flaviar.5d3x.net/c/10813/1215604/3334?SubId1=1170913543&SharedId=105141&level=1&srcref=1.trackao.com&brwsr=55e88325-76db-11ed-a71b-afa8190ca90d&brwsrsig=WVN1aFy9f1RYxYqWByRFqQuFQmRylX
54.228.101.140301 Moved Permanently 0 B URL HTTP/1.1 flaviar.5d3x.net/c/10813/1215604/3334?SubId1=1170913543&SharedId=105141&level=1&srcref=1.trackao.com&brwsr=55e88325-76db-11ed-a71b-afa8190ca90d&brwsrsig=WVN1aFy9f1RYxYqWByRFqQuFQmRylX
IP 54.228.101.140:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/10813/1215604/3334?SubId1=1170913543&SharedId=105141&level=1&srcref=1.trackao.com&brwsr=55e88325-76db-11ed-a71b-afa8190ca90d&brwsrsig=WVN1aFy9f1RYxYqWByRFqQuFQmRylX HTTP/1.1
Host: flaviar.5d3x.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 08 Dec 2022 09:33:28 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: AWSALB=AU8Dw3eBXLOmVwiywCeO5NXBWvnvau0DqsfgwjGgSQJCSZ2wdfTOzK8P1encAkccakUO+y5+KHLVeE0reK3ntaabzZhHH2PiCBWvIsB3yIcZ3/V3uSb71nUdZd+M; Expires=Thu, 15 Dec 2022 09:33:28 GMT; Path=/
AWSALBCORS=AU8Dw3eBXLOmVwiywCeO5NXBWvnvau0DqsfgwjGgSQJCSZ2wdfTOzK8P1encAkccakUO+y5+KHLVeE0reK3ntaabzZhHH2PiCBWvIsB3yIcZ3/V3uSb71nUdZd+M; Expires=Thu, 15 Dec 2022 09:33:28 GMT; Path=/; SameSite=None
Cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Expires: Thu, 08 Dec 2022 09:33:28 GMT
P3P: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
Location: https://flaviar.5d3x.net/c/10813/1215604/3334?SubId1=1170913543&SharedId=105141&level=2&srcref=1.trackao.com
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16362
Expires: Thu, 08 Dec 2022 14:06:11 GMT
Date: Thu, 08 Dec 2022 09:33:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 388f6fea5bafa378266622b72311a6ee
447f102dc12172ce1ba44c5e94e1d7bb49d43372
a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5252
Expires: Thu, 08 Dec 2022 11:01:01 GMT
Date: Thu, 08 Dec 2022 09:33:29 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 08 Dec 2022 09:08:11 GMT
content-type: application/json
age: 1518
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 00e7703bd74975689fc9050356aaca6b
9788fe6a36d6f278e8da329ebc5dd87bcd212317
593bc437ff8a8233516c62613d50220fcb25b9f967ed5fb384c253f0db135103
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "593BC437FF8A8233516C62613D50220FCB25B9F967ED5FB384C253F0DB135103"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2772
Expires: Thu, 08 Dec 2022 10:19:41 GMT
Date: Thu, 08 Dec 2022 09:33:29 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 9epFPJ8/ZoxAAwrEZRq0f3JCJ7WZPOzwoJQX6UAgP5pjn5eR7vmNLhfV6rWex7kAuTyXFaZ5/MA=
x-amz-request-id: H82SVW8A8NAP00C2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 08 Dec 2022 08:47:51 GMT
age: 2738
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 09:33:29 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 8d8f536f7907f436a00abed98a13b628
700a4e4bb29f934d45fcf61217a70b91e9228f48
67488e4ac891e56036b1ece063febc19ab79adb3c972283339a12d828d0c6a66
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=141307
Date: Thu, 08 Dec 2022 09:33:29 GMT
Etag: "63913464-1d7"
Expires: Sat, 10 Dec 2022 00:48:36 GMT
Last-Modified: Thu, 08 Dec 2022 00:48:36 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: fdNCs1aUQ7wvmkKbUh5nMs3g72bls9gEpKFPLTN6Uek3fgwKJR3-kg==
flaviar.5d3x.net/c/10813/1215604/3334?SubId1=1170913543&SharedId=105141&level=2&srcref=1.trackao.com
54.77.154.87302 Found 227 B URL HTTP/2 flaviar.5d3x.net/c/10813/1215604/3334?SubId1=1170913543&SharedId=105141&level=2&srcref=1.trackao.com
IP 54.77.154.87:0
File type HTML document, ASCII text
Hash 3682ceb9d8b65fc7b7289203eb218590
18ffb3a740a5f32ee01ea1ec0028d73fbd84abf4
75c05937f63117635ecfdac2a55e106413531da39dd98d8637d9e0e46af53c11
GET /c/10813/1215604/3334?SubId1=1170913543&SharedId=105141&level=2&srcref=1.trackao.com HTTP/1.1
Host: flaviar.5d3x.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Thu, 08 Dec 2022 09:33:29 GMT
content-type: text/html; charset=utf-8
content-length: 227
location: https://www.ojrq.net/p/?return=https%3A%2F%2Fflaviar.5d3x.net%2Fc%2F10813%2F1215604%2F3334%3FSubId1%3D1170913543%26SharedId%3D105141%26level%3D3%26srcref%3D1.trackao.com&cid=3334&tpsync=yes
set-cookie: AWSALB=XDcxBpFmSm0Ja4LmZIZr3hwy5XYW5EH+ae0e+2svejnZPvtlHhsO1mxJrAubpmQqLCI1FT03dh9aNXRNhF9b5BJ/oam/WWUjgNMuzVuEyL+DfYPr5HghKi7b4SUy; Expires=Thu, 15 Dec 2022 09:33:29 GMT; Path=/
AWSALBCORS=XDcxBpFmSm0Ja4LmZIZr3hwy5XYW5EH+ae0e+2svejnZPvtlHhsO1mxJrAubpmQqLCI1FT03dh9aNXRNhF9b5BJ/oam/WWUjgNMuzVuEyL+DfYPr5HghKi7b4SUy; Expires=Thu, 15 Dec 2022 09:33:29 GMT; Path=/; SameSite=None; Secure
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
expires: Thu, 08 Dec 2022 09:33:29 GMT
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash a1fe46ffc11ad7847f1713fd7fa3c461
ffebe97c4aca7bdaadda5d499e4e0bee479c5618
59c4501bea449a997cd5cd022541371f6f693996440f5ff7083db7cd5bfafe1d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 09:33:29 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 17:55:46 GMT
Expires: Tue, 13 Dec 2022 17:55:45 GMT
Etag: "ffebe97c4aca7bdaadda5d499e4e0bee479c5618"
Cache-Control: max-age=461535,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77647ff2ad8eb51b-OSL
www.ojrq.net/p/?return=https%3A%2F%2Fflaviar.5d3x.net%2Fc%2F10813%2F1215604%2F3334%3FSubId1%3D1170913543%26SharedId%3D105141%26level%3D3%26srcref%3D1.trackao.com&cid=3334&tpsync=yes
34.95.127.121302 Found 0 B URL HTTP/2 www.ojrq.net/p/?return=https%3A%2F%2Fflaviar.5d3x.net%2Fc%2F10813%2F1215604%2F3334%3FSubId1%3D1170913543%26SharedId%3D105141%26level%3D3%26srcref%3D1.trackao.com&cid=3334&tpsync=yes
IP 34.95.127.121:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/?return=https%3A%2F%2Fflaviar.5d3x.net%2Fc%2F10813%2F1215604%2F3334%3FSubId1%3D1170913543%26SharedId%3D105141%26level%3D3%26srcref%3D1.trackao.com&cid=3334&tpsync=yes HTTP/1.1
Host: www.ojrq.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
expires: Thu, 08 Dec 2022 09:33:29 GMT
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
set-cookie: brwsr=5fbd4bb6-76db-11ed-9ec9-d90eb3934b0f; Domain=.ojrq.net; Path=/; Secure; Max-Age=62208000; Expires=Wed, 27 Nov 2024 09:33:29 GMT; HttpOnly; SameSite=None
location: https://flaviar.5d3x.net/c/10813/1215604/3334?SubId1=1170913543&SharedId=105141&level=3&srcref=1.trackao.com&brwsr=5fbd4bb6-76db-11ed-9ec9-d90eb3934b0f&brwsrsig=0ndSWc0dhWrM3FFVjdTWLVZuTP-3kW
content-length: 0
date: Thu, 08 Dec 2022 09:33:29 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 08 Dec 2022 09:07:58 GMT
age: 1531
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
flaviar.5d3x.net/c/10813/1215604/3334?SubId1=1170913543&SharedId=105141&level=3&srcref=1.trackao.com&brwsr=5fbd4bb6-76db-11ed-9ec9-d90eb3934b0f&brwsrsig=0ndSWc0dhWrM3FFVjdTWLVZuTP-3kW
54.77.154.87301 Moved Permanently 0 B URL HTTP/2 flaviar.5d3x.net/c/10813/1215604/3334?SubId1=1170913543&SharedId=105141&level=3&srcref=1.trackao.com&brwsr=5fbd4bb6-76db-11ed-9ec9-d90eb3934b0f&brwsrsig=0ndSWc0dhWrM3FFVjdTWLVZuTP-3kW
IP 54.77.154.87:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/10813/1215604/3334?SubId1=1170913543&SharedId=105141&level=3&srcref=1.trackao.com&brwsr=5fbd4bb6-76db-11ed-9ec9-d90eb3934b0f&brwsrsig=0ndSWc0dhWrM3FFVjdTWLVZuTP-3kW HTTP/1.1
Host: flaviar.5d3x.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: AWSALB=XDcxBpFmSm0Ja4LmZIZr3hwy5XYW5EH+ae0e+2svejnZPvtlHhsO1mxJrAubpmQqLCI1FT03dh9aNXRNhF9b5BJ/oam/WWUjgNMuzVuEyL+DfYPr5HghKi7b4SUy; AWSALBCORS=XDcxBpFmSm0Ja4LmZIZr3hwy5XYW5EH+ae0e+2svejnZPvtlHhsO1mxJrAubpmQqLCI1FT03dh9aNXRNhF9b5BJ/oam/WWUjgNMuzVuEyL+DfYPr5HghKi7b4SUy
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 301 Moved Permanently
date: Thu, 08 Dec 2022 09:33:29 GMT
content-length: 0
location: https://flaviar.com?irclickid=1-9wPfyDDxyNR7RVoXTXjwISUkAxH43tD1MORM0&ir_cid=3334&ir_affid=10813&utm_medium=affiliates&utm_source=MaxBounty.com%20ULC&ir_partnerid=10813&ir_adid=1215604&ir_campaignid=3334
set-cookie: AWSALB=p8IUp8nmhWlYKsRytYY1B/r/LC1E7OSfS136C0jheLnBpwCfU+ZIKt55HcJ7dz/UF4g6bkfDflZHw2nTMQweM86ZS/MxI4uWcDt8ZeAbPCb58IiZmGf6B1+K2trn; Expires=Thu, 15 Dec 2022 09:33:29 GMT; Path=/
AWSALBCORS=p8IUp8nmhWlYKsRytYY1B/r/LC1E7OSfS136C0jheLnBpwCfU+ZIKt55HcJ7dz/UF4g6bkfDflZHw2nTMQweM86ZS/MxI4uWcDt8ZeAbPCb58IiZmGf6B1+K2trn; Expires=Thu, 15 Dec 2022 09:33:29 GMT; Path=/; SameSite=None; Secure
brwsr=5fbd4bb6-76db-11ed-9ec9-d90eb3934b0f; Domain=.5d3x.net; Path=/; Secure; Max-Age=62208000; Expires=Wed, 27 Nov 2024 09:33:29 GMT; HttpOnly; SameSite=None
irld=LR0FXdAUGEQuPT2cwbDX1lUfa; Path=/; Secure; Max-Age=15552000; Expires=Tue, 6 Jun 2023 09:33:29 GMT; HttpOnly; SameSite=None
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
expires: Thu, 08 Dec 2022 09:33:29 GMT
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 053aff7451e55d4269dd9610ab070f3f
b3376256d11d159b0c7280ba1515b78d7d9e12ca
24114ca560fe70d03185bd66985603fd5a03dc310aa9a8ea7a7b3723ed46ce3e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3670
Cache-Control: max-age=88471
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:29 GMT
Etag: "639057aa-1d7"
Expires: Fri, 09 Dec 2022 10:08:00 GMT
Last-Modified: Wed, 07 Dec 2022 09:06:50 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash a1fe46ffc11ad7847f1713fd7fa3c461
ffebe97c4aca7bdaadda5d499e4e0bee479c5618
59c4501bea449a997cd5cd022541371f6f693996440f5ff7083db7cd5bfafe1d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 09:33:29 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 17:55:46 GMT
Expires: Tue, 13 Dec 2022 17:55:45 GMT
Etag: "ffebe97c4aca7bdaadda5d499e4e0bee479c5618"
Cache-Control: max-age=461535,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77647ff3bf2fb51b-OSL
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 33f625c9a3e35163f8d45b81cf7706e7
579fca99715be65ce43803685a7464d023f7380e
214a42daecaf171b42ada1db201e1c705ad89ae556a6d40a64b67e5d6d6c32d5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:29 GMT
Etag: "638fece5-116"
Server: ECS (amb/6BA1)
Content-Length: 279
push.services.mozilla.com/
54.186.169.128101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.186.169.128:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: exmC3ht2aFiyOl48RrJDxA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: e44UbnEgsZ2rIwlJlSl1NcxtDrk=
flaviar.com/?irclickid=1-9wPfyDDxyNR7RVoXTXjwISUkAxH43tD1MORM0&ir_cid=3334&ir_affid=10813&utm_medium=affiliates&utm_source=MaxBounty.com%20ULC&ir_partnerid=10813&ir_adid=1215604&ir_campaignid=3334
172.66.40.91200 OK 10 kB URL HTTP/2 flaviar.com/?irclickid=1-9wPfyDDxyNR7RVoXTXjwISUkAxH43tD1MORM0&ir_cid=3334&ir_affid=10813&utm_medium=affiliates&utm_source=MaxBounty.com%20ULC&ir_partnerid=10813&ir_adid=1215604&ir_campaignid=3334
IP 172.66.40.91:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (503)
Hash e31fec30f00cfe1eade19ee29cfa8c4c
d3ac76f71f0da17cfab24a96b65f3e90f6a55bec
cbaeb858e80fabf769d952a578d2f8fc8058311712dbf912512ad06bed128efb
GET /?irclickid=1-9wPfyDDxyNR7RVoXTXjwISUkAxH43tD1MORM0&ir_cid=3334&ir_affid=10813&utm_medium=affiliates&utm_source=MaxBounty.com%20ULC&ir_partnerid=10813&ir_adid=1215604&ir_campaignid=3334 HTTP/1.1
Host: flaviar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:33:30 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: PHPSESSID=8246cf607f4fa310b8bebb3c6a46e9bc; expires=Fri, 09-Dec-2022 09:33:29 GMT; Max-Age=86400; path=/; secure; HttpOnly
cache-control: max-age=0, must-revalidate, private
link: <https://cdn.flaviar.com/build/runtime.9a3426ea.js>; rel="preload"; as="script",<https://cdn.flaviar.com/build/1.e1f7a7db.js>; rel="preload"; as="script",<https://cdn.flaviar.com/build/2.bb78030d.js>; rel="preload"; as="script",<https://cdn.flaviar.com/build/app.c0f32fe0.js>; rel="preload"; as="script",<https://cdn.flaviar.com/build/6.b4527ba4.js>; rel="preload"; as="script",<https://cdn.flaviar.com/build/app-main.fd4a1c88.js>; rel="preload"; as="script",<https://cdn.flaviar.com/build/5.2a092778.css>; rel="preload"; as="style",<https://cdn.flaviar.com/build/app-style.377245f9.css>; rel="preload"; as="style",<https://cdn.flaviar.com/build/landing-frontpage.9b5c61d3.css>; rel="preload"; as="style",<https://cdn.flaviar.com/build/menu-style.83f9b35c.css>; rel="preload"; as="style"
expires: Thu, 08 Dec 2022 09:33:30 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UNQd63Er7Re7niXUArJIq1NMVBfd%2Bqfs02lAnNxsHzzL%2B2nDsC9EW8pRhQjKh7ND2qgRB38Ql0w5Ivsj6Z9sIGgLzJoPimqvrChrtwRPgA8EbmFJJBGPP72bIUHI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77647ff568f1fab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
143.204.55.78200 OK 6.1 kB URL HTTP/2 widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
IP 143.204.55.78:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (19239)
Hash 5add60196e5f96a414fb4b9586764e5d
633f471b3c2fcedeef9cad90cb5bf56f5fe55588
5370f4ba91dda790c7cae92817b812fcbd1ab367cbb4862f5669960ae4e2c9e0
GET /bootstrap/v5/tp.widget.bootstrap.min.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 6124
last-modified: Mon, 30 May 2022 14:38:02 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Thu, 08 Dec 2022 01:28:24 GMT
cache-control: max-age=86400
etag: "5add60196e5f96a414fb4b9586764e5d"
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: J3gZvl4rXht3D4tehWrsK6Y6svJjrwUiEjIVCW03dUZcahhTgvFdrQ==
age: 29107
X-Firefox-Spdy: h2
use.typekit.net/bne0epn.js
23.33.119.19200 OK 6.7 kB URL HTTP/2 use.typekit.net/bne0epn.js
IP 23.33.119.19:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (2258)
Hash 56c323529b45591f153e4f5a72d75c0e
cfada07aa803d4651a773d0e4536e036bcfd134c
2953f691618da33aef7c7b909532b8a918bf95dc02c9d44816c526fd40bed81d
GET /bne0epn.js HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/javascript;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: public, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 6730
date: Thu, 08 Dec 2022 09:33:30 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0c89743226644fddacbe5d50c110b950
b343ae9eb9047cf764b518083d612ffd3652b209
1bf675bb6e12e913a98cd8849c1af9a0c50b0bb8bfa670c86419b41782e06e47
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-K4F6SWQ
142.250.74.168200 OK 109 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-K4F6SWQ
IP 142.250.74.168:0
File type ASCII text, with very long lines (49620)
Size 109 kB (109067 bytes)
Hash 8d58b39d3bdecd689c677ef9941230da
70b66c065da6a8fc3a2c2604f1317c8369a5c4c9
08c266d40a833e03d1855eb9b5ee9ccca7ce3b270ec9dff4db27512e54bba28e
GET /gtm.js?id=GTM-K4F6SWQ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 08 Dec 2022 09:33:30 GMT
expires: Thu, 08 Dec 2022 09:33:30 GMT
cache-control: private, max-age=900
last-modified: Thu, 08 Dec 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 109067
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0c89743226644fddacbe5d50c110b950
b343ae9eb9047cf764b518083d612ffd3652b209
1bf675bb6e12e913a98cd8849c1af9a0c50b0bb8bfa670c86419b41782e06e47
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
use.typekit.net/af/8de6d2/00000000000000003b9adc6b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
23.33.119.19200 OK 30 kB URL HTTP/2 use.typekit.net/af/8de6d2/00000000000000003b9adc6b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
IP 23.33.119.19:0
ASN #20940 Akamai International B.V.
Hash 2702cc49236cc42a686cc19843272ce1
521a93c753f97ae34f546ad45110c7432f7035d8
66fb220280f1b6e9b36ef10839e075df33bd6bb50374067aabfd31f7d04ea2b0
GET /af/8de6d2/00000000000000003b9adc6b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 29392
etag: "2bd51188b101f4cf29ce1d8dfdbe91d00fc07ba6"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Thu, 08 Dec 2022 09:33:31 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/85d455/00000000000000003b9adc6a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
23.33.119.19200 OK 32 kB URL HTTP/2 use.typekit.net/af/85d455/00000000000000003b9adc6a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
IP 23.33.119.19:0
ASN #20940 Akamai International B.V.
Hash 8bc48b4498b12b8605cd83c253591d27
1fb74c1c0eef204b6ab5fe2c213fe6d618b24d94
6427d8fc6eedc5e7efffaf9cce5463484c6fdf67b83b89c419283861e70822fd
GET /af/85d455/00000000000000003b9adc6a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 30656
etag: "374d4e049d59d33f7c1b988631b115ad96597d60"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Thu, 08 Dec 2022 09:33:31 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/379cfa/00000000000000003b9adc6d/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
23.33.119.19200 OK 12 kB URL HTTP/2 use.typekit.net/af/379cfa/00000000000000003b9adc6d/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
IP 23.33.119.19:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 11668, version 1.0\012- data
Hash 71eca0957e4d35fc26852895f49491f8
d9ba92c55ef2a7370857143922344880bac2bf6e
4e2db239b50398011c1fb49a5ea7e296a9babab1a7b4968d1974d417f1ab805b
GET /af/379cfa/00000000000000003b9adc6d/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 11668
etag: "a53237c24cbd279f0405e007f31ec7f47234819b"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Thu, 08 Dec 2022 09:33:31 GMT
X-Firefox-Spdy: h2
static.fbot.me/friendbuy.js
143.204.55.91200 OK 85 kB URL HTTP/2 static.fbot.me/friendbuy.js
IP 143.204.55.91:0
Hash fcf278d999c97649db45ba44fc3d7f30
25dae01808ac0b994a1b080fd3ee2f1b8d139ed8
ab042093f12b95255ad532a359de1d5c151f6ff44dcf6f45663a2b67767ee151
GET /friendbuy.js HTTP/1.1
Host: static.fbot.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 18:54:50 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: 1TJItsrldzDocUTOk9.t5QWqlV.wmjrZ
server: AmazonS3
content-encoding: gzip
date: Thu, 08 Dec 2022 09:29:07 GMT
cache-control: max-age=300
etag: W/"0b5bcf54c4cdbc59dd5b187265ffc20d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wgcyu8lJfBrbtMOUo0Mw-N_bVwUBYTJUi6l9cRaAdM385i-bK73vug==
age: 278
X-Firefox-Spdy: h2
widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7
143.204.55.78200 OK 2.1 kB URL HTTP/2 widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7
IP 143.204.55.78:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (6826)
Hash 1307e3fd5846bacc989c2fd05996f010
3fd96ecea8c4a91980939fe1e1efe9ec0f47eebc
39f14c526d9f43a24b5c1e219e7ee63500f90b39517d18085573dcf73eb33d87
GET /trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7 HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 2144
last-modified: Tue, 04 Oct 2022 10:34:09 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Thu, 08 Dec 2022 08:30:09 GMT
cache-control: max-age=86400
etag: "1307e3fd5846bacc989c2fd05996f010"
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: G5Mx9a2KaUIT0FktYK-yMg0I_e3kUuAHHSTLBKBLnEokaC4azW8eRw==
age: 15490
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 31 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3795ea8925c3844b5be82bfcb5f1c0e6
b159e231483ee2c0c86f5100793353c8bdce9a26
81f562789b840da9af5e014dd969d6c95c0ab90cf2a2f1801d32d7dbd82afac8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2760
Expires: Thu, 08 Dec 2022 10:19:31 GMT
Date: Thu, 08 Dec 2022 09:33:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 1.1 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac1011f88e36598d59603db2a6acd59b
3d1295c59c85dc3063eea702dbb7e31aebf6f8f1
bba80beb3659ca0d1ec20c2152a3c69bd45a7cd00003e43d1c91c553ca61dcef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2760
Expires: Thu, 08 Dec 2022 10:19:31 GMT
Date: Thu, 08 Dec 2022 09:33:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 25 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e8d2cccb599908b27dec2c881408bcd8
e27bb785741666be68eb7108c826f7a56b10fef0
6ff1e5199253d132052d6f332de1f64fd7a22b781017189c55428222a3b69a6d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2760
Expires: Thu, 08 Dec 2022 10:19:31 GMT
Date: Thu, 08 Dec 2022 09:33:31 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a21d707-1bf7-4b7f-a23b-7e8f38dd40c5.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a21d707-1bf7-4b7f-a23b-7e8f38dd40c5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3d44d17585c9a536c8da0e75ed90d175
9dc35d0f6b251004bc1ddc83aea9ee71c95aedd1
6d14a5b5c43b39244434560a83a2bfea6604a4d072943b6147293b7adfd1b7b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a21d707-1bf7-4b7f-a23b-7e8f38dd40c5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10164
x-amzn-requestid: a0cb7259-0a07-44f5-91cd-e96b8d9c9cac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cnAPOGSnoAMFUUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c472e-799b6ee425e29fb70ff7e4ea;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 07:07:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5Q2LRCrEYVZz_KldQARUQ26O1mv0G7rMAPQXGkBzUnERF-WjtZPMJA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 10:23:11 GMT
age: 83420
etag: "9dc35d0f6b251004bc1ddc83aea9ee71c95aedd1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b87d6543345f73653ed4a49b37d7c959
c4f26846b8b72293368ff16915d49297cf12bbb9
aee6aa42e4b5b83b81f74801ff8f0039fc6d38036f42ee81875813c856cf5eef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8659
x-amzn-requestid: 6f420d07-65d5-4bb2-9f1f-e56025de497b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFSYFArIAMF46w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911c0f-0a295e5c48228d5806b4f107;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TSh1BNzzIPhWCfYEiqvQJckSPAyhHobe-HK6msEVeEJ1ruX-_rMSSA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:33:19 GMT
age: 36012
etag: "c4f26846b8b72293368ff16915d49297cf12bbb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb40390-82ef-453b-afca-e37aa7674ed3.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb40390-82ef-453b-afca-e37aa7674ed3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f0c8a8dbe6c3ae6eaa2e464296708f5c
98556b27bc3759d0ceb8200ff5bc7b9567e428a5
bfc64a0e18c0137360f746eca256f464e26d23a04521ea629c46ae50ea6af173
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb40390-82ef-453b-afca-e37aa7674ed3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9058
x-amzn-requestid: 1f7fdd3d-1e65-46f7-8ef2-d164bf81e72b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctlz4FtuIAMFjsg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee9b2-4866b3fd61fdb35d34317038;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:05:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6ET1Tfo1QXRpjkWyOE7jfYnWToK8h7ojB31efNc09awacwlCIYEPjA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 05:05:36 GMT
age: 16075
etag: "98556b27bc3759d0ceb8200ff5bc7b9567e428a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
p.typekit.net/p.gif?s=1&k=bne0epn&ht=tk&h=flaviar.com&f=28578.28579.28736&a=7301736&js=1.21.0&app=typekit&e=js&_=1670492010708
23.33.119.19200 OK 35 B URL HTTP/2 p.typekit.net/p.gif?s=1&k=bne0epn&ht=tk&h=flaviar.com&f=28578.28579.28736&a=7301736&js=1.21.0&app=typekit&e=js&_=1670492010708
IP 23.33.119.19:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 81144d75b3e69e9aa2fa3e9d83a64d03
f0fbc60b50edf5b2a0b76e0aa0537b76bf346ffc
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
GET /p.gif?s=1&k=bne0epn&ht=tk&h=flaviar.com&f=28578.28579.28736&a=7301736&js=1.21.0&app=typekit&e=js&_=1670492010708 HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: image/gif
cross-origin-resource-policy: cross-origin
etag: "61c32ad2-23"
last-modified: Wed, 22 Dec 2021 13:40:34 GMT
server: nginx
content-length: 35
date: Thu, 08 Dec 2022 09:33:31 GMT
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15e59c3f-fa3a-4698-96c2-2e89662ffa9f.webp
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15e59c3f-fa3a-4698-96c2-2e89662ffa9f.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 311cb4353566dfb426dbc692fde93223
979910df445a5c4d3513c8c25e289800335f646d
5ecd5c12620c0b8b6bbf456cb6c016168479a735f4eb67a9a1047677b9d798fb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15e59c3f-fa3a-4698-96c2-2e89662ffa9f.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8179
x-amzn-requestid: 39aa4016-4f48-4d2a-b94b-05432980d66a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czCruHckIAMFkHg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639117e4-1953985a5c8d2da8239ec8e8;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 22:47:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qKaRX4QpQU2U8J-jk1lWjhAooObsgxfHuNXv5Bbc69IEMCXAyIESeQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:50:01 GMT
age: 38610
etag: "979910df445a5c4d3513c8c25e289800335f646d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F234796b8-a59e-4174-a03a-b127b03b60eb.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F234796b8-a59e-4174-a03a-b127b03b60eb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 57a992ab666f21c6da0057fefb622ff2
c36381d6744ae44360b2a37ca7586028e980714b
afe4050d9b07dcab509c95eb8d75ca410db74bd59f39561e5d190550cb61503e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F234796b8-a59e-4174-a03a-b127b03b60eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13556
x-amzn-requestid: 3e79e2da-80ea-404c-8d87-939c7682dbe8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy4h8EuUIAMFkIQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639107a5-68318f164708882a43fb0f12;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:37:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7RZTh3iQHGp_XffXQQw13UUWqPNZQFJ_e4pIvNPgAaA1aGy_cXMueA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:18:20 GMT
age: 40511
etag: "c36381d6744ae44360b2a37ca7586028e980714b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e6c8e9d-aef1-4772-8747-82ef7e4ceeb1.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e6c8e9d-aef1-4772-8747-82ef7e4ceeb1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fb1ea0161d261518c99909aff49e6f58
c3b915cb579b651db25442fea0bbedd0d292c0fc
d877a21abfd883a368da0136c4e56d7f590fa9e9ea09dec3675823211fe56385
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e6c8e9d-aef1-4772-8747-82ef7e4ceeb1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6110
x-amzn-requestid: 2ebf542a-dacc-472a-81c0-0c69cb1ec143
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctEQAH2doAMFljA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb3ff-7173ff7941b57fa163e3cc6b;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:16:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Bo1JGLLmbH9LRrcXA4i8qVD1ilMqHxNWq1u52RhGMAdAhywK42lMPA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 01:57:38 GMT
age: 27353
etag: "c3b915cb579b651db25442fea0bbedd0d292c0fc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/main.js
143.204.55.78200 OK 17 kB URL HTTP/2 widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/main.js
IP 143.204.55.78:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (55452)
Hash 93d7d7afc794dd57add6ab0e6cb1e7a5
f3192d2eb299e4111ac69821274555c54d34dd5e
07125f97b71d0a4b48f6ff11db9e9cbaa6ee1bd510ee795cb05353a3cd087f84
GET /trustboxes/5419b6ffb0d04a076446a9af/main.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 17072
last-modified: Tue, 04 Oct 2022 10:34:10 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Wed, 07 Dec 2022 19:03:34 GMT
cache-control: max-age=86400
etag: "93d7d7afc794dd57add6ab0e6cb1e7a5"
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wHeVgxzEm4nCJ6OxykzHecifsjcUiwX-6Pv4CwT6fsqoi9EqDAsajA==
age: 52198
X-Firefox-Spdy: h2
consent.cookiebot.com/uc.js?cbid=d053bff0-f51a-4434-ab3e-b7ec8831e3ed
2.22.31.91200 OK 33 kB URL HTTP/2 consent.cookiebot.com/uc.js?cbid=d053bff0-f51a-4434-ab3e-b7ec8831e3ed
IP 2.22.31.91:0
ASN #20940 Akamai International B.V.
Hash 276067a5c81a0f3d7decbc00dc8de166
90df6b3f3934499076a307b507d9a962f47e2219
1bfd717e59283589f32538de7d8b57f92d84888e08358f3b5966a9174146f266
GET /uc.js?cbid=d053bff0-f51a-4434-ab3e-b7ec8831e3ed HTTP/1.1
Host: consent.cookiebot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Tue, 22 Nov 2022 07:34:39 GMT
accept-ranges: bytes
etag: "db2e3fe144fed81:0"
vary: Accept-Encoding
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
access-control-expose-headers: Request-Context
content-length: 31718
cache-control: public, max-age=428
expires: Thu, 08 Dec 2022 09:40:39 GMT
date: Thu, 08 Dec 2022 09:33:31 GMT
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e20f247f852f51ced662de0889415d9f
ad749435be21aba6c7d877f04f5616528e787510
b0aa3159dd570c86750afcb7beb8dc0bfcd39cbb346f2e8fb5cf0b05a3910014
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "B0AA3159DD570C86750AFCB7BEB8DC0BFCD39CBB346F2E8FB5CF0B05A3910014"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=226
Expires: Thu, 08 Dec 2022 09:37:17 GMT
Date: Thu, 08 Dec 2022 09:33:31 GMT
Connection: keep-alive
www.googleoptimize.com/optimize.js?id=GTM-NLP39W9
142.250.74.46200 OK 45 kB URL HTTP/2 www.googleoptimize.com/optimize.js?id=GTM-NLP39W9
IP 142.250.74.46:0
File type ASCII text, with very long lines (1921)
Hash 960a791676f8fb47ba5ce5626ddaaae9
55b1d326cdc47880e932f1651d53fee2f53cc7d6
2af53ef59e3178d4e0b7e2e922c1f62cbba0d18289b7f91e47da9b6a31c1186d
GET /optimize.js?id=GTM-NLP39W9 HTTP/1.1
Host: www.googleoptimize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 08 Dec 2022 09:33:31 GMT
expires: Thu, 08 Dec 2022 09:33:31 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45291
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
consentcdn.cookiebot.com/sdk/bc-v4.min.html
104.110.3.72200 OK 392 B URL HTTP/2 consentcdn.cookiebot.com/sdk/bc-v4.min.html
IP 104.110.3.72:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (627), with no line terminators
Hash e7268eccad39bd651697fa793a52cc5c
47299cefa2397b0c1d0c5bf232390a5cf1bcc4d3
907e16c84d35556e4ed841a3511915e6d4bb4e9d68cfca178a740e90b4d80e35
GET /sdk/bc-v4.min.html HTTP/1.1
Host: consentcdn.cookiebot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: text/html
etag: "3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
last-modified: Mon, 04 Apr 2022 07:23:49 GMT
server: AkamaiNetStorage
x-akamai-transformed: 9 - 0 pmb=mRUM,1
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=29771517
expires: Fri, 17 Nov 2023 23:25:28 GMT
date: Thu, 08 Dec 2022 09:33:31 GMT
content-length: 392
server-timing: cdn-cache; desc=HIT, edge; dur=1
X-Firefox-Spdy: h2
aacdn.nagich.com/core/4.3.7/accessibility.js
104.26.14.45200 OK 14 kB URL HTTP/2 aacdn.nagich.com/core/4.3.7/accessibility.js
IP 104.26.14.45:0
File type Unicode text, UTF-8 text, with very long lines (42570), with no line terminators
Hash 84ebabf1885af031e64fdd0ee1f4885d
b2d13f773f60cbbaef55d4ac8d85a85304c69870
42e3a099e328722928ada2309d7b9af19d263cfc91c3c9d73d302790cf66f3f7
GET /core/4.3.7/accessibility.js HTTP/1.1
Host: aacdn.nagich.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:33:31 GMT
content-type: application/javascript
cache-control: public, max-age=2204800
last-modified: Wed, 20 Jul 2022 11:28:32 GMT
etag: W/"03079d72b9cd81:0"
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: deny
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 297073
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LnJjwI2H1f2DH%2BK0kY1q6bxIPO1qGaDl8tTcnkfTKPd8JQYYjoQ%2F74oXPlHRuIa%2FNMhC2PEjo4V6R8zMYoMq4I6pyxafbK%2FgrRfbYMa%2BYexEOK53Y45f9FWSY%2Btczx%2BpK%2FM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77648000395c0b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 7354e62fa39d17a8c644a678143d5683
88a59c502d394ca3b4799373e7af34188af0545a
4cb96b2ecbdfbd891f0e410c2d4666b9a8acdc96d3c78e0c8f6d7ea013691f88
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 09:33:31 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 02:06:55 GMT
Expires: Mon, 12 Dec 2022 02:06:54 GMT
Etag: "88a59c502d394ca3b4799373e7af34188af0545a"
Cache-Control: max-age=318202,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 776480002871b51b-OSL
cdn.segmentify.com/06e2e4b6-5e17-4dbf-9574-c462c3d742d7/segmentify.js
34.120.65.227200 OK 55 kB URL HTTP/2 cdn.segmentify.com/06e2e4b6-5e17-4dbf-9574-c462c3d742d7/segmentify.js
IP 34.120.65.227:0
File type ASCII text, with very long lines (56611)
Hash 67c1cfe6d191bdd8f1569733f204a8a8
072e03303318bff24d0ac85bec55e6fe665ef2d2
fac425c7a5fb458a4fd864a0f55d6189fd6c1875b85b1a54c78d8acc55002928
GET /06e2e4b6-5e17-4dbf-9574-c462c3d742d7/segmentify.js HTTP/1.1
Host: cdn.segmentify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdsgqu9ue5u8RnBTCmLd-WSgwBIlfV3j7BRrx2f5c_x8piD2w1t9aNWvaSdHcuzrCrzauFIYjc7dk33vSeIdY80JNOrpjoOK
x-goog-generation: 1670470958378066
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 54785
content-encoding: gzip
x-goog-hash: crc32c=2vZaVg==, md5=Z8HP5tGRvdjxVpcz8gSoqA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
vary: Accept-Encoding
content-length: 54785
access-control-allow-origin: *
access-control-expose-headers: Origin, Accept, Content-Type, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token
server: UploadServer
date: Thu, 08 Dec 2022 05:59:43 GMT
expires: Thu, 15 Dec 2022 05:59:43 GMT
cache-control: public, max-age=604800
last-modified: Thu, 08 Dec 2022 03:42:38 GMT
etag: "67c1cfe6d191bdd8f1569733f204a8a8"
content-type: application/javascript
age: 12828
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
aacdn.nagich.com/style/btncolor.css
104.26.14.45200 OK 15 kB URL HTTP/2 aacdn.nagich.com/style/btncolor.css
IP 104.26.14.45:0
File type ASCII text, with CRLF line terminators
Hash 8986a5cc3fd7eb84d3ee53b02a2ddec5
c45a972bcde4e42e654ff2b4349640a9a1790e7b
5d71a8776d2e65108e05fdb4c2a5cd042d19feddc977d5c541ecd30408972d92
GET /style/btncolor.css HTTP/1.1
Host: aacdn.nagich.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:33:31 GMT
content-type: text/css
cache-control: public, max-age=2204800
last-modified: Mon, 11 Feb 2019 11:17:50 GMT
etag: W/"4c2a96cfbc1d41:0"
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: deny
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 297073
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TbsW3QVIwyHvlkgPR7aH31QrfIp8RZ%2BDzKxARLIV%2BiKUX9eFMTp%2FyYFA%2FSVtE%2BZydeI8cIqaZL7skwjAoLpJSn56IZVG6QW8k%2FaW%2FIdXS%2FgIx%2FJyLZJP4vf3qo%2BBGS8j6sY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77648000c9cc0b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7d047c6733f9c8d5998cae08d314f084
c23a8dce8a76dd01e22650fc1c19af2bae963008
d13c4f663e010387e21eece93c733faf5f2c3f9ff8ffca7aad99235aa990bea5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3841
Cache-Control: max-age=154139
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:31 GMT
Etag: "63915785-1d7"
Expires: Sat, 10 Dec 2022 04:22:30 GMT
Last-Modified: Thu, 08 Dec 2022 03:18:29 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 08 Dec 2022 08:41:08 GMT
expires: Thu, 08 Dec 2022 10:41:08 GMT
cache-control: public, max-age=7200
age: 3143
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c221e4deeb8144b7fc354cce5dc563f8
578e9395e2800e2e19bde2a1d49d9501f6aa3364
258bf83c23b05e8bc9b987e849a194b9f81742ee4268f6453a1e88bfaca959f5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: W8qANO02uYPvuTYMsOxFg9F1ZpxDXDw3r0aFxKtL9V/ub/Jd6+w3zFEOsAj/7vNJ0mGZSHjZ7Juleu/MDygPjg==
priority: u=3,i
content-length: 27340
x-fb-trip-id: 1904183273
date: Thu, 08 Dec 2022 09:33:31 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 7354e62fa39d17a8c644a678143d5683
88a59c502d394ca3b4799373e7af34188af0545a
4cb96b2ecbdfbd891f0e410c2d4666b9a8acdc96d3c78e0c8f6d7ea013691f88
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 09:33:31 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 02:06:55 GMT
Expires: Mon, 12 Dec 2022 02:06:54 GMT
Etag: "88a59c502d394ca3b4799373e7af34188af0545a"
Cache-Control: max-age=318202,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77648001ca42b51b-OSL
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-94QYBVSJNV&cid=1294024320.1670492011>m=2oebu0&aip=1&z=1042194227
142.250.74.131200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-94QYBVSJNV&cid=1294024320.1670492011>m=2oebu0&aip=1&z=1042194227
IP 142.250.74.131:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-94QYBVSJNV&cid=1294024320.1670492011>m=2oebu0&aip=1&z=1042194227 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 08 Dec 2022 09:33:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7d047c6733f9c8d5998cae08d314f084
c23a8dce8a76dd01e22650fc1c19af2bae963008
d13c4f663e010387e21eece93c733faf5f2c3f9ff8ffca7aad99235aa990bea5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3841
Cache-Control: max-age=154139
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:31 GMT
Etag: "63915785-1d7"
Expires: Sat, 10 Dec 2022 04:22:30 GMT
Last-Modified: Thu, 08 Dec 2022 03:18:29 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c221e4deeb8144b7fc354cce5dc563f8
578e9395e2800e2e19bde2a1d49d9501f6aa3364
258bf83c23b05e8bc9b987e849a194b9f81742ee4268f6453a1e88bfaca959f5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
widget.trustpilot.com/trustbox-data/5419b6ffb0d04a076446a9af?businessUnitId=5c63d6134064df0001fff3b7&locale=en-US
143.204.55.78200 OK 483 B URL HTTP/2 widget.trustpilot.com/trustbox-data/5419b6ffb0d04a076446a9af?businessUnitId=5c63d6134064df0001fff3b7&locale=en-US
IP 143.204.55.78:0
File type JSON data\012- , ASCII text, with very long lines (1051), with no line terminators
Hash 8f5d4dc9a089c81f510a0b825d378c1c
3bcd8db2b27faf1ffbfb718ba805522501ce7d67
8867d2c1c95533ff0fa36793a80a10241f5072542458ef892bc868c60f03ac27
GET /trustbox-data/5419b6ffb0d04a076446a9af?businessUnitId=5c63d6134064df0001fff3b7&locale=en-US HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
content-length: 483
cache-control: public,max-age=1800
content-encoding: gzip
date: Thu, 08 Dec 2022 09:15:37 GMT
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
etag: "08e87214eb69163a7a023284ad38e8ae"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: oXgnkF1Pz8YC1_31voiNSdFcPFnzfwIYaXDNbJhfJUcXqVrmLjfkPA==
age: 1074
X-Firefox-Spdy: h2
widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=28px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH43tD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5c63d6134064df0001fff3b7&widgetId=5419b6ffb0d04a076446a9af
143.204.55.78204 No Content 0 B URL HTTP/2 widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=28px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH43tD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5c63d6134064df0001fff3b7&widgetId=5419b6ffb0d04a076446a9af
IP 143.204.55.78:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stats/TrustboxImpression?locale=en-US&styleHeight=28px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH43tD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5c63d6134064df0001fff3b7&widgetId=5419b6ffb0d04a076446a9af HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
cache-control: no-store,no-cache
date: Thu, 08 Dec 2022 09:33:31 GMT
pragma: no-cache
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ULTWY6THCKtI8LU3isK1qgTADdpNy1l6-IXklDiUANeySS7vD6EZsw==
X-Firefox-Spdy: h2
widget.trustpilot.com/stats/TrustboxView?locale=en-US&styleHeight=42px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH43tD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5c63d6134064df0001fff3b7&widgetId=5419b6ffb0d04a076446a9af
143.204.55.78204 No Content 0 B URL HTTP/2 widget.trustpilot.com/stats/TrustboxView?locale=en-US&styleHeight=42px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH43tD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5c63d6134064df0001fff3b7&widgetId=5419b6ffb0d04a076446a9af
IP 143.204.55.78:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stats/TrustboxView?locale=en-US&styleHeight=42px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH43tD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5c63d6134064df0001fff3b7&widgetId=5419b6ffb0d04a076446a9af HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
cache-control: no-store,no-cache
date: Thu, 08 Dec 2022 09:33:31 GMT
pragma: no-cache
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: c2Luf48s2Te5etjPqGBPWrsP5gybxQT-tuIZVm2HiaXy5aNSccTpDQ==
X-Firefox-Spdy: h2
widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=42px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH43tD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5c63d6134064df0001fff3b7&widgetId=5419b6ffb0d04a076446a9af
143.204.55.78204 No Content 2.3 kB URL HTTP/2 widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=42px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH43tD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5c63d6134064df0001fff3b7&widgetId=5419b6ffb0d04a076446a9af
IP 143.204.55.78:0
Hash 4502e3ea14a0b04f6590fa2a22ce9530
91c88b11c9bf55c0597be8dfba0997666da887e3
6d08347c9f62bfdff61a7a2fc26236b64c66396f78a8e031cd46b2c7171705d0
GET /stats/TrustboxImpression?locale=en-US&styleHeight=42px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH43tD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5c63d6134064df0001fff3b7&widgetId=5419b6ffb0d04a076446a9af HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
cache-control: no-store,no-cache
date: Thu, 08 Dec 2022 09:33:31 GMT
pragma: no-cache
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: WX0pY2GpXlJ2SeztRzoXaI_JqnZ1t8ypK8ZrM6crLrHv1MbmGWb9Aw==
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 1a4c9caa1f185238a62ae27597aaeb15
5dbe1febb6fa2f17962013b1c5656b0c61626be9
21d53250b5135a5a50628638e5e6f73ef42a370340f9ca99a5b8ef693b9b9f32
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 09:33:32 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 20:28:58 GMT
Expires: Mon, 12 Dec 2022 20:28:57 GMT
Etag: "5dbe1febb6fa2f17962013b1c5656b0c61626be9"
Cache-Control: max-age=384324,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 776480022aaab51b-OSL
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6ec5f6261a8262e9f94b29627f54cefe
7ac766cf2ac8c2d960ec033388a767ff8a7d45e2
5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.sgmntfy.com/pa.js
34.149.223.191200 OK 3.7 kB IP 34.149.223.191:0
File type ASCII text, with very long lines (3744), with no line terminators
Hash 7327381bba6f249fe470d17c0dca2cb4
b6fac12855c66c4841a38d07934fc22302e881ef
393195c622ffdab45d8f71e6988cdcc65ef85102061defa603882dc9f80d11ec
Analyzer Verdict Alert quad9 Sinkholed
GET /pa.js HTTP/1.1
Host: cdn.sgmntfy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdsxandR866G0ELrpoS-TyArnBh7_-PE8Pp4_UsPnCRolebIq_-mdvSVoipcOOPzBmkBpoTnIfr7UfhE3G7FsfACeA
x-goog-generation: 1654598345914433
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 3744
content-language: en
x-goog-hash: crc32c=EasKAQ==, md5=cyc4G7pvJJ/kcNF8DcostA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 3744
server: UploadServer
date: Thu, 08 Dec 2022 08:48:34 GMT
expires: Thu, 08 Dec 2022 09:48:34 GMT
cache-control: public, max-age=3600
age: 2698
last-modified: Tue, 07 Jun 2022 10:39:06 GMT
etag: "7327381bba6f249fe470d17c0dca2cb4"
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
216.58.211.10200 OK 33 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
IP 216.58.211.10:0
File type ASCII text, with very long lines (32086)
Hash 430e927c980ad4079de727fa59dd93f2
891aaada9a55a91292999f6d50fd300439905982
e8728df8617340bd8c10bc8d27d3a725a48871a269c850e8598689938ec6e2ed
GET /ajax/libs/jquery/1.11.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33434
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 18:56:26 GMT
expires: Wed, 06 Dec 2023 18:56:26 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 139026
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
public.fbot.me/events/06cc9139-6a61-41fc-88db-9ec21e04eecf/profile/xhr
3.227.33.217200 OK 2 B URL HTTP/2 public.fbot.me/events/06cc9139-6a61-41fc-88db-9ec21e04eecf/profile/xhr
IP 3.227.33.217:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /events/06cc9139-6a61-41fc-88db-9ec21e04eecf/profile/xhr HTTP/1.1
Host: public.fbot.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Referer: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:33:32 GMT
content-length: 2
server: nginx/1.23.2
access-control-allow-origin: https://flaviar.com
access-control-allow-credentials: true
access-control-allow-methods: POST, GET
access-control-allow-headers: Authorization, Content-Type
info: {"connection":"upgrade","host":"public.fbot.me","x-forwarded-for":"91.90.42.154","x-forwarded-proto":"https","x-forwarded-port":"443","x-amzn-trace-id":"Root=1-6391af6c-32669ba2650de3420367f5e5","user-agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0","accept":"*/*","accept-language":"en-US,en;q=0.5","accept-encoding":"gzip, deflate, br","access-control-request-method":"POST","access-control-request-headers":"authorization,content-type","referer":"https://flaviar.com/","origin":"https://flaviar.com","sec-fetch-dest":"empty","sec-fetch-mode":"cors","sec-fetch-site":"cross-site"}
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6ec5f6261a8262e9f94b29627f54cefe
7ac766cf2ac8c2d960ec033388a767ff8a7d45e2
5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.analytics.google.com/g/collect?v=2&tid=G-94QYBVSJNV>m=2oebu0&_p=1270372705&_gaz=1&cid=1294024320.1670492011&ul=en-us&sr=1280x1024&_s=1&sid=1670492011&sct=1&seg=0&dl=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH43tD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&dt=Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar&en=page_view&_fv=1&_nsi=1&_ss=1&up.membership_status=anonymous
216.239.32.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-94QYBVSJNV>m=2oebu0&_p=1270372705&_gaz=1&cid=1294024320.1670492011&ul=en-us&sr=1280x1024&_s=1&sid=1670492011&sct=1&seg=0&dl=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH43tD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&dt=Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar&en=page_view&_fv=1&_nsi=1&_ss=1&up.membership_status=anonymous
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-94QYBVSJNV>m=2oebu0&_p=1270372705&_gaz=1&cid=1294024320.1670492011&ul=en-us&sr=1280x1024&_s=1&sid=1670492011&sct=1&seg=0&dl=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH43tD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&dt=Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar&en=page_view&_fv=1&_nsi=1&_ss=1&up.membership_status=anonymous HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://flaviar.com
date: Thu, 08 Dec 2022 09:33:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6d7737802f93eeb14503d61c77c137bc
fa6861c298d00f879b9f16af4f05470cecfc80af
6b1b9763bcfaeb92a63ad6020651b3745e8279c634eb3505fc9fa875e772af42
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/g/collect?v=2&tid=G-94QYBVSJNV&cid=1294024320.1670492011>m=2oebu0&aip=1
64.233.165.157204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-94QYBVSJNV&cid=1294024320.1670492011>m=2oebu0&aip=1
IP 64.233.165.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-94QYBVSJNV&cid=1294024320.1670492011>m=2oebu0&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://flaviar.com
date: Thu, 08 Dec 2022 09:33:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
aacdn.nagich.com/assets/images/11.svg
104.26.14.45200 OK 1.0 kB URL HTTP/2 aacdn.nagich.com/assets/images/11.svg
IP 104.26.14.45:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators
Hash 81189a825f35885999cc4bc02aa3adeb
b40f9277bc92d8990d9d5ed4f5553f851de46aed
5dd4731d8ae0e3aeaa20cdb41058fdb3e5c35a562caae7003f1a4c93e7fdd537
GET /assets/images/11.svg HTTP/1.1
Host: aacdn.nagich.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:33:32 GMT
content-type: image/svg+xml
cache-control: public, max-age=2204800
last-modified: Thu, 01 Aug 2019 12:47:47 GMT
etag: W/"42b27526748d51:0"
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: deny
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 297073
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2FWcyKo8Bb4HoOGQhcs8yYD3PlXyL8kWkPqJEFNh42Nyx6a9cb2Ii9AfiQo180%2FdURP057YKgSSSaT0IBkTIndxXa4wu0hRtjP2LwqZPltJncd%2F3g9X6GVkCjdCvGh6wS6M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77648004edb20b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 1a4c9caa1f185238a62ae27597aaeb15
5dbe1febb6fa2f17962013b1c5656b0c61626be9
21d53250b5135a5a50628638e5e6f73ef42a370340f9ca99a5b8ef693b9b9f32
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 09:33:32 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 20:28:58 GMT
Expires: Mon, 12 Dec 2022 20:28:57 GMT
Etag: "5dbe1febb6fa2f17962013b1c5656b0c61626be9"
Cache-Control: max-age=384324,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77648004eebcb51b-OSL
www.facebook.com/tr/?id=1649789958596951&ev=PageView&dl=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH43tD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&rl=&if=false&ts=1670492011824&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1670492011820.1778092284&eid=ob3_plugin-set_38ae2ee470ae18a6f2ccacd0dfb6d8701e92560246741456d5ba7e47391540d9&it=1670492011315&coo=false&tm=1&rqm=GET
157.240.200.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1649789958596951&ev=PageView&dl=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH43tD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&rl=&if=false&ts=1670492011824&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1670492011820.1778092284&eid=ob3_plugin-set_38ae2ee470ae18a6f2ccacd0dfb6d8701e92560246741456d5ba7e47391540d9&it=1670492011315&coo=false&tm=1&rqm=GET
IP 157.240.200.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1649789958596951&ev=PageView&dl=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH43tD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&rl=&if=false&ts=1670492011824&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1670492011820.1778092284&eid=ob3_plugin-set_38ae2ee470ae18a6f2ccacd0dfb6d8701e92560246741456d5ba7e47391540d9&it=1670492011315&coo=false&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Thu, 08 Dec 2022 09:33:32 GMT
X-Firefox-Spdy: h2
public.fbot.me/events/06cc9139-6a61-41fc-88db-9ec21e04eecf/profile/xhr
3.227.33.217200 OK 514 B URL HTTP/2 public.fbot.me/events/06cc9139-6a61-41fc-88db-9ec21e04eecf/profile/xhr
IP 3.227.33.217:0
File type JSON data\012- , ASCII text, with very long lines (514), with no line terminators
Hash 33cedd26719fadccdcc58db51f6cf22d
6d55e72c4a979af4c8cebbf9d0a177e80ece9b14
26ec161dace30f543de962a027541af273455ab027713b87df85b8945d6b3f99
POST /events/06cc9139-6a61-41fc-88db-9ec21e04eecf/profile/xhr HTTP/1.1
Host: public.fbot.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaviar.com/
Authorization:
Content-Type: application/json
Origin: https://flaviar.com
Content-Length: 215
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:33:32 GMT
content-type: application/json
content-length: 514
server: nginx/1.23.2
access-control-allow-origin: https://flaviar.com
set-cookie: globalId=b1b62520-f602-4220-938a-eeb5dcf6f315; Max-Age=315360000; Domain=.fbot.me; Path=/; HttpOnly; Secure; SameSite=None
access-control-allow-credentials: true
X-Firefox-Spdy: h2
beacon-v2.helpscout.net/
143.204.55.119200 OK 327 B IP 143.204.55.119:0
File type ASCII text, with very long lines (458), with no line terminators
Hash 6d9443571334d5ef59eae244740d9a0a
a167a6fb04ab106285c75c3112469e8b356aea1f
1a7bff3797831200ec74e1933f96e0f633bc5c652939abcc8a55ec78d3772cc0
GET / HTTP/1.1
Host: beacon-v2.helpscout.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 327
date: Thu, 08 Dec 2022 09:33:08 GMT
last-modified: Thu, 08 Dec 2022 09:31:47 GMT
etag: "6d9443571334d5ef59eae244740d9a0a"
cache-control: max-age=120, s-maxage=120, public
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: jSQUOBiMT7O7wkiQbLFagWfwddtkJyuysppG91qOM5jTysO9C9kPVw==
age: 25
X-Firefox-Spdy: h2
beacon-v2.helpscout.net/static/js/vendor.ddc3f9c8.js
143.204.55.119200 OK 22 kB URL HTTP/2 beacon-v2.helpscout.net/static/js/vendor.ddc3f9c8.js
IP 143.204.55.119:0
File type ASCII text, with very long lines (64495), with no line terminators
Hash 4c71758a7a3b1975809a202503770fb0
1382704a13f28aa2587efe4a019ef0ba7c9be07b
925cfc228dff8aad3a5fbe4ec924715835df033a32ad06660d90d1abd243bcc9
GET /static/js/vendor.ddc3f9c8.js HTTP/1.1
Host: beacon-v2.helpscout.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 22295
last-modified: Tue, 29 Nov 2022 15:46:59 GMT
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Thu, 08 Dec 2022 07:36:35 GMT
cache-control: max-age=315360000, s-maxage=7200, public
etag: "4c71758a7a3b1975809a202503770fb0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: V4-YZv67Qk5LRhv88Oc3qPVo1O-gz0fOTjs8l0ENXGRy8eha5KF9eA==
age: 7018
X-Firefox-Spdy: h2
beacon-v2.helpscout.net/static/js/main.7d3bf394.js
143.204.55.119200 OK 9.7 kB URL HTTP/2 beacon-v2.helpscout.net/static/js/main.7d3bf394.js
IP 143.204.55.119:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (24954)
Hash cf8b7ac5e004ffb1b19029e806efcfa6
540158ac1be4ad68c04de79d4253a01a5ad9235f
70de5489b80cdc341061b62d3a2dcea8870d9532c1e4046a66a0891a55677ffb
GET /static/js/main.7d3bf394.js HTTP/1.1
Host: beacon-v2.helpscout.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 9699
date: Thu, 08 Dec 2022 09:33:08 GMT
last-modified: Thu, 08 Dec 2022 09:31:47 GMT
etag: "cf8b7ac5e004ffb1b19029e806efcfa6"
cache-control: max-age=315360000, s-maxage=7200, public
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 2fQJ-fX9O5ytXEh4BhxCucuxYSUILxbfC9K6FRtNPJcKWhZGM25FoQ==
age: 25
X-Firefox-Spdy: h2
gandalf-eu.segmentify.com//get/key/v1.json?count=2
35.246.234.8200 29 B URL HTTP/1.1 gandalf-eu.segmentify.com//get/key/v1.json?count=2
IP 35.246.234.8:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type JSON data\012- , ASCII text, with no line terminators
Hash afcc8d7ef21654bf737e9fcab7c3f3ed
532ef07050912b86a81fa4e0ce339183eedc85dc
83c40b5a27e0c3eb40d9b266a241a911bf44668e38df8c7ba074b50dea5f1f26
GET //get/key/v1.json?count=2 HTTP/1.1
Host: gandalf-eu.segmentify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Encoding: br
Content-Type: application/json;charset=UTF-8
Date: Thu, 08 Dec 2022 09:33:32 GMT
Server: nginx
Transfer-Encoding: chunked
X-Server-Name: 7bc30e0e2a5e4039e53cb85fca96879b
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 1.3 kB IP 142.250.74.131:0
Hash 226c8e893309c5c5a6cd88c06b49f88b
1727284994d935d976d236d45eec7325b6ea2b90
8b03b2e00a9d23696633c939f3343367eedc5e2b5fc59427fb7fc87f58b3f1e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8274b291596906eb3779dccb82ec41cb
b2ec554df1fa55e18a4316b76ac617dc626b7598
69129be0a1c2e3d1dfc602aea4ef004ea01b3bfa6c5863bd225843472f1bb7c8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
beacon-v2.helpscout.net/static/js/full-beacon-init.d46881fe.chunk.js
143.204.55.119200 OK 102 kB URL HTTP/2 beacon-v2.helpscout.net/static/js/full-beacon-init.d46881fe.chunk.js
IP 143.204.55.119:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 102 kB (102404 bytes)
Hash 9798dba76a6c2140a6f72f6c931535e5
6750e80ec40b7255c5f5c2e4ef7dfa44db8cd103
0651e033b434f7ddd3e1f1713c60ee8287fdfbb79f4c42145bc4483ca051911c
GET /static/js/full-beacon-init.d46881fe.chunk.js HTTP/1.1
Host: beacon-v2.helpscout.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 102404
date: Thu, 08 Dec 2022 09:33:09 GMT
last-modified: Thu, 08 Dec 2022 09:31:47 GMT
etag: "9798dba76a6c2140a6f72f6c931535e5"
cache-control: max-age=315360000, s-maxage=7200, public
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ESngkvcavEqtltsVJGvNaFrD4hh-l041Xa4sD3COBoTuJwPLV-AbqA==
age: 24
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-28959768-20&cid=1294024320.1670492011&jid=144610134&npa=1&_u=aCDAgEAjQAAAAEAAI~&z=876054230
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-28959768-20&cid=1294024320.1670492011&jid=144610134&npa=1&_u=aCDAgEAjQAAAAEAAI~&z=876054230
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-28959768-20&cid=1294024320.1670492011&jid=144610134&npa=1&_u=aCDAgEAjQAAAAEAAI~&z=876054230 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 08 Dec 2022 09:33:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-28959768-1&cid=1294024320.1670492011&jid=1131640924&npa=1&_u=aCDAgEAjQAAAAEAAI~&z=662786012
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-28959768-1&cid=1294024320.1670492011&jid=1131640924&npa=1&_u=aCDAgEAjQAAAAEAAI~&z=662786012
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-28959768-1&cid=1294024320.1670492011&jid=1131640924&npa=1&_u=aCDAgEAjQAAAAEAAI~&z=662786012 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 08 Dec 2022 09:33:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.redditstatic.com/ads/pixel.js
151.101.1.140200 OK 7.7 kB URL HTTP/2 www.redditstatic.com/ads/pixel.js
IP 151.101.1.140:0
File type ASCII text, with very long lines (25224)
Hash 3528fd00b652f61a266eb584d96f4fcc
d89e16aa1323c6c4f1ed3941122020684a599361
77efa9f2ddfdca7a45df37bbcd22fdaeb7b97161a2acd87e21eb78bdeaad1332
GET /ads/pixel.js HTTP/1.1
Host: www.redditstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Mon, 07 Nov 2022 16:45:46 GMT
etag: "3528fd00b652f61a266eb584d96f4fcc"
cache-control: public, max-age=60
content-encoding: gzip
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 08 Dec 2022 09:33:32 GMT
vary: Accept-Encoding,Origin
server: snooserv
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-length: 7722
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a938af990a97b9856e1174d11c72cbf7
b57716fd0ea9a1e9e0a0595ff593f939560c0abf
6ab769333b231097d077edfbc1c3fc9560de5ae9bfeb5b8360dea8b7fadbcb44
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sc-static.net/scevent.min.js
54.230.82.240200 OK 12 kB URL HTTP/2 sc-static.net/scevent.min.js
IP 54.230.82.240:0
File type ASCII text, with very long lines (27646), with no line terminators
Hash 62585b7e4a4eab6ba3984a2cd4de5365
14e3b07044b095c9b8fd7b84bf00adb32233edb0
8e0a43da6d5b986bdf45ccdc4bfc11742086d59e2dbf2ae3a04701602c6b8bb7
GET /scevent.min.js HTTP/1.1
Host: sc-static.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 11972
server: CloudFront
date: Thu, 08 Dec 2022 09:33:32 GMT
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Content-Type
cache-control: private, s-maxage=0, max-age=600
set-cookie: X-AB=0d6e407936704bd380072f5891d28b0e;max-age=86400;expires=Fri, 09 Dec 2022 08:01:12 GMT;Path=/scevent.min.js; Secure; SameSite=None
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wF2eHmVpKpwtn2Slm_9uNHb38rbX3bX3znt4Y8EeLgPd7lV3nXUDkQ==
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 67a1b2d7be614f35c45650267a65ea9e
277747c3e204693e166be7a28825191e0dcfd4f9
b345785422d52f2272722477f8bd0cf8ee6fee15957b8c656f04bc33879a2f35
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4175
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:32 GMT
Last-Modified: Thu, 08 Dec 2022 08:23:57 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash ad77e561f35835d6b900b05a711f9bda
407939caf4b8dcd5b0aa011f0681d97dd9a733ff
b069cbc831574621c19ad9855029bb9f54620cfd2dd6cc87db8f7e324cbf9924
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3787
Cache-Control: max-age=126760
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:32 GMT
Etag: "6390ecc9-2d7"
Expires: Fri, 09 Dec 2022 20:46:12 GMT
Last-Modified: Wed, 07 Dec 2022 19:43:05 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 727
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash ad77e561f35835d6b900b05a711f9bda
407939caf4b8dcd5b0aa011f0681d97dd9a733ff
b069cbc831574621c19ad9855029bb9f54620cfd2dd6cc87db8f7e324cbf9924
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3787
Cache-Control: max-age=126760
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:32 GMT
Etag: "6390ecc9-2d7"
Expires: Fri, 09 Dec 2022 20:46:12 GMT
Last-Modified: Wed, 07 Dec 2022 19:43:05 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 727
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash aa9e9cc4cf21d2f8e869a92e65a45506
32bac4c290787256eb7362fd11b4342d20a6c8ab
b82203e3d34d3cd6c7b013b8887a74af649ef07edccacf3a1874a670951a915b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3534
Cache-Control: max-age=95526
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:32 GMT
Etag: "639073c4-139"
Expires: Fri, 09 Dec 2022 12:05:38 GMT
Last-Modified: Wed, 07 Dec 2022 11:06:44 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 313
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f214b15409d770d63fcaa5fb6ada0ce0
3a7d52f77a69e6d8fe437fae6b9ff666c2fe2d70
4d4b24a16efefcb234a5bff3196914b00059f04f463c8a049723dd9087d7e05c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D4B24A16EFEFCB234A5BFF3196914B00059F04F463C8A049723DD9087D7E05C"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10109
Expires: Thu, 08 Dec 2022 12:22:01 GMT
Date: Thu, 08 Dec 2022 09:33:32 GMT
Connection: keep-alive
shop.pe/widget/widget_async.js
35.227.244.1301 Moved Permanently 178 B URL HTTP/2 shop.pe/widget/widget_async.js
IP 35.227.244.1:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /widget/widget_async.js HTTP/1.1
Host: shop.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 08 Dec 2022 09:33:32 GMT
content-type: text/html
content-length: 178
location: https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
x-frame-options: deny
content-security-policy: frame-ancestors none;
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ak.sail-horizon.com/spm/spm.v1.min.js
143.204.55.93200 OK 45 kB URL HTTP/2 ak.sail-horizon.com/spm/spm.v1.min.js
IP 143.204.55.93:0
File type ASCII text, with very long lines (32036)
Hash 089c50061a4007028af2300d391fde8c
a5bd3e5d073ff6d066e379bdfdfd92d551bba16f
72d3b6fc1e5f15156091049c7736e1d571e026797a3412854cdcc994eb83a0b2
GET /spm/spm.v1.min.js HTTP/1.1
Host: ak.sail-horizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 15 Sep 2022 23:20:31 GMT
server: AmazonS3
content-encoding: gzip
date: Thu, 08 Dec 2022 09:30:00 GMT
cache-control: max-age=600; must-revalidate
etag: W/"97dd801dd26ae0172c7875245d92f506"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 1d36hyRX2cPQjjaI5du8nvuJa62BfqnoY0vg5cVSGe9PAGV1MbD20A==
age: 213
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 67a1b2d7be614f35c45650267a65ea9e
277747c3e204693e166be7a28825191e0dcfd4f9
b345785422d52f2272722477f8bd0cf8ee6fee15957b8c656f04bc33879a2f35
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4176
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:33 GMT
Last-Modified: Thu, 08 Dec 2022 08:23:57 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash ad77e561f35835d6b900b05a711f9bda
407939caf4b8dcd5b0aa011f0681d97dd9a733ff
b069cbc831574621c19ad9855029bb9f54620cfd2dd6cc87db8f7e324cbf9924
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3788
Cache-Control: max-age=126760
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:33 GMT
Etag: "6390ecc9-2d7"
Expires: Fri, 09 Dec 2022 20:46:13 GMT
Last-Modified: Wed, 07 Dec 2022 19:43:05 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 727
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ef33445fcdc482844e5258994c63ac51
53513592e183978e20120956e968ff7350d7f454
256ace03c34ca196887e6bdb12c08e0ef5da178b5d96d756f367b4cc89dedf8b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1969
Cache-Control: max-age=164902
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:33 GMT
Etag: "639188e2-1d7"
Expires: Sat, 10 Dec 2022 07:21:55 GMT
Last-Modified: Thu, 08 Dec 2022 06:49:06 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ef33445fcdc482844e5258994c63ac51
53513592e183978e20120956e968ff7350d7f454
256ace03c34ca196887e6bdb12c08e0ef5da178b5d96d756f367b4cc89dedf8b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1694
Cache-Control: max-age=164627
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:33 GMT
Etag: "639188e2-1d7"
Expires: Sat, 10 Dec 2022 07:17:20 GMT
Last-Modified: Thu, 08 Dec 2022 06:49:06 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
fbcapi.flaviar.com/events
54.153.41.73200 OK 0 B URL HTTP/2 fbcapi.flaviar.com/events
IP 54.153.41.73:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /events HTTP/1.1
Host: fbcapi.flaviar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 506
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Cookie: _ga_94QYBVSJNV=GS1.1.1670492011.1.0.1670492011.60.0.0; _ga=GA1.2.1294024320.1670492011; _gid=GA1.2.1637181157.1670492011; _dc_gtm_UA-28959768-20=1; _dc_gtm_UA-28959768-1=1; _fbp=fb.1.1670492011820.1778092284
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:33:32 GMT
content-length: 0
vary: origin
access-control-allow-credentials: true
access-control-allow-origin: https://flaviar.com
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
tr.snapchat.com/cm/i?pid=b838e1c8-e5cb-4d99-bda2-d5594b71ff41&u_scsid=00695ceb-0e41-484f-848d-12daf97bfbb8&u_sclid=ce817d85-e188-4176-acf8-98bbcfc06c53
35.190.43.134200 OK 0 B URL HTTP/2 tr.snapchat.com/cm/i?pid=b838e1c8-e5cb-4d99-bda2-d5594b71ff41&u_scsid=00695ceb-0e41-484f-848d-12daf97bfbb8&u_sclid=ce817d85-e188-4176-acf8-98bbcfc06c53
IP 35.190.43.134:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/i?pid=b838e1c8-e5cb-4d99-bda2-d5594b71ff41&u_scsid=00695ceb-0e41-484f-848d-12daf97bfbb8&u_sclid=ce817d85-e188-4176-acf8-98bbcfc06c53 HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:33:33 GMT
content-type: text/html
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 0
x-envoy-upstream-service-time: 0
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tr.snapchat.com/p?pid=b838e1c8-e5cb-4d99-bda2-d5594b71ff41&ev=PAGE_VIEW&intg=gtm&pl=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH43tD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&bt=1d53c387&if=false&m_dcl=2466&m_fcps=2419&m_pi=2384&m_pl=3807&m_pv=v2&m_rd=4243&m_sl=4188&rf=&trackId=97969d4e-4800-416d-b091-eb9c7b52b847&ts=1670492012422&u_c1=8dd82155-24a2-4068-ba1b-32a10ddf8dbd&u_sclid=ce817d85-e188-4176-acf8-98bbcfc06c53&u_scsid=00695ceb-0e41-484f-848d-12daf97bfbb8&v=2.0.0
35.190.43.134200 OK 68 B URL HTTP/2 tr.snapchat.com/p?pid=b838e1c8-e5cb-4d99-bda2-d5594b71ff41&ev=PAGE_VIEW&intg=gtm&pl=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH43tD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&bt=1d53c387&if=false&m_dcl=2466&m_fcps=2419&m_pi=2384&m_pl=3807&m_pv=v2&m_rd=4243&m_sl=4188&rf=&trackId=97969d4e-4800-416d-b091-eb9c7b52b847&ts=1670492012422&u_c1=8dd82155-24a2-4068-ba1b-32a10ddf8dbd&u_sclid=ce817d85-e188-4176-acf8-98bbcfc06c53&u_scsid=00695ceb-0e41-484f-848d-12daf97bfbb8&v=2.0.0
IP 35.190.43.134:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /p?pid=b838e1c8-e5cb-4d99-bda2-d5594b71ff41&ev=PAGE_VIEW&intg=gtm&pl=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH43tD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&bt=1d53c387&if=false&m_dcl=2466&m_fcps=2419&m_pi=2384&m_pl=3807&m_pv=v2&m_rd=4243&m_sl=4188&rf=&trackId=97969d4e-4800-416d-b091-eb9c7b52b847&ts=1670492012422&u_c1=8dd82155-24a2-4068-ba1b-32a10ddf8dbd&u_sclid=ce817d85-e188-4176-acf8-98bbcfc06c53&u_scsid=00695ceb-0e41-484f-848d-12daf97bfbb8&v=2.0.0 HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:33:33 GMT
access-control-allow-origin: *
cache-control: no-cache, no-transform
set-cookie: sc_at=v2|H4sIAAAAAAAAAAXBgQ0AIAgDsItIJiLqOU7kCo63HWAw8STOpdjQJTwZsiwUk/3Cvar5hG1F64UPGtgEUjIAAAA=;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
content-type: image/png
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 68
x-envoy-upstream-service-time: 1
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ef33445fcdc482844e5258994c63ac51
53513592e183978e20120956e968ff7350d7f454
256ace03c34ca196887e6bdb12c08e0ef5da178b5d96d756f367b4cc89dedf8b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1969
Cache-Control: max-age=164902
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:33 GMT
Etag: "639188e2-1d7"
Expires: Sat, 10 Dec 2022 07:21:55 GMT
Last-Modified: Thu, 08 Dec 2022 06:49:06 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 20f976f1a4421c0fae8ec58b24600703
14efafebd65a59a6f6b29ad778573546df4fca93
6fe0f2d44718761be652135835c003bc41589987d013e3fda3d52e708d42232a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=153587
Date: Thu, 08 Dec 2022 09:33:33 GMT
Etag: "639157ab-1d7"
Expires: Sat, 10 Dec 2022 04:13:20 GMT
Last-Modified: Thu, 08 Dec 2022 03:19:07 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: UAcr5IODF11ac4YhCId-IobP3I8EkRUMPZDDCkI75VVpaGZxH__69g==
Age: 3253
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 20f976f1a4421c0fae8ec58b24600703
14efafebd65a59a6f6b29ad778573546df4fca93
6fe0f2d44718761be652135835c003bc41589987d013e3fda3d52e708d42232a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=153464
Date: Thu, 08 Dec 2022 09:33:33 GMT
Etag: "639157ab-1d7"
Expires: Sat, 10 Dec 2022 04:11:17 GMT
Last-Modified: Thu, 08 Dec 2022 03:19:07 GMT
Server: ECS (bsa/EB1D)
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: KC7ryp1A7LFRwcsdAbMbu7_E4HzbkJSwPC1kZLBsT4hstgKMNTNK7Q==
Age: 3130
api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0&page=irclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH43tD1MORM0&page=ir_cid%3D3334&page=ir_affid%3D10813&page=utm_medium%3Daffiliates&page=utm_source%3DMaxBounty.com%20ULC&page=ir_partnerid%3D10813&page=ir_adid%3D1215604&page=ir_campaignid%3D3334
99.83.154.140200 OK 18 B URL HTTP/2 api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0&page=irclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH43tD1MORM0&page=ir_cid%3D3334&page=ir_affid%3D10813&page=utm_medium%3Daffiliates&page=utm_source%3DMaxBounty.com%20ULC&page=ir_partnerid%3D10813&page=ir_adid%3D1215604&page=ir_campaignid%3D3334
IP 99.83.154.140:0
File type ASCII text, with no line terminators
Hash cc7fd95a87ea3721ce1853bf3c4dd75e
7f687f7881adf0fc407378d375a61b8f198c0912
0f06a4c8d34690d4e42c81f232a5bdfe9fcbde8a54b5ccd0609a313e90da0879
OPTIONS /v1/personalize/simple?pageviews=1&isMobile=0&page=irclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH43tD1MORM0&page=ir_cid%3D3334&page=ir_affid%3D10813&page=utm_medium%3Daffiliates&page=utm_source%3DMaxBounty.com%20ULC&page=ir_partnerid%3D10813&page=ir_adid%3D1215604&page=ir_campaignid%3D3334 HTTP/1.1
Host: api.sail-personalize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-lib-version,x-referring-url
Referer: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:33:33 GMT
content-type: text/plain
content-length: 18
access-control-allow-origin: https://flaviar.com
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: OPTIONS,GET,POST,PUT,DELETE
access-control-allow-headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
allow: HEAD,GET,OPTIONS
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 07a86cf9d9c8389ebd9c52303c83b27f
fd3524d701bdf111c541b6fc9e038bffcc3b5d6c
de08c944b2cb2671078e452d870757622e286f7214d736ab2c1b1d1c2ab8dcfb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rb9yp8py.flaviar.com/assets/wxyz.rb.js
162.243.13.165200 OK 10 kB URL HTTP/1.1 rb9yp8py.flaviar.com/assets/wxyz.rb.js
IP 162.243.13.165:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (347)
Hash 46f395d8bdc29802f09a64a95a192e39
bf4266cdba32c81498002bef7c746bb20df0ac6d
b9c74b5f30111282496c5860c76e8e73697c52e94a939898ea2dae9a6a5314e0
GET /assets/wxyz.rb.js HTTP/1.1
Host: rb9yp8py.flaviar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaviar.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Thu, 08 Dec 2022 09:33:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash e823649d6e67f7655ae25a69d20159c9
013359814344b7c15da24a2857a3354e16bd4c34
ba9c8fb40060f9f4c381dfb9843f52af35ee7114c6454884edc03bdf6b22683e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3059
Cache-Control: max-age=118841
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:33 GMT
Etag: "6390d0b3-139"
Expires: Fri, 09 Dec 2022 18:34:14 GMT
Last-Modified: Wed, 07 Dec 2022 17:43:15 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 313
googleads.g.doubleclick.net/pagead/landing?gcs=G111&rnd=1271036623.1670492012&url=https%3A%2F%2Fflaviar.com%2F>m=2wgbu0K4F6SWQ&auid=1737174899.1670492012
142.250.74.66200 OK 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/landing?gcs=G111&rnd=1271036623.1670492012&url=https%3A%2F%2Fflaviar.com%2F>m=2wgbu0K4F6SWQ&auid=1737174899.1670492012
IP 142.250.74.66:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/landing?gcs=G111&rnd=1271036623.1670492012&url=https%3A%2F%2Fflaviar.com%2F>m=2wgbu0K4F6SWQ&auid=1737174899.1670492012 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaviar.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 08 Dec 2022 09:33:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 08-Dec-2022 09:48:33 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tr.snapchat.com/collector/is_enabled?pids=b838e1c8-e5cb-4d99-bda2-d5594b71ff41&tld=com
35.190.43.134200 OK 297 B URL HTTP/2 tr.snapchat.com/collector/is_enabled?pids=b838e1c8-e5cb-4d99-bda2-d5594b71ff41&tld=com
IP 35.190.43.134:0
File type JSON data\012- , ASCII text, with very long lines (366), with no line terminators
Hash 3cc5d189ec4a3560b21ee65f53b2c038
2e9408ac5cf07311a9c58201ae9bdf58f748d0d5
3e243036680a0a88ceb78a0201eeceb209c042c6427b4ec8b36760fea0eda181
GET /collector/is_enabled?pids=b838e1c8-e5cb-4d99-bda2-d5594b71ff41&tld=com HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:33:33 GMT
access-control-allow-origin: https://flaviar.com
content-type: application/json
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time: 0
content-encoding: gzip
vary: Accept-Encoding
server: API Gateway
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:33:32 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=SArNmV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czJVclFzVUozdzFnVUI5ZnZvenZzbnZQTlNoZnlvREwwc3RramhhS1ZHdm4; expires=Tue, 02 Jan 2024 09:33:33 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 285160
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 07a86cf9d9c8389ebd9c52303c83b27f
fd3524d701bdf111c541b6fc9e038bffcc3b5d6c
de08c944b2cb2671078e452d870757622e286f7214d736ab2c1b1d1c2ab8dcfb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 5814ad3b7f0d449d58b5505e41a3f293
66fe5d7620cc08430e8c06b981dd034307dbbc8d
aac640fcca4acaf55321ba49f1eb08c3a29d771445b35a33213aa627900d2579
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3570
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:33 GMT
Last-Modified: Thu, 08 Dec 2022 08:34:03 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 313
rb9yp8py.flaviar.com/integrations?source=flaviar
162.243.13.165200 OK 59 B URL HTTP/1.1 rb9yp8py.flaviar.com/integrations?source=flaviar
IP 162.243.13.165:0
ASN #14061 DIGITALOCEAN-ASN
Hash b13b075ac18d7ecbf705dad11323402e
124e2c4307c6beabfd3e751f14a4f7acb02eb6ce
03db7011ba06ed159ca1b7dee62dc5a01ee2d0a3d6f3b0294004cd455251b7f2
GET /integrations?source=flaviar HTTP/1.1
Host: rb9yp8py.flaviar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Cookie: _ga_94QYBVSJNV=GS1.1.1670492011.1.0.1670492011.60.0.0; _ga=GA1.2.1294024320.1670492011; _gid=GA1.2.1637181157.1670492011; _dc_gtm_UA-28959768-20=1; _dc_gtm_UA-28959768-1=1; _fbp=fb.1.1670492011820.1778092284; _sgf_user_id=3126534455214081; _sgf_session_id=3126534455214080; _gcl_au=1.1.1737174899.1670492012; _rdt_uuid=1670492012330.21a5c4c1-9e0f-4329-8302-465ac8ea2dbb; _schn=_hqqp9u; _scid=8dd82155-24a2-4068-ba1b-32a10ddf8dbd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: openresty
Date: Thu, 08 Dec 2022 09:33:33 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 5814ad3b7f0d449d58b5505e41a3f293
66fe5d7620cc08430e8c06b981dd034307dbbc8d
aac640fcca4acaf55321ba49f1eb08c3a29d771445b35a33213aa627900d2579
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3570
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:33 GMT
Last-Modified: Thu, 08 Dec 2022 08:34:03 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 313
amplify.outbrain.com/cp/obtp.js
23.38.201.81200 OK 5.3 kB URL HTTP/1.1 amplify.outbrain.com/cp/obtp.js
IP 23.38.201.81:0
File type ASCII text, with very long lines (16574), with no line terminators
Hash 5cdda5ed80a4ee13f700ae502f7cd4ec
0e6aa932abf3c56561a686aa3e8d069aaa3ca228
d54fc3e1792330cc768902f861f0a79ecffbfd23b8db14f354e8fcefd1c831c1
GET /cp/obtp.js HTTP/1.1
Host: amplify.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "fe80c55f1e1387116ff9765261ed192c:1669645506.686439"
Last-Modified: Mon, 28 Nov 2022 14:22:05 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1200
Expires: Thu, 08 Dec 2022 09:53:33 GMT
Date: Thu, 08 Dec 2022 09:33:33 GMT
Content-Length: 5269
Connection: keep-alive
d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
143.204.55.117200 OK 28 kB URL HTTP/2 d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
IP 143.204.55.117:0
Hash 676b1305ae1071bdcf01379f29e8dce6
634962cda8daea5ef3f18c76b5ea6c513fbe027e
fc63b20bfa76c3bbe11b29701512f3af635b16afc4d3c01338ce0e7b46d67bc9
GET /widget/widget_async.js HTTP/1.1
Host: d3rr3d0n31t48m.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 905
last-modified: Tue, 15 Nov 2022 21:39:30 GMT
content-encoding: gzip
x-amz-meta-mtime: 1668548367.69
accept-ranges: bytes
server: AmazonS3
date: Thu, 08 Dec 2022 09:28:02 GMT
cache-control: max-age=3600, public
etag: "8f9a4e574f11ca1ea10db98fd6687660"
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wAD4nzc2CXlglCjKQaz5Y5ToWYLti639g0sN33wUOzX6cdIWTgN-3w==
age: 332
X-Firefox-Spdy: h2
gandalf-eu.segmentify.com//add/events/v1.json?apiKey=06e2e4b6-5e17-4dbf-9574-c462c3d742d7
35.246.234.8200 OK 0 B URL HTTP/1.1 gandalf-eu.segmentify.com//add/events/v1.json?apiKey=06e2e4b6-5e17-4dbf-9574-c462c3d742d7
IP 35.246.234.8:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS //add/events/v1.json?apiKey=06e2e4b6-5e17-4dbf-9574-c462c3d742d7 HTTP/1.1
Host: gandalf-eu.segmentify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-sfy-api-key
Referer: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type, Accept, Authorization, X-Switch-User, X-Switch-Account, X-Switch-Region, X-Sfy-Api-Key
Access-Control-Allow-Methods: GET, POST, PUT, DELETE
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3600
Connection: keep-alive
Content-Length: 0
Content-Type: application/json
Date: Thu, 08 Dec 2022 09:33:33 GMT
Server: nginx
X-Server-Name: 7bc30e0e2a5e4039e53cb85fca96879b
bat.bing.com/bat.js
204.79.197.200200 OK 12 kB IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 2c4f8fdc3603ab85548a691da9eb5876
ba858d45d8c99447e23e4a3db48a2c029c28bb25
79f0aa7f8ddb84f756be67a7ce2a6904b62a93420e62d08e46043b7d22870840
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11460
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 05 Dec 2022 17:15:50 GMT
accept-ranges: bytes
etag: "027e538cd8d91:0"
vary: Accept-Encoding
set-cookie: MUID=09C1DCA17F4C66C91CE9CED57E1B6794; domain=.bing.com; expires=Tue, 02-Jan-2024 09:33:33 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4BBDFF1735434613A6C94543AC76E1F0 Ref B: OSL30EDGE0415 Ref C: 2022-12-08T09:33:33Z
date: Thu, 08 Dec 2022 09:33:33 GMT
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
178.250.6.183200 OK 15 kB URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 178.250.6.183:0
File type JSON data\012- , ASCII text, with very long lines (57614), with no line terminators
Hash 8dc219cfde9674c05a1611e004fee651
6202565d858a470dccd801ce303ff1fd93552b54
19c69c11547170c180100695e29cb2e1f33ea4d695643998e613dc92f1ad92f7
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:33:32 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 114279
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gandalf-eu.segmentify.com//add/events/v1.json?apiKey=06e2e4b6-5e17-4dbf-9574-c462c3d742d7
35.246.234.8200 7.9 kB URL HTTP/1.1 gandalf-eu.segmentify.com//add/events/v1.json?apiKey=06e2e4b6-5e17-4dbf-9574-c462c3d742d7
IP 35.246.234.8:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type JSON data\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (34712), with no line terminators
Hash 2e3b754959e0dd1967b272162f0b490b
e1ad393c8c4f0cb6133b7217b6f1a4b6cc60fd10
7efaa2226448a561a7adb23bc0cd3d1e09729f2823a04c45b5f6cbda57efd55b
POST //add/events/v1.json?apiKey=06e2e4b6-5e17-4dbf-9574-c462c3d742d7 HTTP/1.1
Host: gandalf-eu.segmentify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
X-Sfy-Api-Key: 06e2e4b6-5e17-4dbf-9574-c462c3d742d7
Content-Length: 1507
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Encoding: br
Content-Type: application/json;charset=UTF-8
Date: Thu, 08 Dec 2022 09:33:33 GMT
Server: nginx
Transfer-Encoding: chunked
X-Server-Name: e50eafe57688af3a47ec4fb3140ed864
getrockerbox.com/customdomain/rb9yp8py.flaviar.com/wxyz.rb.js
172.64.174.31301 Moved Permanently 226 B URL HTTP/2 getrockerbox.com/customdomain/rb9yp8py.flaviar.com/wxyz.rb.js
IP 172.64.174.31:0
Hash 64ced38ce8e0f4052c5b12dad8458d7d
c3fd9b66e099c0ac3a99a580c3beab6de4443ceb
271e3626c3d58b7b72874a819dd79542d19e89c0fdab8adc0ba1e869a9a59096
GET /customdomain/rb9yp8py.flaviar.com/wxyz.rb.js HTTP/1.1
Host: getrockerbox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Thu, 08 Dec 2022 09:33:32 GMT
content-type: text/html
location: https://rb9yp8py.flaviar.com/assets/wxyz.rb.js
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zYRu7nezDzD%2BrCV3D4a%2BhdUz12%2BFtfnnvq%2BwUG1r2ceYgLBxx7LXfQKPK4ZRKspdiLYKKo3V5q%2FLNugxdU4TDTLdRgP5ZYCPh4ocMRAjShsXXRTMrqOPYno2h1EKUBgBSPFH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776480084e4074e5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
alb.reddit.com/rp.gif?ts=1670492012330&id=t2_h2e6q&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=21a5c4c1-9e0f-4329-8302-465ac8ea2dbb&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1280&sw=1024&v=rdt_1967aea8
151.101.129.140200 OK 42 B URL HTTP/2 alb.reddit.com/rp.gif?ts=1670492012330&id=t2_h2e6q&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=21a5c4c1-9e0f-4329-8302-465ac8ea2dbb&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1280&sw=1024&v=rdt_1967aea8
IP 151.101.129.140:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /rp.gif?ts=1670492012330&id=t2_h2e6q&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=21a5c4c1-9e0f-4329-8302-465ac8ea2dbb&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1280&sw=1024&v=rdt_1967aea8 HTTP/1.1
Host: alb.reddit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
cross-origin-resource-policy: cross-origin
content-type: image/gif
accept-ranges: bytes
date: Thu, 08 Dec 2022 09:33:33 GMT
via: 1.1 varnish
content-length: 42
X-Firefox-Spdy: h2
alb.reddit.com/rp.gif?ts=1670492012332&id=t2_h2e6q&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=21a5c4c1-9e0f-4329-8302-465ac8ea2dbb&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1280&sw=1024&v=rdt_1967aea8
151.101.129.140200 OK 42 B URL HTTP/2 alb.reddit.com/rp.gif?ts=1670492012332&id=t2_h2e6q&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=21a5c4c1-9e0f-4329-8302-465ac8ea2dbb&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1280&sw=1024&v=rdt_1967aea8
IP 151.101.129.140:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /rp.gif?ts=1670492012332&id=t2_h2e6q&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=21a5c4c1-9e0f-4329-8302-465ac8ea2dbb&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1280&sw=1024&v=rdt_1967aea8 HTTP/1.1
Host: alb.reddit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
cross-origin-resource-policy: cross-origin
content-type: image/gif
accept-ranges: bytes
date: Thu, 08 Dec 2022 09:33:33 GMT
via: 1.1 varnish
content-length: 42
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 2feb06685a118d55ccaeafc7ee017d8d
3d174b55d7ad8354fa4311fd50c00e548b9f58af
f0d8e6761e27796374ca50f8c6c0b46f2027eede275538207e90ad10522072ed
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4302
Cache-Control: max-age=99178
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:33 GMT
Etag: "63907f09-13a"
Expires: Fri, 09 Dec 2022 13:06:31 GMT
Last-Modified: Wed, 07 Dec 2022 11:54:49 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 2feb06685a118d55ccaeafc7ee017d8d
3d174b55d7ad8354fa4311fd50c00e548b9f58af
f0d8e6761e27796374ca50f8c6c0b46f2027eede275538207e90ad10522072ed
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 469
Cache-Control: max-age=95345
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:33 GMT
Etag: "63907f09-13a"
Expires: Fri, 09 Dec 2022 12:02:38 GMT
Last-Modified: Wed, 07 Dec 2022 11:54:49 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 314
t.co/i/adsct?bci=3&eci=2&event_id=e652ba0c-3f01-459b-9a34-0958ae20bb39&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=d79e1df4-cdc5-4e68-8084-427dfd7f9d8b&tw_document_href=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH43tD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv73t&type=javascript&version=2.3.29
104.244.42.5200 OK 43 B URL HTTP/2 t.co/i/adsct?bci=3&eci=2&event_id=e652ba0c-3f01-459b-9a34-0958ae20bb39&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=d79e1df4-cdc5-4e68-8084-427dfd7f9d8b&tw_document_href=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH43tD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv73t&type=javascript&version=2.3.29
IP 104.244.42.5:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=e652ba0c-3f01-459b-9a34-0958ae20bb39&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=d79e1df4-cdc5-4e68-8084-427dfd7f9d8b&tw_document_href=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH43tD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv73t&type=javascript&version=2.3.29 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:33:33 GMT
perf: 7626143928
server: tsa_o
set-cookie: muc_ads=aa77ef37-3000-4029-a897-75acd96a2b72; Max-Age=63072000; Expires=Sat, 07 Dec 2024 09:33:33 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: f72785cd2f2ae550
strict-transport-security: max-age=0
x-response-time: 108
x-connection-hash: 849463d108da276e38c2edea9650002808c29ad9930145f66c7629610eb6f9a9
X-Firefox-Spdy: h2
t.co/i/adsct?bci=3&eci=2&event_id=afb8b5b4-b097-4d52-a4a1-20626cb02f0f&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=d79e1df4-cdc5-4e68-8084-427dfd7f9d8b&tw_document_href=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH43tD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv73t&type=javascript&version=2.3.29
104.244.42.5200 OK 43 B URL HTTP/2 t.co/i/adsct?bci=3&eci=2&event_id=afb8b5b4-b097-4d52-a4a1-20626cb02f0f&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=d79e1df4-cdc5-4e68-8084-427dfd7f9d8b&tw_document_href=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH43tD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv73t&type=javascript&version=2.3.29
IP 104.244.42.5:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=afb8b5b4-b097-4d52-a4a1-20626cb02f0f&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=d79e1df4-cdc5-4e68-8084-427dfd7f9d8b&tw_document_href=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH43tD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv73t&type=javascript&version=2.3.29 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:33:32 GMT
perf: 7626143928
server: tsa_o
set-cookie: muc_ads=50231a98-e23c-468a-8790-6d7760d4df39; Max-Age=63072000; Expires=Sat, 07 Dec 2024 09:33:33 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 730fd03142ff2152
strict-transport-security: max-age=0
x-response-time: 103
x-connection-hash: 849463d108da276e38c2edea9650002808c29ad9930145f66c7629610eb6f9a9
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.0.157200 OK 3.9 kB IP 178.250.0.157:0
File type JSON data\012- , ASCII text, with very long lines (619)
Hash 59059aed04189afa428b81b6d96af479
5fd720bdba9b3ef2495a6228b80a54f312bb8784
191f9ce8ebcb02a4a5f9d452ba3381860c41401a81e8df0426c6b774e96abb1e
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=SArNmV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czJVclFzVUozdzFnVUI5ZnZvenZzbnZQTlNoZnlvREwwc3RramhhS1ZHdm4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:33:32 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=5kF0Zl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czJVclFzVUozdzFnVUI5ZnZvenZzbnRqVVpvdTduTWE5R0licW1wVFZ4dzY; expires=Tue, 02 Jan 2024 09:33:33 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 380406
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=5715081&tm=gtm002&Ver=2&mid=b24878b4-fd17-4a7d-9c6d-1a348ea4ce75&sid=61e20a4076db11eda125751ff19e3517&vid=61e2303076db11ed9f741fecbc8faa24&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar&p=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH43tD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&r=<=3806&evt=pageLoad&sv=1&rn=146078
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=5715081&tm=gtm002&Ver=2&mid=b24878b4-fd17-4a7d-9c6d-1a348ea4ce75&sid=61e20a4076db11eda125751ff19e3517&vid=61e2303076db11ed9f741fecbc8faa24&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar&p=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH43tD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&r=<=3806&evt=pageLoad&sv=1&rn=146078
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=5715081&tm=gtm002&Ver=2&mid=b24878b4-fd17-4a7d-9c6d-1a348ea4ce75&sid=61e20a4076db11eda125751ff19e3517&vid=61e2303076db11ed9f741fecbc8faa24&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar&p=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH43tD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&r=<=3806&evt=pageLoad&sv=1&rn=146078 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=0721E2393A1761590F45F04D3B4060C0; domain=.bing.com; expires=Tue, 02-Jan-2024 09:33:34 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1F47EA8455B5481B96C66F55BEC58A8D Ref B: OSL30EDGE0415 Ref C: 2022-12-08T09:33:33Z
date: Thu, 08 Dec 2022 09:33:33 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash ec20b9880a4b5706b3348131a233593b
cb8d0cccf87a4c4299e16a4c46120ec0ac870a26
99bbc3b1bb7d5ff8e29c389ed6c36e4e43ee7b86d0a28e299ff146d5a2981ab7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6447
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:34 GMT
Last-Modified: Thu, 08 Dec 2022 07:46:07 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash ec20b9880a4b5706b3348131a233593b
cb8d0cccf87a4c4299e16a4c46120ec0ac870a26
99bbc3b1bb7d5ff8e29c389ed6c36e4e43ee7b86d0a28e299ff146d5a2981ab7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 732
Cache-Control: max-age=136638
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:34 GMT
Etag: "63911f50-139"
Expires: Fri, 09 Dec 2022 23:30:52 GMT
Last-Modified: Wed, 07 Dec 2022 23:18:40 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 313
sslwidget.criteo.com/event?a=95340&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3Dundefined%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.1.0&p3=e%3Ddis&adce=1&bundle=shVULV9Rb2Zuc1NnWHNmZDN6SjNtMUU5cWNzeDVtSVkyNHRrS2JMaElQT2RHR3hTVyUyQm9HcFJxaDhqTEVtb2h0M0ZJam56aTlSOUZ0VUNlSzVzeEhxM2QyUHFWTmlSTSUyQkdtbFd0cHVINCUyRjFFNkJXUlhwYWROc1NkdXRwaG1idDlZcGJtRlF2ciUyQmFOV3ZBSjlCcEN0TGlIQW10ZyUzRCUzRA&tld=flaviar.com&dy=1&fu=https%253A%252F%252Fflaviar.com%252F%253Firclickid%253D1-9wPfyDDxyNR7RVoXTXjwISUkAxH43tD1MORM0%2526ir_cid%253D3334%2526ir_affid%253D10813%2526utm_medium%253Daffiliates%2526utm_source%253DMaxBounty.com%252520ULC%2526ir_partnerid%253D10813%2526ir_adid%253D1215604%2526ir_campaignid%253D3334&dtycbr=81401&cs=1---&cv=1
178.250.2.151302 Found 0 B URL HTTP/2 sslwidget.criteo.com/event?a=95340&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3Dundefined%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.1.0&p3=e%3Ddis&adce=1&bundle=shVULV9Rb2Zuc1NnWHNmZDN6SjNtMUU5cWNzeDVtSVkyNHRrS2JMaElQT2RHR3hTVyUyQm9HcFJxaDhqTEVtb2h0M0ZJam56aTlSOUZ0VUNlSzVzeEhxM2QyUHFWTmlSTSUyQkdtbFd0cHVINCUyRjFFNkJXUlhwYWROc1NkdXRwaG1idDlZcGJtRlF2ciUyQmFOV3ZBSjlCcEN0TGlIQW10ZyUzRCUzRA&tld=flaviar.com&dy=1&fu=https%253A%252F%252Fflaviar.com%252F%253Firclickid%253D1-9wPfyDDxyNR7RVoXTXjwISUkAxH43tD1MORM0%2526ir_cid%253D3334%2526ir_affid%253D10813%2526utm_medium%253Daffiliates%2526utm_source%253DMaxBounty.com%252520ULC%2526ir_partnerid%253D10813%2526ir_adid%253D1215604%2526ir_campaignid%253D3334&dtycbr=81401&cs=1---&cv=1
IP 178.250.2.151:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event?a=95340&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3Dundefined%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.1.0&p3=e%3Ddis&adce=1&bundle=shVULV9Rb2Zuc1NnWHNmZDN6SjNtMUU5cWNzeDVtSVkyNHRrS2JMaElQT2RHR3hTVyUyQm9HcFJxaDhqTEVtb2h0M0ZJam56aTlSOUZ0VUNlSzVzeEhxM2QyUHFWTmlSTSUyQkdtbFd0cHVINCUyRjFFNkJXUlhwYWROc1NkdXRwaG1idDlZcGJtRlF2ciUyQmFOV3ZBSjlCcEN0TGlIQW10ZyUzRCUzRA&tld=flaviar.com&dy=1&fu=https%253A%252F%252Fflaviar.com%252F%253Firclickid%253D1-9wPfyDDxyNR7RVoXTXjwISUkAxH43tD1MORM0%2526ir_cid%253D3334%2526ir_affid%253D10813%2526utm_medium%253Daffiliates%2526utm_source%253DMaxBounty.com%252520ULC%2526ir_partnerid%253D10813%2526ir_adid%253D1215604%2526ir_campaignid%253D3334&dtycbr=81401&cs=1---&cv=1 HTTP/1.1
Host: sslwidget.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 08 Dec 2022 09:33:33 GMT
server: Kestrel
content-length: 0
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
expires: 0
location: https://widget.us.criteo.com/event?a=95340&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3Dundefined%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.1.0&p3=e%3Ddis&adce=1&bundle=shVULV9Rb2Zuc1NnWHNmZDN6SjNtMUU5cWNzeDVtSVkyNHRrS2JMaElQT2RHR3hTVyUyQm9HcFJxaDhqTEVtb2h0M0ZJam56aTlSOUZ0VUNlSzVzeEhxM2QyUHFWTmlSTSUyQkdtbFd0cHVINCUyRjFFNkJXUlhwYWROc1NkdXRwaG1idDlZcGJtRlF2ciUyQmFOV3ZBSjlCcEN0TGlIQW10ZyUzRCUzRA&tld=flaviar.com&dy=1&fu=https%253A%252F%252Fflaviar.com%252F%253Firclickid%253D1-9wPfyDDxyNR7RVoXTXjwISUkAxH43tD1MORM0%2526ir_cid%253D3334%2526ir_affid%253D10813%2526utm_medium%253Daffiliates%2526utm_source%253DMaxBounty.com%252520ULC%2526ir_partnerid%253D10813%2526ir_adid%253D1215604%2526ir_campaignid%253D3334&dtycbr=81401&cs=1---&cv=1
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
server-processing-duration-in-ticks: 8840841
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
bat.bing.com/p/action/5715081.js
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/5715081.js
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/5715081.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=1CC9C65D3B3D694E0770D4293A6A68A4; domain=.bing.com; expires=Tue, 02-Jan-2024 09:33:34 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0BD0E24E889A48A59DD5A0415189504B Ref B: OSL30EDGE0415 Ref C: 2022-12-08T09:33:33Z
date: Thu, 08 Dec 2022 09:33:33 GMT
X-Firefox-Spdy: h2
d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=90709db
143.204.55.117200 OK 48 kB URL HTTP/2 d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=90709db
IP 143.204.55.117:0
File type ASCII text, with very long lines (778)
Hash db6577d43efa27de385813e4eb9bf7a8
8a6816a745cf7445b211d08c7a0741e1e3e33e93
e946a88e3447423c1cea32a407f7f060ce07bf2947c2e1c56ee6e3041bced35f
GET /widget/widget.js?v=90709db HTTP/1.1
Host: d3rr3d0n31t48m.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 47685
date: Tue, 15 Nov 2022 21:40:33 GMT
last-modified: Tue, 15 Nov 2022 21:39:31 GMT
etag: "db6577d43efa27de385813e4eb9bf7a8"
cache-control: max-age=2592000, public
content-encoding: gzip
x-amz-meta-mtime: 1668548366.14
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: qlws0j-1FLiz2a7Ie46yiHcql8h6jSfibn4heUtz5ND2Ixknru5Xlw==
age: 1943582
X-Firefox-Spdy: h2
dynamic.criteo.com/js/ld/ld.js?a=95340
178.250.0.147200 OK 15 kB URL HTTP/2 dynamic.criteo.com/js/ld/ld.js?a=95340
IP 178.250.0.147:0
File type ASCII text, with very long lines (43225)
Hash 6818578a2cd60a1c9b204d82916c61db
e520de505c94bda3bd2a2998cd0e9bd7a7785cd2
c786aaa8654f2e489d18b96fae362fc6984081536eaa7d2e47c7ce47e8dc242d
GET /js/ld/ld.js?a=95340 HTTP/1.1
Host: dynamic.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:33:32 GMT
content-type: application/javascript; charset=utf-8
server: Kestrel
cache-control: public,max-age=10800
content-encoding: br
vary: Origin, Accept-Encoding
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=e652ba0c-3f01-459b-9a34-0958ae20bb39&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=d79e1df4-cdc5-4e68-8084-427dfd7f9d8b&tw_document_href=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH43tD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv73t&type=javascript&version=2.3.29
104.244.42.195200 OK 43 B URL HTTP/2 analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=e652ba0c-3f01-459b-9a34-0958ae20bb39&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=d79e1df4-cdc5-4e68-8084-427dfd7f9d8b&tw_document_href=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH43tD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv73t&type=javascript&version=2.3.29
IP 104.244.42.195:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=e652ba0c-3f01-459b-9a34-0958ae20bb39&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=d79e1df4-cdc5-4e68-8084-427dfd7f9d8b&tw_document_href=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH43tD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv73t&type=javascript&version=2.3.29 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:33:33 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_lj2k6qlbT8JcRUCvgxJy7Q=="; Max-Age=63072000; Expires=Sat, 07 Dec 2024 09:33:34 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: eb863845bdb8bfc1
strict-transport-security: max-age=631138519
x-response-time: 103
x-connection-hash: 1834ccbf70efe113f79e5747ef6068eebc4a5b2f805f37f606e3294655efbc40
X-Firefox-Spdy: h2
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 463bcaef421199f7ea4216405d409f3a
51a32bdb4a049502cc7154910c257acc5b748292
66560b89ac85ab969d7e5b602f460b18f44de66574668faed3da61dcbd12858c
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3690
Cache-Control: max-age=132072
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:34 GMT
Etag: "639101ec-1d7"
Expires: Fri, 09 Dec 2022 22:14:46 GMT
Last-Modified: Wed, 07 Dec 2022 21:13:16 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 463bcaef421199f7ea4216405d409f3a
51a32bdb4a049502cc7154910c257acc5b748292
66560b89ac85ab969d7e5b602f460b18f44de66574668faed3da61dcbd12858c
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3209
Cache-Control: max-age=131591
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:34 GMT
Etag: "639101ec-1d7"
Expires: Fri, 09 Dec 2022 22:06:45 GMT
Last-Modified: Wed, 07 Dec 2022 21:13:16 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 03788170521bc117683072b856845499
f840d687537fe976b2217a1d816be26cc00f93b3
142b14d86af6d9c883c93aa8fe1a1c94d6b3121bd084c5cfd810c5084e15ad4c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5534
Cache-Control: max-age=157289
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:34 GMT
Etag: "63915d39-138"
Expires: Sat, 10 Dec 2022 05:15:03 GMT
Last-Modified: Thu, 08 Dec 2022 03:42:49 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 312
tr.outbrain.com/cachedClickId?marketerId=00cf895e7b627a414bdcc05c54e01b7ae7
64.202.112.31200 OK 56 B URL HTTP/1.1 tr.outbrain.com/cachedClickId?marketerId=00cf895e7b627a414bdcc05c54e01b7ae7
IP 64.202.112.31:0
File type ASCII text, with no line terminators
Hash 77fbe8ab311fa20557d95906363035ed
5806df80f09a37e070d5f37c49f19797c2763fd0
4fa9f4ca5bfa56b9f8467324e3654f4a717dcd40b70c05b538092d8a101b0599
GET /cachedClickId?marketerId=00cf895e7b627a414bdcc05c54e01b7ae7 HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 09:33:34 GMT
Content-Type: application/javascript
Content-Length: 56
X-TraceId: bea63f1f367e52d011f8947839d56372
content-encoding: gzip
tr.outbrain.com/unifiedPixel?marketerId=00cf895e7b627a414bdcc05c54e01b7ae7&apiObjVersion=1.1&obtpVersion=2.0.5&name=Pageview&dl=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH43tD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&optOut=false&bust=0004276029226471079&referrer=
64.202.112.31200 OK 60 B URL HTTP/1.1 tr.outbrain.com/unifiedPixel?marketerId=00cf895e7b627a414bdcc05c54e01b7ae7&apiObjVersion=1.1&obtpVersion=2.0.5&name=Pageview&dl=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH43tD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&optOut=false&bust=0004276029226471079&referrer=
IP 64.202.112.31:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fb0fc5c090282e372b8bf8ff13ae3ee2
2de3834253ece606ce4d2a6f10a59654b6fa378b
90a8ffa59ad6227daafa10083d4cff2e9b295c9c82135b5f5cedd65b2e7c8ceb
GET /unifiedPixel?marketerId=00cf895e7b627a414bdcc05c54e01b7ae7&apiObjVersion=1.1&obtpVersion=2.0.5&name=Pageview&dl=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH43tD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&optOut=false&bust=0004276029226471079&referrer= HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 09:33:34 GMT
Content-Type: image/gif;
Content-Length: 60
Cache-Control: no-cache
X-TraceId: 05f68806d4bc7824d93aac3cf632b8b7
content-encoding: gzip
shopper.shop.pe/input.js
35.190.54.17200 OK 8.9 kB IP 35.190.54.17:0
File type ASCII text, with very long lines (17023)
Hash 277671bdc75ca43b2c48464d6ab4278f
fa3f6cfe3a34a0586917b256c7d5b8f9b4c1a205
cb280dde0bd7b5868891421254e239ef63551cc351cb246a68e9bc69bd4e0e8e
GET /input.js HTTP/1.1
Host: shopper.shop.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdssEQSYb789Ue0C0_2tA2iOaOQpywX9ytXtm8P0eXLPyQoUsP7ccRSYPTl7Xu2SJiDCpvJFA9uDLSKMR7g4nKj007Dz7LO6
x-goog-generation: 1667301507739079
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 8877
content-encoding: gzip
x-goog-hash: crc32c=d2ag2w==, md5=J3ZxvcdcpDssSEZNarQnjw==
x-goog-storage-class: STANDARD
accept-ranges: bytes
vary: Accept-Encoding
content-length: 8877
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
server: UploadServer
date: Thu, 08 Dec 2022 06:48:18 GMT
expires: Thu, 08 Dec 2022 10:48:18 GMT
cache-control: public, max-age=14400
age: 9916
last-modified: Tue, 01 Nov 2022 11:18:27 GMT
etag: "277671bdc75ca43b2c48464d6ab4278f"
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-pDf-vWvW20rLP0pJdCVypQvrKXQpP3fL22X6eA&google_cm&google_hm=ay1wRGYtdld2VzIwckxQMHBKZENWeXBRdnJLWFFwUDNmTDIyWDZlQQ
216.58.207.226302 Found 440 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-pDf-vWvW20rLP0pJdCVypQvrKXQpP3fL22X6eA&google_cm&google_hm=ay1wRGYtdld2VzIwckxQMHBKZENWeXBRdnJLWFFwUDNmTDIyWDZlQQ
IP 216.58.207.226:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 0376f6b6c8c1123c1542ca8bff527ef0
6c223da7a45604a1adca4c75ddaf38fb00147dd3
d178a74d847219602053c764243568c42d6121315e6dfd5b280f510937f5d605
GET /pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-pDf-vWvW20rLP0pJdCVypQvrKXQpP3fL22X6eA&google_cm&google_hm=ay1wRGYtdld2VzIwckxQMHBKZENWeXBRdnJLWFFwUDNmTDIyWDZlQQ HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-pDf-vWvW20rLP0pJdCVypQvrKXQpP3fL22X6eA&google_cm=&google_hm=ay1wRGYtdld2VzIwckxQMHBKZENWeXBRdnJLWFFwUDNmTDIyWDZlQQ&google_tc=
date: Thu, 08 Dec 2022 09:33:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 440
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 08-Dec-2022 09:48:34 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c3624eec3b06c9ee00d4237a31df0a61
744cf6f591286faba0e2fc6dc53db8797fd9d4e8
4ce67f7cf06a81565fe740fb3e95162004ed5bf9eb70992e28acdb05f671511c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4CE67F7CF06A81565FE740FB3E95162004ED5BF9EB70992E28ACDB05F671511C"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8617
Expires: Thu, 08 Dec 2022 11:57:11 GMT
Date: Thu, 08 Dec 2022 09:33:34 GMT
Connection: keep-alive
matching.ivitrack.com/sync?realm=criteo&uid=k-FAOrKWvW20rLP0pJdCVypQvrKXQIta2W3xHfXQ
34.117.157.22200 OK 42 B URL HTTP/2 matching.ivitrack.com/sync?realm=criteo&uid=k-FAOrKWvW20rLP0pJdCVypQvrKXQIta2W3xHfXQ
IP 34.117.157.22:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /sync?realm=criteo&uid=k-FAOrKWvW20rLP0pJdCVypQvrKXQIta2W3xHfXQ HTTP/1.1
Host: matching.ivitrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: istio-envoy
date: Thu, 08 Dec 2022 09:33:34 GMT
content-type: image/gif
content-length: 42
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 1
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c3624eec3b06c9ee00d4237a31df0a61
744cf6f591286faba0e2fc6dc53db8797fd9d4e8
4ce67f7cf06a81565fe740fb3e95162004ed5bf9eb70992e28acdb05f671511c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4CE67F7CF06A81565FE740FB3E95162004ED5BF9EB70992E28ACDB05F671511C"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8617
Expires: Thu, 08 Dec 2022 11:57:11 GMT
Date: Thu, 08 Dec 2022 09:33:34 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 32182af83a271ac7d1db2e0b23999222
25986806629e386b5b5edb285365ce41e099dd8a
df461b61bd809ca282ed0c544f1c1164b07b2f9b8eb9f279b2d4fb60c180cba0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=160836
Date: Thu, 08 Dec 2022 09:33:34 GMT
Etag: "639173a4-1d7"
Expires: Sat, 10 Dec 2022 06:14:10 GMT
Last-Modified: Thu, 08 Dec 2022 05:18:28 GMT
Server: ECS (nyb/1D0B)
X-Cache: Miss from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 1h97QtOanHb3mhMEcZE2vuKAk-oGSVviOxukhYQuqM5U5I6RKS-Mlw==
Age: 3342
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash ed255ae6b5dc25fcffb6e87fc1fef758
1b4122e009b54d78867a357753a330d4034f86ed
7ad022e9f592187b8e2b4a9e6118f9f5326d8e82736d70eeed22058c7562a831
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=105473
Date: Thu, 08 Dec 2022 09:33:34 GMT
Etag: "639099d2-1d7"
Expires: Fri, 09 Dec 2022 14:51:27 GMT
Last-Modified: Wed, 07 Dec 2022 13:49:06 GMT
Server: ECS (bsa/EB17)
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Hg3OjuOdxksNBYZtRqMDzlH87vUkyHwSxnW4YP0Wl25pbk_HzZruYw==
Age: 3742
gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
178.250.2.146302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
IP 178.250.2.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 08 Dec 2022 09:33:34 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=
server-processing-duration-in-ticks: 826439
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-xQRSImvW20rLP0pJdCVypQvrKXRmO3IlTag7Cw
23.38.200.22200 OK 45 B URL HTTP/2 contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-xQRSImvW20rLP0pJdCVypQvrKXRmO3IlTag7Cw
IP 23.38.200.22:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash 99cceceaed4d575484b69ddaf9ed66a7
1e3a3b15296b585833a22d987a387aa58aa1642d
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
GET /cksync.php?cs=3&type=crt&ovsid=k-xQRSImvW20rLP0pJdCVypQvrKXRmO3IlTag7Cw HTTP/1.1
Host: contextual.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
content-length: 45
content-type: image/gif
set-cookie: visitor-id=3134936143580210000V10; Expires=Fri, 08 Dec 2023 09:33:34 GMT; domain=.media.net; Path=/;
data-c-ts=1670492014;Expires=Sat, 07 Jan 2023 09:33:34 GMT;path=/;domain=.media.net;
data-c=k-xQRSImvW20rLP0pJdCVypQvrKXRmO3IlTag7Cw~~3;Expires=Sat, 07 Jan 2023 09:33:34 GMT;path=/;domain=.media.net;
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=31536000
x-mnet-hl2: E
expires: Thu, 08 Dec 2022 09:33:34 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 08 Dec 2022 09:33:34 GMT
X-Firefox-Spdy: h2
r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-8x0GxGvW20rLP0pJdCVypQvrKXQ2JhTj0SxF-g
104.18.33.19302 Found 221 B URL HTTP/2 r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-8x0GxGvW20rLP0pJdCVypQvrKXQ2JhTj0SxF-g
IP 104.18.33.19:0
File type gzip compressed data, from Unix\012- data
Hash d22da6162bb1da407ba510d949c69d1e
39de4c0d9eca1bba690e220e5cdc30eaa5195d9b
907ab1f4b2c5927e11e057ca003ff1065a1fde51a42ff9670336d0292a451eb4
GET /rum?cm_dsp_id=20&external_user_id=k-8x0GxGvW20rLP0pJdCVypQvrKXQ2JhTj0SxF-g HTTP/1.1
Host: r.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 08 Dec 2022 09:33:34 GMT
content-length: 0
location: /rum?cm_dsp_id=20&external_user_id=k-8x0GxGvW20rLP0pJdCVypQvrKXQ2JhTj0SxF-g&C=1
cf-ray: 77648014cb08b509-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMID=Y5Gvbs3o8Yl7sxld97haKQAA; Path=/; Domain=casalemedia.com; Expires=Fri, 08 Dec 2023 09:33:34 GMT; Max-Age=31536000; Secure; SameSite=None
CMPS=1835; Path=/; Domain=casalemedia.com; Expires=Wed, 08 Mar 2023 09:33:34 GMT; Max-Age=7776000; Secure; SameSite=None
CMPRO=1835; Path=/; Domain=casalemedia.com; Expires=Wed, 08 Mar 2023 09:33:34 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fe7Azyu9WBs7S%2B%2BwIxJmj6sgZLYo7xOzPd%2BTZ0TCJd7cXhKdHP0hsShq0eycT5Wq2vvmBIOUVKIiGXucpOIPPDUGhtRt%2FGVJOI9QONpBB2I38FBbc5ht8LCGMEV%2BpOcLUX3S"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
criteo-sync.teads.tv/um?eid=80&uid=k-pcdhLmvW20rLP0pJdCVypQvrKXQJPEXPRsWeuQ
23.195.255.234200 OK 23 B URL HTTP/2 criteo-sync.teads.tv/um?eid=80&uid=k-pcdhLmvW20rLP0pJdCVypQvrKXQJPEXPRsWeuQ
IP 23.195.255.234:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash da5b449fff36752a93779fa4067cd2eb
71a96eea77f21ab5f1819b96c4cedd5cd34476ca
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
GET /um?eid=80&uid=k-pcdhLmvW20rLP0pJdCVypQvrKXQJPEXPRsWeuQ HTTP/1.1
Host: criteo-sync.teads.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
server: akka-http/10.2.9
content-length: 23
expires: Thu, 08 Dec 2022 09:33:34 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 08 Dec 2022 09:33:34 GMT
X-Firefox-Spdy: h2
r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-8x0GxGvW20rLP0pJdCVypQvrKXQ2JhTj0SxF-g&C=1
104.18.33.19200 OK 43 B URL HTTP/2 r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-8x0GxGvW20rLP0pJdCVypQvrKXQ2JhTj0SxF-g&C=1
IP 104.18.33.19:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /rum?cm_dsp_id=20&external_user_id=k-8x0GxGvW20rLP0pJdCVypQvrKXQ2JhTj0SxF-g&C=1 HTTP/1.1
Host: r.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:33:34 GMT
content-type: image/gif
content-length: 43
cf-ray: 776480153ba3b509-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iq4vGZuQldFkOyFPbmHsk3ydu%2FAgS6EIbIV4a8mkx2LCIU0xykhZeOVdjouatFs2NDmvnI11OwQ%2FKUYuuEgM8iSuWFfjuWpd5Wo3A2uRDUm73XsFd%2FUhoAQHpzECcc0pJ60Q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash df5d720840c8ebe82eb0ef41ef951718
0dac274659373c54d320b78645653a2a48be7030
c3fad3e801baffbf2e7173a35a2c444079ee6c4b6ee59073f63bdda684b444a8
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=161880
Date: Thu, 08 Dec 2022 09:33:34 GMT
Etag: "63917c38-1d7"
Expires: Sat, 10 Dec 2022 06:31:34 GMT
Last-Modified: Thu, 08 Dec 2022 05:55:04 GMT
Server: ECS (nyb/1D1B)
X-Cache: Miss from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: zw6jUdY4oYdzaB5RVWCvnDS_9GCKlN0r_bHaJNcg5eJhHh4uJz7xFg==
Age: 2190
ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
185.83.142.19307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
IP 185.83.142.19:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Thu, 08 Dec 2022 09:33:34 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
AN-X-Request-Uuid: d435b2e0-2384-4e2b-81b8-0634b3af7036
Set-Cookie: uuid2=943074962852766879; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 08-Mar-2023 09:33:34 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
addshoppers.s3.amazonaws.com/customize/632b240c36963004c36631fb/95a70ba5ad45471ab18a70910459026d.js?_t=1670353484
52.217.88.20200 OK 2.1 kB URL HTTP/1.1 addshoppers.s3.amazonaws.com/customize/632b240c36963004c36631fb/95a70ba5ad45471ab18a70910459026d.js?_t=1670353484
IP 52.217.88.20:0
File type ASCII text, with very long lines (8959), with no line terminators
Hash 2818f43edd94ff9615380189a6d3baf5
e3552d0f4d7d5302e8a37eaa4a3459ba9eea3c1c
19eb340d3cde4d38c94ca49627990f537b0b2930b5aecbca40d6becdc024b574
GET /customize/632b240c36963004c36631fb/95a70ba5ad45471ab18a70910459026d.js?_t=1670353484 HTTP/1.1
Host: addshoppers.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: noPFO+gBHEq1Pdk5G6Dmi85Fceev9ZMPs3iByf3n9ei/7Wz5BfI6NIPivbx90pW2TMzEgAH5ZaI=
x-amz-request-id: E37YYR466FWX2Q5T
Date: Thu, 08 Dec 2022 09:33:35 GMT
Last-Modified: Tue, 06 Dec 2022 19:04:45 GMT
ETag: "95f2876e39fe955498f724ce1c71af35"
Cache-Control: max-age=2592000, public
Content-Encoding: gzip
x-amz-version-id: Z.WdgiG1pvSrqMR_z0ice8xW0UxXDJeo
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
Server: AmazonS3
Content-Length: 1553
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash b42ccbeb034ec7fff08b997734fd1e9a
02a910876f2f78b312b41afdb724e7bf323f97dc
ddb2658d02242ece014057e03325405f08b6909bb9702f0153ee232eeea0aa01
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3231
Cache-Control: max-age=112496
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:34 GMT
Etag: "6390b73f-138"
Expires: Fri, 09 Dec 2022 16:48:30 GMT
Last-Modified: Wed, 07 Dec 2022 15:54:39 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 312
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
185.83.142.19302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
IP 185.83.142.19:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Thu, 08 Dec 2022 09:33:34 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
AN-X-Request-Uuid: 2d37a690-4ac0-42ef-8ff9-5c510acab009
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-HFzLemvW20rLP0pJdCVypQvrKXTGN3hCKf4Ekg
185.86.137.133200 OK 43 B URL HTTP/1.1 rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-HFzLemvW20rLP0pJdCVypQvrKXTGN3hCKf4Ekg
IP 185.86.137.133:0
ASN #201081 SmartAdServer SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /redir/?partnerid=79&partneruserid=k-HFzLemvW20rLP0pJdCVypQvrKXTGN3hCKf4Ekg HTTP/1.1
Host: rtb-csync.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: image/gif
date: Thu, 08 Dec 2022 09:33:34 GMT
cache-control: no-cache,no-store
pragma: no-cache
set-cookie: pid=8027913962522688889; expires=Mon, 08 Jan 2024 09:33:35 GMT; domain=smartadserver.com; path=/
TestIfCookieP=ok; expires=Mon, 08 Jan 2024 09:33:35 GMT; domain=smartadserver.com; path=/
csync=79:k-HFzLemvW20rLP0pJdCVypQvrKXTGN3hCKf4Ekg; expires=Fri, 08 Dec 2023 09:33:35 GMT; domain=smartadserver.com; path=/
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 10ae015a481b29d89da500c7d98243cf
11c12f0aeda31b6da539b9e6022033e29a124307
d654fa17b63be027de9d2554c7dc0c2d83bd57c8b343734e7f5d9d73bd87d8ee
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3381
Cache-Control: max-age=145783
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:35 GMT
Etag: "639138b1-1d7"
Expires: Sat, 10 Dec 2022 02:03:18 GMT
Last-Modified: Thu, 08 Dec 2022 01:06:57 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 32922f835a72a4939b1a595f942be9dc
84184a058c1e3a2bf3c9105df342e38d91e64411
eacbeb14bd7e0c1ecd83a9c3410e7e89cfd2b5b5cb74a383b9d612eaffc13191
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=160087
Date: Thu, 08 Dec 2022 09:33:35 GMT
Etag: "63916f7b-1d7"
Expires: Sat, 10 Dec 2022 06:01:42 GMT
Last-Modified: Thu, 08 Dec 2022 05:00:43 GMT
Server: ECS (bsa/EB23)
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: vQ7AszMkI834qGsMxJFHO_qSUlDwXXLR8L2i1n7rDnyXl-8uUD5_EQ==
Age: 3659
pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-gEUiTGvW20rLP0pJdCVypQvrKXTw1z9aCtuQaQ&expires=30
69.173.144.139204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-gEUiTGvW20rLP0pJdCVypQvrKXTw1z9aCtuQaQ&expires=30
IP 69.173.144.139:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=6434&nid=2149&put=k-gEUiTGvW20rLP0pJdCVypQvrKXTw1z9aCtuQaQ&expires=30 HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/gif
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 9dfb6f98524703cb28aa777c06f8307d
0259f1b07774b87d9bf5d69228f549946a1dd747
7b5ecd4e9bf216f4c71747b9eab5f135a610972adeb28d4f61118fab6decc065
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 09:33:35 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 13:56:48 GMT
Expires: Tue, 13 Dec 2022 13:56:47 GMT
Etag: "0259f1b07774b87d9bf5d69228f549946a1dd747"
Cache-Control: max-age=447191,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 776480153c9cb51b-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b60308da5db74a4cd12cd968a05bbb77
f09035594d289c6b8035309b75db9af099fbf2b9
86a5dd458438ae74a14bef1727780afeac7e1ab53fbfbe0d493e62634138f9bb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3095
Cache-Control: max-age=109825
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:35 GMT
Etag: "6390ad59-1d7"
Expires: Fri, 09 Dec 2022 16:04:00 GMT
Last-Modified: Wed, 07 Dec 2022 15:12:25 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-8lzYhmvW20rLP0pJdCVypQvrKXSsh-EwJz3Pow
35.157.236.74204 No Content 0 B URL HTTP/2 match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-8lzYhmvW20rLP0pJdCVypQvrKXSsh-EwJz3Pow
IP 35.157.236.74:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-8lzYhmvW20rLP0pJdCVypQvrKXSsh-EwJz3Pow HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 08 Dec 2022 09:33:35 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f0bc063ee14a287a2f76000075b166ae
01c46ed1f7e7d7bc8b54c9a886d167cd5ceb4033
e3681ed6e457e6ee825bfb0e1fe2b9982e07ed9461abfd78fcb9a1e58f889876
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3211
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:35 GMT
Last-Modified: Thu, 08 Dec 2022 08:40:05 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fb44b614b8381a20ddc7cac6e5228f29
b8c381ae5dea1755066f7d450fdc5b7046e5d441
b4ffb9c2ea3aae0c8d2f1d713c10be2d4c008518a0c30e166da9f1e4ef58ba23
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B4FFB9C2EA3AAE0C8D2F1D713C10BE2D4C008518A0C30E166DA9F1E4EF58BA23"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5152
Expires: Thu, 08 Dec 2022 10:59:27 GMT
Date: Thu, 08 Dec 2022 09:33:35 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 6b922b43e7799945fcfd26346a3adcac
35e81b1efb6039081248efe4ccfd54aa09a0ef7c
bc22d1a77105d049043995ebd882d774dfbc4b76647b8b27e9c370a2d3e3f523
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=143708
Date: Thu, 08 Dec 2022 09:33:35 GMT
Etag: "639131be-1d7"
Expires: Sat, 10 Dec 2022 01:28:43 GMT
Last-Modified: Thu, 08 Dec 2022 00:37:18 GMT
Server: ECS (bsa/EB14)
X-Cache: Miss from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: om82y-oDjjwgiTQ-4E_DeAFNAdYVuo-FpCrmKeOiYO37lWWk1MNE8Q==
Age: 3085
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 51f8feae4038be3c50f308ae97c8fdea
3182909e4b164e3ef590b25c11d44d623223e862
a6f87ed576e452b6b56c8fd5438f352e8741c89afe810edfadbe2e0f751f196a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2355
Cache-Control: max-age=108011
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:35 GMT
Etag: "6390a927-1d7"
Expires: Fri, 09 Dec 2022 15:33:46 GMT
Last-Modified: Wed, 07 Dec 2022 14:54:31 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
x.bidswitch.net/sync?dsp_id=46&user_id=k-kvIZs2vW20rLP0pJdCVypQvrKXQRRqdLgVE6bQ&expires=30
35.157.140.187200 OK 43 B URL HTTP/2 x.bidswitch.net/sync?dsp_id=46&user_id=k-kvIZs2vW20rLP0pJdCVypQvrKXQRRqdLgVE6bQ&expires=30
IP 35.157.140.187:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /sync?dsp_id=46&user_id=k-kvIZs2vW20rLP0pJdCVypQvrKXQRRqdLgVE6bQ&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:33:35 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-j3A9Z2vW20rLP0pJdCVypQvrKXSjRA8QpVTluQ
18.156.0.31302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-j3A9Z2vW20rLP0pJdCVypQvrKXSjRA8QpVTluQ
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58301/sync?_origin=1&uid=k-j3A9Z2vW20rLP0pJdCVypQvrKXSjRA8QpVTluQ HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 08 Dec 2022 09:33:35 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-j3A9Z2vW20rLP0pJdCVypQvrKXSjRA8QpVTluQ&verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBG-vkWMCEBIcTRjnZ3Obyw3ibqh6M5oFEgEBAQEAk2ObYwAAAAAA_eMAAA&S=AQAAAtoe9f_V0_rDpyn2zS1quug; Expires=Fri, 8 Dec 2023 15:33:35 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
nytrng.com/iframe?vcp=4dd5h0np&as_id=9386817f1fe34ee1b643798b8e0074a1
99.83.128.14200 OK 410 B URL HTTP/2 nytrng.com/iframe?vcp=4dd5h0np&as_id=9386817f1fe34ee1b643798b8e0074a1
IP 99.83.128.14:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (410), with no line terminators
Hash be51a3db5da3a27b64d410726a886ffc
5b459e90f694e203758d0b7e6c7fa0fbdd34e947
b95683efb9bb30b4854f33fad1eb340c2f3537e12a79547d8485c0509fe9f1bd
GET /iframe?vcp=4dd5h0np&as_id=9386817f1fe34ee1b643798b8e0074a1 HTTP/1.1
Host: nytrng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:33:35 GMT
content-type: text/html; charset=utf-8
content-length: 410
server: gunicorn
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 50d44347480ddbf69ff2e269edb5cce5
33dd3dfeab6f79c528cad49c3ce78c82b2d675bc
5a1afe32968aa9a3c3e2240e7766ebe312b3d017505fe8a8596138ce95ab208e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3281
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:35 GMT
Last-Modified: Thu, 08 Dec 2022 08:38:54 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 884686fa80413218eeb7acabcbf24672
2318eb5d62ec0ba651eda1fbc3159158e8b7c172
3eca5d88c4990f8a582590eb87f1e3382690a1954e0b1c410c4e5cc5f6702d70
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=102559
Date: Thu, 08 Dec 2022 09:33:35 GMT
Etag: "63908ea1-1d7"
Expires: Fri, 09 Dec 2022 14:02:54 GMT
Last-Modified: Wed, 07 Dec 2022 13:01:21 GMT
Server: ECS (nyb/1D08)
X-Cache: Miss from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: tMaMdktZgiadr6AgVl4ql6uvL9-Uq_qtMI0u4cPf79lmH3T-Nx8eSg==
Age: 3693
dpm.demdex.net/ibs:dpid=28645&dpuuid=
54.217.130.182302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=28645&dpuuid=
IP 54.217.130.182:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=28645&dpuuid= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v045-0078c8bc4.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=74446824353535264942701341832550852031; Max-Age=15552000; Expires=Tue, 06 Jun 2023 09:33:35 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: FCn55g2nT4U=
Content-Length: 0
Connection: keep-alive
cm.adform.net/pixel?adform_pid=15&adform_pc=k-7k5PeWvW20rLP0pJdCVypQvrKXScMvwbuEBoMw
37.157.4.41200 OK 43 B URL HTTP/2 cm.adform.net/pixel?adform_pid=15&adform_pc=k-7k5PeWvW20rLP0pJdCVypQvrKXScMvwbuEBoMw
IP 37.157.4.41:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /pixel?adform_pid=15&adform_pc=k-7k5PeWvW20rLP0pJdCVypQvrKXScMvwbuEBoMw HTTP/1.1
Host: cm.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 09:33:35 GMT
content-type: image/gif
content-length: 43
last-modified: Wed, 20 Jul 2016 08:04:05 GMT
etag: "578f3075-2b"
accept-ranges: bytes
X-Firefox-Spdy: h2
id5-sync.com/s/966/9.gif?puid=k-6KgfSmvW20rLP0pJdCVypQvrKXSkqClYkmlS0g
141.95.98.65200 43 B URL HTTP/1.1 id5-sync.com/s/966/9.gif?puid=k-6KgfSmvW20rLP0pJdCVypQvrKXSkqClYkmlS0g
IP 141.95.98.65:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /s/966/9.gif?puid=k-6KgfSmvW20rLP0pJdCVypQvrKXSkqClYkmlS0g HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"
set-cookie: cf=; Max-Age=300; Expires=Thu, 08-Dec-2022 09:38:35 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cip=; Max-Age=300; Expires=Thu, 08-Dec-2022 09:38:35 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cnac=; Max-Age=300; Expires=Thu, 08-Dec-2022 09:38:35 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
car=; Max-Age=300; Expires=Thu, 08-Dec-2022 09:38:35 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
gdpr=; Max-Age=300; Expires=Thu, 08-Dec-2022 09:38:35 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
callback=; Max-Age=300; Expires=Thu, 08-Dec-2022 09:38:35 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
content-type: image/gif;charset=UTF-8
transfer-encoding: chunked
date: Thu, 08 Dec 2022 09:33:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash eb3ada812f0727a3c3c20655e43c20ab
2766d9dd26318e92c32ec924383ec39a9669b56b
5608fdbb0ddf0610e19db1f02ca3210c89a9bbd530c806c065d0d6e3dd4649d5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 09:33:35 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 07 Dec 2022 03:11:57 GMT
Expires: Wed, 14 Dec 2022 03:11:56 GMT
Etag: "2766d9dd26318e92c32ec924383ec39a9669b56b"
Cache-Control: max-age=494900,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77648016be80b51b-OSL
ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-j3A9Z2vW20rLP0pJdCVypQvrKXSjRA8QpVTluQ&verify=true
18.156.0.31204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-j3A9Z2vW20rLP0pJdCVypQvrKXSjRA8QpVTluQ&verify=true
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58301/sync?_origin=1&uid=k-j3A9Z2vW20rLP0pJdCVypQvrKXSjRA8QpVTluQ&verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 08 Dec 2022 09:33:35 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBG-vkWMCEC7NAS-JtS21sM3D6mLL7WsFEgEBAQEAk2ObYwAAAAAA_eMAAA&S=AQAAAvHWf5D1qZjUdemnf6yiRSU; Expires=Fri, 8 Dec 2023 15:33:35 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ad.yieldlab.net/m?dt_id=8664&ext_id=k-ACFu2mvW20rLP0pJdCVypQvrKXRcCTaNQC8Ofw
23.13.245.180204 No Content 0 B URL HTTP/1.1 ad.yieldlab.net/m?dt_id=8664&ext_id=k-ACFu2mvW20rLP0pJdCVypQvrKXRcCTaNQC8Ofw
IP 23.13.245.180:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /m?dt_id=8664&ext_id=k-ACFu2mvW20rLP0pJdCVypQvrKXRcCTaNQC8Ofw HTTP/1.1
Host: ad.yieldlab.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
x-application-context: application
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Pragma: no-cache
Expires: Wed, 07 Dec 2022 09:33:35 GMT
Date: Thu, 08 Dec 2022 09:33:35 GMT
Connection: keep-alive
Set-Cookie: id=8352e8f0-bdaa-4099-9dde-5aea80090cc0; Path=/; Domain=prod.svc.y6b.de; Expires=Fri, 08-Dec-2023 09:33:35 GMT; Max-Age=31536000; Secure; SameSite=None
eb2.3lift.com/xuid?mid=2711&xuid=k-pRU8OmvW20rLP0pJdCVypQvrKXRf0Q1FUqmH0w&dongle=013b
13.248.245.213200 OK 37 B URL HTTP/2 eb2.3lift.com/xuid?mid=2711&xuid=k-pRU8OmvW20rLP0pJdCVypQvrKXRf0Q1FUqmH0w&dongle=013b
IP 13.248.245.213:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /xuid?mid=2711&xuid=k-pRU8OmvW20rLP0pJdCVypQvrKXRf0Q1FUqmH0w&dongle=013b HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:33:35 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-CSvTqWvW20rLP0pJdCVypQvrKXRD8GprSsBMAQ
185.64.189.110200 OK 42 B URL HTTP/2 simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-CSvTqWvW20rLP0pJdCVypQvrKXRD8GprSsBMAQ
IP 185.64.189.110:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-CSvTqWvW20rLP0pJdCVypQvrKXRD8GprSsBMAQ HTTP/1.1
Host: simage2.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 09:33:34 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_97=3385-uid:k-CSvTqWvW20rLP0pJdCVypQvrKXRD8GprSsBMAQ&KRTB&23144-uid:k-CSvTqWvW20rLP0pJdCVypQvrKXRD8GprSsBMAQ&KRTB&23286-uid:k-CSvTqWvW20rLP0pJdCVypQvrKXRD8GprSsBMAQ&KRTB&23287-uid:k-CSvTqWvW20rLP0pJdCVypQvrKXRD8GprSsBMAQ; domain=pubmatic.com; secure; expires=Sat, 07-Jan-2023 09:33:34 GMT; path=/
PugT=1670492014; domain=pubmatic.com; secure; expires=Sat, 07-Jan-2023 09:33:34 GMT; path=/
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash 5ed935cfadef72c8c0ef9ea0fc353f65
247b558ac8d7ca8d913ea41b3a9b2434aa58abd3
01c2a3855094778f40f63849cfaaa2399031a392a339701b012bfc040de7dfd2
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 08 Dec 2022 09:33:35 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 08 Dec 2022 08:46:39 GMT
Expires: Fri, 09 Dec 2022 08:46:39 GMT
ETag: "247b558ac8d7ca8d913ea41b3a9b2434aa58abd3"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
54.217.130.182200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
IP 54.217.130.182:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-1-v045-0d492e21d.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: fUe54RwpRvo=
Content-Length: 59
Connection: keep-alive
e1.emxdgt.com/put?d=d53&uid=k-2YU0AmvW20rLP0pJdCVypQvrKXSmApum4iLpZKdb4Z1oFw3n
18.158.8.202204 No Content 0 B URL HTTP/2 e1.emxdgt.com/put?d=d53&uid=k-2YU0AmvW20rLP0pJdCVypQvrKXSmApum4iLpZKdb4Z1oFw3n
IP 18.158.8.202:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /put?d=d53&uid=k-2YU0AmvW20rLP0pJdCVypQvrKXSmApum4iLpZKdb4Z1oFw3n HTTP/1.1
Host: e1.emxdgt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
content-type: text/html
date: Thu, 08 Dec 2022 09:33:34 GMT
content-length: 0
X-Firefox-Spdy: h2
sync.outbrain.com/cookie-sync?p=criteo&uid=k-QJl9AWvW20rLP0pJdCVypQvrKXQDkIihG0Sv0A
64.202.112.31200 OK 0 B URL HTTP/1.1 sync.outbrain.com/cookie-sync?p=criteo&uid=k-QJl9AWvW20rLP0pJdCVypQvrKXQDkIihG0Sv0A
IP 64.202.112.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie-sync?p=criteo&uid=k-QJl9AWvW20rLP0pJdCVypQvrKXQDkIihG0Sv0A HTTP/1.1
Host: sync.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 09:33:35 GMT
Content-Length: 0
Cache-Control: no-cache
X-TraceId: 557811fe76c9aa09c16955387c21fb07
gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
178.250.2.146302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
IP 178.250.2.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 08 Dec 2022 09:33:34 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
server-processing-duration-in-ticks: 679200
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash e2a880777201cd52592f5649a4763bfc
c0301503c652721b0b3fae742223f4a873456df8
b6cbe7a377078205eca9cf15e5e929affeca110baedcafd7a4c7694c79812a7b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=98292
Date: Thu, 08 Dec 2022 09:33:35 GMT
Etag: "63908085-1d7"
Expires: Fri, 09 Dec 2022 12:51:47 GMT
Last-Modified: Wed, 07 Dec 2022 12:01:09 GMT
Server: ECS (bsa/EB23)
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: hjZXFDM1za-noVoJyO_t6Elzj_glBcUSnNVxd3P8yBrG31hcBdM7HQ==
Age: 3038
visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-maHQ02vW20rLP0pJdCVypQvrKXTF5BidOxoKkA
185.255.84.152200 OK 49 B URL HTTP/2 visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-maHQ02vW20rLP0pJdCVypQvrKXTF5BidOxoKkA
IP 185.255.84.152:0
ASN #200271 Iguane Solutions SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 4408efc0174f07ad685c456f1de521ca
e3bc3250f8f32bd98dc7b05fd8940b74617eb8d1
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
GET /visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-maHQ02vW20rLP0pJdCVypQvrKXTF5BidOxoKkA HTTP/1.1
Host: visitor.omnitagjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
expires: 0
p3p: CP="CAO PSA OUR"
pragma: no-cache
set-cookie: ayl_visitor=1b1c753c97a7218b85ff4768aa686835; Path=/; Domain=omnitagjs.com; Max-Age=2592000; Secure; SameSite=None
vary: Accept-Encoding
x-content-type-options: nosniff
date: Thu, 08 Dec 2022 09:33:35 GMT
content-length: 49
x-envoy-upstream-service-time: 40
server: ayl-lb-fra02
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 7c2aad8c4cad31317636d014510b3f5c
f347ee7a9ab918abbd722a8fcd5d5a2e2afab0d1
eead3554b391dd84ceed2ac4f07adc61b22a1911f47b3aa5c3df59866aa05c7d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=117677
Date: Thu, 08 Dec 2022 09:33:35 GMT
Etag: "6390c9a9-1d7"
Expires: Fri, 09 Dec 2022 18:14:52 GMT
Last-Modified: Wed, 07 Dec 2022 17:13:13 GMT
Server: ECS (bsa/EB23)
X-Cache: Miss from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: s85IjhrXPZySGQ3EGHH6ojIUqY5WwVfWokCOUDe1xC9KWomcf3KIcA==
Age: 3699
sync-criteo.ads.yieldmo.com/sync?id=k-23n_BWvW20rLP0pJdCVypQvrKXQh20iwyhi8aw&pn_id=criteo&ext=1
54.194.205.164200 OK 43 B URL HTTP/2 sync-criteo.ads.yieldmo.com/sync?id=k-23n_BWvW20rLP0pJdCVypQvrKXQh20iwyhi8aw&pn_id=criteo&ext=1
IP 54.194.205.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /sync?id=k-23n_BWvW20rLP0pJdCVypQvrKXQh20iwyhi8aw&pn_id=criteo&ext=1 HTTP/1.1
Host: sync-criteo.ads.yieldmo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:33:35 GMT
content-type: image/gif
content-length: 43
set-cookie: yieldmo_id=ga2038a8a19695766c7f%7C1670492015302%7C0%7C; Domain=.yieldmo.com; Expires=Fri, 08-Dec-2023 09:33:35 GMT; Path=/; Secure; SameSite=None; Secure
ptrcriteo=k-23n_BWvW20rLP0pJdCVypQvrKXQh20iwyhi8aw; Domain=ads.yieldmo.com; Expires=Fri, 08-Dec-2023 09:33:35 GMT; Path=/; Secure; SameSite=None; Secure
access-control-allow-origin: *
access-control-request-headers: Cache-Control, Pragma
access-control-allow-methods: GET, OPTIONS
pragma: no-cache
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash a9e4cc437709f0bea762e945bac1d59d
bef2054d1cfe6a81e955e4766f04138be56f9b16
67c6fbadeb42ba3cb8c30a6522f42d216bb98adab57122508d8a70bc4d9171c9
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=119187
Date: Thu, 08 Dec 2022 09:33:35 GMT
Etag: "6390dbe8-1d7"
Expires: Fri, 09 Dec 2022 18:40:02 GMT
Last-Modified: Wed, 07 Dec 2022 18:31:04 GMT
Server: ECS (dcb/7EA2)
X-Cache: Miss from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: VU76Atc8xVe3seGvCMu1YZCdgSCxAjqZipw7188llCJIeZnfppsfvw==
Age: 538
cdn.nytrng.com/pl.2.2.min.js
143.204.55.42200 OK 0 B URL HTTP/2 cdn.nytrng.com/pl.2.2.min.js
IP 143.204.55.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pl.2.2.min.js HTTP/1.1
Host: cdn.nytrng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nytrng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/plain
content-length: 0
date: Sat, 12 Nov 2022 07:11:14 GMT
last-modified: Wed, 31 Jul 2019 16:57:19 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: xZJmwlUARCst2abUD-z_FIidF6WnvISWKr0jdltsho9qwA2YQr11ow==
age: 2254942
X-Firefox-Spdy: h2
widget.us.criteo.com/event?a=95340&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3Dundefined%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.1.0&p3=e%3Ddis&adce=1&bundle=shVULV9Rb2Zuc1NnWHNmZDN6SjNtMUU5cWNzeDVtSVkyNHRrS2JMaElQT2RHR3hTVyUyQm9HcFJxaDhqTEVtb2h0M0ZJam56aTlSOUZ0VUNlSzVzeEhxM2QyUHFWTmlSTSUyQkdtbFd0cHVINCUyRjFFNkJXUlhwYWROc1NkdXRwaG1idDlZcGJtRlF2ciUyQmFOV3ZBSjlCcEN0TGlIQW10ZyUzRCUzRA&tld=flaviar.com&dy=1&fu=https%253A%252F%252Fflaviar.com%252F%253Firclickid%253D1-9wPfyDDxyNR7RVoXTXjwISUkAxH43tD1MORM0%2526ir_cid%253D3334%2526ir_affid%253D10813%2526utm_medium%253Daffiliates%2526utm_source%253DMaxBounty.com%252520ULC%2526ir_partnerid%253D10813%2526ir_adid%253D1215604%2526ir_campaignid%253D3334&dtycbr=81401&cs=1---&cv=1
74.119.119.150200 OK 3.8 kB URL HTTP/2 widget.us.criteo.com/event?a=95340&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3Dundefined%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.1.0&p3=e%3Ddis&adce=1&bundle=shVULV9Rb2Zuc1NnWHNmZDN6SjNtMUU5cWNzeDVtSVkyNHRrS2JMaElQT2RHR3hTVyUyQm9HcFJxaDhqTEVtb2h0M0ZJam56aTlSOUZ0VUNlSzVzeEhxM2QyUHFWTmlSTSUyQkdtbFd0cHVINCUyRjFFNkJXUlhwYWROc1NkdXRwaG1idDlZcGJtRlF2ciUyQmFOV3ZBSjlCcEN0TGlIQW10ZyUzRCUzRA&tld=flaviar.com&dy=1&fu=https%253A%252F%252Fflaviar.com%252F%253Firclickid%253D1-9wPfyDDxyNR7RVoXTXjwISUkAxH43tD1MORM0%2526ir_cid%253D3334%2526ir_affid%253D10813%2526utm_medium%253Daffiliates%2526utm_source%253DMaxBounty.com%252520ULC%2526ir_partnerid%253D10813%2526ir_adid%253D1215604%2526ir_campaignid%253D3334&dtycbr=81401&cs=1---&cv=1
IP 74.119.119.150:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (5810)
Hash 6b16d1a915652a9877d0a0908ece8a3c
da75a4f9dfde8a1cf92568ebd377233c80beef80
b4f9cbadf72b4ca9a1608beff9f5718cf56495fa964945a9c08552d3480553ae
GET /event?a=95340&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3Dundefined%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.1.0&p3=e%3Ddis&adce=1&bundle=shVULV9Rb2Zuc1NnWHNmZDN6SjNtMUU5cWNzeDVtSVkyNHRrS2JMaElQT2RHR3hTVyUyQm9HcFJxaDhqTEVtb2h0M0ZJam56aTlSOUZ0VUNlSzVzeEhxM2QyUHFWTmlSTSUyQkdtbFd0cHVINCUyRjFFNkJXUlhwYWROc1NkdXRwaG1idDlZcGJtRlF2ciUyQmFOV3ZBSjlCcEN0TGlIQW10ZyUzRCUzRA&tld=flaviar.com&dy=1&fu=https%253A%252F%252Fflaviar.com%252F%253Firclickid%253D1-9wPfyDDxyNR7RVoXTXjwISUkAxH43tD1MORM0%2526ir_cid%253D3334%2526ir_affid%253D10813%2526utm_medium%253Daffiliates%2526utm_source%253DMaxBounty.com%252520ULC%2526ir_partnerid%253D10813%2526ir_adid%253D1215604%2526ir_campaignid%253D3334&dtycbr=81401&cs=1---&cv=1 HTTP/1.1
Host: widget.us.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaviar.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:33:34 GMT
content-type: application/x-javascript
server: Kestrel
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
expires: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
timing-allow-origin: *
server-processing-duration-in-ticks: 14722248
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 50596c352614ac34197ef22f2b1751a8
469911ca4a7d9bb4d52cd99b9bb546f1ece549ce
a1f8eab0897f94325f42351c5ab7845d00d045b59710deab89761a2975b9cd81
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2084
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:35 GMT
Last-Modified: Thu, 08 Dec 2022 08:58:52 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
54.246.4.228204 No Content 0 B URL HTTP/2 beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
IP 54.246.4.228:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usermatch.gif?partner=criteo&partner_uid= HTTP/1.1
Host: beacon.krxd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 08 Dec 2022 09:33:35 GMT
set-cookie: _kuid_=PPsb1yjg; Expires=Tue, 06-Jun-23 09:33:35 GMT; Max-Age=15552000; Domain=.krxd.net; Path=/
cache-control: private, no-cache, no-store
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-served-by: beacon-n011-dub-prod.krxd.net
x-request-time: D=23 t=1670492015
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
178.250.2.146302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
IP 178.250.2.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 08 Dec 2022 09:33:34 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=
server-processing-duration-in-ticks: 475183
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-NPVBsWvW20rLP0pJdCVypQvrKXTCop90f91zoA
3.126.26.112200 OK 43 B URL HTTP/2 ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-NPVBsWvW20rLP0pJdCVypQvrKXTCop90f91zoA
IP 3.126.26.112:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/match?publisher_dsp_id=38&external_user_id=k-NPVBsWvW20rLP0pJdCVypQvrKXTCop90f91zoA HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:33:35 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash ab86a19f3c358b230a1dfc06b2c95d77
fa54a0832b444649f5f58b275ed615c4fd6fa714
7302d676a89510f59007d058c359fda7d213a9fd859a2e608caf2405cc15cd7c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 09:33:35 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 23:26:22 GMT
Expires: Mon, 12 Dec 2022 23:26:21 GMT
Etag: "fa54a0832b444649f5f58b275ed615c4fd6fa714"
Cache-Control: max-age=394965,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77648019da9ab51b-OSL
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 8d65d3c2def9eac69f411ecc956d022e
491efc56a49aee84f509d00f134e33994e990b8c
ab5761ecd683feefd87d496717efc7c10477ef7e3d9c92abd4ad6585e2e85c80
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "AB5761ECD683FEEFD87D496717EFC7C10477EF7E3D9C92ABD4AD6585E2E85C80"
Last-Modified: Thu, 08 Dec 2022 08:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3220
Expires: Thu, 08 Dec 2022 10:27:15 GMT
Date: Thu, 08 Dec 2022 09:33:35 GMT
Connection: keep-alive
s.thebrighttag.com/cs?btt=0&tp=cr&uid=
3.18.206.73200 OK 35 B URL HTTP/2 s.thebrighttag.com/cs?btt=0&tp=cr&uid=
IP 3.18.206.73:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /cs?btt=0&tp=cr&uid= HTTP/1.1
Host: s.thebrighttag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:33:35 GMT
content-type: image/gif
content-length: 35
x-bt-requestid: 639507a0-76db-11ed-ab0a-0000ac170385
cache-control: private, must-revalidate
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin:
server: nginx
p3p: CP=NOI DSP COR NID
X-Firefox-Spdy: h2
100.20.58.101/is
100.20.58.101200 OK 32 B IP 100.20.58.101:0
File type ASCII text, with no line terminators
Hash 0af140f70dede40ef4d18e1749fc6078
9b452b98026c11d6bfb556df2fe8292e31e2d3f9
9458902790cbba478210beecd05a007cb67c34c1f25604a90b297759d5af39ed
Analyzer Verdict Alert quad9 Sinkholed
GET /is HTTP/1.1
Host: 100.20.58.101
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Thu, 08 Dec 2022 09:33:35 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
x-application-context: application:prod:8080
content-type: text/plain;charset=utf-8
content-length: 32
x-envoy-upstream-service-time: 1
server: istio-envoy
connection: close
px.mountain.com/st?ga_tracking_id=UA-28959768-20&ga_client_id=1294024320.1670492011&shpt=Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-28959768-20%22%2C%22ga_client_id%22%3A%221294024320.1670492011%22%2C%22shpt%22%3A%22Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar%22%2C%22dcm_cid%22%3A%221670492011.1%22%2C%22dcm_gid%22%3A%221637181157.1670492011%22%2C%22ga_utm_source%22%3A%22MaxBounty.com%20ULC%22%2C%22ga_utm_medium%22%3A%22affiliates%22%2C%22mntnis%22%3A%22uXzs5E1RdK1rMjFSGvaFYzzVo7REHMbg%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A7%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%2C%22ga_utm_source%22%3A%22OK%22%2C%22ga_utm_medium%22%3A%22OK%22%7D%7D&dcm_cid=1670492011.1&dcm_gid=1637181157.1670492011&dxver=4.0.0&shaid=33038&plh=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH43tD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&cb=72503272916093520term%3Dvalue&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue%2Ccriteo%3Dtrue
35.85.106.161200 OK 1.4 kB URL HTTP/1.1 px.mountain.com/st?ga_tracking_id=UA-28959768-20&ga_client_id=1294024320.1670492011&shpt=Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-28959768-20%22%2C%22ga_client_id%22%3A%221294024320.1670492011%22%2C%22shpt%22%3A%22Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar%22%2C%22dcm_cid%22%3A%221670492011.1%22%2C%22dcm_gid%22%3A%221637181157.1670492011%22%2C%22ga_utm_source%22%3A%22MaxBounty.com%20ULC%22%2C%22ga_utm_medium%22%3A%22affiliates%22%2C%22mntnis%22%3A%22uXzs5E1RdK1rMjFSGvaFYzzVo7REHMbg%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A7%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%2C%22ga_utm_source%22%3A%22OK%22%2C%22ga_utm_medium%22%3A%22OK%22%7D%7D&dcm_cid=1670492011.1&dcm_gid=1637181157.1670492011&dxver=4.0.0&shaid=33038&plh=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH43tD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&cb=72503272916093520term%3Dvalue&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue%2Ccriteo%3Dtrue
IP 35.85.106.161:0
Hash 49a17724db49eb9a171d2cc68609e38e
2b7519d89c7530ebd6c4198657d0417f953c8a0c
43f54377871f2269660f632d974d5c94c8317e65604d7c7c9303634b7817a1e0
GET /st?ga_tracking_id=UA-28959768-20&ga_client_id=1294024320.1670492011&shpt=Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-28959768-20%22%2C%22ga_client_id%22%3A%221294024320.1670492011%22%2C%22shpt%22%3A%22Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar%22%2C%22dcm_cid%22%3A%221670492011.1%22%2C%22dcm_gid%22%3A%221637181157.1670492011%22%2C%22ga_utm_source%22%3A%22MaxBounty.com%20ULC%22%2C%22ga_utm_medium%22%3A%22affiliates%22%2C%22mntnis%22%3A%22uXzs5E1RdK1rMjFSGvaFYzzVo7REHMbg%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A7%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%2C%22ga_utm_source%22%3A%22OK%22%2C%22ga_utm_medium%22%3A%22OK%22%7D%7D&dcm_cid=1670492011.1&dcm_gid=1637181157.1670492011&dxver=4.0.0&shaid=33038&plh=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH43tD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&cb=72503272916093520term%3Dvalue&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue%2Ccriteo%3Dtrue HTTP/1.1
Host: px.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Thu, 08 Dec 2022 09:33:36 GMT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
set-cookie: guid=6404b9e5-76db-11ed-9ba1-efdb3e3a48c7;Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
content-encoding: gzip
connection: close
gum.criteo.com/sid/json?origin=onetag&domain=flaviar.com&sn=FirefoxSyncframe&so=0&topUrl=flaviar.com&info=5kF0Zl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czJVclFzVUozdzFnVUI5ZnZvenZzbnRqVVpvdTduTWE5R0licW1wVFZ4dzY&idsd=607123106,1406075593&cw=1&lsw=1
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=onetag&domain=flaviar.com&sn=FirefoxSyncframe&so=0&topUrl=flaviar.com&info=5kF0Zl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czJVclFzVUozdzFnVUI5ZnZvenZzbnRqVVpvdTduTWE5R0licW1wVFZ4dzY&idsd=607123106,1406075593&cw=1&lsw=1
IP 178.250.2.146:0
GET /sid/json?origin=onetag&domain=flaviar.com&sn=FirefoxSyncframe&so=0&topUrl=flaviar.com&info=5kF0Zl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czJVclFzVUozdzFnVUI5ZnZvenZzbnRqVVpvdTduTWE5R0licW1wVFZ4dzY&idsd=607123106,1406075593&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?topUrl=flaviar.com&origin=onetag&us_privacy=1---
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:33:32 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 963942
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
dx.mountain.com/spx?dxver=4.0.0&shaid=33038&tdr=&plh=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH43tD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&cb=72503272916093520term=value
54.190.217.118200 0 B URL HTTP/1.1 dx.mountain.com/spx?dxver=4.0.0&shaid=33038&tdr=&plh=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH43tD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&cb=72503272916093520term=value
IP 54.190.217.118:0
GET /spx?dxver=4.0.0&shaid=33038&tdr=&plh=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1-9wPfyDDxyNR7RVoXTXjwISUkAxH43tD1MORM0%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&cb=72503272916093520term=value HTTP/1.1
Host: dx.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-encoding: gzip
content-type: application/javascript;charset=utf-8
date: Thu, 08 Dec 2022 09:33:34 GMT
connection: close
criteo-partners.tremorhub.com/sync?UICR=k-KPohkGvW20rLP0pJdCVypQvrKXQv1-Xp1oAgig
52.54.229.30200 OK 0 B URL HTTP/2 criteo-partners.tremorhub.com/sync?UICR=k-KPohkGvW20rLP0pJdCVypQvrKXQv1-Xp1oAgig
IP 52.54.229.30:0
GET /sync?UICR=k-KPohkGvW20rLP0pJdCVypQvrKXQv1-Xp1oAgig HTTP/1.1
Host: criteo-partners.tremorhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:33:35 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
X-Firefox-Spdy: h2
aacdn.nagich.com/assets/locale/en.json
104.26.14.45200 OK 0 B URL HTTP/2 aacdn.nagich.com/assets/locale/en.json
IP 104.26.14.45:0
GET /assets/locale/en.json HTTP/1.1
Host: aacdn.nagich.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:33:31 GMT
content-type: application/json
cache-control: public, max-age=2204800
last-modified: Tue, 15 Jun 2021 15:40:09 GMT
etag: W/"f45920b9fc61d71:0"
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: deny
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oQCeyuOS4G%2FteEWgf8XEhjuRWRMQOninShUB%2FLA3U0zOlodiro4LneBFHsFfWlndzVIvI9wWFC8YeE7Ov3OV9up8Cg2rD9cPPaM4FV04%2FJ5R0%2FegiEpqmq9NIEa%2FNqs0dls%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77648000c9cf0b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-Idf8a2vW20rLP0pJdCVypQvrKXQYhtHhE3LG1g
141.226.228.48200 OK 0 B URL HTTP/2 sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-Idf8a2vW20rLP0pJdCVypQvrKXQYhtHhE3LG1g
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
GET /sg/criteortb-network/1/rtb-h/?taboola_hm=k-Idf8a2vW20rLP0pJdCVypQvrKXQYhtHhE3LG1g HTTP/1.1
Host: sync-t1.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 09:33:34 GMT
x-fastly-to-nlb-rtt: 22085
access-control-allow-credentials: true
X-Firefox-Spdy: h2
dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-pDf-vWvW20rLP0pJdCVypQvrKXQpP3fL22X6eA&google_error=3
178.250.2.151200 OK 0 B URL HTTP/2 dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-pDf-vWvW20rLP0pJdCVypQvrKXQpP3fL22X6eA&google_error=3
IP 178.250.2.151:0
GET /dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-pDf-vWvW20rLP0pJdCVypQvrKXQpP3fL22X6eA&google_error=3 HTTP/1.1
Host: dis.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:33:34 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
timing-allow-origin: *
server-processing-duration-in-ticks: 149299
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-YMFEN2vW20rLP0pJdCVypQvrKXR_ViyaVnTpXzC9q7ihDkqY
3.127.212.43200 OK 0 B URL HTTP/2 exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-YMFEN2vW20rLP0pJdCVypQvrKXR_ViyaVnTpXzC9q7ihDkqY
IP 3.127.212.43:0
GET /usersync/push?partner=criteo&partnerId=k-YMFEN2vW20rLP0pJdCVypQvrKXR_ViyaVnTpXzC9q7ihDkqY HTTP/1.1
Host: exchange.mediavine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:33:34 GMT
content-type: text/html; charset=utf-8
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
cache-control: private, no-cache
set-cookie: mv_tokens=%7B%22mv_uuid%22%3A%2262ee6760-76db-11ed-ac1b-0db1ed8173a4%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Thu, 22 Dec 2022 09:33:34 GMT; Secure; SameSite=None
mv_tokens_eu-v1=%7B%22mv_uuid%22%3A%2262ee6760-76db-11ed-ac1b-0db1ed8173a4%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Thu, 22 Dec 2022 09:33:34 GMT; Secure; SameSite=None
am_tokens=%7B%22mv_uuid%22%3A%2262ee6760-76db-11ed-ac1b-0db1ed8173a4%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Thu, 22 Dec 2022 09:33:34 GMT; Secure; SameSite=None
am_tokens_eu-v1=%7B%22mv_uuid%22%3A%2262ee6760-76db-11ed-ac1b-0db1ed8173a4%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Thu, 22 Dec 2022 09:33:34 GMT; Secure; SameSite=None
criteo=%7B%22id%22%3A%22k-YMFEN2vW20rLP0pJdCVypQvrKXR_ViyaVnTpXzC9q7ihDkqY%22%2C%22version%22%3A%22criteo%22%7D; Path=/; Expires=Thu, 22 Dec 2022 09:33:34 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?topUrl=flaviar.com&origin=onetag&us_privacy=1---
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/syncframe?topUrl=flaviar.com&origin=onetag&us_privacy=1---
IP 178.250.2.146:0
GET /syncframe?topUrl=flaviar.com&origin=onetag&us_privacy=1--- HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:33:32 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: optout=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.criteo.com; path=/
uid=149ee0c9-e67f-463a-961b-3de2cc9b8825; expires=Tue, 02 Jan 2024 09:33:32 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 844656
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
185.235.84.168200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 185.235.84.168:0
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:33:32 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 115791
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
campaign.fbot.me/06cc9139-6a61-41fc-88db-9ec21e04eecf/campaigns.js
54.230.111.107200 OK 0 B URL HTTP/2 campaign.fbot.me/06cc9139-6a61-41fc-88db-9ec21e04eecf/campaigns.js
IP 54.230.111.107:0
GET /06cc9139-6a61-41fc-88db-9ec21e04eecf/campaigns.js HTTP/1.1
Host: campaign.fbot.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 09:06:28 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: dEkiO068.JJoOvIRp4TEWm96aq7RJgI1
server: AmazonS3
content-encoding: gzip
date: Thu, 08 Dec 2022 09:33:32 GMT
cache-control: max-age=30
etag: W/"ed1d8967ee1c956c2188672719b3f2e8"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6QD1-eYvZIvpUAaU0t_YK8J3O6KU2o04y1TIovg5-6xHeuV0Cc7FcQ==
X-Firefox-Spdy: h2
aacdn.nagich.com/style/style.css
104.26.14.45200 OK 0 B URL HTTP/2 aacdn.nagich.com/style/style.css
IP 104.26.14.45:0
GET /style/style.css HTTP/1.1
Host: aacdn.nagich.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:33:31 GMT
content-type: text/css
cache-control: public, max-age=2204800
last-modified: Sun, 02 Oct 2022 09:01:39 GMT
etag: W/"809b15953dd6d81:0"
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: deny
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 297073
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2FNAWTf0wA5W9MQtlm5ZWkY43zkBHO1ijftBVbdK18wXeBMJEeomQCHI%2FQtkLty%2BwUqZt3xApEsnYr5s1MVqSczqlo%2F8r5BfLP9VvZ9i1e832ZDl2qrR0N6AckISVyP1KPc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77648000c9cb0b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
d3hb14vkzrxvla.cloudfront.net/v1/00e580f3-b08f-44e2-b7b0-5949db5bfaf3
54.230.245.156200 OK 0 B URL HTTP/2 d3hb14vkzrxvla.cloudfront.net/v1/00e580f3-b08f-44e2-b7b0-5949db5bfaf3
IP 54.230.245.156:0
GET /v1/00e580f3-b08f-44e2-b7b0-5949db5bfaf3 HTTP/1.1
Host: d3hb14vkzrxvla.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
correlationId: 22190608-40f6-46e2-ba88-d9d09b0a0486
Helpscout-Origin: Beacon-Embed
Helpscout-Release: 2.2.37
Beacon-Device-ID: 0e14be24-449c-4740-96a4-44ca40c29d4c
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Thu, 08 Dec 2022 09:33:20 GMT
access-control-allow-origin: https://flaviar.com
access-control-expose-headers: Resource-ID
access-control-allow-credentials: true
cache-control: max-age=300
x-ratelimit-limit-general-minute: 60
x-ratelimit-remaining-general-minute: 60
x-ratelimit-limit-conversations-hour: 10
x-ratelimit-remaining-conversations-hour: 10
x-ratelimit-limit-attachments-hour: 10
x-ratelimit-remaining-attachments-hour: 10
x-ratelimit-limit-chat-tokens-hour: 25
x-ratelimit-remaining-chat-tokens-hour: 25
x-ratelimit-limit-identify-hour: 25
x-ratelimit-remaining-identify-hour: 25
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kJLAiefs3nzMp2Uh8GLEXZ8DEwRvOoG_47QZ87H2kweX-NTTfFtJSA==
age: 13
X-Firefox-Spdy: h2