4408efc0174f07ad685c456f1de521ca
e3bc3250f8f32bd98dc7b05fd8940b74617eb8d1
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
GET /visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-maHQ02vW20rLP0pJdCVypQvrKXTF5BidOxoKkA HTTP/1.1
Host: visitor.omnitagjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
expires: 0
p3p: CP="CAO PSA OUR"
pragma: no-cache
set-cookie: ayl_visitor=cfe1ced1f7bc3a047a02b7f9be6e8aaa; Path=/; Domain=omnitagjs.com; Max-Age=2592000; Secure; SameSite=None
vary: Accept-Encoding
x-content-type-options: nosniff
date: Thu, 08 Dec 2022 09:34:00 GMT
content-length: 49
x-envoy-upstream-service-time: 92
server: ayl-lb-fra02
X-Firefox-Spdy: h2
beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
204 No Content 0 B URL HTTP/2 beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usermatch.gif?partner=criteo&partner_uid= HTTP/1.1
Host: beacon.krxd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 08 Dec 2022 09:34:00 GMT
set-cookie: _kuid_=PPsb_MQp; Expires=Tue, 06-Jun-23 09:34:00 GMT; Max-Age=15552000; Domain=.krxd.net; Path=/
cache-control: private, no-cache, no-store
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-served-by: beacon-n021-dub-prod.krxd.net
x-request-time: D=57 t=1670492040
X-Firefox-Spdy: h2
ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-NPVBsWvW20rLP0pJdCVypQvrKXTCop90f91zoA
200 OK 43 B URL HTTP/2 ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-NPVBsWvW20rLP0pJdCVypQvrKXTCop90f91zoA
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/match?publisher_dsp_id=38&external_user_id=k-NPVBsWvW20rLP0pJdCVypQvrKXTCop90f91zoA HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:34:00 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 08 Dec 2022 09:33:59 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=
server-processing-duration-in-ticks: 497096
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.entrust.net/
200 OK 1.6 kB IP
Hash 8d65d3c2def9eac69f411ecc956d022e
491efc56a49aee84f509d00f134e33994e990b8c
ab5761ecd683feefd87d496717efc7c10477ef7e3d9c92abd4ad6585e2e85c80
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "AB5761ECD683FEEFD87D496717EFC7C10477EF7E3D9C92ABD4AD6585E2E85C80"
Last-Modified: Thu, 08 Dec 2022 08:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3195
Expires: Thu, 08 Dec 2022 10:27:15 GMT
Date: Thu, 08 Dec 2022 09:34:00 GMT
Connection: keep-alive
ocsp.sectigo.com/
200 OK 472 B IP
Hash 7554d2c3d95c9fe8dbe077b4cefbbd2b
1bb2a01e5ceffcb0705510d1b27c12e9f197099d
167aae18b1d4794ae0596ebf8c562a47eb3591236dbc1d9442e924530334c093
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 09:34:00 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 07 Dec 2022 05:58:12 GMT
Expires: Wed, 14 Dec 2022 05:58:11 GMT
Etag: "1bb2a01e5ceffcb0705510d1b27c12e9f197099d"
Cache-Control: max-age=504850,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 776480b42f5b1bfa-OSL
s.thebrighttag.com/cs?btt=0&tp=cr&uid=
200 OK 35 B URL HTTP/2 s.thebrighttag.com/cs?btt=0&tp=cr&uid=
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /cs?btt=0&tp=cr&uid= HTTP/1.1
Host: s.thebrighttag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:34:00 GMT
content-type: image/gif
content-length: 35
x-bt-requestid: 724763b0-76db-11ed-bd30-0000ac1702e8
cache-control: private, must-revalidate
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin:
server: nginx
p3p: CP=NOI DSP COR NID
X-Firefox-Spdy: h2
35.160.46.251/is
200 OK 32 B IP
File type ASCII text, with no line terminators
Hash 1a8a7b5bc5d369662ff7c97613ea6911
f03e10ecc0534b10ea486a444cdf0db302608a3a
63058a2e004658085c6fe889caaf50f0e0358f2af51bb9d44805417886f36320
Analyzer Verdict Alert quad9 Sinkholed
GET /is HTTP/1.1
Host: 35.160.46.251
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Thu, 08 Dec 2022 09:34:00 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
x-application-context: application:prod:8080
content-type: text/plain;charset=utf-8
content-length: 32
x-envoy-upstream-service-time: 1
server: istio-envoy
connection: close
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash ea90c0d6c167ece53adaedad7af34228
3881b3be1fe3956e30efda85becd9de2e6928161
33233153d4f00efe02522de4db9668a3ca151c5ac97b3cebfabf9cf207877a5b
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 08 Dec 2022 09:34:00 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 07 Dec 2022 22:27:36 GMT
Expires: Thu, 08 Dec 2022 22:27:36 GMT
ETag: "3881b3be1fe3956e30efda85becd9de2e6928161"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.globalsign.com/gsgccr3dvtlsca2020
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
Hash 678e8ad01e942df5e790a7f4b1890758
e10de3f11460a992601fac3d3dcc7c3c30f215dc
160c48844b81c65e3ec937d83be3c4078be50899ef981e3aca8146f9120f7456
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 09:34:01 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Mon, 12 Dec 2022 07:01:11 GMT
ETag: "e10de3f11460a992601fac3d3dcc7c3c30f215dc"
Last-Modified: Thu, 08 Dec 2022 07:01:12 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1179
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776480bc590eb4ed-OSL
ocsp.globalsign.com/gsgccr3dvtlsca2020
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
Hash 678e8ad01e942df5e790a7f4b1890758
e10de3f11460a992601fac3d3dcc7c3c30f215dc
160c48844b81c65e3ec937d83be3c4078be50899ef981e3aca8146f9120f7456
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 09:34:01 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Mon, 12 Dec 2022 07:01:11 GMT
ETag: "e10de3f11460a992601fac3d3dcc7c3c30f215dc"
Last-Modified: Thu, 08 Dec 2022 07:01:12 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1179
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776480bc59931c06-OSL
match.adsrvr.org/track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=6404b9e5-76db-11ed-9ba1-efdb3e3a48c7&gdpr=&gdpr_consent=
200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=6404b9e5-76db-11ed-9ba1-efdb3e3a48c7&gdpr=&gdpr_consent=
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=6404b9e5-76db-11ed-9ba1-efdb3e3a48c7&gdpr=&gdpr_consent= HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:34:01 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-Idf8a2vW20rLP0pJdCVypQvrKXQYhtHhE3LG1g
200 OK 0 B URL HTTP/2 sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-Idf8a2vW20rLP0pJdCVypQvrKXQYhtHhE3LG1g
IP
ASN #200478 Taboola.com ltd
GET /sg/criteortb-network/1/rtb-h/?taboola_hm=k-Idf8a2vW20rLP0pJdCVypQvrKXQYhtHhE3LG1g HTTP/1.1
Host: sync-t1.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 09:33:59 GMT
x-fastly-to-nlb-rtt: 22010
access-control-allow-credentials: true
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?topUrl=flaviar.com&origin=onetag&us_privacy=1---
200 OK 0 B URL HTTP/2 gum.criteo.com/syncframe?topUrl=flaviar.com&origin=onetag&us_privacy=1---
IP
GET /syncframe?topUrl=flaviar.com&origin=onetag&us_privacy=1--- HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:33:57 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: optout=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.criteo.com; path=/
uid=8fea57a5-49a8-42cc-b347-0f13a5f6c886; expires=Tue, 02 Jan 2024 09:33:56 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 687201
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
aacdn.nagich.com/core/4.3.7/accessibility.js
200 OK 0 B URL HTTP/2 aacdn.nagich.com/core/4.3.7/accessibility.js
IP
GET /core/4.3.7/accessibility.js HTTP/1.1
Host: aacdn.nagich.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:33:57 GMT
content-type: application/javascript
cache-control: public, max-age=2204800
last-modified: Wed, 20 Jul 2022 11:28:32 GMT
etag: W/"03079d72b9cd81:0"
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: deny
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 297099
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FvV6%2F2dhhrhPgNYtAoXxXJAdGu4f4q9xffBH3rtW0QFFoK9qhE6QhZB1YJ87hifnXEcLX4%2F714qzlDTYYDnYWSRHWTIIeM4QvpTgmpe7dDCU9qM0BgZERKE5wpsaxWkly3I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776480a07f8bb4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
dnacdn.net/dna
200 OK 0 B IP
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=5kF0Zl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czJVclFzVUozdzFnVUI5ZnZvenZzbnRqVVpvdTduTWE5R0licW1wVFZ4dzY
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:33:57 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=dEG5Sl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czJVclFzVUozdzFnVUI5ZnZvenZzbnZDMGRCNVhlTWFSbW1vUTYyTGltSEU; expires=Tue, 02 Jan 2024 09:33:58 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 323506
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:33:57 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 125000
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-YMFEN2vW20rLP0pJdCVypQvrKXR_ViyaVnTpXzC9q7ihDkqY
200 OK 0 B URL HTTP/2 exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-YMFEN2vW20rLP0pJdCVypQvrKXR_ViyaVnTpXzC9q7ihDkqY
IP
GET /usersync/push?partner=criteo&partnerId=k-YMFEN2vW20rLP0pJdCVypQvrKXR_ViyaVnTpXzC9q7ihDkqY HTTP/1.1
Host: exchange.mediavine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: mv_tokens=%7B%22mv_uuid%22%3A%2262ee6760-76db-11ed-ac1b-0db1ed8173a4%22%2C%22version%22%3A%22eu-v1%22%7D; mv_tokens_eu-v1=%7B%22mv_uuid%22%3A%2262ee6760-76db-11ed-ac1b-0db1ed8173a4%22%2C%22version%22%3A%22eu-v1%22%7D; am_tokens=%7B%22mv_uuid%22%3A%2262ee6760-76db-11ed-ac1b-0db1ed8173a4%22%2C%22version%22%3A%22eu-v1%22%7D; am_tokens_eu-v1=%7B%22mv_uuid%22%3A%2262ee6760-76db-11ed-ac1b-0db1ed8173a4%22%2C%22version%22%3A%22eu-v1%22%7D; criteo=%7B%22id%22%3A%22k-YMFEN2vW20rLP0pJdCVypQvrKXR_ViyaVnTpXzC9q7ihDkqY%22%2C%22version%22%3A%22criteo%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:33:59 GMT
content-type: text/html; charset=utf-8
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
cache-control: private, no-cache
set-cookie: mv_tokens=%7B%22mv_uuid%22%3A%2262ee6760-76db-11ed-ac1b-0db1ed8173a4%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Thu, 22 Dec 2022 09:33:59 GMT; Secure; SameSite=None
mv_tokens_eu-v1=%7B%22mv_uuid%22%3A%2262ee6760-76db-11ed-ac1b-0db1ed8173a4%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Thu, 22 Dec 2022 09:33:59 GMT; Secure; SameSite=None
am_tokens=%7B%22mv_uuid%22%3A%2262ee6760-76db-11ed-ac1b-0db1ed8173a4%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Thu, 22 Dec 2022 09:33:59 GMT; Secure; SameSite=None
am_tokens_eu-v1=%7B%22mv_uuid%22%3A%2262ee6760-76db-11ed-ac1b-0db1ed8173a4%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Thu, 22 Dec 2022 09:33:59 GMT; Secure; SameSite=None
criteo=%7B%22id%22%3A%22k-YMFEN2vW20rLP0pJdCVypQvrKXR_ViyaVnTpXzC9q7ihDkqY%22%2C%22version%22%3A%22criteo%22%7D; Path=/; Expires=Thu, 22 Dec 2022 09:33:59 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
static.fbot.me/friendbuy.js
200 OK 0 B URL HTTP/2 static.fbot.me/friendbuy.js
IP
GET /friendbuy.js HTTP/1.1
Host: static.fbot.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Cookie: globalId=b1b62520-f602-4220-938a-eeb5dcf6f315
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 18:54:50 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: 1TJItsrldzDocUTOk9.t5QWqlV.wmjrZ
server: AmazonS3
content-encoding: gzip
date: Thu, 08 Dec 2022 09:33:56 GMT
cache-control: max-age=300
etag: W/"0b5bcf54c4cdbc59dd5b187265ffc20d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 2eNnASpTuWGA9AUH7jYqqjz3wzWSCnxDIYvyxgmpXeH0EdRronZ9yg==
age: 3
X-Firefox-Spdy: h2
aacdn.nagich.com/style/btncolor.css
200 OK 0 B URL HTTP/2 aacdn.nagich.com/style/btncolor.css
IP
GET /style/btncolor.css HTTP/1.1
Host: aacdn.nagich.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:33:57 GMT
content-type: text/css
cache-control: public, max-age=2204800
last-modified: Mon, 11 Feb 2019 11:17:50 GMT
etag: W/"4c2a96cfbc1d41:0"
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: deny
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 297099
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oC%2FJPk8Nsc%2BUBKCaNUsZ8EoWV7AYiBbNgtlrtEVhZB5zTa%2FMpl5rKP%2BoRPLMdybuqbUZEwJHrD9g%2F%2F4d8%2BzRsz6MtYZg5gsWT80yy0%2BJ7v2QFwQBMj54SJU84yPYAIf%2Bxi0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776480a24a18b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
d3hb14vkzrxvla.cloudfront.net/v1/00e580f3-b08f-44e2-b7b0-5949db5bfaf3
200 OK 0 B URL HTTP/2 d3hb14vkzrxvla.cloudfront.net/v1/00e580f3-b08f-44e2-b7b0-5949db5bfaf3
IP
GET /v1/00e580f3-b08f-44e2-b7b0-5949db5bfaf3 HTTP/1.1
Host: d3hb14vkzrxvla.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
correlationId: b1322453-233b-42fb-93b3-bf1f1b3ce9e6
Helpscout-Origin: Beacon-Embed
Helpscout-Release: 2.2.37
Beacon-Device-ID: 0e14be24-449c-4740-96a4-44ca40c29d4c
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Thu, 08 Dec 2022 09:33:20 GMT
access-control-allow-origin: https://flaviar.com
access-control-expose-headers: Resource-ID
access-control-allow-credentials: true
cache-control: max-age=300
x-ratelimit-limit-general-minute: 60
x-ratelimit-remaining-general-minute: 60
x-ratelimit-limit-conversations-hour: 10
x-ratelimit-remaining-conversations-hour: 10
x-ratelimit-limit-attachments-hour: 10
x-ratelimit-remaining-attachments-hour: 10
x-ratelimit-limit-chat-tokens-hour: 25
x-ratelimit-remaining-chat-tokens-hour: 25
x-ratelimit-limit-identify-hour: 25
x-ratelimit-remaining-identify-hour: 25
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vH7zjQSwhmz8OoHvoBRq3KsvkyVbsU1BY7xFuT0dwjnMDxVBbwNa5g==
age: 37
X-Firefox-Spdy: h2
px.mountain.com/st?ga_tracking_id=UA-28959768-20&ga_client_id=1294024320.1670492011&shpt=Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-28959768-20%22%2C%22ga_client_id%22%3A%221294024320.1670492011%22%2C%22shpt%22%3A%22Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar%22%2C%22dcm_cid%22%3A%221670492011.1%22%2C%22dcm_gid%22%3A%221637181157.1670492011%22%2C%22ga_utm_source%22%3A%22MaxBounty.com%20ULC%22%2C%22ga_utm_medium%22%3A%22affiliates%22%2C%22mntnis%22%3A%22spv6Gsiqtrwe9imbGLWvCADNlXhs83e%2F%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A8%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%2C%22ga_utm_source%22%3A%22OK%22%2C%22ga_utm_medium%22%3A%22OK%22%7D%7D&dcm_cid=1670492011.1&dcm_gid=1637181157.1670492011&dxver=4.0.0&shaid=33038&plh=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH4UVD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&cb=24403766228761172term%3Dvalue&shadditional=criteo%3Dtrue%2Cgoogletagmanager%3Dtrue%2Cga4%3Dtrue
200 OK 0 B URL HTTP/1.1 px.mountain.com/st?ga_tracking_id=UA-28959768-20&ga_client_id=1294024320.1670492011&shpt=Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-28959768-20%22%2C%22ga_client_id%22%3A%221294024320.1670492011%22%2C%22shpt%22%3A%22Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar%22%2C%22dcm_cid%22%3A%221670492011.1%22%2C%22dcm_gid%22%3A%221637181157.1670492011%22%2C%22ga_utm_source%22%3A%22MaxBounty.com%20ULC%22%2C%22ga_utm_medium%22%3A%22affiliates%22%2C%22mntnis%22%3A%22spv6Gsiqtrwe9imbGLWvCADNlXhs83e%2F%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A8%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%2C%22ga_utm_source%22%3A%22OK%22%2C%22ga_utm_medium%22%3A%22OK%22%7D%7D&dcm_cid=1670492011.1&dcm_gid=1637181157.1670492011&dxver=4.0.0&shaid=33038&plh=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH4UVD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&cb=24403766228761172term%3Dvalue&shadditional=criteo%3Dtrue%2Cgoogletagmanager%3Dtrue%2Cga4%3Dtrue
IP
GET /st?ga_tracking_id=UA-28959768-20&ga_client_id=1294024320.1670492011&shpt=Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-28959768-20%22%2C%22ga_client_id%22%3A%221294024320.1670492011%22%2C%22shpt%22%3A%22Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar%22%2C%22dcm_cid%22%3A%221670492011.1%22%2C%22dcm_gid%22%3A%221637181157.1670492011%22%2C%22ga_utm_source%22%3A%22MaxBounty.com%20ULC%22%2C%22ga_utm_medium%22%3A%22affiliates%22%2C%22mntnis%22%3A%22spv6Gsiqtrwe9imbGLWvCADNlXhs83e%2F%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A8%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%2C%22ga_utm_source%22%3A%22OK%22%2C%22ga_utm_medium%22%3A%22OK%22%7D%7D&dcm_cid=1670492011.1&dcm_gid=1637181157.1670492011&dxver=4.0.0&shaid=33038&plh=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH4UVD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&cb=24403766228761172term%3Dvalue&shadditional=criteo%3Dtrue%2Cgoogletagmanager%3Dtrue%2Cga4%3Dtrue HTTP/1.1
Host: px.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Cookie: guid=6404b9e5-76db-11ed-9ba1-efdb3e3a48c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Thu, 08 Dec 2022 09:34:01 GMT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
set-cookie: tt=H4sIAAAAAAAAAKtWKlOyMtJR8guKNzY2MLaINzK3NFayMkAWsTC2AIsgcw3NzA1MLI0MTAxNTCxrAZdK0ipGAAAA;Domain=px.mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
rt="MzMwMzg6MTY3MDQ5MjA0MQ==";Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
guid=6404b9e5-76db-11ed-9ba1-efdb3e3a48c7;Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
content-encoding: gzip
connection: close
dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
200 OK 0 B URL HTTP/2 dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
IP
GET /dis/rtb/appnexus/cookiematch.aspx?appnxsid=0 HTTP/1.1
Host: dis.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:33:58 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
timing-allow-origin: *
server-processing-duration-in-ticks: 510576
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
campaign.fbot.me/06cc9139-6a61-41fc-88db-9ec21e04eecf/campaigns.js
200 OK 0 B URL HTTP/2 campaign.fbot.me/06cc9139-6a61-41fc-88db-9ec21e04eecf/campaigns.js
IP
GET /06cc9139-6a61-41fc-88db-9ec21e04eecf/campaigns.js HTTP/1.1
Host: campaign.fbot.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Cookie: globalId=b1b62520-f602-4220-938a-eeb5dcf6f315
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 09:06:28 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: dEkiO068.JJoOvIRp4TEWm96aq7RJgI1
server: AmazonS3
content-encoding: gzip
date: Thu, 08 Dec 2022 09:33:32 GMT
cache-control: max-age=30
etag: W/"ed1d8967ee1c956c2188672719b3f2e8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zWImg0_jF-T47M9SDbPSHYI9aXO0FsiXbQzqRiEF4qJhPRRivF5RyA==
age: 25
X-Firefox-Spdy: h2
ak.sail-horizon.com/spm/spm.v1.min.js
200 OK 0 B URL HTTP/2 ak.sail-horizon.com/spm/spm.v1.min.js
IP
GET /spm/spm.v1.min.js HTTP/1.1
Host: ak.sail-horizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 15 Sep 2022 23:20:31 GMT
server: AmazonS3
content-encoding: gzip
date: Thu, 08 Dec 2022 09:30:00 GMT
cache-control: max-age=600; must-revalidate
etag: W/"97dd801dd26ae0172c7875245d92f506"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Zw2sUhyR5B2mkFsV4RbeWDPHM1qh7Za-khPwA3qtjPKlKebM63CEcg==
age: 238
X-Firefox-Spdy: h2
dynamic.criteo.com/js/ld/ld.js?a=95340
200 OK 0 B URL HTTP/2 dynamic.criteo.com/js/ld/ld.js?a=95340
IP
GET /js/ld/ld.js?a=95340 HTTP/1.1
Host: dynamic.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:33:57 GMT
content-type: application/javascript; charset=utf-8
server: Kestrel
cache-control: public,max-age=10800
content-encoding: br
vary: Origin, Accept-Encoding
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
criteo-partners.tremorhub.com/sync?UICR=k-KPohkGvW20rLP0pJdCVypQvrKXQv1-Xp1oAgig
200 OK 0 B URL HTTP/2 criteo-partners.tremorhub.com/sync?UICR=k-KPohkGvW20rLP0pJdCVypQvrKXQv1-Xp1oAgig
IP
GET /sync?UICR=k-KPohkGvW20rLP0pJdCVypQvrKXQv1-Xp1oAgig HTTP/1.1
Host: criteo-partners.tremorhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:33:59 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
X-Firefox-Spdy: h2
widget.us.criteo.com/event?a=95340&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3Dundefined%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.1.0&p3=e%3Ddis&adce=1&bundle=shVULV9Rb2Zuc1NnWHNmZDN6SjNtMUU5cWNzeDVtSVkyNHRrS2JMaElQT2RHR3hTVyUyQm9HcFJxaDhqTEVtb2h0M0ZJam56aTlSOUZ0VUNlSzVzeEhxM2QyUHFWTmlSTSUyQkdtbFd0cHVINCUyRjFFNkJXUlhwYWROc1NkdXRwaG1idDlZcGJtRlF2ciUyQmFOV3ZBSjlCcEN0TGlIQW10ZyUzRCUzRA&tld=flaviar.com&dy=1&fu=https%253A%252F%252Fflaviar.com%252F%253Firclickid%253D1-9wPfyDDxyNR7RVoXTXjwISUkAxH4UVD1MORM0%2526ir_cid%253D3334%2526ir_affid%253D10813%2526utm_medium%253Daffiliates%2526utm_source%253DMaxBounty.com%252520ULC%2526ir_partnerid%253D10813%2526ir_adid%253D1215604%2526ir_campaignid%253D3334&dtycbr=97715&cs=1---&cv=1
200 OK 0 B URL HTTP/2 widget.us.criteo.com/event?a=95340&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3Dundefined%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.1.0&p3=e%3Ddis&adce=1&bundle=shVULV9Rb2Zuc1NnWHNmZDN6SjNtMUU5cWNzeDVtSVkyNHRrS2JMaElQT2RHR3hTVyUyQm9HcFJxaDhqTEVtb2h0M0ZJam56aTlSOUZ0VUNlSzVzeEhxM2QyUHFWTmlSTSUyQkdtbFd0cHVINCUyRjFFNkJXUlhwYWROc1NkdXRwaG1idDlZcGJtRlF2ciUyQmFOV3ZBSjlCcEN0TGlIQW10ZyUzRCUzRA&tld=flaviar.com&dy=1&fu=https%253A%252F%252Fflaviar.com%252F%253Firclickid%253D1-9wPfyDDxyNR7RVoXTXjwISUkAxH4UVD1MORM0%2526ir_cid%253D3334%2526ir_affid%253D10813%2526utm_medium%253Daffiliates%2526utm_source%253DMaxBounty.com%252520ULC%2526ir_partnerid%253D10813%2526ir_adid%253D1215604%2526ir_campaignid%253D3334&dtycbr=97715&cs=1---&cv=1
IP
GET /event?a=95340&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3Dundefined%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.1.0&p3=e%3Ddis&adce=1&bundle=shVULV9Rb2Zuc1NnWHNmZDN6SjNtMUU5cWNzeDVtSVkyNHRrS2JMaElQT2RHR3hTVyUyQm9HcFJxaDhqTEVtb2h0M0ZJam56aTlSOUZ0VUNlSzVzeEhxM2QyUHFWTmlSTSUyQkdtbFd0cHVINCUyRjFFNkJXUlhwYWROc1NkdXRwaG1idDlZcGJtRlF2ciUyQmFOV3ZBSjlCcEN0TGlIQW10ZyUzRCUzRA&tld=flaviar.com&dy=1&fu=https%253A%252F%252Fflaviar.com%252F%253Firclickid%253D1-9wPfyDDxyNR7RVoXTXjwISUkAxH4UVD1MORM0%2526ir_cid%253D3334%2526ir_affid%253D10813%2526utm_medium%253Daffiliates%2526utm_source%253DMaxBounty.com%252520ULC%2526ir_partnerid%253D10813%2526ir_adid%253D1215604%2526ir_campaignid%253D3334&dtycbr=97715&cs=1---&cv=1 HTTP/1.1
Host: widget.us.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaviar.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:33:58 GMT
content-type: application/x-javascript
server: Kestrel
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
expires: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
timing-allow-origin: *
server-processing-duration-in-ticks: 15647210
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
54.77.154.87
23.36.76.122
143.204.55.16
93.184.220.29
35.246.234.8
37.157.4.41
2.22.31.194
178.250.2.151
151.101.244.157
104.18.20.226
141.226.228.48