flaviar.com/?irclickid=z9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0&ir_cid=3334&ir_affid=10813&utm_medium=affiliates&utm_source=MaxBounty.com%20ULC&ir_partnerid=10813&ir_adid=1215604&ir_campaignid=3334
172.66.43.165301 Moved Permanently 0 B URL HTTP/1.1 flaviar.com/?irclickid=z9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0&ir_cid=3334&ir_affid=10813&utm_medium=affiliates&utm_source=MaxBounty.com%20ULC&ir_partnerid=10813&ir_adid=1215604&ir_campaignid=3334
IP 172.66.43.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?irclickid=z9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0&ir_cid=3334&ir_affid=10813&utm_medium=affiliates&utm_source=MaxBounty.com%20ULC&ir_partnerid=10813&ir_adid=1215604&ir_campaignid=3334 HTTP/1.1
Host: flaviar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 12 Jan 2023 22:06:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 12 Jan 2023 23:06:12 GMT
Location: https://flaviar.com/?irclickid=z9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0&ir_cid=3334&ir_affid=10813&utm_medium=affiliates&utm_source=MaxBounty.com%20ULC&ir_partnerid=10813&ir_adid=1215604&ir_campaignid=3334
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=duql09a6aiohSXc7fPQmCBejXc3enz2JgiJMfsSTvCfEQFsj3Ae%2BHcJhjSoWDduJl3Clt6VTdJyEVbUi5dX6Dib06%2Fn0Zw%2Foa3k0KxiU7yaW5g5XaNntBGLrqEV%2B"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 788932b14844b506-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cab5b63e128895128726181aff42e42e
d39c36237554fcd41addec0664d7fe7f7d157c06
18e82a5b82eb8f2d8b49df824c336015f19367c5a05467ad139a56db59f88852
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18E82A5B82EB8F2D8B49DF824C336015F19367C5A05467AD139A56DB59F88852"
Last-Modified: Wed, 11 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3577
Expires: Thu, 12 Jan 2023 23:05:49 GMT
Date: Thu, 12 Jan 2023 22:06:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a8b4f1afb0e830b797238d34ab9254aa
e011acef3d05c959a65205d53b651ecd18a889fe
f7ceff5b4fda083c7449b7298c232224cf48a632dcb87233b646790de207d49c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7CEFF5B4FDA083C7449B7298C232224CF48A632DCB87233B646790DE207D49C"
Last-Modified: Thu, 12 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19927
Expires: Fri, 13 Jan 2023 03:38:19 GMT
Date: Thu, 12 Jan 2023 22:06:12 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 12 Jan 2023 21:41:51 GMT
content-type: application/json
age: 1461
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0f4ecf4f26be1ba09e61135b1b488bf4
f16b8277e00033bc990a8bcce54b693cb3c87d62
3018c2a228f0a894d217e8e8b0b8dd060527f06879cd2f469bac6c8766acbbf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3018C2A228F0A894D217E8E8B0B8DD060527F06879CD2F469BAC6C8766ACBBF8"
Last-Modified: Wed, 11 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4314
Expires: Thu, 12 Jan 2023 23:18:06 GMT
Date: Thu, 12 Jan 2023 22:06:12 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 4l4uy3nw9dczv/FfhpDOQBTdy7DWLr9th+9CrSXhIS2sB2dzPa1Ce2GECPm9wjXHNLrh26EMnhs=
x-amz-request-id: N6HZSK6XD3E1M67R
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 12 Jan 2023 21:17:35 GMT
age: 2917
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 12 Jan 2023 22:06:12 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ec9ce9649bdfb58842f5fcca4919b376
e2019cfde0ef8dadfe9f3f82189947329c8ec247
3e0c0d1f78d725027572f66965cdb4ea49077a4573bc816ac6418b0bd4d0f5da
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 22:06:13 GMT
Etag: "63bf62e2-117"
Server: ECS (amb/6B7E)
Content-Length: 279
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 12 Jan 2023 21:17:24 GMT
age: 2929
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1362750c01a8e1a2db32aa73ae46a48d
a423b43f2bd52bd4ec38b760a674866a1294c5ad
f0f57e27c4ec8f1cd8e05f530edc37fb1e4a94ffe92e5729939998346f2e204f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3719
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 22:06:13 GMT
Last-Modified: Thu, 12 Jan 2023 21:04:14 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ec9ce9649bdfb58842f5fcca4919b376
e2019cfde0ef8dadfe9f3f82189947329c8ec247
3e0c0d1f78d725027572f66965cdb4ea49077a4573bc816ac6418b0bd4d0f5da
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 22:06:13 GMT
Etag: "63bf62e2-117"
Last-Modified: Thu, 12 Jan 2023 22:06:13 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279
widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
54.230.111.50200 OK 6.1 kB URL HTTP/2 widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
IP 54.230.111.50:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (19239)
Hash 5add60196e5f96a414fb4b9586764e5d
633f471b3c2fcedeef9cad90cb5bf56f5fe55588
5370f4ba91dda790c7cae92817b812fcbd1ab367cbb4862f5669960ae4e2c9e0
GET /bootstrap/v5/tp.widget.bootstrap.min.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 6124
last-modified: Mon, 30 May 2022 14:38:02 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Thu, 12 Jan 2023 04:04:58 GMT
cache-control: max-age=86400
etag: "5add60196e5f96a414fb4b9586764e5d"
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: iw0v6TXGGyTD3rtd-MUIlSxixVLqPhkiq3TGE0LJO8vk4LbHpHe45A==
age: 64875
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash eaefb1a377d37b185e1204ef828feb4e
9376a5af69ed0651d29df5dc04e90067375ee340
31d9af22f6f4f5340b2760e8689f91295aec751f17ca1c411cf6cc8fdb9a5f4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 22:06:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
54.189.35.180101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.189.35.180:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +tpU1NNEMIeYibt0ff0FyA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: r9AvNAGoB4GaOq88kFZ6dOgue9w=
www.googletagmanager.com/gtm.js?id=GTM-K4F6SWQ
172.217.21.168200 OK 111 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-K4F6SWQ
IP 172.217.21.168:0
File type ASCII text, with very long lines (48672)
Size 111 kB (110912 bytes)
Hash 33ab2843a7ef2a9b83f5a8d22417577e
65c4e7c869102a98d9e8284c5f8f74cb857689f2
aa5fa50b751ac3b9688ac3b8849b95ef360dc747fc8231b22e099211f41e68ed
GET /gtm.js?id=GTM-K4F6SWQ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 12 Jan 2023 22:06:13 GMT
expires: Thu, 12 Jan 2023 22:06:13 GMT
cache-control: private, max-age=900
last-modified: Thu, 12 Jan 2023 21:10:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 110912
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash eaefb1a377d37b185e1204ef828feb4e
9376a5af69ed0651d29df5dc04e90067375ee340
31d9af22f6f4f5340b2760e8689f91295aec751f17ca1c411cf6cc8fdb9a5f4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 22:06:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
use.typekit.net/bne0epn.js
23.36.76.186200 OK 6.7 kB URL HTTP/2 use.typekit.net/bne0epn.js
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (2258)
Hash 56c323529b45591f153e4f5a72d75c0e
cfada07aa803d4651a773d0e4536e036bcfd134c
2953f691618da33aef7c7b909532b8a918bf95dc02c9d44816c526fd40bed81d
GET /bne0epn.js HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/javascript;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: public, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 6730
date: Thu, 12 Jan 2023 22:06:13 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/8de6d2/00000000000000003b9adc6b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
23.36.76.186200 OK 29 kB URL HTTP/2 use.typekit.net/af/8de6d2/00000000000000003b9adc6b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 29392, version 1.0\012- data
Hash ea9b57a664fddcc8ca4ac7057ed8b53b
4cfa452e318ab308c8009ad1257fed42e46ba093
360e1a5c62337c585e8f8b9ba82cd440d4540c444e905665452b93fe785c082b
GET /af/8de6d2/00000000000000003b9adc6b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 29392
etag: "2bd51188b101f4cf29ce1d8dfdbe91d00fc07ba6"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Thu, 12 Jan 2023 22:06:14 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/85d455/00000000000000003b9adc6a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
23.36.76.186200 OK 31 kB URL HTTP/2 use.typekit.net/af/85d455/00000000000000003b9adc6a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
Hash 3d79b10414b05b536a2def5506004e17
cb35938cda0749e06c2192231bd3a0a51a84dd5e
c6b3cbdef3caa616fc06f1e8c714f233ec3c09800ecf9c6d19162a6c3ca7e4c5
GET /af/85d455/00000000000000003b9adc6a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 30656
etag: "374d4e049d59d33f7c1b988631b115ad96597d60"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Thu, 12 Jan 2023 22:06:14 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/379cfa/00000000000000003b9adc6d/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
23.36.76.186200 OK 12 kB URL HTTP/2 use.typekit.net/af/379cfa/00000000000000003b9adc6d/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
Hash 2115f621d3285cb79861bab8d6b416b8
40e0932efbb028fe0d40c04a701148dfe695f502
2f8f68e51db9f7066874a7753ccf4f9c9d568745295ed43685bcda482300e2ff
GET /af/379cfa/00000000000000003b9adc6d/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 11668
etag: "a53237c24cbd279f0405e007f31ec7f47234819b"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Thu, 12 Jan 2023 22:06:14 GMT
X-Firefox-Spdy: h2
widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7
54.230.111.50200 OK 2.1 kB URL HTTP/2 widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7
IP 54.230.111.50:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (6826)
Hash 1307e3fd5846bacc989c2fd05996f010
3fd96ecea8c4a91980939fe1e1efe9ec0f47eebc
39f14c526d9f43a24b5c1e219e7ee63500f90b39517d18085573dcf73eb33d87
GET /trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7 HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 2144
date: Thu, 12 Jan 2023 10:22:15 GMT
last-modified: Tue, 04 Oct 2022 10:34:09 GMT
etag: "1307e3fd5846bacc989c2fd05996f010"
x-amz-server-side-encryption: AES256
cache-control: max-age=86400
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: irSMuQLlYrBELjrKryXZOM4q_sKN3278GJ5jJuqGutYLnabNPF1oOg==
age: 42240
X-Firefox-Spdy: h2
widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/main.js
54.230.111.50200 OK 17 kB URL HTTP/2 widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/main.js
IP 54.230.111.50:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (55452)
Hash 93d7d7afc794dd57add6ab0e6cb1e7a5
f3192d2eb299e4111ac69821274555c54d34dd5e
07125f97b71d0a4b48f6ff11db9e9cbaa6ee1bd510ee795cb05353a3cd087f84
GET /trustboxes/5419b6ffb0d04a076446a9af/main.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 17072
last-modified: Tue, 04 Oct 2022 10:34:10 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Thu, 12 Jan 2023 03:30:49 GMT
cache-control: max-age=86400
etag: "93d7d7afc794dd57add6ab0e6cb1e7a5"
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -oRfKDEx9sMKIy8khD1LzXp-4_Jrvpqf1NIlPhPaeNmzRzlFW_OB5g==
age: 78177
X-Firefox-Spdy: h2
p.typekit.net/p.gif?s=1&k=bne0epn&ht=tk&h=flaviar.com&f=28578.28579.28736&a=7301736&js=1.21.0&app=typekit&e=js&_=1673561159402
23.36.76.186200 OK 1.5 kB URL HTTP/2 p.typekit.net/p.gif?s=1&k=bne0epn&ht=tk&h=flaviar.com&f=28578.28579.28736&a=7301736&js=1.21.0&app=typekit&e=js&_=1673561159402
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
Hash cfc1620a2eeb36407acbe83411c9aae8
6494a6fca71df5a4b139e8085e5df18bce662a90
a10c7a566aee05d05b8195121df8a28acd5e45d71ab6da0fceef3ac69aa95452
GET /p.gif?s=1&k=bne0epn&ht=tk&h=flaviar.com&f=28578.28579.28736&a=7301736&js=1.21.0&app=typekit&e=js&_=1673561159402 HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: image/gif
cross-origin-resource-policy: cross-origin
etag: "61c32ad2-23"
last-modified: Wed, 22 Dec 2021 13:40:34 GMT
server: nginx
content-length: 35
unused62: 8096267
date: Thu, 12 Jan 2023 22:06:14 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7528
Expires: Fri, 13 Jan 2023 00:11:43 GMT
Date: Thu, 12 Jan 2023 22:06:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7528
Expires: Fri, 13 Jan 2023 00:11:43 GMT
Date: Thu, 12 Jan 2023 22:06:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7528
Expires: Fri, 13 Jan 2023 00:11:43 GMT
Date: Thu, 12 Jan 2023 22:06:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7528
Expires: Fri, 13 Jan 2023 00:11:43 GMT
Date: Thu, 12 Jan 2023 22:06:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7528
Expires: Fri, 13 Jan 2023 00:11:43 GMT
Date: Thu, 12 Jan 2023 22:06:15 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0fbbc90d-c4c5-45db-ac55-16077e5b0d1d.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0fbbc90d-c4c5-45db-ac55-16077e5b0d1d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 94f1c1490ac711097f5eef5e6adab49d
bb41e2958d267cc2d5b24457a6048f484c8cd429
94f854077e6008b97f63419a283f70327ebc8a05794a9dd9fa0518f0f5b00e14
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0fbbc90d-c4c5-45db-ac55-16077e5b0d1d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8689
x-amzn-requestid: c88866a0-e22b-4f8c-b423-1d970ebde318
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: egZ9sHuuoAMFzvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bcd6bd-063dab1f2c6aaab03e5fdb9a;Sampled=0
x-amzn-remapped-date: Tue, 10 Jan 2023 03:08:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: vSPK9nuciu6p2onwRcWmi08wmS-9X5ze7QMalJh1jw-5sVQHp-SNEQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 12 Jan 2023 04:45:35 GMT
age: 62440
etag: "bb41e2958d267cc2d5b24457a6048f484c8cd429"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52f112f6-2553-4ba2-971f-71e30bee1d9c.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52f112f6-2553-4ba2-971f-71e30bee1d9c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fb89a11a1dca9a2924adf7e3712c6405
a881a7d88f08035b9e045f2bf73a4d9fabc640a0
8a0c9f295dd30123847eaed0ba8d4e7c2c6dea8b9c645fc70cdcb4fa8c082ee4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52f112f6-2553-4ba2-971f-71e30bee1d9c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10579
x-amzn-requestid: 8760acae-f770-45e2-9639-53967ef1cdb2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: emPDWET4oAMFo-w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bf2bae-153ebb3e4ec7d5045529ce0a;Sampled=0
x-amzn-remapped-date: Wed, 11 Jan 2023 21:35:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Nzv6ByE1M1fyJ8P1o6Xsw-eR6kH41AUbhgCvXXB0aeV-9xwYdRTJaA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 12 Jan 2023 21:52:33 GMT
age: 822
etag: "a881a7d88f08035b9e045f2bf73a4d9fabc640a0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 65f0c0830d6be2391df2dd2bbbf75794
264ed8ddd824620623aef3d5f68b2c027bd356a6
22ba0a0556a92482dfb6f2664d15fda8faa0768b4abfe327e530e3c90b721cd5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 22:06:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=28px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3Dz9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5c63d6134064df0001fff3b7&widgetId=5419b6ffb0d04a076446a9af
54.230.111.50204 No Content 0 B URL HTTP/2 widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=28px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3Dz9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5c63d6134064df0001fff3b7&widgetId=5419b6ffb0d04a076446a9af
IP 54.230.111.50:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stats/TrustboxImpression?locale=en-US&styleHeight=28px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3Dz9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5c63d6134064df0001fff3b7&widgetId=5419b6ffb0d04a076446a9af HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
cache-control: no-store,no-cache
date: Thu, 12 Jan 2023 22:06:14 GMT
pragma: no-cache
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: To8kJVp8fN0xAq-UnZPZJ49KuuAcBe002OW1U2AcD3-EacxO2f7N0A==
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febe61553-0d3d-4c00-8e9b-da1405590a9b.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febe61553-0d3d-4c00-8e9b-da1405590a9b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a708649e0d6b128eb599b221445a8e06
59f9b06ee8e4c9608e29e7b19832fb925789f373
b4e17cfdee53b56ac33cb5a86253e4839ed7bd9bb1604209834bb22d881472f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febe61553-0d3d-4c00-8e9b-da1405590a9b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7140
x-amzn-requestid: 96450c55-6068-4946-9e5f-650c19d2772a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ei739GoJIAMF0lA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bdd9cc-2bf965d47a10fd61619d945f;Sampled=0
x-amzn-remapped-date: Tue, 10 Jan 2023 21:34:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: pvPe1YzNKHB2Q0UAfuFnFcivz4vTYKnn5tFnaFgdR5b3tA_8NJ3C2Q==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Thu, 12 Jan 2023 21:42:12 GMT
age: 1443
etag: "59f9b06ee8e4c9608e29e7b19832fb925789f373"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=42px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3Dz9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5c63d6134064df0001fff3b7&widgetId=5419b6ffb0d04a076446a9af
54.230.111.50204 No Content 0 B URL HTTP/2 widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=42px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3Dz9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5c63d6134064df0001fff3b7&widgetId=5419b6ffb0d04a076446a9af
IP 54.230.111.50:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stats/TrustboxImpression?locale=en-US&styleHeight=42px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3Dz9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5c63d6134064df0001fff3b7&widgetId=5419b6ffb0d04a076446a9af HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
cache-control: no-store,no-cache
date: Thu, 12 Jan 2023 22:06:15 GMT
pragma: no-cache
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EspML99ocWdGWHS8QUzKNbjimddW41kTq3YEuWMTkF_wmoov853J8g==
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e59b65e-133d-4564-94e3-e913d5a394ac.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e59b65e-133d-4564-94e3-e913d5a394ac.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c49e1d8385d23251cbd4ac2574545982
f283baf033327519c05c725f2319b9465f29b1d6
dc91b181ea0e78ff27bbac3e80f3f937fe9f067ef417f02fe0095ef10fdcd1d1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e59b65e-133d-4564-94e3-e913d5a394ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10382
x-amzn-requestid: a9fc1c50-7606-46cb-b49e-62e765d0c88f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: emPC9GLfIAMFwSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bf2bac-3cbf968a6447542b6c931ac0;Sampled=0
x-amzn-remapped-date: Wed, 11 Jan 2023 21:35:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XCcge2Ruz-j01PJpHpnOuCiaH8OQYiQjh-IQaQ18e875_qfgqzXzGw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 12 Jan 2023 21:54:55 GMT
age: 680
etag: "f283baf033327519c05c725f2319b9465f29b1d6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
widget.trustpilot.com/stats/TrustboxView?locale=en-US&styleHeight=42px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3Dz9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5c63d6134064df0001fff3b7&widgetId=5419b6ffb0d04a076446a9af
54.230.111.50204 No Content 0 B URL HTTP/2 widget.trustpilot.com/stats/TrustboxView?locale=en-US&styleHeight=42px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3Dz9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5c63d6134064df0001fff3b7&widgetId=5419b6ffb0d04a076446a9af
IP 54.230.111.50:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stats/TrustboxView?locale=en-US&styleHeight=42px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3Dz9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5c63d6134064df0001fff3b7&widgetId=5419b6ffb0d04a076446a9af HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
cache-control: no-store,no-cache
date: Thu, 12 Jan 2023 22:06:14 GMT
pragma: no-cache
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Jpw8hxksA0BpoA3Ocqf5JkSbhlrDhiQuvUwYvkkOWSFG3RY1U5TpXQ==
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash afcc8f4875f4b74ca0640829b689731e
584d0e11665ae89f9a294baf1e9bb4f0e4e9a4df
3e487396389c4330abc99bc99053eecc6aaf56f7afa398d70c30e1f4709577a0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13626
x-amzn-requestid: 4769eaeb-0c78-4054-ad47-eefdd6ab2d03
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eWHMZErbIAMF6sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b8b8b5-4c7bacfe060899044e361f70;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 00:11:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JRzc2Mcl4EasyH6_1kFh7sr-57f1HNDu-YN8YptDe_kcTET9x8P9LA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Thu, 12 Jan 2023 14:00:13 GMT
age: 29162
etag: "584d0e11665ae89f9a294baf1e9bb4f0e4e9a4df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd511e402-775e-49af-87f1-40b071ae947e.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd511e402-775e-49af-87f1-40b071ae947e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cbf9979c9463fc2681e757256e9d028c
a45408076bf9fa5c6ec83c96a4c5680dc7be7da9
1d0d45cbbba75f0add27aae361e0dc31ce6e317ec62b23acf10db34b47f125e5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd511e402-775e-49af-87f1-40b071ae947e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9413
x-amzn-requestid: fb0125f5-e899-463d-ae4a-0a92945c1731
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: emPDYFKgIAMF7mQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bf2baf-080b963d391741252d9f67ee;Sampled=0
x-amzn-remapped-date: Wed, 11 Jan 2023 21:35:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gyrxhGqUCH9JOcWSfuj0JAoNPBtI9YKeCrzqcq1kzl8RJts-Py0WsQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 22:12:48 GMT
age: 86007
etag: "a45408076bf9fa5c6ec83c96a4c5680dc7be7da9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
consent.cookiebot.com/uc.js?cbid=d053bff0-f51a-4434-ab3e-b7ec8831e3ed
104.84.152.233200 OK 32 kB URL HTTP/2 consent.cookiebot.com/uc.js?cbid=d053bff0-f51a-4434-ab3e-b7ec8831e3ed
IP 104.84.152.233:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65499)
Hash bcb0990b8f32cca6714e6f3cd74058e3
989727df20e7b504aee42e0535b7d6af4819d191
16db11e4514fb3eca008d083b39d4e29b2e886f9c858e0328171bfcc78ebd7fd
GET /uc.js?cbid=d053bff0-f51a-4434-ab3e-b7ec8831e3ed HTTP/1.1
Host: consent.cookiebot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Tue, 10 Jan 2023 10:00:26 GMT
accept-ranges: bytes
etag: "019a65cda24d91:0"
vary: Accept-Encoding
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
access-control-expose-headers: Request-Context
content-length: 32026
cache-control: public, max-age=191
expires: Thu, 12 Jan 2023 22:09:26 GMT
date: Thu, 12 Jan 2023 22:06:15 GMT
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 2.7 kB IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9961c3102d3cc61f1ae4a473381cc5da
25f701da29ee51b78de83756115d165549fa42ab
cf15f02da07c61d411941f75388cdecda05ac33c1a94467fee4cbce1178227d4
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "A6EF1C66863F89B26B1081F0F22CAB35F53D8FB2CDE2C02B106169869069B7E3"
Last-Modified: Tue, 10 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3591
Expires: Thu, 12 Jan 2023 23:06:06 GMT
Date: Thu, 12 Jan 2023 22:06:15 GMT
Connection: keep-alive
www.googleoptimize.com/optimize.js?id=GTM-NLP39W9
142.250.74.46200 OK 46 kB URL HTTP/2 www.googleoptimize.com/optimize.js?id=GTM-NLP39W9
IP 142.250.74.46:0
File type ASCII text, with very long lines (2829)
Hash e782c27222d82c35d28a63669c05fad0
16d27e5feaadcdc0df65641f000e732cabf103eb
db37b7033bb4aa5833492b6369a45703dfda906c4c141d1ff47c1d9affc7bd13
GET /optimize.js?id=GTM-NLP39W9 HTTP/1.1
Host: www.googleoptimize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 12 Jan 2023 22:06:15 GMT
expires: Thu, 12 Jan 2023 22:06:15 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46014
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 65f0c0830d6be2391df2dd2bbbf75794
264ed8ddd824620623aef3d5f68b2c027bd356a6
22ba0a0556a92482dfb6f2664d15fda8faa0768b4abfe327e530e3c90b721cd5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 22:06:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash c8e26415536bbbcd2173b78f1dc584cd
2062aa9d596626e4e701ae43cc3eb68083222f37
03d5062742033abe385c09a4d799e0bf2006fb49b7fe54b2401f04bd6cafe29c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 22:06:15 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 12 Jan 2023 14:06:53 GMT
Expires: Thu, 19 Jan 2023 14:06:52 GMT
Etag: "2062aa9d596626e4e701ae43cc3eb68083222f37"
Cache-Control: max-age=575436,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 788932c0c9fb0b65-OSL
cdn.segmentify.com/06e2e4b6-5e17-4dbf-9574-c462c3d742d7/segmentify.js
34.120.65.227200 OK 55 kB URL HTTP/2 cdn.segmentify.com/06e2e4b6-5e17-4dbf-9574-c462c3d742d7/segmentify.js
IP 34.120.65.227:0
File type ASCII text, with very long lines (56611)
Hash e6d88ff82f2d992213ff26db5acac4d0
814c57b063c3d72ac245722472ffbef49bbde0ff
7ccc25e436eaa909a48a5d6ba19d50fa2796ec7815ee5deb81677ca2ba83ad51
GET /06e2e4b6-5e17-4dbf-9574-c462c3d742d7/segmentify.js HTTP/1.1
Host: cdn.segmentify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycduwb0efR10TXT46BFH2wCd735tKpR9COtap8qMQ-ZxHIYb4COMV8ZNzLRnAtwwzL1psVrVhB3p0YJLjTXdQPIvn_4v0OgJI
x-goog-generation: 1672907955739636
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 54858
content-encoding: gzip
x-goog-hash: crc32c=PpaaQQ==, md5=5tiP+C8tmSIT/ybbWsrE0A==
x-goog-storage-class: STANDARD
accept-ranges: bytes
vary: Accept-Encoding
content-length: 54858
access-control-allow-origin: *
access-control-expose-headers: Origin, Accept, Content-Type, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token
server: UploadServer
date: Thu, 12 Jan 2023 08:45:16 GMT
expires: Thu, 19 Jan 2023 08:45:16 GMT
cache-control: public, max-age=604800
age: 48059
last-modified: Thu, 05 Jan 2023 08:39:15 GMT
etag: "e6d88ff82f2d992213ff26db5acac4d0"
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
consentcdn.cookiebot.com/sdk/bc-v4.min.html
104.110.3.72200 OK 392 B URL HTTP/2 consentcdn.cookiebot.com/sdk/bc-v4.min.html
IP 104.110.3.72:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (627), with no line terminators
Hash e7268eccad39bd651697fa793a52cc5c
47299cefa2397b0c1d0c5bf232390a5cf1bcc4d3
907e16c84d35556e4ed841a3511915e6d4bb4e9d68cfca178a740e90b4d80e35
GET /sdk/bc-v4.min.html HTTP/1.1
Host: consentcdn.cookiebot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: text/html
etag: "3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
last-modified: Mon, 04 Apr 2022 07:23:49 GMT
server: AkamaiNetStorage
x-akamai-transformed: 9 - 0 pmb=mRUM,1
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=29771517
expires: Sat, 23 Dec 2023 11:58:12 GMT
date: Thu, 12 Jan 2023 22:06:15 GMT
content-length: 392
server-timing: cdn-cache; desc=HIT, edge; dur=1
X-Firefox-Spdy: h2
consent.cookiebot.com/d053bff0-f51a-4434-ab3e-b7ec8831e3ed/cc.js?renew=false&referer=flaviar.com&dnt=false&init=false&georegions=%5B%7B%22r%22%3A%22US-06%22%2C%22i%22%3A%226b04ee58-2401-4074-bb6b-0969a4c527d9%22%7D%5D
104.84.152.233200 OK 156 B URL HTTP/2 consent.cookiebot.com/d053bff0-f51a-4434-ab3e-b7ec8831e3ed/cc.js?renew=false&referer=flaviar.com&dnt=false&init=false&georegions=%5B%7B%22r%22%3A%22US-06%22%2C%22i%22%3A%226b04ee58-2401-4074-bb6b-0969a4c527d9%22%7D%5D
IP 104.84.152.233:0
ASN #20940 Akamai International B.V.
File type ASCII text, with CRLF line terminators
Hash 3477de123b1bcca0a96d557218c3c72c
279660604c7c2e9d5be154df57180849efca1e34
9331664c1938651f09a14fb45d0af5fd86a72c2d9aff0bc26193e239ddb38268
GET /d053bff0-f51a-4434-ab3e-b7ec8831e3ed/cc.js?renew=false&referer=flaviar.com&dnt=false&init=false&georegions=%5B%7B%22r%22%3A%22US-06%22%2C%22i%22%3A%226b04ee58-2401-4074-bb6b-0969a4c527d9%22%7D%5D HTTP/1.1
Host: consent.cookiebot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, max-age=1200
content-type: application/x-javascript; charset=utf-8
content-encoding: gzip
last-modified: Thu, 12 Jan 2023 22:06:15 GMT
vary: Accept-Encoding
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
access-control-expose-headers: Request-Context
content-length: 156
date: Thu, 12 Jan 2023 22:06:15 GMT
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash c8e26415536bbbcd2173b78f1dc584cd
2062aa9d596626e4e701ae43cc3eb68083222f37
03d5062742033abe385c09a4d799e0bf2006fb49b7fe54b2401f04bd6cafe29c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 22:06:15 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 12 Jan 2023 14:06:53 GMT
Expires: Thu, 19 Jan 2023 14:06:52 GMT
Etag: "2062aa9d596626e4e701ae43cc3eb68083222f37"
Cache-Control: max-age=575436,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 788932c15a860b65-OSL
aacdn.nagich.com/style/style.css
104.26.14.45200 OK 4.9 kB URL HTTP/2 aacdn.nagich.com/style/style.css
IP 104.26.14.45:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 708de0d3e670c990c9ef7f224ad80c46
5ffe6297bac8bd8fe0f9377c48f79e041916874c
6b42c534baf14fe28ce4d98e29f3dc3757730a534880aa19bf1a6c2138e756a2
GET /style/style.css HTTP/1.1
Host: aacdn.nagich.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 12 Jan 2023 22:06:15 GMT
content-type: text/css
cache-control: public, max-age=2204800
last-modified: Sun, 02 Oct 2022 09:01:39 GMT
etag: W/"809b15953dd6d81:0"
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: deny
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1161422
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BEPgGdbDntiAb8Jpkn8ZJjWgx4Fxq4bTuBMYBxlHXhJWBufR621sSIlzHCkgIeGSwWwFr7lsYuD7mwMQakIZgR9l%2BGsiKZBSY0QaE2uFKuMt7ueQD03XeIeuZT2%2BVP7Rz0k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 788932c1dad0b503-OSL
content-encoding: br
X-Firefox-Spdy: h2
widget.trustpilot.com/trustbox-data/5419b6ffb0d04a076446a9af?businessUnitId=5c63d6134064df0001fff3b7&locale=en-US
54.230.111.50200 OK 4.2 kB URL HTTP/2 widget.trustpilot.com/trustbox-data/5419b6ffb0d04a076446a9af?businessUnitId=5c63d6134064df0001fff3b7&locale=en-US
IP 54.230.111.50:0
Hash ee76a06d22ed0855b19887e8d97d4b60
e7db0cd18866d347abacf25e8893bcd8e12afdda
f2f5fbd588beadb55816ae1a479e0ff59ff313e76dce16b357e691e413cee71f
GET /trustbox-data/5419b6ffb0d04a076446a9af?businessUnitId=5c63d6134064df0001fff3b7&locale=en-US HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
content-encoding: gzip
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: public,max-age=1800
date: Thu, 12 Jan 2023 21:40:32 GMT
etag: "15e255014c3528fd41d8495566714a48"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Nl17z9YYpM5apUL5aEndaRFmT0Ic6X3PrTNNxAsnIuqS_sBpeGUhtw==
age: 1542
X-Firefox-Spdy: h2
public.fbot.me/events/06cc9139-6a61-41fc-88db-9ec21e04eecf/profile/xhr
54.146.181.64200 OK 2 B URL HTTP/2 public.fbot.me/events/06cc9139-6a61-41fc-88db-9ec21e04eecf/profile/xhr
IP 54.146.181.64:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /events/06cc9139-6a61-41fc-88db-9ec21e04eecf/profile/xhr HTTP/1.1
Host: public.fbot.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Referer: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 12 Jan 2023 22:06:15 GMT
content-length: 2
server: nginx/1.23.2
access-control-allow-origin: https://flaviar.com
access-control-allow-credentials: true
access-control-allow-methods: POST, GET
access-control-allow-headers: Authorization, Content-Type
info: {"connection":"upgrade","host":"public.fbot.me","x-forwarded-for":"91.90.42.154","x-forwarded-proto":"https","x-forwarded-port":"443","x-amzn-trace-id":"Root=1-63c08457-1a003cbc476a9c0835e072fc","user-agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0","accept":"*/*","accept-language":"en-US,en;q=0.5","accept-encoding":"gzip, deflate, br","access-control-request-method":"POST","access-control-request-headers":"authorization,content-type","referer":"https://flaviar.com/","origin":"https://flaviar.com","sec-fetch-dest":"empty","sec-fetch-mode":"cors","sec-fetch-site":"cross-site"}
X-Firefox-Spdy: h2
www.redditstatic.com/ads/pixel.js
151.101.193.140200 OK 7.7 kB URL HTTP/2 www.redditstatic.com/ads/pixel.js
IP 151.101.193.140:0
File type ASCII text, with very long lines (25224)
Hash 3528fd00b652f61a266eb584d96f4fcc
d89e16aa1323c6c4f1ed3941122020684a599361
77efa9f2ddfdca7a45df37bbcd22fdaeb7b97161a2acd87e21eb78bdeaad1332
GET /ads/pixel.js HTTP/1.1
Host: www.redditstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Mon, 07 Nov 2022 16:45:46 GMT
etag: "3528fd00b652f61a266eb584d96f4fcc"
cache-control: public, max-age=60
content-encoding: gzip
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 12 Jan 2023 22:06:15 GMT
vary: Accept-Encoding,Origin
server: snooserv
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-length: 7722
X-Firefox-Spdy: h2
sc-static.net/scevent.min.js
54.230.82.240200 OK 13 kB URL HTTP/2 sc-static.net/scevent.min.js
IP 54.230.82.240:0
File type ASCII text, with very long lines (30920), with no line terminators
Hash 5c1e6ef321052f9ef17baa3b17775b15
dc24d4674334a60c2b9d1cd9aae0b6ed1bbb09ea
12a2c25fdde940fdbf0dcf5f2743c615bf8acac3ce6d19bf8b55102526bf763f
GET /scevent.min.js HTTP/1.1
Host: sc-static.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 13268
server: CloudFront
date: Thu, 12 Jan 2023 22:06:15 GMT
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Content-Type
cache-control: private, s-maxage=0, max-age=600
set-cookie: X-AB=0d6e407936704bd380072f5891d28b0e;max-age=86400;expires=Fri, 13 Jan 2023 21:45:54 GMT;Path=/scevent.min.js; Secure; SameSite=None
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bbXDjjYbbkaXIil9gVu6Ogi1IkWkTtWW5uxB-C11mN8O0b4nLGviqw==
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 7e75308cb747652484b4ab8a152db78b
a04d16f1782444571ad04133b1b494f71f09b00e
6feed7ac1774543b47ef94f720b4926471d55e35398081a2172c98f0f21d927f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2804
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 22:06:15 GMT
Last-Modified: Thu, 12 Jan 2023 21:19:31 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 572ed132083cbfc1b98d0bf6aa8d23b8
debe789715930a5dafed2998e27795fb944227fe
9dd3b5cb7e91dc36fae6d59ccc669a9edbe0e7ffdd7163bba423fc701c3e7cd4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5762
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 22:06:15 GMT
Last-Modified: Thu, 12 Jan 2023 20:30:14 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 572ed132083cbfc1b98d0bf6aa8d23b8
debe789715930a5dafed2998e27795fb944227fe
9dd3b5cb7e91dc36fae6d59ccc669a9edbe0e7ffdd7163bba423fc701c3e7cd4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5762
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 22:06:15 GMT
Last-Modified: Thu, 12 Jan 2023 20:30:14 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 572ed132083cbfc1b98d0bf6aa8d23b8
debe789715930a5dafed2998e27795fb944227fe
9dd3b5cb7e91dc36fae6d59ccc669a9edbe0e7ffdd7163bba423fc701c3e7cd4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5762
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 22:06:15 GMT
Last-Modified: Thu, 12 Jan 2023 20:30:14 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
tr.snapchat.com/cm/i?pid=b838e1c8-e5cb-4d99-bda2-d5594b71ff41&u_scsid=6a9a6a82-c9a5-425e-971d-6bf7145909a5&u_sclid=2b74c387-a789-4583-bf18-de66808d148b
35.190.43.134200 OK 0 B URL HTTP/2 tr.snapchat.com/cm/i?pid=b838e1c8-e5cb-4d99-bda2-d5594b71ff41&u_scsid=6a9a6a82-c9a5-425e-971d-6bf7145909a5&u_sclid=2b74c387-a789-4583-bf18-de66808d148b
IP 35.190.43.134:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/i?pid=b838e1c8-e5cb-4d99-bda2-d5594b71ff41&u_scsid=6a9a6a82-c9a5-425e-971d-6bf7145909a5&u_sclid=2b74c387-a789-4583-bf18-de66808d148b HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 12 Jan 2023 22:06:15 GMT
content-type: text/html
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 0
x-envoy-upstream-service-time: 0
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash f8df6042a5ce07374a3e53c9aa50b58c
9ee22dda018c2db22e50e5262516c543b35ab16f
24cffb5f3f9cb42ca2a8dcad4931ff2544074b1e67fa2bb09454d16d22fd8a8a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 22:06:15 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 09 Jan 2023 20:28:57 GMT
Expires: Mon, 16 Jan 2023 20:28:56 GMT
Etag: "9ee22dda018c2db22e50e5262516c543b35ab16f"
Cache-Control: max-age=339160,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 788932c39c380b65-OSL
tr.snapchat.com/p?pid=b838e1c8-e5cb-4d99-bda2-d5594b71ff41&ev=PAGE_VIEW&intg=gtm&pl=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3Dz9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&bt=1d53c387&if=false&m_dcl=2112&m_fcps=1980&m_pi=2053&m_pl=2311&m_pv=v2&m_rd=3094&m_sl=3088&rf=&trackId=ff91f952-487a-4203-b7ba-1dce42ca0f67&ts=1673561160363&u_c1=413baffa-173b-4829-9542-cb7e0b9479ef&u_sclid=2b74c387-a789-4583-bf18-de66808d148b&u_scsid=6a9a6a82-c9a5-425e-971d-6bf7145909a5&v=2.0.0
35.190.43.134200 OK 68 B URL HTTP/2 tr.snapchat.com/p?pid=b838e1c8-e5cb-4d99-bda2-d5594b71ff41&ev=PAGE_VIEW&intg=gtm&pl=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3Dz9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&bt=1d53c387&if=false&m_dcl=2112&m_fcps=1980&m_pi=2053&m_pl=2311&m_pv=v2&m_rd=3094&m_sl=3088&rf=&trackId=ff91f952-487a-4203-b7ba-1dce42ca0f67&ts=1673561160363&u_c1=413baffa-173b-4829-9542-cb7e0b9479ef&u_sclid=2b74c387-a789-4583-bf18-de66808d148b&u_scsid=6a9a6a82-c9a5-425e-971d-6bf7145909a5&v=2.0.0
IP 35.190.43.134:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /p?pid=b838e1c8-e5cb-4d99-bda2-d5594b71ff41&ev=PAGE_VIEW&intg=gtm&pl=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3Dz9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&bt=1d53c387&if=false&m_dcl=2112&m_fcps=1980&m_pi=2053&m_pl=2311&m_pv=v2&m_rd=3094&m_sl=3088&rf=&trackId=ff91f952-487a-4203-b7ba-1dce42ca0f67&ts=1673561160363&u_c1=413baffa-173b-4829-9542-cb7e0b9479ef&u_sclid=2b74c387-a789-4583-bf18-de66808d148b&u_scsid=6a9a6a82-c9a5-425e-971d-6bf7145909a5&v=2.0.0 HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 12 Jan 2023 22:06:15 GMT
access-control-allow-origin: *
cache-control: no-cache, no-transform
set-cookie: sc_at=v2|H4sIAAAAAAAAAAXBgQ0AIAgDsItIwDHRc1T0Co63JTeGjiPpGeIOyNJLsZdtQjGdUWU9wG4WLP1nmXdSMgAAAA==;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
content-type: image/png
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 68
x-envoy-upstream-service-time: 0
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tr.snapchat.com/p?pid=b838e1c8-e5cb-4d99-bda2-d5594b71ff41&ev=PAGE_VIEW&intg=gtm&pl=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3Dz9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&bt=1d53c387&if=false&m_dcl=2112&m_fcps=1980&m_pi=2053&m_pl=2311&m_pv=v2&m_rd=3145&m_sl=3088&rf=&trackId=43b04579-9768-4aaa-b62a-e5dcc1b9f978&ts=1673561160416&u_c1=413baffa-173b-4829-9542-cb7e0b9479ef&u_sclid=2b74c387-a789-4583-bf18-de66808d148b&u_scsid=6a9a6a82-c9a5-425e-971d-6bf7145909a5&v=2.0.0
35.190.43.134200 OK 68 B URL HTTP/2 tr.snapchat.com/p?pid=b838e1c8-e5cb-4d99-bda2-d5594b71ff41&ev=PAGE_VIEW&intg=gtm&pl=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3Dz9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&bt=1d53c387&if=false&m_dcl=2112&m_fcps=1980&m_pi=2053&m_pl=2311&m_pv=v2&m_rd=3145&m_sl=3088&rf=&trackId=43b04579-9768-4aaa-b62a-e5dcc1b9f978&ts=1673561160416&u_c1=413baffa-173b-4829-9542-cb7e0b9479ef&u_sclid=2b74c387-a789-4583-bf18-de66808d148b&u_scsid=6a9a6a82-c9a5-425e-971d-6bf7145909a5&v=2.0.0
IP 35.190.43.134:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /p?pid=b838e1c8-e5cb-4d99-bda2-d5594b71ff41&ev=PAGE_VIEW&intg=gtm&pl=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3Dz9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&bt=1d53c387&if=false&m_dcl=2112&m_fcps=1980&m_pi=2053&m_pl=2311&m_pv=v2&m_rd=3145&m_sl=3088&rf=&trackId=43b04579-9768-4aaa-b62a-e5dcc1b9f978&ts=1673561160416&u_c1=413baffa-173b-4829-9542-cb7e0b9479ef&u_sclid=2b74c387-a789-4583-bf18-de66808d148b&u_scsid=6a9a6a82-c9a5-425e-971d-6bf7145909a5&v=2.0.0 HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 12 Jan 2023 22:06:15 GMT
access-control-allow-origin: *
cache-control: no-cache, no-transform
set-cookie: sc_at=v2|H4sIAAAAAAAAAA3HwQ0AIAgEsIlIAD3QcVRwCobX/roiOl8YIXVS95M0cPbvHhozxFKrxLzBRBzFD21XbIYyAAAA;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
content-type: image/png
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 68
x-envoy-upstream-service-time: 0
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 572ed132083cbfc1b98d0bf6aa8d23b8
debe789715930a5dafed2998e27795fb944227fe
9dd3b5cb7e91dc36fae6d59ccc669a9edbe0e7ffdd7163bba423fc701c3e7cd4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5762
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 22:06:15 GMT
Last-Modified: Thu, 12 Jan 2023 20:30:14 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
splow.flaviar.com/com.snowplowanalytics.snowplow/tp2
172.66.40.91200 OK 0 B URL HTTP/2 splow.flaviar.com/com.snowplowanalytics.snowplow/tp2
IP 172.66.40.91:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: splow.flaviar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 12 Jan 2023 22:06:15 GMT
content-length: 0
access-control-allow-origin: https://flaviar.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 5
x-robots-tag: noindex, nofollow, nosnippet, noarchive
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zsu6L5g992gH%2B7ZYiHAn%2FBkn%2By1aQAaiQ2WfBJwpjAdM14G1PCClM8sxd%2FYWoWG9kgy43g53K2ZF3Kp6PCo5H26VpQm2e%2FrVz0UeTgKtGnenpF5EgrQc9WrVEZi0p%2FiTCTeQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 788932c40d93b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
public.fbot.me/events/06cc9139-6a61-41fc-88db-9ec21e04eecf/profile/xhr
54.146.181.64200 OK 514 B URL HTTP/2 public.fbot.me/events/06cc9139-6a61-41fc-88db-9ec21e04eecf/profile/xhr
IP 54.146.181.64:0
File type JSON data\012- , ASCII text, with very long lines (514), with no line terminators
Hash cfb3fad77d40cb02f977fade5e044c7c
a81c99701873596c63f00232163e355c258de2d2
3df7dc4800e8c69295cfa1bdcc19774b89250fbdec85dd41ebe576f1368f19d3
POST /events/06cc9139-6a61-41fc-88db-9ec21e04eecf/profile/xhr HTTP/1.1
Host: public.fbot.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaviar.com/
Authorization:
Content-Type: application/json
Origin: https://flaviar.com
Content-Length: 215
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 12 Jan 2023 22:06:15 GMT
content-type: application/json
content-length: 514
server: nginx/1.23.2
access-control-allow-origin: https://flaviar.com
set-cookie: globalId=6643cec0-57d0-4346-aef4-6f9d58646edd; Max-Age=315360000; Domain=.fbot.me; Path=/; HttpOnly; Secure; SameSite=None
access-control-allow-credentials: true
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-94QYBVSJNV>m=2oe1a1&_p=555841078&_gaz=1&cid=1666208106.1673561160&ul=en-us&sr=1280x1024&_s=1&sid=1673561159&sct=1&seg=0&dl=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3Dz9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&dt=Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar&en=page_view&_fv=1&_nsi=1&_ss=1&up.membership_status=anonymous
216.239.34.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-94QYBVSJNV>m=2oe1a1&_p=555841078&_gaz=1&cid=1666208106.1673561160&ul=en-us&sr=1280x1024&_s=1&sid=1673561159&sct=1&seg=0&dl=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3Dz9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&dt=Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar&en=page_view&_fv=1&_nsi=1&_ss=1&up.membership_status=anonymous
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-94QYBVSJNV>m=2oe1a1&_p=555841078&_gaz=1&cid=1666208106.1673561160&ul=en-us&sr=1280x1024&_s=1&sid=1673561159&sct=1&seg=0&dl=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3Dz9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&dt=Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar&en=page_view&_fv=1&_nsi=1&_ss=1&up.membership_status=anonymous HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://flaviar.com
date: Thu, 12 Jan 2023 22:06:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tr.snapchat.com/config/com/b838e1c8-e5cb-4d99-bda2-d5594b71ff41.js
35.190.43.134200 OK 629 B URL HTTP/2 tr.snapchat.com/config/com/b838e1c8-e5cb-4d99-bda2-d5594b71ff41.js
IP 35.190.43.134:0
Hash e42eb9cdc51c9c608863dfe72e670473
ed3208831980156734c367029c83cc480096d7a2
56bf8c7a0ce0d42d0c0d112ba472b0b66840f64f9775609b17ea4418d6375240
GET /config/com/b838e1c8-e5cb-4d99-bda2-d5594b71ff41.js HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 12 Jan 2023 22:06:15 GMT
access-control-allow-origin: https://flaviar.com
content-type: application/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time: 0
content-encoding: gzip
vary: Accept-Encoding
server: API Gateway
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/g/collect?v=2&tid=G-94QYBVSJNV&cid=1666208106.1673561160>m=2oe1a1&aip=1
173.194.222.154204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-94QYBVSJNV&cid=1666208106.1673561160>m=2oe1a1&aip=1
IP 173.194.222.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-94QYBVSJNV&cid=1666208106.1673561160>m=2oe1a1&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://flaviar.com
date: Thu, 12 Jan 2023 22:06:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash c1cc8833602dd5e367a6233f2fd9a368
88ccf284313388951cc3eb3534022c403bce8f94
814c643caa1b930bcd10ed0f83968bd7b2d313075bbdd5bb7428e3b9aa87219a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 22:06:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 4fbb727e7613a4bb719fe84c443dd4e8
1837fec954aadae07e33bcb6e845cfbcff8e3757
3804f31145cb12bcfae8634ea1b2346ebcac1c0ad3fa05289f2a714718d90542
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=111417
Date: Thu, 12 Jan 2023 22:06:15 GMT
Etag: "63bf7c3d-1d7"
Expires: Sat, 14 Jan 2023 05:03:12 GMT
Last-Modified: Thu, 12 Jan 2023 03:19:25 GMT
Server: ECS (nyb/1D0A)
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: BRnsHp2CVnUh5is-kiJhPKmaJMgRKXCGJzTK2cQ30QPSqIgx_zZEZQ==
Age: 6227
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 4fbb727e7613a4bb719fe84c443dd4e8
1837fec954aadae07e33bcb6e845cfbcff8e3757
3804f31145cb12bcfae8634ea1b2346ebcac1c0ad3fa05289f2a714718d90542
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 12 Jan 2023 22:06:15 GMT
Last-Modified: Thu, 12 Jan 2023 20:24:03 GMT
Server: ECS (nyb/1D1D)
X-Cache: Miss from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: KZ4rBpz5M6-THa1Wg2NL1UqRw5TG7QjS-MXLgMvZ2-W8NCcNGCz24Q==
Age: 6132
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash ceffb1beda699e96e1b888bbc6316f5d
d348f0f7986cf83c80c4ee003e8e4c7e6b7a2528
3a2c820bfe6053507e0b804b44c16d1fef4f678d0300cfeb8bd57df38db2081c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1943
Cache-Control: max-age=144157
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 22:06:16 GMT
Etag: "63c00cde-139"
Expires: Sat, 14 Jan 2023 14:08:53 GMT
Last-Modified: Thu, 12 Jan 2023 13:36:30 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash dc49064232182779cb7f3672579e4cc6
e08e8ad54c9120fb6f1da8a583d6e4c9f28b481a
a7fc73762574c588debf359b4255cd97874be1d97cb4746d90c1f329c1ce290b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1154
Cache-Control: max-age=110291
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 22:06:16 GMT
Etag: "63bf8ba9-139"
Expires: Sat, 14 Jan 2023 04:44:27 GMT
Last-Modified: Thu, 12 Jan 2023 04:25:13 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 313
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 12 Jan 2023 22:06:15 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=yaZ7JV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czQ0JTJCeERydVpZNU5ha1JwZlJYY0tqSTRlcGFCOHdPV3A3JTJGQ2x5dFBFWWt4; expires=Tue, 06 Feb 2024 22:06:16 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 260441
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0&page=irclickid%3Dz9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0&page=ir_cid%3D3334&page=ir_affid%3D10813&page=utm_medium%3Daffiliates&page=utm_source%3DMaxBounty.com%20ULC&page=ir_partnerid%3D10813&page=ir_adid%3D1215604&page=ir_campaignid%3D3334
75.2.40.13200 OK 18 B URL HTTP/2 api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0&page=irclickid%3Dz9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0&page=ir_cid%3D3334&page=ir_affid%3D10813&page=utm_medium%3Daffiliates&page=utm_source%3DMaxBounty.com%20ULC&page=ir_partnerid%3D10813&page=ir_adid%3D1215604&page=ir_campaignid%3D3334
IP 75.2.40.13:0
File type ASCII text, with no line terminators
Hash cc7fd95a87ea3721ce1853bf3c4dd75e
7f687f7881adf0fc407378d375a61b8f198c0912
0f06a4c8d34690d4e42c81f232a5bdfe9fcbde8a54b5ccd0609a313e90da0879
OPTIONS /v1/personalize/simple?pageviews=1&isMobile=0&page=irclickid%3Dz9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0&page=ir_cid%3D3334&page=ir_affid%3D10813&page=utm_medium%3Daffiliates&page=utm_source%3DMaxBounty.com%20ULC&page=ir_partnerid%3D10813&page=ir_adid%3D1215604&page=ir_campaignid%3D3334 HTTP/1.1
Host: api.sail-personalize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-lib-version,x-referring-url
Referer: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 12 Jan 2023 22:06:16 GMT
content-type: text/plain
content-length: 18
access-control-allow-origin: https://flaviar.com
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: OPTIONS,GET,POST,PUT,DELETE
access-control-allow-headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
allow: HEAD,GET,OPTIONS
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 6bb86817a182559a9657a84391bc0914
471d4c681cfd01c50f9d8f12f6b614e326424093
1ff17d42ac0d4d078340bd30215a525937da02da88c546a781293889fa756dac
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 22:06:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/landing?gcs=G111&rnd=1494971214.1673561160&url=https%3A%2F%2Fflaviar.com%2F>m=2wg1a1K4F6SWQ&auid=1247438123.1673561160
142.250.74.132302 Found 42 B URL HTTP/2 www.google.com/pagead/landing?gcs=G111&rnd=1494971214.1673561160&url=https%3A%2F%2Fflaviar.com%2F>m=2wg1a1K4F6SWQ&auid=1247438123.1673561160
IP 142.250.74.132:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
POST /pagead/landing?gcs=G111&rnd=1494971214.1673561160&url=https%3A%2F%2Fflaviar.com%2F>m=2wg1a1K4F6SWQ&auid=1247438123.1673561160 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 12 Jan 2023 22:06:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
location: https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&rnd=1494971214.1673561160&url=https%3A%2F%2Fflaviar.com%2F>m=2wg1a1K4F6SWQ&auid=1247438123.1673561160
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.0.157200 OK 599 B IP 178.250.0.157:0
Hash f5f2e50411431993a485952d143db937
eaf805f203c5c069d2f6d3fe790b6b0abd58f7b5
370c08c68983f5a39fac69af0439faa3c8c0a63edf2925a53a9a328092278b12
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=yaZ7JV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czQ0JTJCeERydVpZNU5ha1JwZlJYY0tqSTRlcGFCOHdPV3A3JTJGQ2x5dFBFWWt4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 12 Jan 2023 22:06:15 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=zOXZo180M0RITmhlJTJCZkMwOUJGQlhaMUN2czQ0JTJCeERydVpZNU5ha1JwZlJYY0tqS0JPVjFvWFd1SFViS2ZNTVB4Vm1MOQ; expires=Tue, 06 Feb 2024 22:06:16 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 418100
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0&page=irclickid%3Dz9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0&page=ir_cid%3D3334&page=ir_affid%3D10813&page=utm_medium%3Daffiliates&page=utm_source%3DMaxBounty.com%20ULC&page=ir_partnerid%3D10813&page=ir_adid%3D1215604&page=ir_campaignid%3D3334
75.2.40.13200 OK 195 B URL HTTP/2 api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0&page=irclickid%3Dz9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0&page=ir_cid%3D3334&page=ir_affid%3D10813&page=utm_medium%3Daffiliates&page=utm_source%3DMaxBounty.com%20ULC&page=ir_partnerid%3D10813&page=ir_adid%3D1215604&page=ir_campaignid%3D3334
IP 75.2.40.13:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 278efd24ce968e81330c8b77af17db2d
90be1ecfe754acedd485c5b5a8fa34a761090788
465321ef2c50d9636498fb2f02a552b90b0e22b243c4369c687e614c852ce0b1
GET /v1/personalize/simple?pageviews=1&isMobile=0&page=irclickid%3Dz9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0&page=ir_cid%3D3334&page=ir_affid%3D10813&page=utm_medium%3Daffiliates&page=utm_source%3DMaxBounty.com%20ULC&page=ir_partnerid%3D10813&page=ir_adid%3D1215604&page=ir_campaignid%3D3334 HTTP/1.1
Host: api.sail-personalize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaviar.com/
authorization: Bearer 65de79281e7de94b00f804e81e0d65c0
content-type: application/json
x-lib-version: v1.0.1
x-referring-url: https://flaviar.com/?irclickid=z9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0&ir_cid=3334&ir_affid=10813&utm_medium=affiliates&utm_source=MaxBounty.com%20ULC&ir_partnerid=10813&ir_adid=1215604&ir_campaignid=3334
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 12 Jan 2023 22:06:16 GMT
content-type: application/json
content-length: 195
access-control-allow-origin: *
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-store
expires: -1
allowedheaders: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
allowedorigins: *
allowedmethods: GET,OPTIONS
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
185.235.84.39200 OK 399 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 185.235.84.39:0
Hash c4d3bfd567b870a61cb3815496132a60
93aff9d6f7de7067b14e025ac6817f539a48506b
6532687ad9096c12cf171058f3c0319ec0929d2ce38eca44cbf5453be58e5cf7
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 12 Jan 2023 22:06:15 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 137380
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
amplify.outbrain.com/cp/obtp.js
23.38.201.81200 OK 5.5 kB URL HTTP/1.1 amplify.outbrain.com/cp/obtp.js
IP 23.38.201.81:0
File type ASCII text, with very long lines (17064), with no line terminators
Hash a846d48b346dbb36790da05d37c5c664
8459c596050371032448288b832e153e5a6f3adc
ce818f7c86f8500603081fc67ab8e47bf4f2d7b4512ff2950ee14a53bee09a02
GET /cp/obtp.js HTTP/1.1
Host: amplify.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "2b39cf4b5b36810a615ee712f89afb45:1673520765.626306"
Last-Modified: Thu, 12 Jan 2023 07:20:52 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1200
Expires: Thu, 12 Jan 2023 22:26:16 GMT
Date: Thu, 12 Jan 2023 22:06:16 GMT
Content-Length: 5512
Connection: keep-alive
ag.gbc.criteo.com/newidsd
178.250.6.154200 OK 20 kB URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 178.250.6.154:0
File type JSON data\012- , ASCII text, with very long lines (1325)
Hash ec33af9a28b614bd966189a3f62fdf6d
f3b84976e8d321831bd98750065d7c809e95d6f5
6f02ae5f36988a2a9d269ddfd7d4ca7c14d2a278390146e44f947a5e31025068
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 12 Jan 2023 22:06:15 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 106822
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5d7ae418b707a6b0c2de98ba82f90ec3
5ee469b7701b14bb7fa5e1edeeeb66d8e5ac8c97
81b7e41235ff63c57fe3f3b659b9e598c7eb9fbc844afdd84768a4d76a6e5b5d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4054
Cache-Control: max-age=144122
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 22:06:16 GMT
Etag: "63c0047c-1d7"
Expires: Sat, 14 Jan 2023 14:08:18 GMT
Last-Modified: Thu, 12 Jan 2023 13:00:44 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 56ed86c6ba574264fcbaf67b5a233a23
2af652f21e1e6ba1d58ee28027af55017a5206c8
8c25f30c1fc2d7cc7650a6af7f788de0297b9f52ec8806a40797a84345103860
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 22:06:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 541db4f3f0ba067bfb58cdac34cb86f4
20e6883f068568888ce37c6b9ef8f5d12be257c0
83898f3b2da2a11996d2eb3a5115ef301255030fdf231b8bf7971916769bc7be
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: jgTHvmgI/2A1FjMTb4M33zi4FafYn6mQrxtvPv8qwPJOdVSNHpBecZBGgzxb3InrmxRUZ3dSrIfOqmjmDUDQKg==
priority: u=3,i
content-length: 27815
x-fb-trip-id: 1904183273
date: Thu, 12 Jan 2023 22:06:16 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
bat.bing.com/bat.js
204.79.197.200200 OK 12 kB IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (39124), with no line terminators
Hash d925a898de26295fdebfc90203ef46fa
77dd3f5893b76530e08058d50e8f9aef017e80c7
8f4a413fec7e48f5ac290f4596fef33b6396e7fb31080ec0203a5ec817d140c8
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11460
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 05 Dec 2022 17:15:50 GMT
accept-ranges: bytes
etag: "027e538cd8d91:0"
vary: Accept-Encoding
set-cookie: MUID=3953126EDDED6005395F00F9DC1861E2; domain=.bing.com; expires=Tue, 06-Feb-2024 22:06:16 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 370FFD11A6074FB595BC27C5EEFB22F9 Ref B: OSL30EDGE0506 Ref C: 2023-01-12T22:06:16Z
date: Thu, 12 Jan 2023 22:06:15 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 709dbdc77e1779e7c77865fa27f2573a
8781ced82c5109fbe49e8897844c7c1b89f4c340
8b02e05fc2de10b7aa4115870138f3b4e2a1f79a844924d7c50072b002405dc1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 22:06:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.ads-twitter.com/uwt.js
151.101.244.157200 OK 15 kB URL HTTP/2 static.ads-twitter.com/uwt.js
IP 151.101.244.157:0
File type ASCII text, with very long lines (57596), with no line terminators
Hash 573e6a7f86f6f3063763360ef0672c01
b12eab3b4ac8872d49ac6e15f9cd17741765c0cf
02445eb022a04139531f0ce8d8980c31083a1c670936f1477f5cfc4d252133f7
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
cache-control: no-cache
content-type: application/javascript; charset=utf-8
content-encoding: gzip
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
accept-ranges: bytes
date: Thu, 12 Jan 2023 22:06:16 GMT
x-served-by: cache-iad-kiad7000089-IAD, cache-hel1410022-HEL
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15375
X-Firefox-Spdy: h2
rb9yp8py.flaviar.com/assets/wxyz.rb.js
159.203.152.54200 OK 10 kB URL HTTP/1.1 rb9yp8py.flaviar.com/assets/wxyz.rb.js
IP 159.203.152.54:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (347)
Hash 46f395d8bdc29802f09a64a95a192e39
bf4266cdba32c81498002bef7c746bb20df0ac6d
b9c74b5f30111282496c5860c76e8e73697c52e94a939898ea2dae9a6a5314e0
GET /assets/wxyz.rb.js HTTP/1.1
Host: rb9yp8py.flaviar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaviar.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Thu, 12 Jan 2023 22:06:16 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
142.250.74.170200 OK 33 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
IP 142.250.74.170:0
File type ASCII text, with very long lines (32086)
Hash 430e927c980ad4079de727fa59dd93f2
891aaada9a55a91292999f6d50fd300439905982
e8728df8617340bd8c10bc8d27d3a725a48871a269c850e8598689938ec6e2ed
GET /ajax/libs/jquery/1.11.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33434
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Jan 2023 09:55:18 GMT
expires: Fri, 12 Jan 2024 09:55:18 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 43858
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5d7ae418b707a6b0c2de98ba82f90ec3
5ee469b7701b14bb7fa5e1edeeeb66d8e5ac8c97
81b7e41235ff63c57fe3f3b659b9e598c7eb9fbc844afdd84768a4d76a6e5b5d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4054
Cache-Control: max-age=144122
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 22:06:16 GMT
Etag: "63c0047c-1d7"
Expires: Sat, 14 Jan 2023 14:08:18 GMT
Last-Modified: Thu, 12 Jan 2023 13:00:44 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
sslwidget.criteo.com/event?a=95340&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3Dundefined%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.1.0&p3=e%3Ddis&adce=1&bundle=i4LYLF9hT2RGJTJCbnNKYWFVdzVsUmNKSjJLUVVpSWpqR3ZDeHZGM1VUdGd6aEwlMkY0JTJCeGJ6TDlYWTZISTVOdjRwWGs2NkF4UFNoOUV1eXlscnRXOVZjRHM3aXpYQVhyTzRLclN1dmNGY0RqTlhDem1wUjY0V2Rhb3h2TmltSDBYOUc0dVcxd1U5RVBNYWVlc0tCMkglMkZZS2VkeDNMZyUzRCUzRA&tld=flaviar.com&dy=1&fu=https%253A%252F%252Fflaviar.com%252F%253Firclickid%253Dz9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0%2526ir_cid%253D3334%2526ir_affid%253D10813%2526utm_medium%253Daffiliates%2526utm_source%253DMaxBounty.com%252520ULC%2526ir_partnerid%253D10813%2526ir_adid%253D1215604%2526ir_campaignid%253D3334&dtycbr=98805&cs=1---&cv=1
178.250.0.163302 Found 0 B URL HTTP/2 sslwidget.criteo.com/event?a=95340&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3Dundefined%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.1.0&p3=e%3Ddis&adce=1&bundle=i4LYLF9hT2RGJTJCbnNKYWFVdzVsUmNKSjJLUVVpSWpqR3ZDeHZGM1VUdGd6aEwlMkY0JTJCeGJ6TDlYWTZISTVOdjRwWGs2NkF4UFNoOUV1eXlscnRXOVZjRHM3aXpYQVhyTzRLclN1dmNGY0RqTlhDem1wUjY0V2Rhb3h2TmltSDBYOUc0dVcxd1U5RVBNYWVlc0tCMkglMkZZS2VkeDNMZyUzRCUzRA&tld=flaviar.com&dy=1&fu=https%253A%252F%252Fflaviar.com%252F%253Firclickid%253Dz9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0%2526ir_cid%253D3334%2526ir_affid%253D10813%2526utm_medium%253Daffiliates%2526utm_source%253DMaxBounty.com%252520ULC%2526ir_partnerid%253D10813%2526ir_adid%253D1215604%2526ir_campaignid%253D3334&dtycbr=98805&cs=1---&cv=1
IP 178.250.0.163:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event?a=95340&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3Dundefined%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.1.0&p3=e%3Ddis&adce=1&bundle=i4LYLF9hT2RGJTJCbnNKYWFVdzVsUmNKSjJLUVVpSWpqR3ZDeHZGM1VUdGd6aEwlMkY0JTJCeGJ6TDlYWTZISTVOdjRwWGs2NkF4UFNoOUV1eXlscnRXOVZjRHM3aXpYQVhyTzRLclN1dmNGY0RqTlhDem1wUjY0V2Rhb3h2TmltSDBYOUc0dVcxd1U5RVBNYWVlc0tCMkglMkZZS2VkeDNMZyUzRCUzRA&tld=flaviar.com&dy=1&fu=https%253A%252F%252Fflaviar.com%252F%253Firclickid%253Dz9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0%2526ir_cid%253D3334%2526ir_affid%253D10813%2526utm_medium%253Daffiliates%2526utm_source%253DMaxBounty.com%252520ULC%2526ir_partnerid%253D10813%2526ir_adid%253D1215604%2526ir_campaignid%253D3334&dtycbr=98805&cs=1---&cv=1 HTTP/1.1
Host: sslwidget.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 12 Jan 2023 22:06:15 GMT
server: Kestrel
content-length: 0
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
expires: 0
location: https://widget.us.criteo.com/event?a=95340&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3Dundefined%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.1.0&p3=e%3Ddis&adce=1&bundle=i4LYLF9hT2RGJTJCbnNKYWFVdzVsUmNKSjJLUVVpSWpqR3ZDeHZGM1VUdGd6aEwlMkY0JTJCeGJ6TDlYWTZISTVOdjRwWGs2NkF4UFNoOUV1eXlscnRXOVZjRHM3aXpYQVhyTzRLclN1dmNGY0RqTlhDem1wUjY0V2Rhb3h2TmltSDBYOUc0dVcxd1U5RVBNYWVlc0tCMkglMkZZS2VkeDNMZyUzRCUzRA&tld=flaviar.com&dy=1&fu=https%253A%252F%252Fflaviar.com%252F%253Firclickid%253Dz9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0%2526ir_cid%253D3334%2526ir_affid%253D10813%2526utm_medium%253Daffiliates%2526utm_source%253DMaxBounty.com%252520ULC%2526ir_partnerid%253D10813%2526ir_adid%253D1215604%2526ir_campaignid%253D3334&dtycbr=98805&cs=1---&cv=1
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
server-processing-duration-in-ticks: 8378911
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ak.sail-horizon.com/spm/spm.v1.min.js
54.230.111.128200 OK 34 kB URL HTTP/2 ak.sail-horizon.com/spm/spm.v1.min.js
IP 54.230.111.128:0
Hash 5841a7605b8501ceabe91b1a272b32ef
f8e744b35711f1f869e2848fae37773b2439b90b
eede7216527972979130660124e6e259dc1ffcc1cfbd7b40e55b3e3407110632
GET /spm/spm.v1.min.js HTTP/1.1
Host: ak.sail-horizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 11 Jan 2023 16:08:40 GMT
server: AmazonS3
content-encoding: gzip
date: Thu, 12 Jan 2023 22:02:50 GMT
cache-control: max-age=600; must-revalidate
etag: W/"be0aea74754407f0a826a84e140dd5ea"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7UNy9nAh2OkB3KBs_wL4RjrcIgrQT24xdRi1qJkTMoVdMUJc_Dj_6g==
age: 206
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=5715081&tm=gtm002&Ver=2&mid=8b6e471f-ca63-4944-96bc-e3885e1c179b&sid=4cb100a092c511eda7d18fb9da471905&vid=4cb0f81092c511edabbbe9d3187f295f&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar&p=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3Dz9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&r=<=2310&evt=pageLoad&sv=1&rn=232204
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=5715081&tm=gtm002&Ver=2&mid=8b6e471f-ca63-4944-96bc-e3885e1c179b&sid=4cb100a092c511eda7d18fb9da471905&vid=4cb0f81092c511edabbbe9d3187f295f&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar&p=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3Dz9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&r=<=2310&evt=pageLoad&sv=1&rn=232204
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=5715081&tm=gtm002&Ver=2&mid=8b6e471f-ca63-4944-96bc-e3885e1c179b&sid=4cb100a092c511eda7d18fb9da471905&vid=4cb0f81092c511edabbbe9d3187f295f&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar&p=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3Dz9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&r=<=2310&evt=pageLoad&sv=1&rn=232204 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=34529E11F4A2695D3DF08C86F5576881; domain=.bing.com; expires=Tue, 06-Feb-2024 22:06:16 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BFD913A383CE47828993E6D32919A60A Ref B: OSL30EDGE0506 Ref C: 2023-01-12T22:06:16Z
date: Thu, 12 Jan 2023 22:06:15 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 709dbdc77e1779e7c77865fa27f2573a
8781ced82c5109fbe49e8897844c7c1b89f4c340
8b02e05fc2de10b7aa4115870138f3b4e2a1f79a844924d7c50072b002405dc1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 22:06:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/p/action/5715081.js
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/5715081.js
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/5715081.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=212E1833210467441B460AA420F166E8; domain=.bing.com; expires=Tue, 06-Feb-2024 22:06:16 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 362668C148AD4C82BED0DF87558A2CB8 Ref B: OSL30EDGE0506 Ref C: 2023-01-12T22:06:16Z
date: Thu, 12 Jan 2023 22:06:15 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 57269dc1220beafbcccc91737c385a5c
de9381b5bdf3b71ba5838c87dd692cb8216ebfe0
115d2b8a5a3888df651d5550a80cfdac678a992ea965bd0f1e274350d6b3194d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2243
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 22:06:16 GMT
Last-Modified: Thu, 12 Jan 2023 21:28:53 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 57269dc1220beafbcccc91737c385a5c
de9381b5bdf3b71ba5838c87dd692cb8216ebfe0
115d2b8a5a3888df651d5550a80cfdac678a992ea965bd0f1e274350d6b3194d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2126
Cache-Control: max-age=138239
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 22:06:16 GMT
Etag: "63bff509-138"
Expires: Sat, 14 Jan 2023 12:30:15 GMT
Last-Modified: Thu, 12 Jan 2023 11:54:49 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 312
alb.reddit.com/rp.gif?ts=1673561160343&id=t2_h2e6q&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=5728a69c-dc1d-4768-8500-f89bbc2addc1&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1280&sw=1024&v=rdt_1967aea8
151.101.129.140200 OK 42 B URL HTTP/2 alb.reddit.com/rp.gif?ts=1673561160343&id=t2_h2e6q&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=5728a69c-dc1d-4768-8500-f89bbc2addc1&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1280&sw=1024&v=rdt_1967aea8
IP 151.101.129.140:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /rp.gif?ts=1673561160343&id=t2_h2e6q&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=5728a69c-dc1d-4768-8500-f89bbc2addc1&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1280&sw=1024&v=rdt_1967aea8 HTTP/1.1
Host: alb.reddit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
cross-origin-resource-policy: cross-origin
content-type: image/gif
accept-ranges: bytes
date: Thu, 12 Jan 2023 22:06:16 GMT
via: 1.1 varnish
content-length: 42
X-Firefox-Spdy: h2
rb9yp8py.flaviar.com/integrations?source=flaviar
159.203.152.54200 OK 59 B URL HTTP/1.1 rb9yp8py.flaviar.com/integrations?source=flaviar
IP 159.203.152.54:0
ASN #14061 DIGITALOCEAN-ASN
Hash b13b075ac18d7ecbf705dad11323402e
124e2c4307c6beabfd3e751f14a4f7acb02eb6ce
03db7011ba06ed159ca1b7dee62dc5a01ee2d0a3d6f3b0294004cd455251b7f2
GET /integrations?source=flaviar HTTP/1.1
Host: rb9yp8py.flaviar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Cookie: _ga_94QYBVSJNV=GS1.1.1673561159.1.0.1673561159.60.0.0; _ga=GA1.2.1666208106.1673561160; _gcl_au=1.1.1247438123.1673561160; _rdt_uuid=1673561160341.5728a69c-dc1d-4768-8500-f89bbc2addc1; _schn=_n48lxbh; _scid=413baffa-173b-4829-9542-cb7e0b9479ef; cto_bundle=i4LYLF9hT2RGJTJCbnNKYWFVdzVsUmNKSjJLUVVpSWpqR3ZDeHZGM1VUdGd6aEwlMkY0JTJCeGJ6TDlYWTZISTVOdjRwWGs2NkF4UFNoOUV1eXlscnRXOVZjRHM3aXpYQVhyTzRLclN1dmNGY0RqTlhDem1wUjY0V2Rhb3h2TmltSDBYOUc0dVcxd1U5RVBNYWVlc0tCMkglMkZZS2VkeDNMZyUzRCUzRA; _gid=GA1.2.804575726.1673561161; _uetsid=4cb100a092c511eda7d18fb9da471905; _uetvid=4cb0f81092c511edabbbe9d3187f295f; _dc_gtm_UA-28959768-20=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: openresty
Date: Thu, 12 Jan 2023 22:06:16 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
t.co/i/adsct?bci=3&eci=2&event_id=cb6c34e5-e251-434e-a0c6-8e85ac1cb4c6&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9f81c98d-b96c-40ce-8d62-2b7392d11f39&tw_document_href=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3Dz9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv73t&type=javascript&version=2.3.29
104.244.42.133200 OK 43 B URL HTTP/2 t.co/i/adsct?bci=3&eci=2&event_id=cb6c34e5-e251-434e-a0c6-8e85ac1cb4c6&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9f81c98d-b96c-40ce-8d62-2b7392d11f39&tw_document_href=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3Dz9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv73t&type=javascript&version=2.3.29
IP 104.244.42.133:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=cb6c34e5-e251-434e-a0c6-8e85ac1cb4c6&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9f81c98d-b96c-40ce-8d62-2b7392d11f39&tw_document_href=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3Dz9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv73t&type=javascript&version=2.3.29 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 12 Jan 2023 22:06:16 GMT
perf: 7626143928
server: tsa_o
set-cookie: muc_ads=b7f34948-9aab-4bc9-ad76-a619b664692b; Max-Age=63072000; Expires=Sat, 11 Jan 2025 22:06:16 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: efea7826734c9ff2
strict-transport-security: max-age=0
x-response-time: 103
x-connection-hash: b926c5009cab10e6a988399942cc2311cf98173ee12b4aefda9130fd26df86e4
X-Firefox-Spdy: h2
t.co/i/adsct?bci=3&eci=2&event_id=5970ea72-0fd7-490c-ad3d-66423b2da0f3&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9f81c98d-b96c-40ce-8d62-2b7392d11f39&tw_document_href=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3Dz9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv73t&type=javascript&version=2.3.29
104.244.42.133200 OK 43 B URL HTTP/2 t.co/i/adsct?bci=3&eci=2&event_id=5970ea72-0fd7-490c-ad3d-66423b2da0f3&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9f81c98d-b96c-40ce-8d62-2b7392d11f39&tw_document_href=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3Dz9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv73t&type=javascript&version=2.3.29
IP 104.244.42.133:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=5970ea72-0fd7-490c-ad3d-66423b2da0f3&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9f81c98d-b96c-40ce-8d62-2b7392d11f39&tw_document_href=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3Dz9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv73t&type=javascript&version=2.3.29 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 12 Jan 2023 22:06:16 GMT
perf: 7626143928
server: tsa_o
set-cookie: muc_ads=fad20058-5c54-497e-972f-a0062fb3eeff; Max-Age=63072000; Expires=Sat, 11 Jan 2025 22:06:16 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 8e2b5e0efa586379
strict-transport-security: max-age=0
x-response-time: 105
x-connection-hash: b926c5009cab10e6a988399942cc2311cf98173ee12b4aefda9130fd26df86e4
X-Firefox-Spdy: h2
alb.reddit.com/rp.gif?ts=1673561160342&id=t2_h2e6q&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=5728a69c-dc1d-4768-8500-f89bbc2addc1&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1280&sw=1024&v=rdt_1967aea8
151.101.129.140200 OK 42 B URL HTTP/2 alb.reddit.com/rp.gif?ts=1673561160342&id=t2_h2e6q&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=5728a69c-dc1d-4768-8500-f89bbc2addc1&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1280&sw=1024&v=rdt_1967aea8
IP 151.101.129.140:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /rp.gif?ts=1673561160342&id=t2_h2e6q&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=5728a69c-dc1d-4768-8500-f89bbc2addc1&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1280&sw=1024&v=rdt_1967aea8 HTTP/1.1
Host: alb.reddit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
cross-origin-resource-policy: cross-origin
content-type: image/gif
accept-ranges: bytes
date: Thu, 12 Jan 2023 22:06:16 GMT
via: 1.1 varnish
content-length: 42
X-Firefox-Spdy: h2
aacdn.nagich.com/core/4.3.7/accessibility.js
104.26.14.45200 OK 14 kB URL HTTP/2 aacdn.nagich.com/core/4.3.7/accessibility.js
IP 104.26.14.45:0
File type Unicode text, UTF-8 text, with very long lines (42570), with no line terminators
Hash 453541cb96257a084604a1b89ead55d7
1ba90ae7a4813feb07f9a52dfaf1c68516483c6e
3a8fb4345909a4a71c33d4697ad6d404e989848a31de25d115f9782e7d5f4a1f
GET /core/4.3.7/accessibility.js HTTP/1.1
Host: aacdn.nagich.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 12 Jan 2023 22:06:15 GMT
content-type: application/javascript
cache-control: public, max-age=2204800
last-modified: Wed, 20 Jul 2022 11:28:32 GMT
etag: W/"03079d72b9cd81:0"
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: deny
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1161423
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yzaE9492UufDomlBOrGC96QQCE%2FcaGwAqGMj5ilsv11VGaHLez4Nyb8pipJF9OYs3eDdWfG758RE4tWLb8%2B4mZeyHfOGoPD8RtBP4b2EUFqRl2fZxY1NOgr8YbdnAf0F33w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 788932c0d9a8b503-OSL
content-encoding: br
X-Firefox-Spdy: h2
tr.outbrain.com/cachedClickId?marketerId=undefined
64.202.112.31200 OK 35 B URL HTTP/1.1 tr.outbrain.com/cachedClickId?marketerId=undefined
IP 64.202.112.31:0
File type ASCII text, with no line terminators
Hash 75c843c7b717e7b722777907475c67a3
983d1c9a05b315288039b9d4694ce3b402259240
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
GET /cachedClickId?marketerId=undefined HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 22:06:16 GMT
Content-Type: application/javascript
Content-Length: 35
X-TraceId: 16875051a2d144965439c9863c247d2e
tr.outbrain.com/unifiedPixel?marketerId=00cf895e7b627a414bdcc05c54e01b7ae7&obApiVersion=1.1&obtpVersion=2.0.5&name=Pageview&dl=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3Dz9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&cht=ccpa&optOut=false&bust=09620876331392985&referrer=
64.202.112.31200 OK 53 B URL HTTP/1.1 tr.outbrain.com/unifiedPixel?marketerId=00cf895e7b627a414bdcc05c54e01b7ae7&obApiVersion=1.1&obtpVersion=2.0.5&name=Pageview&dl=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3Dz9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&cht=ccpa&optOut=false&bust=09620876331392985&referrer=
IP 64.202.112.31:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 414bd2a5161db03fdd910327b42c6daa
65d4cf50496813c5f1a34eddd5c50dc67d44ff47
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
GET /unifiedPixel?marketerId=00cf895e7b627a414bdcc05c54e01b7ae7&obApiVersion=1.1&obtpVersion=2.0.5&name=Pageview&dl=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3Dz9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&cht=ccpa&optOut=false&bust=09620876331392985&referrer= HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 22:06:16 GMT
Content-Type: image/gif;
Content-Length: 53
Cache-Control: no-cache
X-TraceId: ae73313cb9f773f1cbfc50a54556a498
www.facebook.com/tr/?id=1649789958596951&ev=PageView&dl=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3Dz9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&rl=&if=false&ts=1673561161527&sw=1280&sh=1024&v=2.9.92&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1673561161523.1470048591&eid=ob3_plugin-set_930fbbe3933bc69b901d10b5bad3d26a2577c669374ee1c18be0635699904d3a&it=1673561161140&coo=false&tm=1&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1649789958596951&ev=PageView&dl=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3Dz9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&rl=&if=false&ts=1673561161527&sw=1280&sh=1024&v=2.9.92&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1673561161523.1470048591&eid=ob3_plugin-set_930fbbe3933bc69b901d10b5bad3d26a2577c669374ee1c18be0635699904d3a&it=1673561161140&coo=false&tm=1&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1649789958596951&ev=PageView&dl=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3Dz9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&rl=&if=false&ts=1673561161527&sw=1280&sh=1024&v=2.9.92&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1673561161523.1470048591&eid=ob3_plugin-set_930fbbe3933bc69b901d10b5bad3d26a2577c669374ee1c18be0635699904d3a&it=1673561161140&coo=false&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Jan 2023 22:06:17 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash d9e314ca3e8b5b3f0d94c5d7aa85fc1b
d8e16c1cecf82ef607c2974c77847d9e9f32c70a
1e79bb936b6bb2014040dc66afd33d13a70a3e84e6f11c49df8c11edf30f4473
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4740
Cache-Control: max-age=95475
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 22:06:17 GMT
Etag: "63bf43c8-138"
Expires: Sat, 14 Jan 2023 00:37:32 GMT
Last-Modified: Wed, 11 Jan 2023 23:18:32 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash d9e314ca3e8b5b3f0d94c5d7aa85fc1b
d8e16c1cecf82ef607c2974c77847d9e9f32c70a
1e79bb936b6bb2014040dc66afd33d13a70a3e84e6f11c49df8c11edf30f4473
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6534
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 22:06:17 GMT
Last-Modified: Thu, 12 Jan 2023 20:17:23 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 312
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash 88fa634ffd4445610d68abf2205c944d
5cc593618fb01527678acfbc774e9c4b0f492250
a0a30c5451cfd118d67e98e063bfade7ab12917ac90ec413ed0deda9b2519148
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 12 Jan 2023 22:06:16 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 12 Jan 2023 00:55:50 GMT
Expires: Fri, 13 Jan 2023 00:55:50 GMT
ETag: "5cc593618fb01527678acfbc774e9c4b0f492250"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
gandalf-eu.segmentify.com//get/key/v1.json?count=2
35.246.234.8200 30 B URL HTTP/1.1 gandalf-eu.segmentify.com//get/key/v1.json?count=2
IP 35.246.234.8:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type JSON data\012- , ASCII text, with no line terminators
Hash 6b5e1be206c9efda2591e99fc369b72b
51600886f9f402be82f16c4dd3ba12299fc37a75
82297b06168ce44dd4c4fef426901034070fa09e52daac56197e6770ee946c5a
GET //get/key/v1.json?count=2 HTTP/1.1
Host: gandalf-eu.segmentify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Encoding: br
Content-Type: application/json;charset=UTF-8
Date: Thu, 12 Jan 2023 22:06:17 GMT
Server: nginx
Transfer-Encoding: chunked
X-Server-Name: 954b0a27b6131b61ce7ca07d0e642523
analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=cb6c34e5-e251-434e-a0c6-8e85ac1cb4c6&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9f81c98d-b96c-40ce-8d62-2b7392d11f39&tw_document_href=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3Dz9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv73t&type=javascript&version=2.3.29
104.244.42.3200 OK 43 B URL HTTP/2 analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=cb6c34e5-e251-434e-a0c6-8e85ac1cb4c6&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9f81c98d-b96c-40ce-8d62-2b7392d11f39&tw_document_href=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3Dz9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv73t&type=javascript&version=2.3.29
IP 104.244.42.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=cb6c34e5-e251-434e-a0c6-8e85ac1cb4c6&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9f81c98d-b96c-40ce-8d62-2b7392d11f39&tw_document_href=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3Dz9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv73t&type=javascript&version=2.3.29 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 12 Jan 2023 22:06:16 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_ylVZV7ggxC9A8Xnvkk+yOA=="; Max-Age=63072000; Expires=Sat, 11 Jan 2025 22:06:17 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 052168f6cdc5ad68
strict-transport-security: max-age=631138519
x-response-time: 107
x-connection-hash: e4c2649984252153f87b6af01ddefe86fbb20f48a7d56a92d188e9dfb01fc1bb
X-Firefox-Spdy: h2
dynamic.criteo.com/js/ld/ld.js?a=95340
178.250.0.147200 OK 15 kB URL HTTP/2 dynamic.criteo.com/js/ld/ld.js?a=95340
IP 178.250.0.147:0
File type ASCII text, with very long lines (43225)
Hash 4a5325390e3ac12fada35c7d543d0edc
92148dcc33a754821e4b3c86999aa62b1be8b49a
82b957090e8fc962cdd1934ddb1ca8dafba88c38c562056a17ad0d1cd0ff5a9a
GET /js/ld/ld.js?a=95340 HTTP/1.1
Host: dynamic.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 12 Jan 2023 22:06:15 GMT
content-type: application/javascript; charset=utf-8
server: Kestrel
cache-control: public,max-age=10800
content-encoding: br
vary: Origin, Accept-Encoding
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
dx.mountain.com/spx?dxver=4.0.0&shaid=33038&tdr=&plh=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3Dz9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&cb=91928443469056910term=value
54.69.255.140200 OK 4.1 kB URL HTTP/1.1 dx.mountain.com/spx?dxver=4.0.0&shaid=33038&tdr=&plh=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3Dz9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&cb=91928443469056910term=value
IP 54.69.255.140:0
File type ASCII text, with very long lines (15459), with no line terminators
Hash 6f4086f9e852981c6fdd64c8694357f9
683adc2bd9e848fc5eaac05fc6e84a0958689e40
22efffd277cd4d96a9219f4ba1a48d70b1440b81db96cbeeec22332c8b7376bb
GET /spx?dxver=4.0.0&shaid=33038&tdr=&plh=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3Dz9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&cb=91928443469056910term=value HTTP/1.1
Host: dx.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-encoding: gzip
content-type: application/javascript;charset=utf-8
date: Thu, 12 Jan 2023 22:06:16 GMT
x-envoy-upstream-service-time: 2
server: istio-envoy
connection: close
transfer-encoding: chunked
gandalf-eu.segmentify.com//add/events/v1.json?apiKey=06e2e4b6-5e17-4dbf-9574-c462c3d742d7
35.246.234.8200 OK 0 B URL HTTP/1.1 gandalf-eu.segmentify.com//add/events/v1.json?apiKey=06e2e4b6-5e17-4dbf-9574-c462c3d742d7
IP 35.246.234.8:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS //add/events/v1.json?apiKey=06e2e4b6-5e17-4dbf-9574-c462c3d742d7 HTTP/1.1
Host: gandalf-eu.segmentify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-sfy-api-key
Referer: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type, Accept, Authorization, X-Switch-User, X-Switch-Account, X-Switch-Region, X-Sfy-Api-Key
Access-Control-Allow-Methods: GET, POST, PUT, DELETE
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3600
Connection: keep-alive
Content-Length: 0
Content-Type: application/json
Date: Thu, 12 Jan 2023 22:06:17 GMT
Server: nginx
X-Server-Name: 954b0a27b6131b61ce7ca07d0e642523
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 02eee204a3dbe7e003ef020941d4e22d
77803b330e8a8ccf6e31963cbc5383c190515c0b
bb090bb1ff810093954c43fa2d94a53f8136df193251c9a995875bccba2ead32
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6301
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 22:06:17 GMT
Etag: "63bf6013-138"
Last-Modified: Thu, 12 Jan 2023 20:21:17 GMT
Server: ECS (amb/6B7E)
X-Cache: HIT
Content-Length: 312
gandalf-eu.segmentify.com//add/events/v1.json?apiKey=06e2e4b6-5e17-4dbf-9574-c462c3d742d7
35.246.234.8200 7.9 kB URL HTTP/1.1 gandalf-eu.segmentify.com//add/events/v1.json?apiKey=06e2e4b6-5e17-4dbf-9574-c462c3d742d7
IP 35.246.234.8:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type JSON data\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (34282), with no line terminators
Hash c5d0c28a779461caf6128b228d75e94f
4d4b85f416bf2c9b6749130c90a5a50aef7434d3
4d0a9c7f9e160291aa89b10621cd74769be17a041153ec581d42464e0dd17e16
POST //add/events/v1.json?apiKey=06e2e4b6-5e17-4dbf-9574-c462c3d742d7 HTTP/1.1
Host: gandalf-eu.segmentify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
X-Sfy-Api-Key: 06e2e4b6-5e17-4dbf-9574-c462c3d742d7
Content-Length: 1511
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Encoding: br
Content-Type: application/json;charset=UTF-8
Date: Thu, 12 Jan 2023 22:06:17 GMT
Server: nginx
Transfer-Encoding: chunked
X-Server-Name: e50eafe57688af3a47ec4fb3140ed864
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 48e621135fd6c47dc270c90baa083f71
93c5728a43f8d68999325c928ccc9ed37267f5c0
c7ce79b4bfe97c88178ef2910861a33eb11547a284425cd36d79fb04b5311351
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C7CE79B4BFE97C88178EF2910861A33EB11547A284425CD36D79FB04B5311351"
Last-Modified: Tue, 10 Jan 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 13 Jan 2023 04:06:17 GMT
Date: Thu, 12 Jan 2023 22:06:17 GMT
Connection: keep-alive
fbcapi.flaviar.com/events
54.153.41.73200 OK 0 B URL HTTP/2 fbcapi.flaviar.com/events
IP 54.153.41.73:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /events HTTP/1.1
Host: fbcapi.flaviar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 506
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Cookie: _ga_94QYBVSJNV=GS1.1.1673561159.1.0.1673561159.60.0.0; _ga=GA1.2.1666208106.1673561160; _gcl_au=1.1.1247438123.1673561160; _rdt_uuid=1673561160341.5728a69c-dc1d-4768-8500-f89bbc2addc1; _schn=_n48lxbh; _scid=413baffa-173b-4829-9542-cb7e0b9479ef; cto_bundle=i4LYLF9hT2RGJTJCbnNKYWFVdzVsUmNKSjJLUVVpSWpqR3ZDeHZGM1VUdGd6aEwlMkY0JTJCeGJ6TDlYWTZISTVOdjRwWGs2NkF4UFNoOUV1eXlscnRXOVZjRHM3aXpYQVhyTzRLclN1dmNGY0RqTlhDem1wUjY0V2Rhb3h2TmltSDBYOUc0dVcxd1U5RVBNYWVlc0tCMkglMkZZS2VkeDNMZyUzRCUzRA; _gid=GA1.2.804575726.1673561161; _uetsid=4cb100a092c511eda7d18fb9da471905; _uetvid=4cb0f81092c511edabbbe9d3187f295f; _dc_gtm_UA-28959768-20=1; _dc_gtm_UA-28959768-1=1; rbuid=rbos-fe09b4d8-346a-4f86-a986-7d54fad0523f; _fbp=fb.1.1673561161523.1470048591
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 12 Jan 2023 22:06:17 GMT
content-length: 0
vary: origin
access-control-allow-credentials: true
access-control-allow-origin: https://flaviar.com
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3ca5721f829b2d9769695a2d18e0a4b0
4bafce6869fa0fe36f6260523d2d983c58bf1631
764b01aaf50dc7c53df08e861aaf02a6b6c8e6f11fa73faf4be75924c58a8a52
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "764B01AAF50DC7C53DF08E861AAF02A6B6C8E6F11FA73FAF4BE75924C58A8A52"
Last-Modified: Wed, 11 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4572
Expires: Thu, 12 Jan 2023 23:22:29 GMT
Date: Thu, 12 Jan 2023 22:06:17 GMT
Connection: keep-alive
widget.us.criteo.com/event?a=95340&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3Dundefined%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.1.0&p3=e%3Ddis&adce=1&bundle=i4LYLF9hT2RGJTJCbnNKYWFVdzVsUmNKSjJLUVVpSWpqR3ZDeHZGM1VUdGd6aEwlMkY0JTJCeGJ6TDlYWTZISTVOdjRwWGs2NkF4UFNoOUV1eXlscnRXOVZjRHM3aXpYQVhyTzRLclN1dmNGY0RqTlhDem1wUjY0V2Rhb3h2TmltSDBYOUc0dVcxd1U5RVBNYWVlc0tCMkglMkZZS2VkeDNMZyUzRCUzRA&tld=flaviar.com&dy=1&fu=https%253A%252F%252Fflaviar.com%252F%253Firclickid%253Dz9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0%2526ir_cid%253D3334%2526ir_affid%253D10813%2526utm_medium%253Daffiliates%2526utm_source%253DMaxBounty.com%252520ULC%2526ir_partnerid%253D10813%2526ir_adid%253D1215604%2526ir_campaignid%253D3334&dtycbr=98805&cs=1---&cv=1
74.119.119.150200 OK 4.2 kB URL HTTP/2 widget.us.criteo.com/event?a=95340&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3Dundefined%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.1.0&p3=e%3Ddis&adce=1&bundle=i4LYLF9hT2RGJTJCbnNKYWFVdzVsUmNKSjJLUVVpSWpqR3ZDeHZGM1VUdGd6aEwlMkY0JTJCeGJ6TDlYWTZISTVOdjRwWGs2NkF4UFNoOUV1eXlscnRXOVZjRHM3aXpYQVhyTzRLclN1dmNGY0RqTlhDem1wUjY0V2Rhb3h2TmltSDBYOUc0dVcxd1U5RVBNYWVlc0tCMkglMkZZS2VkeDNMZyUzRCUzRA&tld=flaviar.com&dy=1&fu=https%253A%252F%252Fflaviar.com%252F%253Firclickid%253Dz9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0%2526ir_cid%253D3334%2526ir_affid%253D10813%2526utm_medium%253Daffiliates%2526utm_source%253DMaxBounty.com%252520ULC%2526ir_partnerid%253D10813%2526ir_adid%253D1215604%2526ir_campaignid%253D3334&dtycbr=98805&cs=1---&cv=1
IP 74.119.119.150:0
Hash a3bce5ad9dfb24b568b5debf9feaa82d
d51a96b5c9e822e259b6b942a3837a0b1e499f94
32594cec3de0b0072522ebf1c74b01050b575dff189e04ba78e022874927b09d
GET /event?a=95340&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3Dundefined%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.1.0&p3=e%3Ddis&adce=1&bundle=i4LYLF9hT2RGJTJCbnNKYWFVdzVsUmNKSjJLUVVpSWpqR3ZDeHZGM1VUdGd6aEwlMkY0JTJCeGJ6TDlYWTZISTVOdjRwWGs2NkF4UFNoOUV1eXlscnRXOVZjRHM3aXpYQVhyTzRLclN1dmNGY0RqTlhDem1wUjY0V2Rhb3h2TmltSDBYOUc0dVcxd1U5RVBNYWVlc0tCMkglMkZZS2VkeDNMZyUzRCUzRA&tld=flaviar.com&dy=1&fu=https%253A%252F%252Fflaviar.com%252F%253Firclickid%253Dz9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0%2526ir_cid%253D3334%2526ir_affid%253D10813%2526utm_medium%253Daffiliates%2526utm_source%253DMaxBounty.com%252520ULC%2526ir_partnerid%253D10813%2526ir_adid%253D1215604%2526ir_campaignid%253D3334&dtycbr=98805&cs=1---&cv=1 HTTP/1.1
Host: widget.us.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaviar.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 12 Jan 2023 22:06:17 GMT
content-type: application/x-javascript
server: Kestrel
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
expires: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
timing-allow-origin: *
server-processing-duration-in-ticks: 32558909
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
matching.ivitrack.com/sync?realm=criteo&uid=k-nRhhbFbniP4c1ZRJPD3we5pbj-gXjiw3DTQQbw&us_privacy=1---
34.117.157.22200 OK 42 B URL HTTP/2 matching.ivitrack.com/sync?realm=criteo&uid=k-nRhhbFbniP4c1ZRJPD3we5pbj-gXjiw3DTQQbw&us_privacy=1---
IP 34.117.157.22:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /sync?realm=criteo&uid=k-nRhhbFbniP4c1ZRJPD3we5pbj-gXjiw3DTQQbw&us_privacy=1--- HTTP/1.1
Host: matching.ivitrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: istio-envoy
date: Thu, 12 Jan 2023 22:06:16 GMT
content-type: image/gif
content-length: 42
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3ca5721f829b2d9769695a2d18e0a4b0
4bafce6869fa0fe36f6260523d2d983c58bf1631
764b01aaf50dc7c53df08e861aaf02a6b6c8e6f11fa73faf4be75924c58a8a52
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "764B01AAF50DC7C53DF08E861AAF02A6B6C8E6F11FA73FAF4BE75924C58A8A52"
Last-Modified: Wed, 11 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4572
Expires: Thu, 12 Jan 2023 23:22:29 GMT
Date: Thu, 12 Jan 2023 22:06:17 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 3571f16431f62001f0db5b2a4e3ee7b1
df714897c008d1f2dcfb3985ed2a71d83fb1c5c9
7dcfc29a6ae1baef7fae635752c8a5f8e74c3bac1f0f52ba8b13649d7d3fc759
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=113410
Date: Thu, 12 Jan 2023 22:06:17 GMT
Etag: "63bf9823-1d7"
Expires: Sat, 14 Jan 2023 05:36:27 GMT
Last-Modified: Thu, 12 Jan 2023 05:18:27 GMT
Server: ECS (bsa/EB14)
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: QYVIsmxy6JkGQ-W0ogL_hz0gKs0XrlqASC45sTMyQGWBUSayi_WnrQ==
Age: 1080
gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40&us_privacy=1---
178.250.0.157302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40&us_privacy=1---
IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40&us_privacy=1--- HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 12 Jan 2023 22:06:17 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=
server-processing-duration-in-ticks: 930361
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-7S8CTVbniP4c1ZRJPD3we5pbj-hgAQ7Mv4FzOg&us_privacy=1---
23.38.200.22200 OK 45 B URL HTTP/2 contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-7S8CTVbniP4c1ZRJPD3we5pbj-hgAQ7Mv4FzOg&us_privacy=1---
IP 23.38.200.22:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash 99cceceaed4d575484b69ddaf9ed66a7
1e3a3b15296b585833a22d987a387aa58aa1642d
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
GET /cksync.php?cs=3&type=crt&ovsid=k-7S8CTVbniP4c1ZRJPD3we5pbj-hgAQ7Mv4FzOg&us_privacy=1--- HTTP/1.1
Host: contextual.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
content-length: 45
content-type: image/gif
set-cookie: visitor-id=3165627773580286000V10; Expires=Fri, 12 Jan 2024 22:06:17 GMT; domain=.media.net; Path=/;
data-c-ts=1673561177;Expires=Sat, 11 Feb 2023 22:06:17 GMT;path=/;domain=.media.net;
data-c=k-7S8CTVbniP4c1ZRJPD3we5pbj-hgAQ7Mv4FzOg~~3;Expires=Sat, 11 Feb 2023 22:06:17 GMT;path=/;domain=.media.net;
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E
expires: Thu, 12 Jan 2023 22:06:17 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 12 Jan 2023 22:06:17 GMT
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-GrWUBFbniP4c1ZRJPD3we5pbj-hb6Q4KBV82Zw&google_cm&google_hm=ay1HcldVQkZibmlQNGMxWlJKUEQzd2U1cGJqLWhiNlE0S0JWODJadw&us_privacy=1---
142.250.74.130302 Found 460 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-GrWUBFbniP4c1ZRJPD3we5pbj-hb6Q4KBV82Zw&google_cm&google_hm=ay1HcldVQkZibmlQNGMxWlJKUEQzd2U1cGJqLWhiNlE0S0JWODJadw&us_privacy=1---
IP 142.250.74.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 42ba23340125d106da7eb43284830923
d25b65c4cede9d94fab60670e21b160392903812
4a1ee18e567108064450529f18d922b90d26df6e19ac02a39a3bb2ba58924a3d
GET /pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-GrWUBFbniP4c1ZRJPD3we5pbj-hb6Q4KBV82Zw&google_cm&google_hm=ay1HcldVQkZibmlQNGMxWlJKUEQzd2U1cGJqLWhiNlE0S0JWODJadw&us_privacy=1--- HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-GrWUBFbniP4c1ZRJPD3we5pbj-hb6Q4KBV82Zw&google_cm=&google_hm=ay1HcldVQkZibmlQNGMxWlJKUEQzd2U1cGJqLWhiNlE0S0JWODJadw&us_privacy=1---&google_tc=
date: Thu, 12 Jan 2023 22:06:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 460
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 12-Jan-2023 22:21:17 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-GrWUBFbniP4c1ZRJPD3we5pbj-hb6Q4KBV82Zw&google_cm=&google_hm=ay1HcldVQkZibmlQNGMxWlJKUEQzd2U1cGJqLWhiNlE0S0JWODJadw&us_privacy=1---&google_tc=
142.250.74.130302 Found 332 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-GrWUBFbniP4c1ZRJPD3we5pbj-hb6Q4KBV82Zw&google_cm=&google_hm=ay1HcldVQkZibmlQNGMxWlJKUEQzd2U1cGJqLWhiNlE0S0JWODJadw&us_privacy=1---&google_tc=
IP 142.250.74.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 2b344d318dd0e8150b43381707b98562
2e3ab44dcd00e2892ba8547152f421143586c1aa
771cb076a1193f97f2c7cb3d077fcda81b86392877f1873395a26f5c4d1d48eb
GET /pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-GrWUBFbniP4c1ZRJPD3we5pbj-hb6Q4KBV82Zw&google_cm=&google_hm=ay1HcldVQkZibmlQNGMxWlJKUEQzd2U1cGJqLWhiNlE0S0JWODJadw&us_privacy=1---&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-GrWUBFbniP4c1ZRJPD3we5pbj-hb6Q4KBV82Zw&google_error=3
date: Thu, 12 Jan 2023 22:06:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 332
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f6251bf0582bc092bb97230724ea9663
d36138b6d31734a1c8a279138ff5628ea9b35416
2d764c6de89ffee702502f245e50201b84becd3dea56f4fb44279b2cb5f8185e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1870
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 22:06:17 GMT
Last-Modified: Thu, 12 Jan 2023 21:35:07 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f780f20a3bc774c420e93def965493bd
7ededca694b4c589823d3f95fe67ff106b59029c
4979c4c3b334df1ed13ded4f36ab307230d77343dc0d03cf1ee0e632885a06b2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6524
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 22:06:17 GMT
Last-Modified: Thu, 12 Jan 2023 20:17:33 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
criteo-sync.teads.tv/um?eid=80&uid=k-o9G1FlbniP4c1ZRJPD3we5pbj-i9SgHnDzJvLQ&us_privacy=1---
23.195.255.234200 OK 23 B URL HTTP/2 criteo-sync.teads.tv/um?eid=80&uid=k-o9G1FlbniP4c1ZRJPD3we5pbj-i9SgHnDzJvLQ&us_privacy=1---
IP 23.195.255.234:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash da5b449fff36752a93779fa4067cd2eb
71a96eea77f21ab5f1819b96c4cedd5cd34476ca
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
GET /um?eid=80&uid=k-o9G1FlbniP4c1ZRJPD3we5pbj-i9SgHnDzJvLQ&us_privacy=1--- HTTP/1.1
Host: criteo-sync.teads.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
server: akka-http/10.2.9
content-length: 23
expires: Thu, 12 Jan 2023 22:06:17 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 12 Jan 2023 22:06:17 GMT
X-Firefox-Spdy: h2
ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID&us_privacy=1---
37.252.173.215307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID&us_privacy=1---
IP 37.252.173.215:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID&us_privacy=1--- HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Thu, 12 Jan 2023 22:06:17 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID%26us_privacy%3D1---
AN-X-Request-Uuid: a827b9fd-1089-4595-86c0-e14b811980bd
Set-Cookie: uuid2=4318521413750805740; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 12-Apr-2023 22:06:17 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-TKSb6VbniP4c1ZRJPD3we5pbj-g0nVbf1_qtmw&expires=30&us_privacy=1---
213.19.162.80204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-TKSb6VbniP4c1ZRJPD3we5pbj-g0nVbf1_qtmw&expires=30&us_privacy=1---
IP 213.19.162.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=6434&nid=2149&put=k-TKSb6VbniP4c1ZRJPD3we5pbj-g0nVbf1_qtmw&expires=30&us_privacy=1--- HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 0163a7456b0a5605e8b1fb1d4fba3e4d
Content-Type: image/gif
ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-hqEcFFbniP4c1ZRJPD3we5pbj-gmUn1n4pMwUA&us_privacy=1---
18.156.0.31302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-hqEcFFbniP4c1ZRJPD3we5pbj-gmUn1n4pMwUA&us_privacy=1---
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58301/sync?_origin=1&uid=k-hqEcFFbniP4c1ZRJPD3we5pbj-gmUn1n4pMwUA&us_privacy=1--- HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 12 Jan 2023 22:06:17 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-hqEcFFbniP4c1ZRJPD3we5pbj-gmUn1n4pMwUA&us_privacy=1---&verify=true
age: 2
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBFmEwGMCEMXSRGeDykFdJcvI0XUysrAFEgEBAQHVwWPKYwAAAAAA_eMAAA&S=AQAAAhS9AGOstTCXfVeo9gyjWh4; Expires=Sat, 13 Jan 2024 04:06:17 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash c2ee222f3b83404785494da4961b9ba1
a0578b5696ababcd309dbe3b1a538ae831d87b8a
733ad2c970f4c5cbb1cfb7b62952918fd948093f5832c261b3aa094a551807f1
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=95941
Date: Thu, 12 Jan 2023 22:06:17 GMT
Etag: "63bf563a-1d7"
Expires: Sat, 14 Jan 2023 00:45:18 GMT
Last-Modified: Thu, 12 Jan 2023 00:37:14 GMT
Server: ECS (nyb/1DCD)
X-Cache: Miss from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: IyWqBzv0J_ap6TC4TJzbi5oepGZV_CmDLO5_a3Thmrn6HpBqrKVteA==
Age: 484
44.238.122.172/is
44.238.122.172200 OK 32 B IP 44.238.122.172:0
File type ASCII text, with no line terminators
Hash 5b7a15007eba1eb9df3b07f3cad15a08
4d79e75c237c2bf5b57b309dba2fa33b5038b699
178e3cadf09af073d0066097cc847789407ec17a65cc7df38e722c2d000db9e2
Analyzer Verdict Alert quad9 Sinkholed
GET /is HTTP/1.1
Host: 44.238.122.172
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Thu, 12 Jan 2023 22:06:17 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
x-application-context: application:prod:8080
content-type: text/plain;charset=utf-8
content-length: 32
x-envoy-upstream-service-time: 2
server: istio-envoy
connection: close
dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-GrWUBFbniP4c1ZRJPD3we5pbj-hb6Q4KBV82Zw&google_error=3
178.250.0.163200 OK 43 B URL HTTP/2 dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-GrWUBFbniP4c1ZRJPD3we5pbj-hb6Q4KBV82Zw&google_error=3
IP 178.250.0.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-GrWUBFbniP4c1ZRJPD3we5pbj-hb6Q4KBV82Zw&google_error=3 HTTP/1.1
Host: dis.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 12 Jan 2023 22:06:17 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
timing-allow-origin: *
server-processing-duration-in-ticks: 202716
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash a51b5308343296142a95b9adb2238dce
b2277a6c70ca1eb0fe88ed83b4469a9a13c9049e
d5693e7d4ccc4e3e2e073c1db5f649a43669cb17a2cced6100bf698d504d2b72
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 12 Jan 2023 22:06:18 GMT
Last-Modified: Thu, 12 Jan 2023 21:09:09 GMT
Server: ECS (bsa/EB17)
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 4oeuxl1HRvXrSodg2zJTC9--W3aZnvyxSgOsqD-KwEFZqaWW83MWFQ==
Age: 3429
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 97460c24c2c47d7a5d667986845ba27c
2ad6bfb447ccfbf014be4357d24d7bf238b41bd7
ad6222176eb4d31e94723716bc341f5e1a607c93a4df91bf0ad000dd45cc6543
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1022
Cache-Control: max-age=151523
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 22:06:18 GMT
Etag: "63c02d3f-139"
Expires: Sat, 14 Jan 2023 16:11:41 GMT
Last-Modified: Thu, 12 Jan 2023 15:54:39 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 313
ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-SHFCN1bniP4c1ZRJPD3we5pbj-g4ZNiS21pVUQ&us_privacy=1---
3.123.215.26302 Found 0 B URL HTTP/2 ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-SHFCN1bniP4c1ZRJPD3we5pbj-g4ZNiS21pVUQ&us_privacy=1---
IP 3.123.215.26:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?publisher_dsp_id=38&external_user_id=k-SHFCN1bniP4c1ZRJPD3we5pbj-g4ZNiS21pVUQ&us_privacy=1--- HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 12 Jan 2023 22:06:18 GMT
content-type: text/plain
content-length: 0
location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-SHFCN1bniP4c1ZRJPD3we5pbj-g4ZNiS21pVUQ&us_privacy=1---
set-cookie: tuuid=811b8ae8-d1a7-4a66-992b-292c7376ebc7; Expires=Wed, 12 Apr 2023 22:06:18 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
tuuid_lu=1673561178; Expires=Wed, 12 Apr 2023 22:06:18 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5d592d0f0a5d29ce06fc8cd017f6992b
eac9a955d8ac9228854a68f8418799e848698b00
53741ac3cfe885f7fc901a0a7d046009697808db6d59e24da3cd6965158ca7ae
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4599
Cache-Control: max-age=151492
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 22:06:18 GMT
Etag: "63c01f27-1d7"
Expires: Sat, 14 Jan 2023 16:11:10 GMT
Last-Modified: Thu, 12 Jan 2023 14:54:31 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-H19SVVbniP4c1ZRJPD3we5pbj-gSclf5Bvn6cw&us_privacy=1---
3.125.215.124204 No Content 0 B URL HTTP/2 match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-H19SVVbniP4c1ZRJPD3we5pbj-gSclf5Bvn6cw&us_privacy=1---
IP 3.125.215.124:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-H19SVVbniP4c1ZRJPD3we5pbj-gSclf5Bvn6cw&us_privacy=1--- HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 12 Jan 2023 22:06:18 GMT
X-Firefox-Spdy: h2
ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-SHFCN1bniP4c1ZRJPD3we5pbj-g4ZNiS21pVUQ&us_privacy=1---
3.123.215.26200 OK 43 B URL HTTP/2 ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-SHFCN1bniP4c1ZRJPD3we5pbj-g4ZNiS21pVUQ&us_privacy=1---
IP 3.123.215.26:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/match?publisher_dsp_id=38&external_user_id=k-SHFCN1bniP4c1ZRJPD3we5pbj-g4ZNiS21pVUQ&us_privacy=1--- HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 12 Jan 2023 22:06:18 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-S2m_q1bniP4c1ZRJPD3we5pbj-j4Qymad-CFPg&us_privacy=1---
185.86.137.110200 OK 43 B URL HTTP/1.1 rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-S2m_q1bniP4c1ZRJPD3we5pbj-j4Qymad-CFPg&us_privacy=1---
IP 185.86.137.110:0
ASN #201081 SmartAdServer SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /redir/?partnerid=79&partneruserid=k-S2m_q1bniP4c1ZRJPD3we5pbj-j4Qymad-CFPg&us_privacy=1--- HTTP/1.1
Host: rtb-csync.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: image/gif
date: Thu, 12 Jan 2023 22:06:17 GMT
cache-control: no-cache,no-store
pragma: no-cache
set-cookie: pid=3247773614452772528; expires=Mon, 12 Feb 2024 22:06:18 GMT; domain=smartadserver.com; path=/
TestIfCookieP=ok; expires=Mon, 12 Feb 2024 22:06:18 GMT; domain=smartadserver.com; path=/
csync=79:k-S2m_q1bniP4c1ZRJPD3we5pbj-j4Qymad-CFPg; expires=Fri, 12 Jan 2024 22:06:18 GMT; domain=smartadserver.com; path=/
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cm.adform.net/pixel?adform_pid=15&adform_pc=k-TR4LM1bniP4c1ZRJPD3we5pbj-g5UtZnmFzmtg&us_privacy=1---
37.157.3.28200 OK 43 B URL HTTP/2 cm.adform.net/pixel?adform_pid=15&adform_pc=k-TR4LM1bniP4c1ZRJPD3we5pbj-g5UtZnmFzmtg&us_privacy=1---
IP 37.157.3.28:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /pixel?adform_pid=15&adform_pc=k-TR4LM1bniP4c1ZRJPD3we5pbj-g5UtZnmFzmtg&us_privacy=1--- HTTP/1.1
Host: cm.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 12 Jan 2023 22:06:18 GMT
content-type: image/gif
content-length: 43
last-modified: Wed, 17 Apr 2019 14:00:27 GMT
etag: "5cb7317b-2b"
accept-ranges: bytes
X-Firefox-Spdy: h2
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID%26us_privacy%3D1---
37.252.173.215302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID%26us_privacy%3D1---
IP 37.252.173.215:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID%26us_privacy%3D1--- HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Thu, 12 Jan 2023 22:06:18 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0&us_privacy=1---
AN-X-Request-Uuid: 82e1c20a-3932-4e39-95e2-a6695f455aa6
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-SMtuzVbniP4c1ZRJPD3we5pbj-jL6v7jT-603g&us_privacy=1---
172.64.154.237302 Found 0 B URL HTTP/2 r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-SMtuzVbniP4c1ZRJPD3we5pbj-jL6v7jT-603g&us_privacy=1---
IP 172.64.154.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rum?cm_dsp_id=20&external_user_id=k-SMtuzVbniP4c1ZRJPD3we5pbj-jL6v7jT-603g&us_privacy=1--- HTTP/1.1
Host: r.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 12 Jan 2023 22:06:18 GMT
content-length: 0
location: /rum?cm_dsp_id=20&external_user_id=k-SMtuzVbniP4c1ZRJPD3we5pbj-jL6v7jT-603g&us_privacy=1---&C=1
cf-ray: 788932d32c08b517-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMID=Y8CEWileQkezAR4sCkptBwAA; Path=/; Domain=casalemedia.com; Expires=Fri, 12 Jan 2024 22:06:18 GMT; Max-Age=31536000; Secure; SameSite=None
CMPS=689; Path=/; Domain=casalemedia.com; Expires=Wed, 12 Apr 2023 22:06:18 GMT; Max-Age=7776000; Secure; SameSite=None
CMPRO=689; Path=/; Domain=casalemedia.com; Expires=Wed, 12 Apr 2023 22:06:18 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DIcbvFQMu5EuHFiLO2OHKdNAAGq42fKB47mkPPxey5VuxDTcWgAvC7zH6so%2FMxJPO9x9jDBXKhlkJ6GXuL0ONvEPw4cMMLOzjy8L8ZayShsN04nYvNcdKt9Sqhig2mjQCpoY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash a31714d4f52989bbdb4a025f483e8b80
c323734fb6e9df00999c15c5a6f5a6312a9422de
38f332379b6d23b853d2fb45ea2d867e39357d1f8bf3a92c4452e3bc78afbc5f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 22:06:18 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 11 Jan 2023 03:11:55 GMT
Expires: Wed, 18 Jan 2023 03:11:54 GMT
Etag: "c323734fb6e9df00999c15c5a6f5a6312a9422de"
Cache-Control: max-age=449735,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 788932d34a6a0b65-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1ad4b5d116edbd368fb53b1b3944843f
d0d20ae98cd6c7f77514ba3267417f9aa178ab52
43f0c9e88c90c06b446513e7a375c1b84e6fdc0cccbbf2556da463df52a16edb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5640
Cache-Control: max-age=120874
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 22:06:18 GMT
Etag: "63bfa37c-1d7"
Expires: Sat, 14 Jan 2023 07:40:52 GMT
Last-Modified: Thu, 12 Jan 2023 06:06:52 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
ad.yieldlab.net/m?dt_id=8664&ext_id=k-JRQbplbniP4c1ZRJPD3we5pbj-iOewWhAheiVA&us_privacy=1---
23.13.245.180204 No Content 0 B URL HTTP/1.1 ad.yieldlab.net/m?dt_id=8664&ext_id=k-JRQbplbniP4c1ZRJPD3we5pbj-iOewWhAheiVA&us_privacy=1---
IP 23.13.245.180:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /m?dt_id=8664&ext_id=k-JRQbplbniP4c1ZRJPD3we5pbj-iOewWhAheiVA&us_privacy=1--- HTTP/1.1
Host: ad.yieldlab.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
x-application-context: application
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Pragma: no-cache
Expires: Wed, 11 Jan 2023 22:06:18 GMT
Date: Thu, 12 Jan 2023 22:06:18 GMT
Connection: keep-alive
Set-Cookie: id=7d50511f-c39a-463c-b36d-baea979a6aa9; Path=/; Domain=prod.svc.y6b.de; Expires=Fri, 12-Jan-2024 22:06:18 GMT; Max-Age=31536000; Secure; SameSite=None
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash c3ce8ea87808de070d1a296affc720a4
3d80066de43cd1fe3c7b47576e861221e74d2491
379ef1082921c17efa3715aca3f68602269b77a7fb9d487bf7ae30e1261a9c3f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 12 Jan 2023 22:06:18 GMT
Last-Modified: Thu, 12 Jan 2023 21:08:19 GMT
Server: ECS (bsa/EB14)
X-Cache: Miss from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ufNU54t_kmu1Vlh1pTrEoW7ubWIoyd16ZQdbaO79dyUZcOEg7tlPwQ==
Age: 3480
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3c71ac42ed2a0305ada5b1c615eb51f9
b77a4582bd9b1f0762d321568ac6df897f3dac5d
d80d9e0870aca62aeb9be4b3f963786fb6b120a3681bb042ee0f984957ee1e05
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6306
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 22:06:18 GMT
Last-Modified: Thu, 12 Jan 2023 20:21:12 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash 4f1ed741787a361022e55e4964f4df14
9954ee1dcccbb2712ba2ea1741d4097ed82145e0
f165899e234e40b71247b87567d54a279dcbca38cec7a2f1df9a28b9d40101fe
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 12 Jan 2023 22:06:17 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 12 Jan 2023 21:29:46 GMT
Expires: Fri, 13 Jan 2023 21:29:46 GMT
ETag: "9954ee1dcccbb2712ba2ea1741d4097ed82145e0"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-SMtuzVbniP4c1ZRJPD3we5pbj-jL6v7jT-603g&us_privacy=1---&C=1
172.64.154.237200 OK 43 B URL HTTP/2 r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-SMtuzVbniP4c1ZRJPD3we5pbj-jL6v7jT-603g&us_privacy=1---&C=1
IP 172.64.154.237:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /rum?cm_dsp_id=20&external_user_id=k-SMtuzVbniP4c1ZRJPD3we5pbj-jL6v7jT-603g&us_privacy=1---&C=1 HTTP/1.1
Host: r.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 12 Jan 2023 22:06:18 GMT
content-type: image/gif
content-length: 43
cf-ray: 788932d37c68b517-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lhCtLBafHdctPiYACue%2Fxt8oyJ7mcejAvGxrgLWQcQwRn2ihDDPieT0lMYRKoBYbGj8aqfd4ZqLsW4GqODJ8qoopti3Yim%2BSvCulwoXPC4Twt5XwDYOMGnfBSatUjPZ7uCPr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 7ce91031e9479803b496e70316ead049
ab758adcce749717313504c0fcb933478943c621
d7d7e5d9eac04d212d37b70a652682550a32ff55c866a735e2ad4cc110af9a26
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 22:06:18 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 10 Jan 2023 13:56:49 GMT
Expires: Tue, 17 Jan 2023 13:56:48 GMT
Etag: "ab758adcce749717313504c0fcb933478943c621"
Cache-Control: max-age=402029,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 788932d36c29b51b-OSL
eb2.3lift.com/xuid?mid=2711&xuid=k-alKAdFbniP4c1ZRJPD3we5pbj-iqgpmSuoCSaA&dongle=013b&us_privacy=1---
76.223.111.18200 OK 37 B URL HTTP/2 eb2.3lift.com/xuid?mid=2711&xuid=k-alKAdFbniP4c1ZRJPD3we5pbj-iqgpmSuoCSaA&dongle=013b&us_privacy=1---
IP 76.223.111.18:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /xuid?mid=2711&xuid=k-alKAdFbniP4c1ZRJPD3we5pbj-iqgpmSuoCSaA&dongle=013b&us_privacy=1--- HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 12 Jan 2023 22:06:18 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
dpm.demdex.net/ibs:dpid=28645&dpuuid=
34.251.149.144302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=28645&dpuuid=
IP 34.251.149.144:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=28645&dpuuid= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v045-0a2056b15.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=36461995136112583594525234907613456301; Max-Age=15552000; Expires=Tue, 11 Jul 2023 22:06:18 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: HlOVcc9dSrQ=
Content-Length: 0
Connection: keep-alive
e1.emxdgt.com/put?d=d53&uid=k-OEAiNVbniP4c1ZRJPD3we5pbj-gxopToI13tk9OgluN6fhCS&us_privacy=1---
3.71.169.66204 No Content 7.0 kB URL HTTP/2 e1.emxdgt.com/put?d=d53&uid=k-OEAiNVbniP4c1ZRJPD3we5pbj-gxopToI13tk9OgluN6fhCS&us_privacy=1---
IP 3.71.169.66:0
Hash 10f4f8ca44165acd5acc0b1b653620be
4a1fa8d7ae67d52773d4e36fdc056fe4f77a0a15
55951ed7abc2480a77326a5d47db4423efc434ef100f5622b2ffddd67a9ccbcb
GET /put?d=d53&uid=k-OEAiNVbniP4c1ZRJPD3we5pbj-gxopToI13tk9OgluN6fhCS&us_privacy=1--- HTTP/1.1
Host: e1.emxdgt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
content-type: text/html
date: Thu, 12 Jan 2023 22:06:17 GMT
content-length: 0
X-Firefox-Spdy: h2
visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-PXkYTFbniP4c1ZRJPD3we5pbj-iG669pZdsfhA&us_privacy=1---
185.255.84.153200 OK 49 B URL HTTP/2 visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-PXkYTFbniP4c1ZRJPD3we5pbj-iG669pZdsfhA&us_privacy=1---
IP 185.255.84.153:0
ASN #200271 Iguane Solutions SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 4408efc0174f07ad685c456f1de521ca
e3bc3250f8f32bd98dc7b05fd8940b74617eb8d1
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
GET /visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-PXkYTFbniP4c1ZRJPD3we5pbj-iG669pZdsfhA&us_privacy=1--- HTTP/1.1
Host: visitor.omnitagjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
expires: 0
p3p: CP="CAO PSA OUR"
pragma: no-cache
set-cookie: ayl_visitor=923525c14f18a605245dc370eebdf77e; Path=/; Domain=omnitagjs.com; Max-Age=2592000; Secure; SameSite=None
vary: Accept-Encoding
x-content-type-options: nosniff
date: Thu, 12 Jan 2023 22:06:18 GMT
content-length: 49
x-envoy-upstream-service-time: 55
server: ayl-lb-fra02
X-Firefox-Spdy: h2
simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-mIvVUVbniP4c1ZRJPD3we5pbj-hD6JBYmovNaA&us_privacy=1---
185.64.189.110200 OK 42 B URL HTTP/2 simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-mIvVUVbniP4c1ZRJPD3we5pbj-hD6JBYmovNaA&us_privacy=1---
IP 185.64.189.110:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-mIvVUVbniP4c1ZRJPD3we5pbj-hD6JBYmovNaA&us_privacy=1--- HTTP/1.1
Host: simage2.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 12 Jan 2023 22:06:17 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_97=3385-uid:k-mIvVUVbniP4c1ZRJPD3we5pbj-hD6JBYmovNaA&KRTB&23144-uid:k-mIvVUVbniP4c1ZRJPD3we5pbj-hD6JBYmovNaA&KRTB&23286-uid:k-mIvVUVbniP4c1ZRJPD3we5pbj-hD6JBYmovNaA&KRTB&23287-uid:k-mIvVUVbniP4c1ZRJPD3we5pbj-hD6JBYmovNaA; domain=pubmatic.com; secure; expires=Sat, 11-Feb-2023 22:06:17 GMT; path=/
PugT=1673561177; domain=pubmatic.com; secure; expires=Sat, 11-Feb-2023 22:06:17 GMT; path=/
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
X-Firefox-Spdy: h2
x.bidswitch.net/sync?dsp_id=46&user_id=k-8DxxvlbniP4c1ZRJPD3we5pbj-igW55C4kViLQ&expires=30&us_privacy=1---
52.58.62.168302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?dsp_id=46&user_id=k-8DxxvlbniP4c1ZRJPD3we5pbj-igW55C4kViLQ&expires=30&us_privacy=1---
IP 52.58.62.168:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=46&user_id=k-8DxxvlbniP4c1ZRJPD3we5pbj-igW55C4kViLQ&expires=30&us_privacy=1--- HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 12 Jan 2023 22:06:18 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-8DxxvlbniP4c1ZRJPD3we5pbj-igW55C4kViLQ&expires=30&us_privacy=1---
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=4aaffea2-88a2-4372-802a-52d02eaa5034; path=/; expires=Fri, 12-Jan-2024 22:06:18 GMT; domain=.bidswitch.net; samesite=none; secure
c=1673561178; path=/; expires=Fri, 12-Jan-2024 22:06:18 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1673561178; path=/; expires=Fri, 12-Jan-2024 22:06:18 GMT; domain=.bidswitch.net; samesite=none; secure
c=1673561178; path=/; expires=Fri, 12-Jan-2024 22:06:18 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
34.251.149.144200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
IP 34.251.149.144:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-1-v045-0449b668e.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: YZ+IgQ7bQEo=
Content-Length: 59
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash ec3c07a0dc1dbb9906a059470d4b3d3d
e192302a437ad1a1dfddca1723588f0b5c543d97
f32f3f2d87142042a732354c60d5cebbbaabd3bb423a5926455c8d3e52464784
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 12 Jan 2023 22:06:18 GMT
Last-Modified: Thu, 12 Jan 2023 21:27:35 GMT
Server: ECS (nyb/1D24)
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 0TVhYGGlsxpNCQAkvqqBxiV5IdQNlP-wnLSglkhiM3GpOdhsfpE4rg==
Age: 2324
x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-8DxxvlbniP4c1ZRJPD3we5pbj-igW55C4kViLQ&expires=30&us_privacy=1---
52.58.62.168200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-8DxxvlbniP4c1ZRJPD3we5pbj-igW55C4kViLQ&expires=30&us_privacy=1---
IP 52.58.62.168:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/sync?dsp_id=46&user_id=k-8DxxvlbniP4c1ZRJPD3we5pbj-igW55C4kViLQ&expires=30&us_privacy=1--- HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 12 Jan 2023 22:06:18 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
sync.outbrain.com/cookie-sync?p=criteo&uid=k-3hwfJFbniP4c1ZRJPD3we5pbj-j3KlaW8ju3-g&us_privacy=1---
64.202.112.31200 OK 0 B URL HTTP/1.1 sync.outbrain.com/cookie-sync?p=criteo&uid=k-3hwfJFbniP4c1ZRJPD3we5pbj-j3KlaW8ju3-g&us_privacy=1---
IP 64.202.112.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie-sync?p=criteo&uid=k-3hwfJFbniP4c1ZRJPD3we5pbj-j3KlaW8ju3-g&us_privacy=1--- HTTP/1.1
Host: sync.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 22:06:18 GMT
Content-Length: 0
Cache-Control: no-cache
X-TraceId: 65dc903448daca9d3c5d142b9477c5a2
gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40&us_privacy=1---
178.250.0.157302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40&us_privacy=1---
IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40&us_privacy=1--- HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 12 Jan 2023 22:06:17 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
server-processing-duration-in-ticks: 664967
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 1cac5e473e5f94f66101f1e09f47efbf
f419083c197ec767296d71b4500776250382285c
7af2b668653ba92adbb5feaf5db54b591ac17c1e538171a06b72f39dda408eb7
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 12 Jan 2023 22:06:18 GMT
Last-Modified: Thu, 12 Jan 2023 21:08:18 GMT
Server: ECS (nyb/1D05)
X-Cache: Miss from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: jVdVY5pf8_lddpZBooZF9jowIvGxk2hvqMsRSsFupchWca043BB8OA==
Age: 3480
sync-criteo.ads.yieldmo.com/sync?id=k-SA3GF1bniP4c1ZRJPD3we5pbj-hndyqtW3dTfQ&pn_id=criteo&ext=1&us_privacy=1---
52.49.119.154200 OK 43 B URL HTTP/2 sync-criteo.ads.yieldmo.com/sync?id=k-SA3GF1bniP4c1ZRJPD3we5pbj-hndyqtW3dTfQ&pn_id=criteo&ext=1&us_privacy=1---
IP 52.49.119.154:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /sync?id=k-SA3GF1bniP4c1ZRJPD3we5pbj-hndyqtW3dTfQ&pn_id=criteo&ext=1&us_privacy=1--- HTTP/1.1
Host: sync-criteo.ads.yieldmo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 12 Jan 2023 22:06:18 GMT
content-type: image/gif
content-length: 43
set-cookie: yieldmo_id=gc34a9e6b2dda51793ac%7C1673561178305%7C0%7C; Domain=.yieldmo.com; Expires=Fri, 12-Jan-2024 22:06:18 GMT; Path=/; Secure; SameSite=None; Secure
ptrcriteo=k-SA3GF1bniP4c1ZRJPD3we5pbj-hndyqtW3dTfQ; Domain=ads.yieldmo.com; Expires=Fri, 12-Jan-2024 22:06:18 GMT; Path=/; Secure; SameSite=None; Secure
access-control-allow-origin: *
access-control-request-headers: Cache-Control, Pragma
access-control-allow-methods: GET, OPTIONS
pragma: no-cache
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0d21629c3090197021848299f99bf1ae
3e21da8ab23d7bc6fcd081afa7c81b889f0d9604
afd45133026c5796ebfa8a65a246cc87dbf711ec11c96a392a807b6475bed32a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3030
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 22:06:18 GMT
Last-Modified: Thu, 12 Jan 2023 21:15:49 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
34.241.185.21204 No Content 0 B URL HTTP/2 beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
IP 34.241.185.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usermatch.gif?partner=criteo&partner_uid= HTTP/1.1
Host: beacon.krxd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 12 Jan 2023 22:06:18 GMT
set-cookie: _kuid_=PUKRelBS; Expires=Tue, 11-Jul-23 22:06:18 GMT; Max-Age=15552000; Domain=.krxd.net; Path=/
cache-control: private, no-cache, no-store
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-served-by: beacon-n010-dub-prod.krxd.net
x-request-time: D=35 t=1673561178
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40&us_privacy=1---
178.250.0.157302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40&us_privacy=1---
IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40&us_privacy=1--- HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 12 Jan 2023 22:06:17 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=
server-processing-duration-in-ticks: 488893
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
px.mountain.com/st?ga_tracking_id=UA-28959768-20&ga_client_id=1666208106.1673561160&shpt=Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-28959768-20%22%2C%22ga_client_id%22%3A%221666208106.1673561160%22%2C%22shpt%22%3A%22Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar%22%2C%22dcm_cid%22%3A%221673561159.1%22%2C%22dcm_gid%22%3A%22804575726.1673561161%22%2C%22ga_utm_source%22%3A%22MaxBounty.com%20ULC%22%2C%22ga_utm_medium%22%3A%22affiliates%22%2C%22mntnis%22%3A%22KPD6OAOoqY4khwOpZfJVvXei6DQTZ9nC%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A7%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%2C%22ga_utm_source%22%3A%22OK%22%2C%22ga_utm_medium%22%3A%22OK%22%7D%7D&dcm_cid=1673561159.1&dcm_gid=804575726.1673561161&dxver=4.0.0&shaid=33038&plh=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3Dz9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&cb=91928443469056910term%3Dvalue&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue%2Ccriteo%3Dtrue
44.235.191.156200 OK 1.3 kB URL HTTP/1.1 px.mountain.com/st?ga_tracking_id=UA-28959768-20&ga_client_id=1666208106.1673561160&shpt=Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-28959768-20%22%2C%22ga_client_id%22%3A%221666208106.1673561160%22%2C%22shpt%22%3A%22Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar%22%2C%22dcm_cid%22%3A%221673561159.1%22%2C%22dcm_gid%22%3A%22804575726.1673561161%22%2C%22ga_utm_source%22%3A%22MaxBounty.com%20ULC%22%2C%22ga_utm_medium%22%3A%22affiliates%22%2C%22mntnis%22%3A%22KPD6OAOoqY4khwOpZfJVvXei6DQTZ9nC%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A7%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%2C%22ga_utm_source%22%3A%22OK%22%2C%22ga_utm_medium%22%3A%22OK%22%7D%7D&dcm_cid=1673561159.1&dcm_gid=804575726.1673561161&dxver=4.0.0&shaid=33038&plh=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3Dz9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&cb=91928443469056910term%3Dvalue&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue%2Ccriteo%3Dtrue
IP 44.235.191.156:0
File type ASCII text, with very long lines (2477)
Hash f2f9ae7d26a8c37a5e779af5a0ac971c
e1165cf60d50942ea6c715acce9912ce2c80f254
f2530a59ae94fee9f5d1648a31b687f60890a19d165da96e3acad5020c7106b1
GET /st?ga_tracking_id=UA-28959768-20&ga_client_id=1666208106.1673561160&shpt=Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-28959768-20%22%2C%22ga_client_id%22%3A%221666208106.1673561160%22%2C%22shpt%22%3A%22Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar%22%2C%22dcm_cid%22%3A%221673561159.1%22%2C%22dcm_gid%22%3A%22804575726.1673561161%22%2C%22ga_utm_source%22%3A%22MaxBounty.com%20ULC%22%2C%22ga_utm_medium%22%3A%22affiliates%22%2C%22mntnis%22%3A%22KPD6OAOoqY4khwOpZfJVvXei6DQTZ9nC%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A7%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%2C%22ga_utm_source%22%3A%22OK%22%2C%22ga_utm_medium%22%3A%22OK%22%7D%7D&dcm_cid=1673561159.1&dcm_gid=804575726.1673561161&dxver=4.0.0&shaid=33038&plh=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3Dz9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&cb=91928443469056910term%3Dvalue&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue%2Ccriteo%3Dtrue HTTP/1.1
Host: px.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Thu, 12 Jan 2023 22:06:18 GMT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
set-cookie: guid=572861ac-92c5-11ed-9696-876639281746;Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
content-encoding: gzip
x-envoy-upstream-service-time: 1
server: istio-envoy
connection: close
transfer-encoding: chunked
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash aaf03e8bf7feb95b0c4b6afc508739b0
2a66dc11389f21361ee6232770f253b6beaea484
b33c9d75a5b1fc71b4eff17352984524b1f902f3af917f4c4fb764c7c52a2b12
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "B33C9D75A5B1FC71B4EFF17352984524B1F902F3AF917F4C4FB764C7C52A2B12"
Last-Modified: Thu, 12 Jan 2023 20:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3413
Expires: Thu, 12 Jan 2023 23:03:11 GMT
Date: Thu, 12 Jan 2023 22:06:18 GMT
Connection: keep-alive
s.thebrighttag.com/cs?btt=0&tp=cr&uid=
3.20.60.214200 OK 35 B URL HTTP/2 s.thebrighttag.com/cs?btt=0&tp=cr&uid=
IP 3.20.60.214:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /cs?btt=0&tp=cr&uid= HTTP/1.1
Host: s.thebrighttag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 12 Jan 2023 22:06:18 GMT
content-type: image/gif
content-length: 35
x-bt-requestid: 57534140-92c5-11ed-b659-0000ac1702cf
cache-control: private, must-revalidate
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin:
server: nginx
p3p: CP=NOI DSP COR NID
X-Firefox-Spdy: h2
gs.mountain.com/gs
34.212.4.35200 OK 144 B IP 34.212.4.35:0
File type ASCII text, with no line terminators
Hash 24388c9b79af1c78f04278914206976f
3f558f75f13107610e6e9804b2095bb06a0b8fa9
1ae4391eb6b77875685670f71981eb48f8ed6d9a93606c99475f150456f31134
GET /gs HTTP/1.1
Host: gs.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Cookie: guid=572861ac-92c5-11ed-9696-876639281746
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Thu, 12 Jan 2023 22:06:19 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
x-application-context: application:prod:8080
content-type: application/javascript;charset=utf-8
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
cache-control: public, max-age=31536000
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 144
x-envoy-upstream-service-time: 1
server: istio-envoy
connection: close
px.mountain.com/st?ga_tracking_id=UA-28959768-20&ga_client_id=1666208106.1673561160&shpt=Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-28959768-20%22%2C%22ga_client_id%22%3A%221666208106.1673561160%22%2C%22shpt%22%3A%22Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar%22%2C%22dcm_cid%22%3A%221673561159.1%22%2C%22dcm_gid%22%3A%22804575726.1673561161%22%2C%22ga_utm_source%22%3A%22MaxBounty.com%20ULC%22%2C%22ga_utm_medium%22%3A%22affiliates%22%2C%22mntnis%22%3A%22KPD6OAOoqY4khwOpZfJVvXei6DQTZ9nC%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A7%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%2C%22ga_utm_source%22%3A%22OK%22%2C%22ga_utm_medium%22%3A%22OK%22%7D%7D&dcm_cid=1673561159.1&dcm_gid=804575726.1673561161&dxver=4.0.0&shaid=33038&plh=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3Dz9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue%2Ccriteo%3Dtrue&cb=1673561178683175&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1673561179404
44.235.191.156200 OK 1.4 kB URL HTTP/1.1 px.mountain.com/st?ga_tracking_id=UA-28959768-20&ga_client_id=1666208106.1673561160&shpt=Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-28959768-20%22%2C%22ga_client_id%22%3A%221666208106.1673561160%22%2C%22shpt%22%3A%22Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar%22%2C%22dcm_cid%22%3A%221673561159.1%22%2C%22dcm_gid%22%3A%22804575726.1673561161%22%2C%22ga_utm_source%22%3A%22MaxBounty.com%20ULC%22%2C%22ga_utm_medium%22%3A%22affiliates%22%2C%22mntnis%22%3A%22KPD6OAOoqY4khwOpZfJVvXei6DQTZ9nC%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A7%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%2C%22ga_utm_source%22%3A%22OK%22%2C%22ga_utm_medium%22%3A%22OK%22%7D%7D&dcm_cid=1673561159.1&dcm_gid=804575726.1673561161&dxver=4.0.0&shaid=33038&plh=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3Dz9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue%2Ccriteo%3Dtrue&cb=1673561178683175&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1673561179404
IP 44.235.191.156:0
File type ASCII text, with very long lines (5709), with no line terminators
Hash 0d70e7b596df9fcf67c7912af5d542b0
c04af255ea099ec9c6c2f6f0bec60dc1de2cfa56
63a6049458f31b5b852675ed42f0d41ed7a79b3fc70298c9e4a9ce81dd4892ac
GET /st?ga_tracking_id=UA-28959768-20&ga_client_id=1666208106.1673561160&shpt=Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-28959768-20%22%2C%22ga_client_id%22%3A%221666208106.1673561160%22%2C%22shpt%22%3A%22Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar%22%2C%22dcm_cid%22%3A%221673561159.1%22%2C%22dcm_gid%22%3A%22804575726.1673561161%22%2C%22ga_utm_source%22%3A%22MaxBounty.com%20ULC%22%2C%22ga_utm_medium%22%3A%22affiliates%22%2C%22mntnis%22%3A%22KPD6OAOoqY4khwOpZfJVvXei6DQTZ9nC%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A7%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%2C%22ga_utm_source%22%3A%22OK%22%2C%22ga_utm_medium%22%3A%22OK%22%7D%7D&dcm_cid=1673561159.1&dcm_gid=804575726.1673561161&dxver=4.0.0&shaid=33038&plh=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3Dz9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue%2Ccriteo%3Dtrue&cb=1673561178683175&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1673561179404 HTTP/1.1
Host: px.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Cookie: guid=572861ac-92c5-11ed-9696-876639281746
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Thu, 12 Jan 2023 22:06:20 GMT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
set-cookie: tt=H4sIAAAAAAAAAKtWKlOyMtJR8guKNzY2MLaINzK3NFayMkAWsTC2AIsgcw3NzI1NzQwNLQwMjSxqASTQWctGAAAA;Domain=px.mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
rt="MzMwMzg6MTY3MzU2MTE4MA==";Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
guid=572861ac-92c5-11ed-9696-876639281746;Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
content-encoding: gzip
x-envoy-upstream-service-time: 13
server: istio-envoy
connection: close
transfer-encoding: chunked
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash 25b1a7574f506b2509b5418e52ab1c92
0e78fb5acdba685b03fab37218eaaf895b1835d1
4ebd0db4b755a6fabe644c41d08b4b9a57b48995d0099b23e7143ef0560a2329
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 22:06:20 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Mon, 16 Jan 2023 21:18:25 GMT
ETag: "0e78fb5acdba685b03fab37218eaaf895b1835d1"
Last-Modified: Thu, 12 Jan 2023 21:18:26 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1676
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 788932e128f70b02-OSL
match.adsrvr.org/track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=572861ac-92c5-11ed-9696-876639281746&gdpr=&gdpr_consent=
35.71.131.137200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=572861ac-92c5-11ed-9696-876639281746&gdpr=&gdpr_consent=
IP 35.71.131.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=572861ac-92c5-11ed-9696-876639281746&gdpr=&gdpr_consent= HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 12 Jan 2023 22:06:20 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?topUrl=flaviar.com&origin=onetag&us_privacy=1---
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/syncframe?topUrl=flaviar.com&origin=onetag&us_privacy=1---
IP 178.250.0.157:0
GET /syncframe?topUrl=flaviar.com&origin=onetag&us_privacy=1--- HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 12 Jan 2023 22:06:15 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=4b6d51e6-c066-4776-a43f-b924c7162cd9; expires=Tue, 06 Feb 2024 22:06:15 GMT; domain=.criteo.com; path=/; secure; samesite=none
optout=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.criteo.com; path=/
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 725024
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
criteo-partners.tremorhub.com/sync?UICR=k-Gg-XT1bniP4c1ZRJPD3we5pbj-jXgGbH2KLgLw&us_privacy=1---
54.80.185.96200 OK 0 B URL HTTP/2 criteo-partners.tremorhub.com/sync?UICR=k-Gg-XT1bniP4c1ZRJPD3we5pbj-jXgGbH2KLgLw&us_privacy=1---
IP 54.80.185.96:0
GET /sync?UICR=k-Gg-XT1bniP4c1ZRJPD3we5pbj-jXgGbH2KLgLw&us_privacy=1--- HTTP/1.1
Host: criteo-partners.tremorhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 12 Jan 2023 22:06:18 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
X-Firefox-Spdy: h2
flaviar.com/?irclickid=z9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0&ir_cid=3334&ir_affid=10813&utm_medium=affiliates&utm_source=MaxBounty.com%20ULC&ir_partnerid=10813&ir_adid=1215604&ir_campaignid=3334
172.66.40.91200 OK 0 B URL HTTP/2 flaviar.com/?irclickid=z9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0&ir_cid=3334&ir_affid=10813&utm_medium=affiliates&utm_source=MaxBounty.com%20ULC&ir_partnerid=10813&ir_adid=1215604&ir_campaignid=3334
IP 172.66.40.91:0
GET /?irclickid=z9WwdERT1xyNTfUU3bWBaTJ4UkAwGhzYrQK7zo0&ir_cid=3334&ir_affid=10813&utm_medium=affiliates&utm_source=MaxBounty.com%20ULC&ir_partnerid=10813&ir_adid=1215604&ir_campaignid=3334 HTTP/1.1
Host: flaviar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 12 Jan 2023 22:06:13 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: PHPSESSID=6038298b61c386d02bb2162396cb9d3e; expires=Fri, 13-Jan-2023 22:06:13 GMT; Max-Age=86400; path=/; secure; HttpOnly
cache-control: max-age=0, must-revalidate, private
link: <https://cdn.flaviar.com/build/runtime.2f2c49c0.js>; rel="preload"; as="script",<https://cdn.flaviar.com/build/1.e1f7a7db.js>; rel="preload"; as="script",<https://cdn.flaviar.com/build/2.2bcca980.js>; rel="preload"; as="script",<https://cdn.flaviar.com/build/app.1f074f7c.js>; rel="preload"; as="script",<https://cdn.flaviar.com/build/6.41d1423e.js>; rel="preload"; as="script",<https://cdn.flaviar.com/build/app-main.19b59abc.js>; rel="preload"; as="script",<https://cdn.flaviar.com/build/5.2a092778.css>; rel="preload"; as="style",<https://cdn.flaviar.com/build/app-style.7974e2dc.css>; rel="preload"; as="style",<https://cdn.flaviar.com/build/landing-frontpage.a76dce13.css>; rel="preload"; as="style",<https://cdn.flaviar.com/build/menu-style.83f9b35c.css>; rel="preload"; as="style"
expires: Thu, 12 Jan 2023 22:06:13 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B2xIOqrcaP3TLXBinUo4XEhFnIcV9IJ5Zl1ZEPD03HHHc7yWCq%2B5lOSY8APcJkKoAA0MP%2ByBNoKH3E7qcR8NwZ46hudpsXPMp9ShbHSJr0p7tFPdYQ9McPgSy6nK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 788932b43f1f1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.fbot.me/friendbuy.js
143.204.55.10200 OK 0 B URL HTTP/2 static.fbot.me/friendbuy.js
IP 143.204.55.10:0
GET /friendbuy.js HTTP/1.1
Host: static.fbot.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 04 Jan 2023 20:13:21 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: rEYMTWYvjUEoXuE8TqoITPnyxoX0M05M
server: AmazonS3
content-encoding: gzip
date: Thu, 12 Jan 2023 22:02:01 GMT
cache-control: max-age=300
etag: W/"a5c65f3744d6c72948fbdc6f535bacde"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: OzjtC393A3N-5n2XzFStTh7_yKs0dbkKzRQuJuef-Os3Eg8YuVXASw==
age: 253
X-Firefox-Spdy: h2
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-B92vdVbniP4c1ZRJPD3we5pbj-j2l_ul7OkfLw&us_privacy=1---
141.226.228.48200 OK 0 B URL HTTP/2 sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-B92vdVbniP4c1ZRJPD3we5pbj-j2l_ul7OkfLw&us_privacy=1---
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
GET /sg/criteortb-network/1/rtb-h/?taboola_hm=k-B92vdVbniP4c1ZRJPD3we5pbj-j2l_ul7OkfLw&us_privacy=1--- HTTP/1.1
Host: sync-t1.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 12 Jan 2023 22:06:17 GMT
x-fastly-to-nlb-rtt: 24006
access-control-allow-credentials: true
X-Firefox-Spdy: h2
aacdn.nagich.com/assets/locale/en.json
104.26.14.45200 OK 0 B URL HTTP/2 aacdn.nagich.com/assets/locale/en.json
IP 104.26.14.45:0
GET /assets/locale/en.json HTTP/1.1
Host: aacdn.nagich.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 12 Jan 2023 22:06:15 GMT
content-type: application/json
cache-control: public, max-age=2204800
last-modified: Tue, 15 Jun 2021 15:40:09 GMT
etag: W/"f45920b9fc61d71:0"
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: deny
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FuHO%2BCUrhwMqp%2F00LKQSAq2q07T30zAp2CZ1lyCjiQubD9R60hYyY9yFVyR52dRhFfZglOaQ%2FSU1lLQN1wrbdEm5Y%2BcdWiq5GKQtGpH0CkdjkoAOXgwDHh8l08hg5YeTu2A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 788932c1dad4b503-OSL
content-encoding: br
X-Firefox-Spdy: h2
campaign.fbot.me/06cc9139-6a61-41fc-88db-9ec21e04eecf/campaigns.js
54.230.111.107200 OK 0 B URL HTTP/2 campaign.fbot.me/06cc9139-6a61-41fc-88db-9ec21e04eecf/campaigns.js
IP 54.230.111.107:0
GET /06cc9139-6a61-41fc-88db-9ec21e04eecf/campaigns.js HTTP/1.1
Host: campaign.fbot.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 15 Dec 2022 13:46:51 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: p6gPN_w4SG47RQE5hfalMZL5TivdunUb
server: AmazonS3
content-encoding: gzip
date: Thu, 12 Jan 2023 22:05:50 GMT
cache-control: max-age=30
etag: W/"0ff3ee9396830061e9ba4b78bac75bb5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9h0RQDXHoUtTR5DXnT0MGMCdvGgVZgx05yGaKgyxNFAs26TZYUMRpA==
age: 25
X-Firefox-Spdy: h2
widget.trustpilot.com/trustbox-data/5419b6ffb0d04a076446a9af?businessUnitId=5c63d6134064df0001fff3b7&locale=en-US
54.230.111.50200 OK 0 B URL HTTP/2 widget.trustpilot.com/trustbox-data/5419b6ffb0d04a076446a9af?businessUnitId=5c63d6134064df0001fff3b7&locale=en-US
IP 54.230.111.50:0
GET /trustbox-data/5419b6ffb0d04a076446a9af?businessUnitId=5c63d6134064df0001fff3b7&locale=en-US HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
content-encoding: gzip
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: public,max-age=1800
date: Thu, 12 Jan 2023 21:40:32 GMT
etag: "15e255014c3528fd41d8495566714a48"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ubch4HQWpdyTXniWg6eauUAsDAxrdTewVscUdwrNYZsrDyvHjiAOug==
age: 1542
X-Firefox-Spdy: h2
getrockerbox.com/customdomain/rb9yp8py.flaviar.com/wxyz.rb.js
172.64.175.31301 Moved Permanently 0 B URL HTTP/2 getrockerbox.com/customdomain/rb9yp8py.flaviar.com/wxyz.rb.js
IP 172.64.175.31:0
GET /customdomain/rb9yp8py.flaviar.com/wxyz.rb.js HTTP/1.1
Host: getrockerbox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Thu, 12 Jan 2023 22:06:15 GMT
content-type: text/html
location: https://rb9yp8py.flaviar.com/assets/wxyz.rb.js
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LucSiuZcb%2BUlZLHRey7LVu3jLgI8BAn6wVBPf8nk5ISB%2FqGUQzqVFveP7tu255%2FqvKk8mO5lOaKYJIPQrILbbr3w8h8VM27zrOs7oLV%2BsYYjItlPtOHVZttAFoPeb0G%2Bf%2FHG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 788932c388ec732d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-aIg9h1bniP4c1ZRJPD3we5pbj-gBPZOTEL8fLrm-vptkl3nb&us_privacy=1---
18.193.40.54200 OK 0 B URL HTTP/2 exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-aIg9h1bniP4c1ZRJPD3we5pbj-gBPZOTEL8fLrm-vptkl3nb&us_privacy=1---
IP 18.193.40.54:0
GET /usersync/push?partner=criteo&partnerId=k-aIg9h1bniP4c1ZRJPD3we5pbj-gBPZOTEL8fLrm-vptkl3nb&us_privacy=1--- HTTP/1.1
Host: exchange.mediavine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 12 Jan 2023 22:06:17 GMT
content-type: text/html; charset=utf-8
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
cache-control: private, no-cache
set-cookie: mv_tokens=%7B%22mv_uuid%22%3A%2256adb270-92c5-11ed-993b-6fe0ceb21b76%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Thu, 26 Jan 2023 22:06:17 GMT; Secure; SameSite=None
mv_tokens_eu-v1=%7B%22mv_uuid%22%3A%2256adb270-92c5-11ed-993b-6fe0ceb21b76%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Thu, 26 Jan 2023 22:06:17 GMT; Secure; SameSite=None
am_tokens=%7B%22mv_uuid%22%3A%2256adb270-92c5-11ed-993b-6fe0ceb21b76%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Thu, 26 Jan 2023 22:06:17 GMT; Secure; SameSite=None
am_tokens_eu-v1=%7B%22mv_uuid%22%3A%2256adb270-92c5-11ed-993b-6fe0ceb21b76%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Thu, 26 Jan 2023 22:06:17 GMT; Secure; SameSite=None
criteo=%7B%22id%22%3A%22k-aIg9h1bniP4c1ZRJPD3we5pbj-gBPZOTEL8fLrm-vptkl3nb%22%2C%22version%22%3A%22criteo%22%7D; Path=/; Expires=Thu, 26 Jan 2023 22:06:17 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
insight.adsrvr.org/track/evnt/?adv=76e29rb&ct=0:yx1zelg&fmt=3
35.71.131.137200 OK 0 B URL HTTP/2 insight.adsrvr.org/track/evnt/?adv=76e29rb&ct=0:yx1zelg&fmt=3
IP 35.71.131.137:0
GET /track/evnt/?adv=76e29rb&ct=0:yx1zelg&fmt=3 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 12 Jan 2023 22:06:20 GMT
content-type: image/gif
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
aacdn.nagich.com/style/btncolor.css
104.26.14.45200 OK 0 B URL HTTP/2 aacdn.nagich.com/style/btncolor.css
IP 104.26.14.45:0
GET /style/btncolor.css HTTP/1.1
Host: aacdn.nagich.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 12 Jan 2023 22:06:15 GMT
content-type: text/css
cache-control: public, max-age=2204800
last-modified: Mon, 11 Feb 2019 11:17:50 GMT
etag: W/"4c2a96cfbc1d41:0"
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: deny
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1161422
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ly3oRkauLxcd2HZwatvngdrsirSLTHqGesXZD8V3RFnylY1R32eCN7hEv1VWLas2BDogpZsFcItxVAG8qlef%2BZQP7ZJnHt9uQjFULZRCGpyrxsIsdS%2FviXSjY55dkE78RsE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 788932c1dad1b503-OSL
content-encoding: br
X-Firefox-Spdy: h2
dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0&us_privacy=1---
178.250.0.163200 OK 0 B URL HTTP/2 dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0&us_privacy=1---
IP 178.250.0.163:0
GET /dis/rtb/appnexus/cookiematch.aspx?appnxsid=0&us_privacy=1--- HTTP/1.1
Host: dis.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 12 Jan 2023 22:06:17 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
timing-allow-origin: *
server-processing-duration-in-ticks: 413922
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2