flaviar.com/
172.66.40.91301 Moved Permanently 0 B IP 172.66.40.91:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: flaviar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 12 Mar 2023 10:03:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 12 Mar 2023 11:03:09 GMT
Location: https://flaviar.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yn7clH9EmpS3%2FlFhGYRFTK9mVTWrZWPfD8wck5S7Dq0CE90CrGZ2%2F0N1hvWbWMrHpXrFgzVUI%2F%2FYBE5ZUAeUgliYHdW9Q%2BudSe0c%2F0LznJAjkinjwBowAoUkpP6M"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7a6b34ab08a1b4fd-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9ce33c47154f4826255fe9bbe54d72be
e10a363c007a6d15ed43eb35b4e5c246d85c5eed
cf423db1a8ad1dce1b5c25f6025d14411b4a46e95a6001288949f046e244bc24
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CF423DB1A8AD1DCE1B5C25F6025D14411B4A46E95A6001288949F046E244BC24"
Last-Modified: Fri, 10 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4998
Expires: Sun, 12 Mar 2023 11:26:28 GMT
Date: Sun, 12 Mar 2023 10:03:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e7a9cb518d929d10c471394adc89cdfa
d609cb0d94e645141ab1372f19c014c1b00b83af
200db48dd5e87cba8dc962e8981f72def9c12e21d5a417361c4f77425e55597a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "200DB48DD5E87CBA8DC962E8981F72DEF9C12E21D5A417361C4F77425E55597A"
Last-Modified: Sun, 12 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5477
Expires: Sun, 12 Mar 2023 11:34:27 GMT
Date: Sun, 12 Mar 2023 10:03:10 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 12 Mar 2023 09:09:12 GMT
content-type: application/json
age: 3238
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ae4d7bec26e013433e638f87260aa632
62384e39bc90d0b2ab92895220f0383e678669f4
b704031d560770485c9552dcf56b911b7b5ad45d8a3f73acd17dbbbeeff294f4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B704031D560770485C9552DCF56B911B7B5AD45D8A3F73ACD17DBBBEEFF294F4"
Last-Modified: Sun, 12 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5502
Expires: Sun, 12 Mar 2023 11:34:52 GMT
Date: Sun, 12 Mar 2023 10:03:10 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: B/nV4G7lyAGHIXXCCu6LBHjClNDl5VQ+qwv/b7AVm1GJ2TEOg1Y0KViEKtJKlyl4iUhMwpPNR70=
x-amz-request-id: WHZ508FZ4EA2QGJM
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 12 Mar 2023 09:45:55 GMT
age: 1035
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 12 Mar 2023 10:03:10 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Content-Length, Retry-After, Content-Type, Expires, Alert, Pragma, ETag, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 12 Mar 2023 09:12:32 GMT
age: 3038
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash db27ecc2f481e8871b2e99584e751660
e671ecb839d53e296f4ec303208ddb713c72aecc
5c910268b5c4f0244540c5570056673f8cbe4a0979f301363cb56dc359c147df
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C910268B5C4F0244540C5570056673F8CBE4A0979F301363CB56DC359C147DF"
Last-Modified: Sun, 12 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8836
Expires: Sun, 12 Mar 2023 12:30:26 GMT
Date: Sun, 12 Mar 2023 10:03:10 GMT
Connection: keep-alive
widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
65.9.43.63200 OK 6.1 kB URL HTTP/2 widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
IP 65.9.43.63:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (19239)
Hash 5add60196e5f96a414fb4b9586764e5d
633f471b3c2fcedeef9cad90cb5bf56f5fe55588
5370f4ba91dda790c7cae92817b812fcbd1ab367cbb4862f5669960ae4e2c9e0
GET /bootstrap/v5/tp.widget.bootstrap.min.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 6124
last-modified: Mon, 30 May 2022 14:38:02 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Sun, 12 Mar 2023 00:33:32 GMT
cache-control: max-age=86400
etag: "5add60196e5f96a414fb4b9586764e5d"
x-cache: Hit from cloudfront
via: 1.1 b862e3687b36a4ee0dbc1b9352fbfbb2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: ZL_BZtQyTeqPm0jDm-5-aA3xThjfD2STKPlpaf-tbKIf7Ns-nRpe4g==
age: 34179
X-Firefox-Spdy: h2
use.typekit.net/bne0epn.js
95.101.11.120200 OK 6.7 kB URL HTTP/2 use.typekit.net/bne0epn.js
IP 95.101.11.120:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (2258)
Hash 99b8bc7362d2d9cb581de80b4534cd96
66ab6f10988735245e58b7a70648e6c3f25fb966
357ddd7880317b9d81859a491b289bcba59f0c315e0a634c60068b870c72d392
GET /bne0epn.js HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/javascript;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: public, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 6730
date: Sun, 12 Mar 2023 10:03:10 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 3.5 kB IP 142.250.74.131:0
Hash 708a8504e9616a1b9c81cf0ae7d94d26
bddd00aab41f68adb2eb637b93c2c4978e7e1c78
c5ed3047f313e4042d4adf52bc00add9429254165e72fe6c4730e8a0c57ed629
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 12 Mar 2023 10:03:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-K4F6SWQ
142.250.74.168200 OK 104 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-K4F6SWQ
IP 142.250.74.168:0
File type ASCII text, with very long lines (45694)
Size 104 kB (103837 bytes)
Hash f212bbb4335afb8c539dc57eb23e6c4f
7ce5bd53c6e5510dd2693904393d56f33c10d4c8
448dcfbd4dd9535cfb84fcd0f45f05dbeb67130307cf8689ffd78ebe78cec08a
GET /gtm.js?id=GTM-K4F6SWQ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 12 Mar 2023 10:03:10 GMT
expires: Sun, 12 Mar 2023 10:03:10 GMT
cache-control: private, max-age=900
last-modified: Sun, 12 Mar 2023 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 103837
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 1.1 kB IP 142.250.74.131:0
File type gzip compressed data, from Unix\012- data
Hash 5b3fd75db9e99595a02a4b1e8f593a01
55c9fd0af560021ec60d0bf4a940a3a03ca17a7f
da48ee57e1aa9c7f324a4574e85342d6480f4c9144ea32d9e5e1ec4c5fc0bb7f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 12 Mar 2023 10:03:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
35.166.146.86101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.166.146.86:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: n+V4VyKrCgDYL2140jKCgg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: cN5lO9tCDx7HhoswgEOqd82ntOs=
use.typekit.net/af/8de6d2/00000000000000003b9adc6b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
95.101.11.120200 OK 30 kB URL HTTP/2 use.typekit.net/af/8de6d2/00000000000000003b9adc6b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
IP 95.101.11.120:0
ASN #20940 Akamai International B.V.
Hash 6c8a0d2196d49ef2516a056c7a51a1c4
ae176d620cc4ce4fd7cc2794290111e3166de07c
81f64ded2a26f4c96324d20ff6e9cf2f586ce78d9761d6ef1280789da5999a5b
GET /af/8de6d2/00000000000000003b9adc6b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 29392
etag: "2bd51188b101f4cf29ce1d8dfdbe91d00fc07ba6"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Sun, 12 Mar 2023 10:03:11 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/85d455/00000000000000003b9adc6a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
95.101.11.120200 OK 31 kB URL HTTP/2 use.typekit.net/af/85d455/00000000000000003b9adc6a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
IP 95.101.11.120:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 30656, version 1.0\012- data
Hash 09848390b847375a8dbf4a3808750013
d8b5db5923705fba6073a52d2145d086c5030527
ead661c1cd323f4f9a023be4cea810a9bcbc3498871593a256fc9221a52f1417
GET /af/85d455/00000000000000003b9adc6a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 30656
etag: "374d4e049d59d33f7c1b988631b115ad96597d60"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Sun, 12 Mar 2023 10:03:11 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/379cfa/00000000000000003b9adc6d/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
95.101.11.120200 OK 61 kB URL HTTP/2 use.typekit.net/af/379cfa/00000000000000003b9adc6d/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
IP 95.101.11.120:0
ASN #20940 Akamai International B.V.
Hash 07aca1a2165eb947ac1ddb5edd514ac5
cb1740639759c102d25b689011a2b04d8b36d3b9
392a44d4b258ec9f229600a1a29bd9fff5fd3cbf7a0c5edadaa371f6c6f150fa
GET /af/379cfa/00000000000000003b9adc6d/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 11668
etag: "a53237c24cbd279f0405e007f31ec7f47234819b"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Sun, 12 Mar 2023 10:03:11 GMT
X-Firefox-Spdy: h2
widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7
65.9.43.63200 OK 55 kB URL HTTP/2 widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7
IP 65.9.43.63:0
Hash 68784ab196082b90da7d6fde5c8a33b6
ae52a097533d61de08c31068544a19d7bcb46a3d
66a9837f372027e5fe646d1170e56aed4f7a825b725ec54d8732b006e2303905
GET /trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7 HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 2144
last-modified: Tue, 04 Oct 2022 10:34:09 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Sat, 11 Mar 2023 11:19:35 GMT
cache-control: max-age=86400
etag: "1307e3fd5846bacc989c2fd05996f010"
x-cache: Hit from cloudfront
via: 1.1 b862e3687b36a4ee0dbc1b9352fbfbb2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: sCofDnQDyhzDStQdUJ5CxYMhlun6SWA11FUU3_Hz8ylziWc_TgFl2w==
age: 81817
X-Firefox-Spdy: h2
widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7
65.9.43.63200 OK 2.1 kB URL HTTP/2 widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7
IP 65.9.43.63:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (6826)
Hash 1307e3fd5846bacc989c2fd05996f010
3fd96ecea8c4a91980939fe1e1efe9ec0f47eebc
39f14c526d9f43a24b5c1e219e7ee63500f90b39517d18085573dcf73eb33d87
GET /trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7 HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 2144
last-modified: Tue, 04 Oct 2022 10:34:09 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Sat, 11 Mar 2023 11:19:35 GMT
cache-control: max-age=86400
etag: "1307e3fd5846bacc989c2fd05996f010"
x-cache: Hit from cloudfront
via: 1.1 b862e3687b36a4ee0dbc1b9352fbfbb2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: vJtEle8CENGFr45beIE28gEbv0xRKLALmCWLkOWVnwpEPY_QEq7Pgw==
age: 81817
X-Firefox-Spdy: h2
widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/main.js
65.9.43.63200 OK 17 kB URL HTTP/2 widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/main.js
IP 65.9.43.63:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (55452)
Hash 93d7d7afc794dd57add6ab0e6cb1e7a5
f3192d2eb299e4111ac69821274555c54d34dd5e
07125f97b71d0a4b48f6ff11db9e9cbaa6ee1bd510ee795cb05353a3cd087f84
GET /trustboxes/5419b6ffb0d04a076446a9af/main.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 17072
last-modified: Tue, 04 Oct 2022 10:34:10 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Sat, 11 Mar 2023 17:39:59 GMT
cache-control: max-age=86400
etag: "93d7d7afc794dd57add6ab0e6cb1e7a5"
x-cache: Hit from cloudfront
via: 1.1 b862e3687b36a4ee0dbc1b9352fbfbb2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: IR4_hS1vq4FAvg3lwK36WlP8EDluXXcoN8uXEcnhZgoqF9Py3IDQlA==
age: 58993
X-Firefox-Spdy: h2
p.typekit.net/p.gif?s=1&k=bne0epn&ht=tk&h=flaviar.com&f=28578.28579.28736&a=7301736&js=1.21.0&app=typekit&e=js&_=1678615393074
23.33.119.26200 OK 35 B URL HTTP/2 p.typekit.net/p.gif?s=1&k=bne0epn&ht=tk&h=flaviar.com&f=28578.28579.28736&a=7301736&js=1.21.0&app=typekit&e=js&_=1678615393074
IP 23.33.119.26:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 81144d75b3e69e9aa2fa3e9d83a64d03
f0fbc60b50edf5b2a0b76e0aa0537b76bf346ffc
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
GET /p.gif?s=1&k=bne0epn&ht=tk&h=flaviar.com&f=28578.28579.28736&a=7301736&js=1.21.0&app=typekit&e=js&_=1678615393074 HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: image/gif
cross-origin-resource-policy: cross-origin
etag: "61c32ad2-23"
last-modified: Wed, 22 Dec 2021 13:40:34 GMT
server: nginx
content-length: 35
date: Sun, 12 Mar 2023 10:03:11 GMT
X-Firefox-Spdy: h2
consent.cookiebot.com/uc.js?cbid=d053bff0-f51a-4434-ab3e-b7ec8831e3ed
95.101.10.177200 OK 33 kB URL HTTP/2 consent.cookiebot.com/uc.js?cbid=d053bff0-f51a-4434-ab3e-b7ec8831e3ed
IP 95.101.10.177:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65499)
Hash 53a80fcb6e9938f58a4d0fe5e94e753f
3fee53cfa2c7f3a595bf1d7b3a85f7add43862fb
572f55b79076acc88b1af15aef3366141086d33bc87f2abd3968133a3ddb6d78
GET /uc.js?cbid=d053bff0-f51a-4434-ab3e-b7ec8831e3ed HTTP/1.1
Host: consent.cookiebot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 06 Mar 2023 10:28:18 GMT
accept-ranges: bytes
etag: "59fd435e1650d91:0"
vary: Accept-Encoding
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
access-control-expose-headers: Request-Context
content-length: 33369
cache-control: public, max-age=1110
expires: Sun, 12 Mar 2023 10:21:42 GMT
date: Sun, 12 Mar 2023 10:03:12 GMT
cross-origin-resource-policy: cross-origin
X-Firefox-Spdy: h2
widget.trustpilot.com/trustbox-data/5419b6ffb0d04a076446a9af?businessUnitId=5c63d6134064df0001fff3b7&locale=en-US
65.9.43.63200 OK 480 B URL HTTP/2 widget.trustpilot.com/trustbox-data/5419b6ffb0d04a076446a9af?businessUnitId=5c63d6134064df0001fff3b7&locale=en-US
IP 65.9.43.63:0
File type JSON data\012- , ASCII text, with very long lines (1051), with no line terminators
Hash 783a49d82abc0d489606c245c0840402
8e78f05862292b5b621f1125be72e08afada876a
d80aafdb64d16c686120c49046774d458e2e1da10cc7db1622d6363b8df445c3
GET /trustbox-data/5419b6ffb0d04a076446a9af?businessUnitId=5c63d6134064df0001fff3b7&locale=en-US HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
content-length: 480
content-encoding: gzip
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: public,max-age=1800
date: Sun, 12 Mar 2023 10:03:12 GMT
etag: "b28410affd5c4860955ae20f3d153eb2"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 b862e3687b36a4ee0dbc1b9352fbfbb2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: qQtrCgsADcuYb8AIjjO2X7gUHsCwJq5Ce4cx9ufEpdsNRUXPcoNR_g==
X-Firefox-Spdy: h2
widget.trustpilot.com/trustbox-data/5419b6ffb0d04a076446a9af?businessUnitId=5c63d6134064df0001fff3b7&locale=en-US
65.9.43.63200 OK 480 B URL HTTP/2 widget.trustpilot.com/trustbox-data/5419b6ffb0d04a076446a9af?businessUnitId=5c63d6134064df0001fff3b7&locale=en-US
IP 65.9.43.63:0
File type JSON data\012- , ASCII text, with very long lines (1051), with no line terminators
Hash 783a49d82abc0d489606c245c0840402
8e78f05862292b5b621f1125be72e08afada876a
d80aafdb64d16c686120c49046774d458e2e1da10cc7db1622d6363b8df445c3
GET /trustbox-data/5419b6ffb0d04a076446a9af?businessUnitId=5c63d6134064df0001fff3b7&locale=en-US HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
content-length: 480
content-encoding: gzip
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: public,max-age=1800
date: Sun, 12 Mar 2023 10:03:12 GMT
etag: "b28410affd5c4860955ae20f3d153eb2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b862e3687b36a4ee0dbc1b9352fbfbb2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: J-QXvjukOLCR8nKEnmjNcyJO8GUBsj8zpFEo9Z0HRYkZw4sT9d1FYQ==
X-Firefox-Spdy: h2
widget.trustpilot.com/stats/TrustboxView?locale=en-US&styleHeight=42px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fflaviar.com%2F&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5c63d6134064df0001fff3b7&widgetId=5419b6ffb0d04a076446a9af
65.9.43.63204 No Content 0 B URL HTTP/2 widget.trustpilot.com/stats/TrustboxView?locale=en-US&styleHeight=42px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fflaviar.com%2F&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5c63d6134064df0001fff3b7&widgetId=5419b6ffb0d04a076446a9af
IP 65.9.43.63:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stats/TrustboxView?locale=en-US&styleHeight=42px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fflaviar.com%2F&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5c63d6134064df0001fff3b7&widgetId=5419b6ffb0d04a076446a9af HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
cache-control: no-store,no-cache
date: Sun, 12 Mar 2023 10:03:11 GMT
pragma: no-cache
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 b862e3687b36a4ee0dbc1b9352fbfbb2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: Ix54xkc5cevmOREuxD7xJ7I2atVx-xTTjg1SkV0bJCgWwoPhUIxErA==
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sun, 12 Mar 2023 09:53:25 GMT
expires: Sun, 12 Mar 2023 11:53:25 GMT
cache-control: public, max-age=7200
age: 587
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
157.240.205.11200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.205.11:0
File type ASCII text, with very long lines (64348)
Hash 43d943c7499b27a8ef3972fa070f6756
59303c79335aa0a9f529c0f6166f99c3e650088c
96ab29f531694f1b8e5d2f031e16581fe1052636fb32c5cd96d55b824d6539b2
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: wXTUBEjBOaoOr8GJ34NqupfIUmnxrzuwWXYVTcyEQY6PYKdrO9rlsqJlp71Hu2z5KIS6CWYElDQRG8or5tZ+RA==
content-length: 27907
x-fb-trip-id: 1679558926
date: Sun, 12 Mar 2023 10:03:12 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=42px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fflaviar.com%2F&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5c63d6134064df0001fff3b7&widgetId=5419b6ffb0d04a076446a9af
65.9.43.63204 No Content 0 B URL HTTP/2 widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=42px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fflaviar.com%2F&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5c63d6134064df0001fff3b7&widgetId=5419b6ffb0d04a076446a9af
IP 65.9.43.63:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stats/TrustboxImpression?locale=en-US&styleHeight=42px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fflaviar.com%2F&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5c63d6134064df0001fff3b7&widgetId=5419b6ffb0d04a076446a9af HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
cache-control: no-store,no-cache
date: Sun, 12 Mar 2023 10:03:11 GMT
pragma: no-cache
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 b862e3687b36a4ee0dbc1b9352fbfbb2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: ZdMY8Nbjnf6xnVHME7jPeJUGG9iVxjTfC3_eE0n7sv5xbbY4nllmhA==
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash b61032468a516115ba65d181952db420
40fe36b5cccce0cc31b7a61f57a58ac00e702e9c
9bda57d5c579bf6d973cbbffbd05714f7b5d0338c334a5f356f43ba2d4a2ab27
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 830
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 12 Mar 2023 10:03:12 GMT
Etag: "640c9d5f-1d7"
Last-Modified: Sun, 12 Mar 2023 09:49:22 GMT
Server: ECAcc (ska/F7A3)
X-Cache: HIT
Content-Length: 471
consentcdn.cookiebot.com/sdk/bc-v4.min.html
104.110.3.72200 OK 392 B URL HTTP/2 consentcdn.cookiebot.com/sdk/bc-v4.min.html
IP 104.110.3.72:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (627), with no line terminators
Hash e7268eccad39bd651697fa793a52cc5c
47299cefa2397b0c1d0c5bf232390a5cf1bcc4d3
907e16c84d35556e4ed841a3511915e6d4bb4e9d68cfca178a740e90b4d80e35
GET /sdk/bc-v4.min.html HTTP/1.1
Host: consentcdn.cookiebot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: text/html
etag: "3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
last-modified: Mon, 04 Apr 2022 07:23:49 GMT
server: AkamaiNetStorage
x-akamai-transformed: 9 - 0 pmb=mRUM,1
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=29771517
expires: Mon, 19 Feb 2024 23:55:09 GMT
date: Sun, 12 Mar 2023 10:03:12 GMT
content-length: 392
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466282_388255644_165568082_28_619_1_0";dur=1
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
X-Firefox-Spdy: h2
consent.cookiebot.com/d053bff0-f51a-4434-ab3e-b7ec8831e3ed/cc.js?renew=false&referer=flaviar.com&dnt=false&init=false&georegions=%5B%7B%22r%22%3A%22US-06%22%2C%22i%22%3A%226b04ee58-2401-4074-bb6b-0969a4c527d9%22%7D%5D
95.101.10.177200 OK 156 B URL HTTP/2 consent.cookiebot.com/d053bff0-f51a-4434-ab3e-b7ec8831e3ed/cc.js?renew=false&referer=flaviar.com&dnt=false&init=false&georegions=%5B%7B%22r%22%3A%22US-06%22%2C%22i%22%3A%226b04ee58-2401-4074-bb6b-0969a4c527d9%22%7D%5D
IP 95.101.10.177:0
ASN #20940 Akamai International B.V.
File type ASCII text, with CRLF line terminators
Hash 3477de123b1bcca0a96d557218c3c72c
279660604c7c2e9d5be154df57180849efca1e34
9331664c1938651f09a14fb45d0af5fd86a72c2d9aff0bc26193e239ddb38268
GET /d053bff0-f51a-4434-ab3e-b7ec8831e3ed/cc.js?renew=false&referer=flaviar.com&dnt=false&init=false&georegions=%5B%7B%22r%22%3A%22US-06%22%2C%22i%22%3A%226b04ee58-2401-4074-bb6b-0969a4c527d9%22%7D%5D HTTP/1.1
Host: consent.cookiebot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, max-age=1200
content-type: application/x-javascript; charset=utf-8
content-encoding: gzip
last-modified: Sun, 12 Mar 2023 10:03:12 GMT
vary: Accept-Encoding
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
access-control-expose-headers: Request-Context
content-length: 156
date: Sun, 12 Mar 2023 10:03:12 GMT
cross-origin-resource-policy: cross-origin
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f1cb274086a7fc07be41dfeb65ec1dbf
c6339993814eda4b9629ef179222b060d1f5143b
b3fbd505775ab4d16c1a8b22e367b9d3b2698bd920d0c4578659b6c63e3d3f6f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B3FBD505775AB4D16C1A8B22E367B9D3B2698BD920D0C4578659B6C63E3D3F6F"
Last-Modified: Sat, 11 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2846
Expires: Sun, 12 Mar 2023 10:50:38 GMT
Date: Sun, 12 Mar 2023 10:03:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f1cb274086a7fc07be41dfeb65ec1dbf
c6339993814eda4b9629ef179222b060d1f5143b
b3fbd505775ab4d16c1a8b22e367b9d3b2698bd920d0c4578659b6c63e3d3f6f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B3FBD505775AB4D16C1A8B22E367B9D3B2698BD920D0C4578659B6C63E3D3F6F"
Last-Modified: Sat, 11 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2846
Expires: Sun, 12 Mar 2023 10:50:38 GMT
Date: Sun, 12 Mar 2023 10:03:12 GMT
Connection: keep-alive
aacdn.nagich.com/assets/locale/en.json
104.26.14.45200 OK 873 B URL HTTP/2 aacdn.nagich.com/assets/locale/en.json
IP 104.26.14.45:0
File type JSON data\012- , ASCII text, with CRLF line terminators
Hash a48b44c5960f678dc07344252359255a
2374bbccc33c236271c563c130206f017e859e7e
c64ac13a3b85620c4e3a4120207c6693e2f98bbde595b38c3b5ee3833fbb9006
GET /assets/locale/en.json HTTP/1.1
Host: aacdn.nagich.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 12 Mar 2023 10:03:12 GMT
content-type: application/json
cache-control: public, max-age=2204800
last-modified: Tue, 15 Jun 2021 15:40:09 GMT
etag: W/"f45920b9fc61d71:0"
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: deny
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ico4NKueTISmMmCkThUJt06yX1sRk%2FYSDhvfrR6T0MRyKHtUO1USJEGKtnLwnsit%2FvJW4qn%2BxSqMuPp6QqILu7gGTTHAcGnJmdqPx10SQXtYkHrWacXg0rQtG8gvVZleOo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a6b34b9bb8cb521-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f1cb274086a7fc07be41dfeb65ec1dbf
c6339993814eda4b9629ef179222b060d1f5143b
b3fbd505775ab4d16c1a8b22e367b9d3b2698bd920d0c4578659b6c63e3d3f6f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B3FBD505775AB4D16C1A8B22E367B9D3B2698BD920D0C4578659B6C63E3D3F6F"
Last-Modified: Sat, 11 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2846
Expires: Sun, 12 Mar 2023 10:50:38 GMT
Date: Sun, 12 Mar 2023 10:03:12 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfe3b026-408f-4d8a-8fbd-5c6ae59ab237.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfe3b026-408f-4d8a-8fbd-5c6ae59ab237.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ebf97627ec9fd083bf5c22de39a524b5
35866e5d26ee25485d090011a1d50ec603d6761b
0b518329364fb793881cb0ff5ef464ecc4cd90c3694dcb7cfef40d0958446a14
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfe3b026-408f-4d8a-8fbd-5c6ae59ab237.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5381
x-amzn-requestid: 6507e3ee-6ce1-46d3-89d7-409b6d7000f2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BosvnHK_IAMFdkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640cf4ca-3d2fb61641f8b1212fc60c8c;Sampled=0
x-amzn-remapped-date: Sat, 11 Mar 2023 21:38:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: BOGljcKXBmUlBQDfklSuTJqcybZt876or6lsCUU34hQmw7U4quARFA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 1d000d0dfe9d69b4983f619fdc5499d6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 11 Mar 2023 21:42:45 GMT
age: 44427
etag: "35866e5d26ee25485d090011a1d50ec603d6761b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87df4bcd-c6cd-4a0c-a9f5-dffb7f36d2e4.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87df4bcd-c6cd-4a0c-a9f5-dffb7f36d2e4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash be71491cee9b47dc3ffb23b4fdff25b3
79c7d22c8df6d305f46c5779ccb9f25169d4d111
e785896e5840fb901ddd0118bef3ccad6b59a96d8eef0e8ccd9c95a3c261ba45
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87df4bcd-c6cd-4a0c-a9f5-dffb7f36d2e4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8487
x-amzn-requestid: 92381f1a-0140-47e9-a971-594a7de36c3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BkEcBGizoAMFgOA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640b1ab3-1a54b65a5d7083e62dcb85ab;Sampled=0
x-amzn-remapped-date: Fri, 10 Mar 2023 11:55:31 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: Nn4eV-UeuWZ02ANOxzTUSgE4UODtaZxeIjp8UJfU8PgUny2shFaDjQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 74ab105148338444981d1b2277ffd9c4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 11 Mar 2023 21:42:55 GMT
age: 44417
etag: "79c7d22c8df6d305f46c5779ccb9f25169d4d111"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 4fa4b97fe07ea68d4658460c919e70ae
2e75a604285a431771aeaf743fd7b72e38122860
628259c0fda74d58478003f624a1ffaf21992ab572098da75c86f347b6a67da7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 12 Mar 2023 10:03:12 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 10 Mar 2023 08:28:59 GMT
Expires: Fri, 17 Mar 2023 08:28:58 GMT
Etag: "2e75a604285a431771aeaf743fd7b72e38122860"
Cache-Control: max-age=425745,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7a6b34ba89910b59-OSL
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0217c8c-9f5f-43b3-9d27-0f8eaac36f26.webp
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0217c8c-9f5f-43b3-9d27-0f8eaac36f26.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 26033b42139d27c847cf9881a17e0332
b196fbef36c2a5242abfc5d7115f1efd39499453
028dd1c86eaab6b991ad3dcb7fda21cdcfe8f9b22155c6bcb9363fbe379096ec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0217c8c-9f5f-43b3-9d27-0f8eaac36f26.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4512
x-amzn-requestid: e9ba0dc3-3e1a-4ff5-8d0d-57386ced2fb1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BotIeGZ-IAMFmBQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640cf569-1a45fa73148fb01f3822ee29;Sampled=0
x-amzn-remapped-date: Sat, 11 Mar 2023 21:40:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 5dasHBaMZCENF6r8miupz4Jzeqy_tuotsvkcSRgs6AtsrWexauN6SQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 abbf2df97f9d83839470842dc2e68cb6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 11 Mar 2023 21:42:45 GMT
age: 44427
etag: "b196fbef36c2a5242abfc5d7115f1efd39499453"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd79ce52-61f2-47b0-a88d-03f2fe3aa889.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd79ce52-61f2-47b0-a88d-03f2fe3aa889.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2fd5c28821c8bf2d62d0c4332f06bd71
6e2c08457854437b2b851340277d31439e5ab470
86725a37e80a10c5b0b52a10e498225d97565752ec25303cb159a34386a49523
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd79ce52-61f2-47b0-a88d-03f2fe3aa889.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8845
x-amzn-requestid: b556bc0e-9cf5-4062-9df4-0ccee00cbab2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BoswFH5soAMF2SQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640cf4cd-0ba8e60549c78f9d3b720a20;Sampled=0
x-amzn-remapped-date: Sat, 11 Mar 2023 21:38:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: EFRUOo6vNYBlNXfP-XzizobifYejOdXIuu_bj2owYGiDHDsv1HrMhA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 c5c7edc18be1805f007e0576da02e554.cloudfront.net (CloudFront), 1.1 google
date: Sat, 11 Mar 2023 22:03:58 GMT
age: 43154
etag: "6e2c08457854437b2b851340277d31439e5ab470"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1645617e-315b-4828-a837-6f43c26239f3.webp
34.120.237.76200 OK 3.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1645617e-315b-4828-a837-6f43c26239f3.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7a260ac2164ba9dcf80a9d9785b00b64
8440defe1b992f47d6cc744ea89149f570129630
06f9cd692a85c54e65efba8deded48dbd13fb4bac84e5adb601b6dd872037d9a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1645617e-315b-4828-a837-6f43c26239f3.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3749
x-amzn-requestid: 21224146-a517-4aa7-9107-eb0f533d5b62
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Bosz6E4IIAMFZUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640cf4e5-6e6b5aa1791c251476ab1627;Sampled=0
x-amzn-remapped-date: Sat, 11 Mar 2023 21:38:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: v_EOFrBNjtaW5R_y5KiKNmKhjTwbKZXfdp_wtAD652qF3kgo5OPFUw==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 3236f234d59c0fda99b416088c283260.cloudfront.net (CloudFront), 1.1 google
date: Sat, 11 Mar 2023 21:53:25 GMT
age: 43787
etag: "8440defe1b992f47d6cc744ea89149f570129630"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6dda5706-64c5-467d-9645-a46dedb81818.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6dda5706-64c5-467d-9645-a46dedb81818.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6a4d6ee7d459e2a9b742d0dbca932998
eada4a4de40e5035173bb18ee51aacd624b8b169
2e6eef4f452ef3700d4c9d06e8c3bf8999e077e24c332ab4670edd0884839d38
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6dda5706-64c5-467d-9645-a46dedb81818.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6053
x-amzn-requestid: 5f306311-ac84-4ce2-b9c2-6af31c110062
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Bosb-FD5oAMFwJw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640cf44c-61fea28e45516fad0d30cf65;Sampled=0
x-amzn-remapped-date: Sat, 11 Mar 2023 21:36:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: fWVlVC6aYC4VUrCTIxXhQ-EDPiPBfbsfLKvxvg44bWZMGpgJup4o8w==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 6bdc2963c9ed59b475ec36c35e5932a4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 11 Mar 2023 22:04:00 GMT
age: 43152
etag: "eada4a4de40e5035173bb18ee51aacd624b8b169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.sgmntfy.com/pa.js
34.149.223.191200 OK 3.7 kB IP 34.149.223.191:0
File type ASCII text, with very long lines (3744), with no line terminators
Hash 7327381bba6f249fe470d17c0dca2cb4
b6fac12855c66c4841a38d07934fc22302e881ef
393195c622ffdab45d8f71e6988cdcc65ef85102061defa603882dc9f80d11ec
Analyzer Verdict Alert quad9 Sinkholed
GET /pa.js HTTP/1.1
Host: cdn.sgmntfy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvvlKpsWUP0Ieh17UkRhiNfwYx23GDeI-n_vynqov2nKzdLNY5A6AmS0uofYUyuL3nWBFZ4ikTxlJgPK79kLWeEL_GEPqJR
x-goog-generation: 1654598345914433
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 3744
content-language: en
x-goog-hash: crc32c=EasKAQ==, md5=cyc4G7pvJJ/kcNF8DcostA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 3744
server: UploadServer
date: Sun, 12 Mar 2023 10:00:15 GMT
expires: Sun, 12 Mar 2023 11:00:15 GMT
cache-control: public, max-age=3600
age: 177
last-modified: Tue, 07 Jun 2022 10:39:06 GMT
etag: "7327381bba6f249fe470d17c0dca2cb4"
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 4fa4b97fe07ea68d4658460c919e70ae
2e75a604285a431771aeaf743fd7b72e38122860
628259c0fda74d58478003f624a1ffaf21992ab572098da75c86f347b6a67da7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 12 Mar 2023 10:03:12 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 10 Mar 2023 08:28:59 GMT
Expires: Fri, 17 Mar 2023 08:28:58 GMT
Etag: "2e75a604285a431771aeaf743fd7b72e38122860"
Cache-Control: max-age=425745,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7a6b34bb1a290b59-OSL
public.fbot.me/events/06cc9139-6a61-41fc-88db-9ec21e04eecf/profile/xhr
54.146.181.64200 OK 2 B URL HTTP/2 public.fbot.me/events/06cc9139-6a61-41fc-88db-9ec21e04eecf/profile/xhr
IP 54.146.181.64:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /events/06cc9139-6a61-41fc-88db-9ec21e04eecf/profile/xhr HTTP/1.1
Host: public.fbot.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Referer: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 12 Mar 2023 10:03:12 GMT
content-length: 2
server: nginx/1.23.3
access-control-allow-origin: https://flaviar.com
access-control-allow-credentials: true
access-control-allow-methods: POST, GET
access-control-allow-headers: Authorization, Content-Type
info: {"connection":"upgrade","host":"public.fbot.me","x-forwarded-for":"91.90.42.154","x-forwarded-proto":"https","x-forwarded-port":"443","x-amzn-trace-id":"Root=1-640da360-21aa399a53c7d53f6821ecb0","user-agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0","accept":"*/*","accept-language":"en-US,en;q=0.5","accept-encoding":"gzip, deflate, br","access-control-request-method":"POST","access-control-request-headers":"authorization,content-type","referer":"https://flaviar.com/","origin":"https://flaviar.com","sec-fetch-dest":"empty","sec-fetch-mode":"cors","sec-fetch-site":"cross-site"}
X-Firefox-Spdy: h2
www.redditstatic.com/ads/pixel.js
151.101.129.140200 OK 7.4 kB URL HTTP/2 www.redditstatic.com/ads/pixel.js
IP 151.101.129.140:0
File type ASCII text, with very long lines (23347)
Hash 03d5db9dfd00a5719bb4c9261e6fa1bb
be9899225f59b4d3ef6fefcf0e66b72568353a94
e90f19642062e4311b58ede732592e8f29b7799661086a0bbfc68e259fd81398
GET /ads/pixel.js HTTP/1.1
Host: www.redditstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Mon, 23 Jan 2023 21:56:14 GMT
etag: "03d5db9dfd00a5719bb4c9261e6fa1bb"
cache-control: public, max-age=60
content-encoding: gzip
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 12 Mar 2023 10:03:12 GMT
vary: Accept-Encoding,Origin
server: snooserv
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-length: 7356
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 279 B IP 192.229.221.95:0
Hash 60c1028bb22f9dc731ade527ec368a4f
e78f683aab86a3eca17e339e63cd32d01eb2aabf
241c4c4aca5fa26a6fe62dfbee989c1f233146fccdc538fb69f517968db66f74
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 119
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 12 Mar 2023 10:03:12 GMT
Etag: "640c5b34-117"
Last-Modified: Sun, 12 Mar 2023 10:01:13 GMT
Server: ECAcc (amb/6AC3)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 5a11a860155ba046fd14c574ed14c336
ce79324c02dd1d402bbd47ff5c7683b2d57108df
a67c6976a365ac636c8ee75b3b144787cd9d3a5887f8c4f6da817da65208e962
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2579
Cache-Control: max-age=110455
Content-Type: application/ocsp-response
Date: Sun, 12 Mar 2023 10:03:12 GMT
Etag: "640ca5c4-1d7"
Expires: Mon, 13 Mar 2023 16:44:07 GMT
Last-Modified: Sat, 11 Mar 2023 16:01:08 GMT
Server: ECAcc (ska/F776)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
192.229.221.95200 OK 279 B IP 192.229.221.95:0
Hash f013188f9a03530695551ddc6ce8d6e7
a1576aaed9ce8c458c76366bb33ca3b06b91fbc5
759db8c8999923971bf20ba02d43c8b9ed3e2381bc7a503d3f1cada3556181cb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2370
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 12 Mar 2023 10:03:12 GMT
Last-Modified: Sun, 12 Mar 2023 09:23:42 GMT
Server: ECAcc (ska/F6D2)
X-Cache: HIT
Content-Length: 279
public.fbot.me/events/06cc9139-6a61-41fc-88db-9ec21e04eecf/profile/xhr
54.146.181.64200 OK 514 B URL HTTP/2 public.fbot.me/events/06cc9139-6a61-41fc-88db-9ec21e04eecf/profile/xhr
IP 54.146.181.64:0
File type JSON data\012- , ASCII text, with very long lines (514), with no line terminators
Hash c7d4b5415e023642fb6faec986e5119b
0a868c776775452734ce25f9774e5a15473bec1b
34e14b39c75442818c768a96f6ed873360540a578ba6c1ff952e5d9d73754237
POST /events/06cc9139-6a61-41fc-88db-9ec21e04eecf/profile/xhr HTTP/1.1
Host: public.fbot.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaviar.com/
Authorization:
Content-Type: application/json
Origin: https://flaviar.com
Content-Length: 215
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 12 Mar 2023 10:03:12 GMT
content-type: application/json
content-length: 514
server: nginx/1.23.3
access-control-allow-origin: https://flaviar.com
set-cookie: globalId=8e184dfb-d0f5-4656-81b6-488ec2d26225; Max-Age=315360000; Domain=.fbot.me; Path=/; HttpOnly; Secure; SameSite=None
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash 4ed1b91eeae19a59ac2701fc1f7f4e16
03cbd60d3199cd457f5b63fe067a576b9307c9b2
c72df74523bb34cd4a1fbb49484ee7661ea72d250de394f8f455eb9623928b52
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 12 Mar 2023 10:03:12 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 11 Mar 2023 22:45:29 GMT
Expires: Sun, 12 Mar 2023 22:45:29 GMT
ETag: "03cbd60d3199cd457f5b63fe067a576b9307c9b2"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
region1.analytics.google.com/g/collect?v=2&tid=G-94QYBVSJNV>m=45je3360&_p=1323788160&_gaz=1&cid=2044677251.1678615394&ul=en-us&sr=1280x1024&_s=1&sid=1678615393&sct=1&seg=0&dl=https%3A%2F%2Fflaviar.com%2F&dt=Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar&en=page_view&_fv=1&_ss=1&up.membership_status=anonymous
216.239.32.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-94QYBVSJNV>m=45je3360&_p=1323788160&_gaz=1&cid=2044677251.1678615394&ul=en-us&sr=1280x1024&_s=1&sid=1678615393&sct=1&seg=0&dl=https%3A%2F%2Fflaviar.com%2F&dt=Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar&en=page_view&_fv=1&_ss=1&up.membership_status=anonymous
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-94QYBVSJNV>m=45je3360&_p=1323788160&_gaz=1&cid=2044677251.1678615394&ul=en-us&sr=1280x1024&_s=1&sid=1678615393&sct=1&seg=0&dl=https%3A%2F%2Fflaviar.com%2F&dt=Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar&en=page_view&_fv=1&_ss=1&up.membership_status=anonymous HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://flaviar.com
date: Sun, 12 Mar 2023 10:03:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ak.sail-horizon.com/spm/spm.v1.min.js
108.157.214.94200 OK 34 kB URL HTTP/2 ak.sail-horizon.com/spm/spm.v1.min.js
IP 108.157.214.94:0
Hash 13a5a4377ebb6324b1bb88bff4f61b33
a0b4e7e16e202d01fcf84bedcd46d610a329194a
6e814373cfc2e910b6608b58ddba5e312aecdcd95da23d8172eb1aed65b48ee3
GET /spm/spm.v1.min.js HTTP/1.1
Host: ak.sail-horizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 11 Jan 2023 16:08:40 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Sun, 12 Mar 2023 09:56:51 GMT
cache-control: max-age=600; must-revalidate
etag: W/"be0aea74754407f0a826a84e140dd5ea"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9fde400234236c10982fe8b8a3ca9eb2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: IpqQzkF6pwya8BQKuDyvTn2K_apOGn7j16IEFtV88oBKuF0YZtVglg==
age: 382
X-Firefox-Spdy: h2
dx.mountain.com/spx?dxver=4.0.0&shaid=33038&tdr=&plh=https%3A%2F%2Fflaviar.com%2F&cb=21400296615054236term=value
52.7.151.245200 OK 4.0 kB URL HTTP/1.1 dx.mountain.com/spx?dxver=4.0.0&shaid=33038&tdr=&plh=https%3A%2F%2Fflaviar.com%2F&cb=21400296615054236term=value
IP 52.7.151.245:0
File type ASCII text, with very long lines (15274), with no line terminators
Hash c1523327129fc633918d5b3ac42625de
d8340ceedbd2e7eaa30801eae3befdf6ab2d0f30
7db8056ef154dcac7fd8e5f7e884b978f0071d78f1561ed651954e5b554be5d7
GET /spx?dxver=4.0.0&shaid=33038&tdr=&plh=https%3A%2F%2Fflaviar.com%2F&cb=21400296615054236term=value HTTP/1.1
Host: dx.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-encoding: gzip
content-type: application/javascript;charset=utf-8
date: Sun, 12 Mar 2023 10:03:12 GMT
x-envoy-upstream-service-time: 0
be: spx-prod
server: istio-envoy
transfer-encoding: chunked
stats.g.doubleclick.net/g/collect?v=2&tid=G-94QYBVSJNV&cid=2044677251.1678615394>m=45je3360&aip=1
173.194.73.154204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-94QYBVSJNV&cid=2044677251.1678615394>m=45je3360&aip=1
IP 173.194.73.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-94QYBVSJNV&cid=2044677251.1678615394>m=45je3360&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://flaviar.com
date: Sun, 12 Mar 2023 10:03:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash cea70cd92f3f863b76facf9ef93149fa
05761090c7ff21d014d3f0d93925a0e66c925b99
dfaeabf18b09f39e3a75c6efe37f52fdb6d4056cf0a4c66ba0d8ac74539c96a9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 12 Mar 2023 10:03:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
192.229.221.95200 OK 313 B IP 192.229.221.95:0
Hash e74bc3527659c214c66ba740388e2ff7
0cda01858ab4da8cf7eaef80e6f6f2173e14cb7d
9f25110ba39ab2f908c13a16f012aee147da964fe035a8a6d3f934f8a6013451
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3478
Cache-Control: max-age=165322
Content-Type: application/ocsp-response
Date: Sun, 12 Mar 2023 10:03:13 GMT
Etag: "640d7895-139"
Expires: Tue, 14 Mar 2023 07:58:35 GMT
Last-Modified: Sun, 12 Mar 2023 07:00:37 GMT
Server: ECAcc (ska/F757)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
192.229.221.95200 OK 312 B IP 192.229.221.95:0
Hash 0095c8c3b602ba15dae1022136f0db43
14736510bef858a16f796299ac00c03c1a565f8f
984d5d68ad6c368a17a219bc35eaf7decc3f7bfb2bd1e712c242a93021c278a5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3173
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 12 Mar 2023 10:03:13 GMT
Last-Modified: Sun, 12 Mar 2023 09:10:20 GMT
Server: ECAcc (ska/F756)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
192.229.221.95200 OK 313 B IP 192.229.221.95:0
Hash e74bc3527659c214c66ba740388e2ff7
0cda01858ab4da8cf7eaef80e6f6f2173e14cb7d
9f25110ba39ab2f908c13a16f012aee147da964fe035a8a6d3f934f8a6013451
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4128
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 12 Mar 2023 10:03:13 GMT
Last-Modified: Sun, 12 Mar 2023 08:54:25 GMT
Server: ECAcc (ska/F775)
X-Cache: HIT
Content-Length: 313
ocsp.r2m01.amazontrust.com/
108.157.228.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 108.157.228.227:0
Hash 153d76a07a2123cebc73b49092eaea87
8d8cef430ddc27abd746f351c19c7725dd56447c
dfedc30245ac53bb6dc88895a9e8fc6b3cb5580ec5578ccf50e71d22438349d7
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 12 Mar 2023 10:03:13 GMT
Last-Modified: Sun, 12 Mar 2023 08:56:33 GMT
Server: ECAcc (bsa/EA9A)
X-Cache: Miss from cloudfront
Via: 1.1 eddbc5f97ff2aa6a4fb8714754b065e0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN56-P2
X-Amz-Cf-Id: xt0NjGiT_FzEfcRuCDG1WSmY8gjohB4AUZcegntlYaEjQ12QWvBN8g==
Age: 4000
ocsp.r2m01.amazontrust.com/
108.157.228.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 108.157.228.227:0
Hash 153d76a07a2123cebc73b49092eaea87
8d8cef430ddc27abd746f351c19c7725dd56447c
dfedc30245ac53bb6dc88895a9e8fc6b3cb5580ec5578ccf50e71d22438349d7
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=158063
Date: Sun, 12 Mar 2023 10:03:13 GMT
Etag: "640d541f-1d7"
Expires: Tue, 14 Mar 2023 05:57:36 GMT
Last-Modified: Sun, 12 Mar 2023 04:25:03 GMT
Server: ECAcc (bsa/EB4C)
X-Cache: Miss from cloudfront
Via: 1.1 917c6054ae6e10a98fc566c655129e8a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN56-P2
X-Amz-Cf-Id: PvlP_T5CUwGKB0G2BUDZlqNPsnlbKWJUHVJApjKEFs5EveN_LfwT8Q==
Age: 5553
dnacdn.net/dna
178.250.1.11200 OK 0 B IP 178.250.1.11:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 12 Mar 2023 10:03:12 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=1ZdbN180M0RITmhlJTJCZkMwOUJGQlhaMUN2czV2JTJGRVNnT0ElMkYxJTJGWkV2ekpneUVERXl2VVBuVGtxaExqYWl5MWpFVXc2WEs; expires=Fri, 05 Apr 2024 10:03:13 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 219821
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
splow.flaviar.com/com.snowplowanalytics.snowplow/tp2
172.66.43.165200 OK 0 B URL HTTP/2 splow.flaviar.com/com.snowplowanalytics.snowplow/tp2
IP 172.66.43.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: splow.flaviar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 12 Mar 2023 10:03:13 GMT
content-length: 0
access-control-allow-origin: https://flaviar.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 5
x-robots-tag: noindex, nofollow, nosnippet, noarchive
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1rOxONRHTumRTLsqjfrc0xDSPfZRt4m8kJE%2Bx5rIYIv9Q6mLRNK%2F6g%2F9A49jmkD%2FkDtmO%2BUrdGZWEmkQ8wSieorBuq9qgERrjhq3pG8hzlWOImI6obdWt0%2B08s3CfHMrpfOM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 7a6b34bbffbdb4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?topUrl=flaviar.com&origin=onetag&us_privacy=1---
178.250.1.11200 OK 5.5 kB URL HTTP/2 gum.criteo.com/syncframe?topUrl=flaviar.com&origin=onetag&us_privacy=1---
IP 178.250.1.11:0
Hash 5c0196a01bf91971f8515ed7858d0702
ff67ee95bca399f1aae4e698021b067fa7e1a20a
4502bc1484654ae36b58d54fb534a7347f1acddfdbc73a13c7206d7d1bfdd83d
GET /syncframe?topUrl=flaviar.com&origin=onetag&us_privacy=1--- HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 12 Mar 2023 10:03:12 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=166b35eb-3757-4cd1-8942-1e76169991a5; expires=Fri, 05 Apr 2024 10:03:12 GMT; domain=.criteo.com; path=/; secure; samesite=none
optout=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.criteo.com; path=/
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 447094
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.google.com/pagead/landing?gcs=G111&rnd=1321759809.1678615394&url=https%3A%2F%2Fflaviar.com%2F>m=45He3360n81K4F6SWQ&auid=1804305078.1678615394
216.58.211.4302 Found 42 B URL HTTP/2 www.google.com/pagead/landing?gcs=G111&rnd=1321759809.1678615394&url=https%3A%2F%2Fflaviar.com%2F>m=45He3360n81K4F6SWQ&auid=1804305078.1678615394
IP 216.58.211.4:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
POST /pagead/landing?gcs=G111&rnd=1321759809.1678615394&url=https%3A%2F%2Fflaviar.com%2F>m=45He3360n81K4F6SWQ&auid=1804305078.1678615394 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 12 Mar 2023 10:03:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
location: https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&rnd=1321759809.1678615394&url=https%3A%2F%2Fflaviar.com%2F>m=45He3360n81K4F6SWQ&auid=1804305078.1678615394
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
99.83.154.140200 OK 18 B URL HTTP/2 api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
IP 99.83.154.140:0
File type ASCII text, with no line terminators
Hash cc7fd95a87ea3721ce1853bf3c4dd75e
7f687f7881adf0fc407378d375a61b8f198c0912
0f06a4c8d34690d4e42c81f232a5bdfe9fcbde8a54b5ccd0609a313e90da0879
OPTIONS /v1/personalize/simple?pageviews=1&isMobile=0 HTTP/1.1
Host: api.sail-personalize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-lib-version,x-referring-url
Referer: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 12 Mar 2023 10:03:13 GMT
content-type: text/plain
content-length: 18
access-control-allow-origin: https://flaviar.com
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: OPTIONS,GET,POST,PUT,DELETE
access-control-allow-headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
allow: HEAD,GET,OPTIONS
X-Firefox-Spdy: h2
rb9yp8py.flaviar.com/assets/wxyz.rb.js
162.243.14.13200 OK 10 kB URL HTTP/1.1 rb9yp8py.flaviar.com/assets/wxyz.rb.js
IP 162.243.14.13:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (347)
Hash 46f395d8bdc29802f09a64a95a192e39
bf4266cdba32c81498002bef7c746bb20df0ac6d
b9c74b5f30111282496c5860c76e8e73697c52e94a939898ea2dae9a6a5314e0
GET /assets/wxyz.rb.js HTTP/1.1
Host: rb9yp8py.flaviar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaviar.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Sun, 12 Mar 2023 10:03:13 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ec6311aff40cad7ab34f00d36611b030
cf544610c8266b570673ea252aafe9339f145707
155dc155e18b34ee37d7c61224e421db376a38ac40e6fbf6c2939d8747a01c9b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 12 Mar 2023 10:03:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/landing?gcs=G111&rnd=1321759809.1678615394&url=https%3A%2F%2Fflaviar.com%2F>m=45He3360n81K4F6SWQ&auid=1804305078.1678615394
142.250.74.98200 OK 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/landing?gcs=G111&rnd=1321759809.1678615394&url=https%3A%2F%2Fflaviar.com%2F>m=45He3360n81K4F6SWQ&auid=1804305078.1678615394
IP 142.250.74.98:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/landing?gcs=G111&rnd=1321759809.1678615394&url=https%3A%2F%2Fflaviar.com%2F>m=45He3360n81K4F6SWQ&auid=1804305078.1678615394 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaviar.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 12 Mar 2023 10:03:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 12-Mar-2023 10:18:13 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=onetag&domain=flaviar.com&sn=FirefoxSyncframe&so=0&topUrl=flaviar.com&info=2pjHYl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czV2JTJGRVNnT0ElMkYxJTJGWkV2ekpneUVERXdTMXNYMHA5eDdDY3hJRWdwelM2NTI&idsd=785303690,-1429194923&cw=1&lsw=1
178.250.1.11200 OK 521 B URL HTTP/2 gum.criteo.com/sid/json?origin=onetag&domain=flaviar.com&sn=FirefoxSyncframe&so=0&topUrl=flaviar.com&info=2pjHYl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czV2JTJGRVNnT0ElMkYxJTJGWkV2ekpneUVERXdTMXNYMHA5eDdDY3hJRWdwelM2NTI&idsd=785303690,-1429194923&cw=1&lsw=1
IP 178.250.1.11:0
File type JSON data\012- , ASCII text, with very long lines (679), with no line terminators
Hash c32fd8bec9dde44271145b71c6d22621
79d29408f922a12b7f64e921d4eb6c539c618317
9c55bdc8fd1e38d871cdd4100525e55e201200454c4546420fb1f661904599a8
GET /sid/json?origin=onetag&domain=flaviar.com&sn=FirefoxSyncframe&so=0&topUrl=flaviar.com&info=2pjHYl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czV2JTJGRVNnT0ElMkYxJTJGWkV2ekpneUVERXdTMXNYMHA5eDdDY3hJRWdwelM2NTI&idsd=785303690,-1429194923&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?topUrl=flaviar.com&origin=onetag&us_privacy=1---
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 12 Mar 2023 10:03:13 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 686714
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
rb9yp8py.flaviar.com/integrations?source=flaviar
162.243.14.13200 OK 59 B URL HTTP/1.1 rb9yp8py.flaviar.com/integrations?source=flaviar
IP 162.243.14.13:0
ASN #14061 DIGITALOCEAN-ASN
Hash b13b075ac18d7ecbf705dad11323402e
124e2c4307c6beabfd3e751f14a4f7acb02eb6ce
03db7011ba06ed159ca1b7dee62dc5a01ee2d0a3d6f3b0294004cd455251b7f2
GET /integrations?source=flaviar HTTP/1.1
Host: rb9yp8py.flaviar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Cookie: _ga=GA1.1.2044677251.1678615394; _gid=GA1.2.953478282.1678615394; _ga_94QYBVSJNV=GS1.1.1678615393.1.0.1678615393.60.0.0; _gcl_au=1.1.1804305078.1678615394; _rdt_uuid=1678615393917.dad27b2c-4de9-4a45-a3ea-c8c4e7865657; cto_bundle=bGSPxl9qZlhjeTBNREJLS2RVSHZaaDFrQmtNblRSTFBzS0FJTWVBbWY3NE5LOVI0Ym9jZXNRbiUyRlpyMmhMeGppR2oxRFloa25lYlFFNklneXlZS3pnYWJJJTJGWlRIbDZWWjZzQVdEWnpzRGJyV1Z3a3pIRXdPN3VGQ2NabUFHZ25vR1NtT2pNWWgxZXIlMkJUcTFselF6cDBBUlhNJTJGQSUzRCUzRA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: openresty
Date: Sun, 12 Mar 2023 10:03:13 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
dnacdn.net/dna
178.250.1.11200 OK 174 B IP 178.250.1.11:0
Hash 278c5920dab6ac38ff6871f4492022fb
7e100a1913dbe3bfb0cc900b7052eadac6008118
dd89973ae9cfc4f773b40b45f1619c47da4b765d8ea56c562adf3b4678a2a7a1
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=1ZdbN180M0RITmhlJTJCZkMwOUJGQlhaMUN2czV2JTJGRVNnT0ElMkYxJTJGWkV2ekpneUVERXl2VVBuVGtxaExqYWl5MWpFVXc2WEs
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 12 Mar 2023 10:03:12 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=2pjHYl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czV2JTJGRVNnT0ElMkYxJTJGWkV2ekpneUVERXdTMXNYMHA5eDdDY3hJRWdwelM2NTI; expires=Fri, 05 Apr 2024 10:03:13 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 202050
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
185.235.84.149200 OK 5.9 kB URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 185.235.84.149:0
File type JSON data\012- , ASCII text, with very long lines (17787), with no line terminators
Hash 4d050e979a07fe9d06a3e50f2e0c333f
2fb2ed93a639f2c197ddfdac0a817de020f382ad
f2379fccddef18f94c62149226a8ac60e0ead8b67474dec94096ec3bcf8eadc3
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 12 Mar 2023 10:03:12 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 120450
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3c5612c5131d59819b60bcd3123fbe1e
86f82bfa3a20987ac256d2efd06dc95c0df285e8
00fc14cc05fb85329d10ee97f1c959244f274c67d56a37f4eb8006acd0e867bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 12 Mar 2023 10:03:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 03da97ae3e10a32174a41aa30868b9eb
70fb7047bdce18e0921b731213d9e5d2fc63a324
b7ee067fe51a57d6a9e82a26b862697f3794351f4214b19798418b617633bded
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 12 Mar 2023 10:03:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
142.250.74.170200 OK 33 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
IP 142.250.74.170:0
File type ASCII text, with very long lines (32086)
Hash 430e927c980ad4079de727fa59dd93f2
891aaada9a55a91292999f6d50fd300439905982
e8728df8617340bd8c10bc8d27d3a725a48871a269c850e8598689938ec6e2ed
GET /ajax/libs/jquery/1.11.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33434
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 Mar 2023 18:55:08 GMT
expires: Tue, 05 Mar 2024 18:55:08 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 486485
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
bat.bing.com/bat.js
204.79.197.200200 OK 12 kB IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (40607), with no line terminators
Hash 04651bf0c51742f9007b1ae2b4486dee
6ffc71fcb5db1cf0283b60150a62f2c219ac3dbd
5d7392c44731e52810337eb1a3eb3ae1ffab31b8f8d55daba20d658701604666
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11894
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 16 Feb 2023 18:31:53 GMT
accept-ranges: bytes
etag: "8072cff03442d91:0"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 56D27061270F426FBC2674FF08756AD1 Ref B: OSL30EDGE0221 Ref C: 2023-03-12T10:03:13Z
date: Sun, 12 Mar 2023 10:03:12 GMT
X-Firefox-Spdy: h2
sslwidget.criteo.com/event?a=95340&v=5.14.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3Dundefined%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.1.0&p3=e%3Ddis&adce=1&bundle=bGSPxl9qZlhjeTBNREJLS2RVSHZaaDFrQmtNblRSTFBzS0FJTWVBbWY3NE5LOVI0Ym9jZXNRbiUyRlpyMmhMeGppR2oxRFloa25lYlFFNklneXlZS3pnYWJJJTJGWlRIbDZWWjZzQVdEWnpzRGJyV1Z3a3pIRXdPN3VGQ2NabUFHZ25vR1NtT2pNWWgxZXIlMkJUcTFselF6cDBBUlhNJTJGQSUzRCUzRA&tld=flaviar.com&dy=1&fu=https%253A%252F%252Fflaviar.com%252F&dtycbr=48452&cs=1---&cv=1
178.250.1.9302 Found 0 B URL HTTP/2 sslwidget.criteo.com/event?a=95340&v=5.14.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3Dundefined%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.1.0&p3=e%3Ddis&adce=1&bundle=bGSPxl9qZlhjeTBNREJLS2RVSHZaaDFrQmtNblRSTFBzS0FJTWVBbWY3NE5LOVI0Ym9jZXNRbiUyRlpyMmhMeGppR2oxRFloa25lYlFFNklneXlZS3pnYWJJJTJGWlRIbDZWWjZzQVdEWnpzRGJyV1Z3a3pIRXdPN3VGQ2NabUFHZ25vR1NtT2pNWWgxZXIlMkJUcTFselF6cDBBUlhNJTJGQSUzRCUzRA&tld=flaviar.com&dy=1&fu=https%253A%252F%252Fflaviar.com%252F&dtycbr=48452&cs=1---&cv=1
IP 178.250.1.9:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event?a=95340&v=5.14.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3Dundefined%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.1.0&p3=e%3Ddis&adce=1&bundle=bGSPxl9qZlhjeTBNREJLS2RVSHZaaDFrQmtNblRSTFBzS0FJTWVBbWY3NE5LOVI0Ym9jZXNRbiUyRlpyMmhMeGppR2oxRFloa25lYlFFNklneXlZS3pnYWJJJTJGWlRIbDZWWjZzQVdEWnpzRGJyV1Z3a3pIRXdPN3VGQ2NabUFHZ25vR1NtT2pNWWgxZXIlMkJUcTFselF6cDBBUlhNJTJGQSUzRCUzRA&tld=flaviar.com&dy=1&fu=https%253A%252F%252Fflaviar.com%252F&dtycbr=48452&cs=1---&cv=1 HTTP/1.1
Host: sslwidget.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 12 Mar 2023 10:03:13 GMT
server: Kestrel
content-length: 0
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
expires: 0
location: https://widget.us.criteo.com/event?a=95340&v=5.14.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3Dundefined%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.1.0&p3=e%3Ddis&adce=1&bundle=bGSPxl9qZlhjeTBNREJLS2RVSHZaaDFrQmtNblRSTFBzS0FJTWVBbWY3NE5LOVI0Ym9jZXNRbiUyRlpyMmhMeGppR2oxRFloa25lYlFFNklneXlZS3pnYWJJJTJGWlRIbDZWWjZzQVdEWnpzRGJyV1Z3a3pIRXdPN3VGQ2NabUFHZ25vR1NtT2pNWWgxZXIlMkJUcTFselF6cDBBUlhNJTJGQSUzRCUzRA&tld=flaviar.com&dy=1&fu=https%253A%252F%252Fflaviar.com%252F&dtycbr=48452&cs=1---&cv=1
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
server-processing-duration-in-ticks: 6041239
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3c5612c5131d59819b60bcd3123fbe1e
86f82bfa3a20987ac256d2efd06dc95c0df285e8
00fc14cc05fb85329d10ee97f1c959244f274c67d56a37f4eb8006acd0e867bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 12 Mar 2023 10:03:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
alb.reddit.com/rp.gif?ts=1678615393918&id=t2_h2e6q&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&uuid=dad27b2c-4de9-4a45-a3ea-c8c4e7865657&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1280&sw=1024&v=rdt_65e23bc4
151.101.193.140200 OK 114 B URL HTTP/2 alb.reddit.com/rp.gif?ts=1678615393918&id=t2_h2e6q&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&uuid=dad27b2c-4de9-4a45-a3ea-c8c4e7865657&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1280&sw=1024&v=rdt_65e23bc4
IP 151.101.193.140:0
Hash 533f457378eadce9ef0a39ec7bc62354
49e38e5d2a5691d8a496664d7c7b9a65d40aa88c
8a91b34976b4eb873f6e0cd0fb3132467c637deb24017c35e4fc1c9a88a0cc96
GET /rp.gif?ts=1678615393918&id=t2_h2e6q&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&uuid=dad27b2c-4de9-4a45-a3ea-c8c4e7865657&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1280&sw=1024&v=rdt_65e23bc4 HTTP/1.1
Host: alb.reddit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
cross-origin-resource-policy: cross-origin
content-type: image/gif
accept-ranges: bytes
date: Sun, 12 Mar 2023 10:03:13 GMT
via: 1.1 varnish
content-length: 42
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=5715081&tm=gtm002&Ver=2&mid=dd099a1d-9c1a-426b-bbcc-0466888ee330&sid=1ad64100c0bd11edb9432fffe57c51b3&vid=1ad672d0c0bd11edabb3ed511711e550&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar&p=https%3A%2F%2Fflaviar.com%2F&r=<=2081&evt=pageLoad&sv=1&rn=656236
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=5715081&tm=gtm002&Ver=2&mid=dd099a1d-9c1a-426b-bbcc-0466888ee330&sid=1ad64100c0bd11edb9432fffe57c51b3&vid=1ad672d0c0bd11edabb3ed511711e550&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar&p=https%3A%2F%2Fflaviar.com%2F&r=<=2081&evt=pageLoad&sv=1&rn=656236
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=5715081&tm=gtm002&Ver=2&mid=dd099a1d-9c1a-426b-bbcc-0466888ee330&sid=1ad64100c0bd11edb9432fffe57c51b3&vid=1ad672d0c0bd11edabb3ed511711e550&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar&p=https%3A%2F%2Fflaviar.com%2F&r=<=2081&evt=pageLoad&sv=1&rn=656236 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=1CC978B3D19861D83A556A61D06D6097; domain=.bing.com; expires=Fri, 05-Apr-2024 10:03:13 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 573BA1C997C3440D841EBA06BB14A525 Ref B: OSL30EDGE0221 Ref C: 2023-03-12T10:03:13Z
date: Sun, 12 Mar 2023 10:03:13 GMT
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-94QYBVSJNV&cid=2044677251.1678615394>m=45je3360&aip=1&z=755819013
216.58.207.227200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-94QYBVSJNV&cid=2044677251.1678615394>m=45je3360&aip=1&z=755819013
IP 216.58.207.227:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-94QYBVSJNV&cid=2044677251.1678615394>m=45je3360&aip=1&z=755819013 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 12 Mar 2023 10:03:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
bat.bing.com/p/action/5715081.js
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/5715081.js
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/5715081.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A7CD3EB507C144CD99A69CCDC39AC157 Ref B: OSL30EDGE0221 Ref C: 2023-03-12T10:03:13Z
date: Sun, 12 Mar 2023 10:03:13 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 03da97ae3e10a32174a41aa30868b9eb
70fb7047bdce18e0921b731213d9e5d2fc63a324
b7ee067fe51a57d6a9e82a26b862697f3794351f4214b19798418b617633bded
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 12 Mar 2023 10:03:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 45f217f374268414a34f163fff1e8177
671b5b85b3d16d85932535d546cb54e51c9a83c0
f147c35870902cacd200547b578555b9f9f34aa377c8b3f73a7622987c62922d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 12 Mar 2023 10:03:13 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 09 Mar 2023 14:06:56 GMT
Expires: Thu, 16 Mar 2023 14:06:55 GMT
Etag: "671b5b85b3d16d85932535d546cb54e51c9a83c0"
Cache-Control: max-age=359621,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7a6b34c3f9f2b527-OSL
ocsp.digicert.com/
192.229.221.95200 OK 313 B IP 192.229.221.95:0
Hash 9ae017d2eb7eee0d05c14570e815b976
c8dc6269668630b19f65de95a1ea5c839c3869ff
b4f72fdb35bab070fc25536016b2c66bd1b299ede2ccc2963ab386cdd04763a3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2612
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 12 Mar 2023 10:03:13 GMT
Last-Modified: Sun, 12 Mar 2023 09:19:41 GMT
Server: ECAcc (ska/F6AF)
X-Cache: HIT
Content-Length: 313
alb.reddit.com/rp.gif?ts=1678615393917&id=t2_h2e6q&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&uuid=dad27b2c-4de9-4a45-a3ea-c8c4e7865657&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1280&sw=1024&v=rdt_65e23bc4
151.101.193.140200 OK 42 B URL HTTP/2 alb.reddit.com/rp.gif?ts=1678615393917&id=t2_h2e6q&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&uuid=dad27b2c-4de9-4a45-a3ea-c8c4e7865657&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1280&sw=1024&v=rdt_65e23bc4
IP 151.101.193.140:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /rp.gif?ts=1678615393917&id=t2_h2e6q&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&uuid=dad27b2c-4de9-4a45-a3ea-c8c4e7865657&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1280&sw=1024&v=rdt_65e23bc4 HTTP/1.1
Host: alb.reddit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
cross-origin-resource-policy: cross-origin
content-type: image/gif
accept-ranges: bytes
date: Sun, 12 Mar 2023 10:03:14 GMT
via: 1.1 varnish
content-length: 42
X-Firefox-Spdy: h2
gandalf-eu.segmentify.com//get/key/v1.json?count=2
35.246.234.8200 30 B URL HTTP/1.1 gandalf-eu.segmentify.com//get/key/v1.json?count=2
IP 35.246.234.8:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type JSON data\012- , ASCII text, with no line terminators
Hash 3779c417f32bf038bf85e1401b0c6844
681e8950031021f8fe5883805bddb787ec3a96f1
29d76f327cfc5bd2cce71fa65eb0bead20deacb5962995fb4e745c4fafdd5c94
GET //get/key/v1.json?count=2 HTTP/1.1
Host: gandalf-eu.segmentify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Encoding: br
Content-Type: application/json;charset=UTF-8
Date: Sun, 12 Mar 2023 10:03:13 GMT
Server: nginx
Transfer-Encoding: chunked
X-Server-Name: 399674c60029ffe99fbcb3b4975d245d
status.thawte.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 89b12ea03f4fa41cec336b9ae38fdc54
3dc238bb79c6b54dfb41498369f9c2d1fcc59a34
89be997e3143c1a44c29f3a52a01e7cbd2a0e9be20bb86337d42feaab18fbeab
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1180
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 12 Mar 2023 10:03:14 GMT
Etag: "640ceefd-1d7"
Last-Modified: Sun, 12 Mar 2023 09:43:34 GMT
Server: ECAcc (ska/F7A3)
X-Cache: HIT
Content-Length: 471
status.thawte.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 89b12ea03f4fa41cec336b9ae38fdc54
3dc238bb79c6b54dfb41498369f9c2d1fcc59a34
89be997e3143c1a44c29f3a52a01e7cbd2a0e9be20bb86337d42feaab18fbeab
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5397
Cache-Control: max-age=132016
Content-Type: application/ocsp-response
Date: Sun, 12 Mar 2023 10:03:14 GMT
Etag: "640ceefd-1d7"
Expires: Mon, 13 Mar 2023 22:43:30 GMT
Last-Modified: Sat, 11 Mar 2023 21:13:33 GMT
Server: ECAcc (ska/F756)
X-Cache: HIT
Content-Length: 471
cdn.segmentify.com/06e2e4b6-5e17-4dbf-9574-c462c3d742d7/segmentify.css
34.120.65.227200 OK 17 kB URL HTTP/2 cdn.segmentify.com/06e2e4b6-5e17-4dbf-9574-c462c3d742d7/segmentify.css
IP 34.120.65.227:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7ee4d55d26ba4de4197ff428218db9ea
a2f18ce685cebc6cfbf77a58f5641684ee074f75
6c22927d45caf8efc483d193e857a9a92406d166ea4c4ad58b867e4f666c5ae1
GET /06e2e4b6-5e17-4dbf-9574-c462c3d742d7/segmentify.css HTTP/1.1
Host: cdn.segmentify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvHkzmaS01MoLMCxAkgPYaeCF3xDmKw20sd28LutvKuOA3JqKaDXgod2PLv-MB0xanU2-Kth6z9d3suCZyL0M454w
x-goog-generation: 1678260539689200
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 16659
content-encoding: gzip
x-goog-hash: crc32c=GRViRg==, md5=fuTVXSa6TeQZf/QoIY256g==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 16659
access-control-allow-origin: *
access-control-expose-headers: Origin, Accept, Content-Type, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token
server: UploadServer
date: Wed, 08 Mar 2023 15:47:10 GMT
expires: Wed, 15 Mar 2023 15:47:10 GMT
cache-control: public, max-age=604800
last-modified: Wed, 08 Mar 2023 07:28:59 GMT
etag: "7ee4d55d26ba4de4197ff428218db9ea"
content-type: text/css
vary: Accept-Encoding
age: 324964
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tr.outbrain.com/cachedClickId?marketerId=undefined
64.202.112.223200 OK 35 B URL HTTP/1.1 tr.outbrain.com/cachedClickId?marketerId=undefined
IP 64.202.112.223:0
File type ASCII text, with no line terminators
Hash 75c843c7b717e7b722777907475c67a3
983d1c9a05b315288039b9d4694ce3b402259240
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
GET /cachedClickId?marketerId=undefined HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 12 Mar 2023 10:03:14 GMT
Content-Type: application/javascript
Content-Length: 35
X-TraceId: 5fa4f4c11e59c816efa700c407139508
tr.outbrain.com/unifiedPixel?marketerId=00cf895e7b627a414bdcc05c54e01b7ae7&obApiVersion=1.1&obtpVersion=2.0.5&name=Pageview&dl=https%3A%2F%2Fflaviar.com%2F&g=1&cht=ccpa&optOut=false&bust=08536828063976856&referrer=
64.202.112.223200 OK 53 B URL HTTP/1.1 tr.outbrain.com/unifiedPixel?marketerId=00cf895e7b627a414bdcc05c54e01b7ae7&obApiVersion=1.1&obtpVersion=2.0.5&name=Pageview&dl=https%3A%2F%2Fflaviar.com%2F&g=1&cht=ccpa&optOut=false&bust=08536828063976856&referrer=
IP 64.202.112.223:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 414bd2a5161db03fdd910327b42c6daa
65d4cf50496813c5f1a34eddd5c50dc67d44ff47
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
GET /unifiedPixel?marketerId=00cf895e7b627a414bdcc05c54e01b7ae7&obApiVersion=1.1&obtpVersion=2.0.5&name=Pageview&dl=https%3A%2F%2Fflaviar.com%2F&g=1&cht=ccpa&optOut=false&bust=08536828063976856&referrer= HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 12 Mar 2023 10:03:14 GMT
Content-Type: image/gif;
Content-Length: 53
Cache-Control: no-cache
X-TraceId: 616d1dd84ff16a5cc74317a71e741946
www.facebook.com/tr/?id=1649789958596951&ev=PageView&dl=https%3A%2F%2Fflaviar.com%2F&rl=&if=false&ts=1678615395254&sw=1280&sh=1024&v=2.9.98&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&cs_est=true&fbp=fb.1.1678615395251.1158382667&eid=ob3_plugin-set_1247c02e0975f7fe1555e47ea3d41719e3ea4397019041f749d4ce683886c29f&it=1678615393647&coo=false&tm=1&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1649789958596951&ev=PageView&dl=https%3A%2F%2Fflaviar.com%2F&rl=&if=false&ts=1678615395254&sw=1280&sh=1024&v=2.9.98&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&cs_est=true&fbp=fb.1.1678615395251.1158382667&eid=ob3_plugin-set_1247c02e0975f7fe1555e47ea3d41719e3ea4397019041f749d4ce683886c29f&it=1678615393647&coo=false&tm=1&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1649789958596951&ev=PageView&dl=https%3A%2F%2Fflaviar.com%2F&rl=&if=false&ts=1678615395254&sw=1280&sh=1024&v=2.9.98&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&cs_est=true&fbp=fb.1.1678615395251.1158382667&eid=ob3_plugin-set_1247c02e0975f7fe1555e47ea3d41719e3ea4397019041f749d4ce683886c29f&it=1678615393647&coo=false&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sun, 12 Mar 2023 10:03:14 GMT
X-Firefox-Spdy: h2
gandalf-eu.segmentify.com//add/events/v1.json?apiKey=06e2e4b6-5e17-4dbf-9574-c462c3d742d7
35.246.234.8200 OK 0 B URL HTTP/1.1 gandalf-eu.segmentify.com//add/events/v1.json?apiKey=06e2e4b6-5e17-4dbf-9574-c462c3d742d7
IP 35.246.234.8:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS //add/events/v1.json?apiKey=06e2e4b6-5e17-4dbf-9574-c462c3d742d7 HTTP/1.1
Host: gandalf-eu.segmentify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-sfy-api-key
Referer: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type, Accept, Authorization, X-Switch-User, X-Switch-Account, X-Switch-Region, X-Sfy-Api-Key
Access-Control-Allow-Methods: GET, POST, PUT, DELETE
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3600
Connection: keep-alive
Content-Length: 0
Content-Type: application/json
Date: Sun, 12 Mar 2023 10:03:14 GMT
Server: nginx
X-Server-Name: 7bc30e0e2a5e4039e53cb85fca96879b
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9f68541dce9ed5800cb108de8b2148ae
80187c69d247c79934d80c8995588a9ad9876b54
76e67ea4a4f441c533b508e1e03424734486edc1a939f643edcd87b86b94539e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "76E67EA4A4F441C533B508E1E03424734486EDC1A939F643EDCD87B86B94539E"
Last-Modified: Fri, 10 Mar 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7973
Expires: Sun, 12 Mar 2023 12:16:07 GMT
Date: Sun, 12 Mar 2023 10:03:14 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 025b18005270eef72759d94950270119
5f0a41744d0747842495eddaee5ad2988101a845
3b72915d2a97a9b4cfad4b39142894b554a670531d1dfdd8b32f3d8677985a80
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 12 Mar 2023 10:03:14 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 09 Mar 2023 06:19:33 GMT
Expires: Thu, 16 Mar 2023 06:19:32 GMT
Etag: "5f0a41744d0747842495eddaee5ad2988101a845"
Cache-Control: max-age=331577,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7a6b34bf9ef20b59-OSL
gandalf-eu.segmentify.com//add/events/v1.json?apiKey=06e2e4b6-5e17-4dbf-9574-c462c3d742d7
35.246.234.8200 7.8 kB URL HTTP/1.1 gandalf-eu.segmentify.com//add/events/v1.json?apiKey=06e2e4b6-5e17-4dbf-9574-c462c3d742d7
IP 35.246.234.8:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type JSON data\012- exported SGML document, ASCII text, with very long lines (34701), with no line terminators
Hash a9bf6fe867c7eec963b19b6a793b4b5c
94104b61d6e7e74b90ad10a1ca1181a1c23473a0
559b353fcc7ee76f1a64e38b759c657bf096086b2cafe7870a3eb9140571ee26
POST //add/events/v1.json?apiKey=06e2e4b6-5e17-4dbf-9574-c462c3d742d7 HTTP/1.1
Host: gandalf-eu.segmentify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
X-Sfy-Api-Key: 06e2e4b6-5e17-4dbf-9574-c462c3d742d7
Content-Length: 1167
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Encoding: br
Content-Type: application/json;charset=UTF-8
Date: Sun, 12 Mar 2023 10:03:14 GMT
Server: nginx
Transfer-Encoding: chunked
X-Server-Name: e50eafe57688af3a47ec4fb3140ed864
matching.ivitrack.com/sync?realm=criteo&uid=k-eA75rpfVEuQzrW6IokHShuDxD2QJT57IEBHEog&us_privacy=1---
34.117.157.22200 OK 42 B URL HTTP/2 matching.ivitrack.com/sync?realm=criteo&uid=k-eA75rpfVEuQzrW6IokHShuDxD2QJT57IEBHEog&us_privacy=1---
IP 34.117.157.22:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /sync?realm=criteo&uid=k-eA75rpfVEuQzrW6IokHShuDxD2QJT57IEBHEog&us_privacy=1--- HTTP/1.1
Host: matching.ivitrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: istio-envoy
date: Sun, 12 Mar 2023 10:03:13 GMT
content-type: image/gif
content-length: 42
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.segmentify.com/push/fb.js?_=1678615395006
34.120.65.227200 OK 21 kB URL HTTP/2 cdn.segmentify.com/push/fb.js?_=1678615395006
IP 34.120.65.227:0
File type ASCII text, with very long lines (34802), with CRLF line terminators
Hash 602191f14e4c9dbfe479fe0e422eb0c1
2afd4d94fc86025f64ac510b88072c5d166a9dac
5063a9bdda14de876a1c534a39acfc56d85d9f2ab67d3cff815c4907a359a9b2
GET /push/fb.js?_=1678615395006 HTTP/1.1
Host: cdn.segmentify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdsGS2oHYwldJLVt_Jd8LSybtSIK45YkFylWhpNBJoih6GGjYUqvwL155uDyQElkyx8tVHjnH7Ph0Khqz9nuwVwONxC90N-r
x-goog-generation: 1612242497814572
x-goog-metageneration: 112608
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 21171
x-goog-meta-goog-reserved-file-mtime: 1612028061
content-encoding: gzip
x-goog-hash: crc32c=aoJBQA==, md5=YCGR8U5Mnb/kef4OQi6wwQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 21171
access-control-allow-origin: *
access-control-expose-headers: Origin, Accept, Content-Type, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token
server: UploadServer
date: Wed, 08 Mar 2023 12:20:11 GMT
expires: Wed, 15 Mar 2023 12:20:11 GMT
cache-control: public, max-age=604800
age: 337383
last-modified: Tue, 02 Feb 2021 05:08:17 GMT
etag: "602191f14e4c9dbfe479fe0e422eb0c1"
content-type: application/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9f68541dce9ed5800cb108de8b2148ae
80187c69d247c79934d80c8995588a9ad9876b54
76e67ea4a4f441c533b508e1e03424734486edc1a939f643edcd87b86b94539e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "76E67EA4A4F441C533B508E1E03424734486EDC1A939F643EDCD87B86B94539E"
Last-Modified: Fri, 10 Mar 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7973
Expires: Sun, 12 Mar 2023 12:16:07 GMT
Date: Sun, 12 Mar 2023 10:03:14 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 45f217f374268414a34f163fff1e8177
671b5b85b3d16d85932535d546cb54e51c9a83c0
f147c35870902cacd200547b578555b9f9f34aa377c8b3f73a7622987c62922d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 12 Mar 2023 10:03:14 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 09 Mar 2023 14:06:56 GMT
Expires: Thu, 16 Mar 2023 14:06:55 GMT
Etag: "671b5b85b3d16d85932535d546cb54e51c9a83c0"
Cache-Control: max-age=359620,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7a6b34c54c8fb527-OSL
ocsp.r2m01.amazontrust.com/
108.157.228.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 108.157.228.227:0
Hash 667dd3417c172868a35e5b2258753b8e
af1141117b3f5068afdefeb731fcb909aae81d7f
6d6c35e8988f858d77b312415984b35879de6c36bed7e63fdfe62cd5041916e9
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 12 Mar 2023 10:03:14 GMT
Last-Modified: Sun, 12 Mar 2023 08:57:13 GMT
Server: ECAcc (bsa/EA8F)
X-Cache: Miss from cloudfront
Via: 1.1 eddbc5f97ff2aa6a4fb8714754b065e0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN56-P2
X-Amz-Cf-Id: 0Pml5T4KM1eaOWPMu2rHBVWavZabqXYqFyjc0e89O0zB3KVT3cQOIw==
Age: 3961
gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40&us_privacy=1---
178.250.1.11302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40&us_privacy=1---
IP 178.250.1.11:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40&us_privacy=1--- HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sun, 12 Mar 2023 10:03:13 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=
server-processing-duration-in-ticks: 425468
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-2DFNyZfVEuQzrW6IokHShuDxD2TRRQVkT6h9xg&us_privacy=1---
2.18.172.23200 OK 237 B URL HTTP/2 contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-2DFNyZfVEuQzrW6IokHShuDxD2TRRQVkT6h9xg&us_privacy=1---
IP 2.18.172.23:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash 74378edf31ef26cd97c236ad08d05fa3
fdd52cdbf193d1dfd1031978667689f3414b49ed
11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990
GET /cksync.php?cs=3&type=crt&ovsid=k-2DFNyZfVEuQzrW6IokHShuDxD2TRRQVkT6h9xg&us_privacy=1--- HTTP/1.1
Host: contextual.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
content-length: 237
content-type: image/gif
set-cookie: visitor-id=3216169943580227000V10; Expires=Mon, 11 Mar 2024 10:03:14 GMT; domain=.media.net; Path=/;
data-c-ts=1678615394;Expires=Tue, 11 Apr 2023 10:03:14 GMT;path=/;domain=.media.net;
data-c=k-2DFNyZfVEuQzrW6IokHShuDxD2TRRQVkT6h9xg~~3;Expires=Tue, 11 Apr 2023 10:03:14 GMT;path=/;domain=.media.net;
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=31536000
x-mnet-hl2: E
expires: Sun, 12 Mar 2023 10:03:14 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 12 Mar 2023 10:03:14 GMT
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-Ja_ZhZfVEuQzrW6IokHShuDxD2SeBZpzvIdmKQ&google_cm&google_hm=ay1KYV9aaFpmVkV1UXpyVzZJb2tIU2h1RHhEMlNlQlpwenZJZG1LUQ&us_privacy=1---
142.250.74.66302 Found 460 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-Ja_ZhZfVEuQzrW6IokHShuDxD2SeBZpzvIdmKQ&google_cm&google_hm=ay1KYV9aaFpmVkV1UXpyVzZJb2tIU2h1RHhEMlNlQlpwenZJZG1LUQ&us_privacy=1---
IP 142.250.74.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash e5ab6d3153fd57c30a1ca0433d798816
b56916e42436b546e75d40de6002011c45fb7538
212e75c1e3426c69bd4a6a8c1cb4327e081cc9a0809f825b51adf8399b104fc0
GET /pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-Ja_ZhZfVEuQzrW6IokHShuDxD2SeBZpzvIdmKQ&google_cm&google_hm=ay1KYV9aaFpmVkV1UXpyVzZJb2tIU2h1RHhEMlNlQlpwenZJZG1LUQ&us_privacy=1--- HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-Ja_ZhZfVEuQzrW6IokHShuDxD2SeBZpzvIdmKQ&google_cm=&google_hm=ay1KYV9aaFpmVkV1UXpyVzZJb2tIU2h1RHhEMlNlQlpwenZJZG1LUQ&us_privacy=1---&google_tc=
date: Sun, 12 Mar 2023 10:03:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 460
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 12-Mar-2023 10:18:14 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
criteo-sync.teads.tv/um?eid=80&uid=k-7IpJ1pfVEuQzrW6IokHShuDxD2ShlQO8CPh5YQ&us_privacy=1---
184.24.45.54200 OK 23 B URL HTTP/2 criteo-sync.teads.tv/um?eid=80&uid=k-7IpJ1pfVEuQzrW6IokHShuDxD2ShlQO8CPh5YQ&us_privacy=1---
IP 184.24.45.54:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash da5b449fff36752a93779fa4067cd2eb
71a96eea77f21ab5f1819b96c4cedd5cd34476ca
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
GET /um?eid=80&uid=k-7IpJ1pfVEuQzrW6IokHShuDxD2ShlQO8CPh5YQ&us_privacy=1--- HTTP/1.1
Host: criteo-sync.teads.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
server: akka-http/10.2.9
content-length: 23
expires: Sun, 12 Mar 2023 10:03:14 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 12 Mar 2023 10:03:14 GMT
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-Ja_ZhZfVEuQzrW6IokHShuDxD2SeBZpzvIdmKQ&google_cm=&google_hm=ay1KYV9aaFpmVkV1UXpyVzZJb2tIU2h1RHhEMlNlQlpwenZJZG1LUQ&us_privacy=1---&google_tc=
142.250.74.66302 Found 332 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-Ja_ZhZfVEuQzrW6IokHShuDxD2SeBZpzvIdmKQ&google_cm=&google_hm=ay1KYV9aaFpmVkV1UXpyVzZJb2tIU2h1RHhEMlNlQlpwenZJZG1LUQ&us_privacy=1---&google_tc=
IP 142.250.74.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash cbfc77735e81188484d2c539b1747f74
4ddbd9e2182402f27cec1981a34a39db6df4486e
710ab2aeb1cca087f9257a7e3ffd0f1547e9686a834f9e26e33fc86c58175adf
GET /pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-Ja_ZhZfVEuQzrW6IokHShuDxD2SeBZpzvIdmKQ&google_cm=&google_hm=ay1KYV9aaFpmVkV1UXpyVzZJb2tIU2h1RHhEMlNlQlpwenZJZG1LUQ&us_privacy=1---&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-Ja_ZhZfVEuQzrW6IokHShuDxD2SeBZpzvIdmKQ&google_error=3
date: Sun, 12 Mar 2023 10:03:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 332
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash ca667abece8805804bbb52958f14bec9
73e9bd78e6c0c8c6cbed1bb714efd42810dce94a
a7e676f2eda34d28a6839e2390be905b276ad5c517a9745e493bfebf14b4089e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3787
Cache-Control: max-age=144423
Content-Type: application/ocsp-response
Date: Sun, 12 Mar 2023 10:03:14 GMT
Etag: "640d25be-1d7"
Expires: Tue, 14 Mar 2023 02:10:17 GMT
Last-Modified: Sun, 12 Mar 2023 01:07:10 GMT
Server: ECAcc (ska/F6D2)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
192.229.221.95200 OK 312 B IP 192.229.221.95:0
Hash 3b00094eae460ef43112ace6d4cc67d4
0dbe8b05170d72752adf82d2050300d71ca998c8
bb3b25d05058bfb44bfb64a9b8e9faa68b7b76f5b7dcd8acd57bf451724b0b8f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3485
Cache-Control: max-age=159578
Content-Type: application/ocsp-response
Date: Sun, 12 Mar 2023 10:03:14 GMT
Etag: "640d621f-138"
Expires: Tue, 14 Mar 2023 06:22:52 GMT
Last-Modified: Sun, 12 Mar 2023 05:24:47 GMT
Server: ECAcc (ska/F7A5)
X-Cache: HIT
Content-Length: 312
px.mountain.com/st?ga_tracking_id=UA-28959768-20&ga_client_id=2044677251.1678615394&shpt=Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-28959768-20%22%2C%22ga_client_id%22%3A%222044677251.1678615394%22%2C%22shpt%22%3A%22Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar%22%2C%22dcm_cid%22%3A%221678615393.1%22%2C%22dcm_gid%22%3A%22953478282.1678615394%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A8%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=1678615393.1&dcm_gid=953478282.1678615394&dxver=4.0.0&shaid=33038&plh=https%3A%2F%2Fflaviar.com%2F&cb=21400296615054236term%3Dvalue&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue%2Ccriteo%3Dtrue
52.42.124.195200 OK 1.1 kB URL HTTP/1.1 px.mountain.com/st?ga_tracking_id=UA-28959768-20&ga_client_id=2044677251.1678615394&shpt=Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-28959768-20%22%2C%22ga_client_id%22%3A%222044677251.1678615394%22%2C%22shpt%22%3A%22Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar%22%2C%22dcm_cid%22%3A%221678615393.1%22%2C%22dcm_gid%22%3A%22953478282.1678615394%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A8%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=1678615393.1&dcm_gid=953478282.1678615394&dxver=4.0.0&shaid=33038&plh=https%3A%2F%2Fflaviar.com%2F&cb=21400296615054236term%3Dvalue&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue%2Ccriteo%3Dtrue
IP 52.42.124.195:0
File type ASCII text, with very long lines (2070)
Hash 69edbfc2e685971ffc1666597bb0b835
aa9c0fc5e97f5f738c6063bcf172e6e8ff517f50
78749827b41e0937af79324af0a45c9fcbcd26afb6ace0483c66db3aa2e3db94
GET /st?ga_tracking_id=UA-28959768-20&ga_client_id=2044677251.1678615394&shpt=Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-28959768-20%22%2C%22ga_client_id%22%3A%222044677251.1678615394%22%2C%22shpt%22%3A%22Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar%22%2C%22dcm_cid%22%3A%221678615393.1%22%2C%22dcm_gid%22%3A%22953478282.1678615394%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A8%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=1678615393.1&dcm_gid=953478282.1678615394&dxver=4.0.0&shaid=33038&plh=https%3A%2F%2Fflaviar.com%2F&cb=21400296615054236term%3Dvalue&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue%2Ccriteo%3Dtrue HTTP/1.1
Host: px.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Sun, 12 Mar 2023 10:03:14 GMT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
set-cookie: guid=1a81cf75-c0bd-11ed-aa73-dddf20ada182;Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
content-encoding: gzip
x-envoy-upstream-service-time: 1
server: istio-envoy
connection: close
transfer-encoding: chunked
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash cb837878e809b061bd59a6c58c6ead45
ed9665a0630d5577f31cdf90f96bf5e640d686eb
3d1ab0b34f15a729b8a4d3588bae25d6f2e48e878128eda69d7dc2fed7bb42c2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 12 Mar 2023 10:03:14 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 11 Mar 2023 01:56:50 GMT
Expires: Sat, 18 Mar 2023 01:56:49 GMT
Etag: "ed9665a0630d5577f31cdf90f96bf5e640d686eb"
Cache-Control: max-age=488614,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7a6b34c77ff3b527-OSL
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 7622a75b1338ba7ec5125dc01c52daa0
3ccd5956d16c43fa9d0cbaf242d27f97f31a9f79
cc4e4f497ffd403c957982e6eb4df386ed27812bf0bb0762cbdbbdaa568c4e03
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4028
Cache-Control: max-age=107907
Content-Type: application/ocsp-response
Date: Sun, 12 Mar 2023 10:03:14 GMT
Etag: "640c9629-1d7"
Expires: Mon, 13 Mar 2023 16:01:41 GMT
Last-Modified: Sat, 11 Mar 2023 14:54:33 GMT
Server: ECAcc (ska/F756)
X-Cache: HIT
Content-Length: 471
secure.adnxs.com/setuid?entity=52&code=k-eCePbZfVEuQzrW6IokHShuDxD2QbhItfSnd7hg&us_privacy=1---
37.252.173.215307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/setuid?entity=52&code=k-eCePbZfVEuQzrW6IokHShuDxD2QbhItfSnd7hg&us_privacy=1---
IP 37.252.173.215:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /setuid?entity=52&code=k-eCePbZfVEuQzrW6IokHShuDxD2QbhItfSnd7hg&us_privacy=1--- HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 12 Mar 2023 10:03:14 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-eCePbZfVEuQzrW6IokHShuDxD2QbhItfSnd7hg%26us_privacy%3D1---
AN-X-Request-Uuid: fdb91d61-2507-4766-8e85-fcaf332efceb
Set-Cookie: uuid2=2124480642545457122; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 10-Jun-2023 10:03:14 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-DiAyKJfVEuQzrW6IokHShuDxD2S_efZrgjAujg&expires=30&us_privacy=1---
213.19.162.80204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-DiAyKJfVEuQzrW6IokHShuDxD2S_efZrgjAujg&expires=30&us_privacy=1---
IP 213.19.162.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=6434&nid=2149&put=k-DiAyKJfVEuQzrW6IokHShuDxD2S_efZrgjAujg&expires=30&us_privacy=1--- HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 54ab5e55007c9747024b4f039df5ce6b
Content-Type: image/gif
ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID&us_privacy=1---
37.252.171.149307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID&us_privacy=1---
IP 37.252.171.149:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID&us_privacy=1--- HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 12 Mar 2023 10:03:14 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID%26us_privacy%3D1---
AN-X-Request-Uuid: d030698c-5b01-4a1b-a37f-a5fd029487a0
Set-Cookie: uuid2=8190916305266907129; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 10-Jun-2023 10:03:14 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
cm.adform.net/pixel?adform_pid=15&adform_pc=k-YXNQFJfVEuQzrW6IokHShuDxD2R-ipEiAiIABw&us_privacy=1---
37.157.6.233200 OK 43 B URL HTTP/2 cm.adform.net/pixel?adform_pid=15&adform_pc=k-YXNQFJfVEuQzrW6IokHShuDxD2R-ipEiAiIABw&us_privacy=1---
IP 37.157.6.233:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /pixel?adform_pid=15&adform_pc=k-YXNQFJfVEuQzrW6IokHShuDxD2R-ipEiAiIABw&us_privacy=1--- HTTP/1.1
Host: cm.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 12 Mar 2023 10:03:14 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 14 Nov 2022 09:52:50 GMT
etag: "63720ff2-2b"
accept-ranges: bytes
X-Firefox-Spdy: h2
x.bidswitch.net/sync?dsp_id=46&user_id=k-KESG25fVEuQzrW6IokHShuDxD2R7pUKbriauGg&expires=30&us_privacy=1---
3.127.31.230302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?dsp_id=46&user_id=k-KESG25fVEuQzrW6IokHShuDxD2R7pUKbriauGg&expires=30&us_privacy=1---
IP 3.127.31.230:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=46&user_id=k-KESG25fVEuQzrW6IokHShuDxD2R7pUKbriauGg&expires=30&us_privacy=1--- HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 12 Mar 2023 10:03:14 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-KESG25fVEuQzrW6IokHShuDxD2R7pUKbriauGg&expires=30&us_privacy=1---
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=d337c217-440e-427d-9d48-c473fda07c91; path=/; expires=Mon, 11-Mar-2024 10:03:14 GMT; domain=.bidswitch.net; samesite=none; secure
c=1678615394; path=/; expires=Mon, 11-Mar-2024 10:03:14 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1678615394; path=/; expires=Mon, 11-Mar-2024 10:03:14 GMT; domain=.bidswitch.net; samesite=none; secure
c=1678615394; path=/; expires=Mon, 11-Mar-2024 10:03:14 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-28959768-20&cid=2044677251.1678615394&jid=1254515255&npa=1&_u=aHBAgEAjAAAAAEAAI~&z=1392257199
216.58.207.227200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-28959768-20&cid=2044677251.1678615394&jid=1254515255&npa=1&_u=aHBAgEAjAAAAAEAAI~&z=1392257199
IP 216.58.207.227:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-28959768-20&cid=2044677251.1678615394&jid=1254515255&npa=1&_u=aHBAgEAjAAAAAEAAI~&z=1392257199 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 12 Mar 2023 10:03:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-KESG25fVEuQzrW6IokHShuDxD2R7pUKbriauGg&expires=30&us_privacy=1---
3.127.31.230200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-KESG25fVEuQzrW6IokHShuDxD2R7pUKbriauGg&expires=30&us_privacy=1---
IP 3.127.31.230:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/sync?dsp_id=46&user_id=k-KESG25fVEuQzrW6IokHShuDxD2R7pUKbriauGg&expires=30&us_privacy=1--- HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 12 Mar 2023 10:03:14 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash 56a5ac04303385e309d561368d969819
b0027830d0147ecaace82ab43b4f535c02b70102
31316542c44a9975ba3685abd71ff75867d1363eadd1a3a60990cc8854bb8ce9
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 12 Mar 2023 10:03:14 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 11 Mar 2023 21:30:59 GMT
Expires: Sun, 12 Mar 2023 21:30:59 GMT
ETag: "b0027830d0147ecaace82ab43b4f535c02b70102"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.r2m02.amazontrust.com/
143.204.48.16200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 143.204.48.16:0
Hash 29e18c740b91d7009947443726f4e9ea
d68074a359a314e27e2f4004c3f5a73989fd6900
c728aefff05a0142b810d4ec3cd38072dd04ebb4b59daecfbf4b44332bb2631b
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=123168
Date: Sun, 12 Mar 2023 10:03:14 GMT
Etag: "640cd2c9-1d7"
Expires: Mon, 13 Mar 2023 20:16:02 GMT
Last-Modified: Sat, 11 Mar 2023 19:13:13 GMT
Server: ECAcc (nya/1C5E)
X-Cache: Miss from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: AdfdHdXPdhTQlQZX-4xa58l9QbwxcKumg0xlj4d6z7V103bWKtd74w==
Age: 3769
r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-VjV80ZfVEuQzrW6IokHShuDxD2Sn5kAmRne3Zg&us_privacy=1---
185.80.36.245302 Found 0 B URL HTTP/1.1 r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-VjV80ZfVEuQzrW6IokHShuDxD2Sn5kAmRne3Zg&us_privacy=1---
IP 185.80.36.245:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rum?cm_dsp_id=20&external_user_id=k-VjV80ZfVEuQzrW6IokHShuDxD2Sn5kAmRne3Zg&us_privacy=1--- HTTP/1.1
Host: r.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Sun, 12 Mar 2023 10:03:14 GMT
Server: Apache
Cache-Control: no-cache
Expires: 0
Location: /rum?cm_dsp_id=20&external_user_id=k-VjV80ZfVEuQzrW6IokHShuDxD2Sn5kAmRne3Zg&us_privacy=1---&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Content-Length: 0
Set-Cookie: CMID=ZA2jYhZBUbXcvUKeueAVXwAA; Path=/; Domain=casalemedia.com; Expires=Mon, 11 Mar 2024 10:03:14 GMT; Max-Age=31536000; Secure; SameSite=None
CMPS=4505; Path=/; Domain=casalemedia.com; Expires=Sat, 10 Jun 2023 10:03:14 GMT; Max-Age=7776000; Secure; SameSite=None
CMPRO=4505; Path=/; Domain=casalemedia.com; Expires=Sat, 10 Jun 2023 10:03:14 GMT; Max-Age=7776000; Secure; SameSite=None
Keep-Alive: timeout=1, max=500
Connection: Keep-Alive
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash eeba7d2c30acfc92030aa90f51f56363
035b29d50473d2644c584ffe57853a83fde540dc
a2118e6d1e0f7dadab2c1b71f94ea0b01c11a0147edd1bddee8045b974b29d9e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4902
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 12 Mar 2023 10:03:14 GMT
Last-Modified: Sun, 12 Mar 2023 08:41:32 GMT
Server: ECAcc (ska/F776)
X-Cache: HIT
Content-Length: 471
match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-z_O5hJfVEuQzrW6IokHShuDxD2StLzKxMhNKRA&us_privacy=1---
54.93.76.213204 No Content 0 B URL HTTP/2 match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-z_O5hJfVEuQzrW6IokHShuDxD2StLzKxMhNKRA&us_privacy=1---
IP 54.93.76.213:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-z_O5hJfVEuQzrW6IokHShuDxD2StLzKxMhNKRA&us_privacy=1--- HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 12 Mar 2023 10:03:14 GMT
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-DvhuNpfVEuQzrW6IokHShuDxD2Sfp6lzlqpN-g&us_privacy=1---
3.75.62.37302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-DvhuNpfVEuQzrW6IokHShuDxD2Sfp6lzlqpN-g&us_privacy=1---
IP 3.75.62.37:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58301/sync?_origin=1&uid=k-DvhuNpfVEuQzrW6IokHShuDxD2Sfp6lzlqpN-g&us_privacy=1--- HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 12 Mar 2023 10:03:14 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-DvhuNpfVEuQzrW6IokHShuDxD2Sfp6lzlqpN-g&us_privacy=1---&verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBGKjDWQCEAwdKUENILkPEl43sJIxNj4FEgEBAQH0DmQXZAAAAAAA_eMAAA&S=AQAAAuxK8ntOVo5g4v2E-ASNR38; Expires=Mon, 11 Mar 2024 16:03:14 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-cqEI6ZfVEuQzrW6IokHShuDxD2QEVUq9XUyLnw&us_privacy=1---
185.86.139.101200 OK 514 B URL HTTP/2 rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-cqEI6ZfVEuQzrW6IokHShuDxD2QEVUq9XUyLnw&us_privacy=1---
IP 185.86.139.101:0
ASN #201081 SmartAdServer SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash abc093b542b913a1189c78df632cf77d
062491ac89d421bc659a46ff4e60a4bdd4e23e68
36468b58191cbae613fae06d3de750260ec11f484175813e496416aed34447f2
GET /redir/?partnerid=79&partneruserid=k-cqEI6ZfVEuQzrW6IokHShuDxD2QEVUq9XUyLnw&us_privacy=1--- HTTP/1.1
Host: rtb-csync.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
date: Sun, 12 Mar 2023 10:03:13 GMT
cache-control: no-cache,no-store
pragma: no-cache
set-cookie: pid=8418770426173397848; expires=Tue, 09 Apr 2024 10:03:14 GMT; domain=smartadserver.com; path=/
TestIfCookieP=ok; expires=Tue, 09 Apr 2024 10:03:14 GMT; domain=smartadserver.com; path=/
csync=79:k-cqEI6ZfVEuQzrW6IokHShuDxD2QEVUq9XUyLnw; expires=Mon, 11 Mar 2024 10:03:14 GMT; domain=smartadserver.com; path=/
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-Firefox-Spdy: h2
dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-Ja_ZhZfVEuQzrW6IokHShuDxD2SeBZpzvIdmKQ&google_error=3
178.250.1.9200 OK 43 B URL HTTP/2 dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-Ja_ZhZfVEuQzrW6IokHShuDxD2SeBZpzvIdmKQ&google_error=3
IP 178.250.1.9:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-Ja_ZhZfVEuQzrW6IokHShuDxD2SeBZpzvIdmKQ&google_error=3 HTTP/1.1
Host: dis.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 12 Mar 2023 10:03:14 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
timing-allow-origin: *
server-processing-duration-in-ticks: 106459
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-eCePbZfVEuQzrW6IokHShuDxD2QbhItfSnd7hg%26us_privacy%3D1---
37.252.173.215200 OK 43 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-eCePbZfVEuQzrW6IokHShuDxD2QbhItfSnd7hg%26us_privacy%3D1---
IP 37.252.173.215:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-eCePbZfVEuQzrW6IokHShuDxD2QbhItfSnd7hg%26us_privacy%3D1--- HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 12 Mar 2023 10:03:14 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 5262d92b-67b2-445c-b25d-29e2ae8f539a
Set-Cookie: anj=dTM7k!M4/rCxrEQF']wIg2E>vu`'z(!@wnfH1YdP.dEXlSkg/@W2VN)TswPh+LbzVH[`D_r4Kohq?LWQ)Y^0HAhxToU]_TO3*E+[`OYM`%nugO%v4VB%nr4]+r)+C; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 10-Jun-2023 10:03:14 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.r2m01.amazontrust.com/
108.157.228.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 108.157.228.227:0
Hash a5e2d4e7230bd6c23e5e8ceec8ddca17
03a04984ec0cd7c8c97fae3c4d844100e63e5a96
71456cfea26f0e0585914c1a9e9abfa89d1fd0063de3adc0be6c389ffaa492ec
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=159042
Date: Sun, 12 Mar 2023 10:03:14 GMT
Etag: "640d5c7e-1d7"
Expires: Tue, 14 Mar 2023 06:13:56 GMT
Last-Modified: Sun, 12 Mar 2023 05:00:46 GMT
Server: ECAcc (bsa/EB2E)
X-Cache: Miss from cloudfront
Via: 1.1 917c6054ae6e10a98fc566c655129e8a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN56-P2
X-Amz-Cf-Id: Iet79mUVL-8qw8PscHua8lIoPCfmdSBmBK1LxzoMOZJFOT5AmykfUQ==
Age: 4390
ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-DvhuNpfVEuQzrW6IokHShuDxD2Sfp6lzlqpN-g&us_privacy=1---&verify=true
3.75.62.37204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-DvhuNpfVEuQzrW6IokHShuDxD2Sfp6lzlqpN-g&us_privacy=1---&verify=true
IP 3.75.62.37:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58301/sync?_origin=1&uid=k-DvhuNpfVEuQzrW6IokHShuDxD2Sfp6lzlqpN-g&us_privacy=1---&verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 12 Mar 2023 10:03:14 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBGKjDWQCEPGHwKOGIy3BS4-SyYx-Mc0FEgEBAQH0DmQXZAAAAAAA_eMAAA&S=AQAAAl5OGli1Rer4fD9WgHjFjtk; Expires=Mon, 11 Mar 2024 16:03:14 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 893b0386c61d1a901d061075f1d6df75
07ab9eb4923c148cf0bbe4badf3d166501a1d452
e75b25a318216aacc701a800a1e6da17021cc52e245efb3a49fe3dc41c18b599
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E75B25A318216AACC701A800A1E6DA17021CC52E245EFB3A49FE3DC41C18B599"
Last-Modified: Sun, 12 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5046
Expires: Sun, 12 Mar 2023 11:27:20 GMT
Date: Sun, 12 Mar 2023 10:03:14 GMT
Connection: keep-alive
dpm.demdex.net/ibs:dpid=28645&dpuuid=
52.208.79.137302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=28645&dpuuid=
IP 52.208.79.137:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=28645&dpuuid= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v046-02a7d0da5.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=21906725632542159880409283278231168497; Max-Age=15552000; Expires=Fri, 08 Sep 2023 10:03:14 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 5rV9IXwoT1Q=
Content-Length: 0
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 5a34255028442ef7137bfcb895911748
5969d2ca71b737076e4c4aba1506d18588f2320f
ec2e3f9425c30086dc5b548245ab1f5ba23d3c7903f0d4493d385a59f129a869
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 12 Mar 2023 10:03:14 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 11 Mar 2023 15:11:56 GMT
Expires: Sat, 18 Mar 2023 15:11:55 GMT
Etag: "5969d2ca71b737076e4c4aba1506d18588f2320f"
Cache-Control: max-age=536320,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7a6b34c8fa5eb527-OSL
r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-VjV80ZfVEuQzrW6IokHShuDxD2Sn5kAmRne3Zg&us_privacy=1---&C=1
185.80.36.245200 OK 43 B URL HTTP/1.1 r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-VjV80ZfVEuQzrW6IokHShuDxD2Sn5kAmRne3Zg&us_privacy=1---&C=1
IP 185.80.36.245:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /rum?cm_dsp_id=20&external_user_id=k-VjV80ZfVEuQzrW6IokHShuDxD2Sn5kAmRne3Zg&us_privacy=1---&C=1 HTTP/1.1
Host: r.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 12 Mar 2023 10:03:14 GMT
Server: Apache
Cache-Control: no-cache
Content-Type: image/gif
Expires: 0
Pragma: no-cache
Content-Length: 43
Keep-Alive: timeout=1, max=499
Connection: Keep-Alive
eb2.3lift.com/xuid?mid=2711&xuid=k-feuy2JfVEuQzrW6IokHShuDxD2Q7RJ7YpCJFiA&dongle=013b&us_privacy=1---
76.223.111.18200 OK 37 B URL HTTP/2 eb2.3lift.com/xuid?mid=2711&xuid=k-feuy2JfVEuQzrW6IokHShuDxD2Q7RJ7YpCJFiA&dongle=013b&us_privacy=1---
IP 76.223.111.18:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /xuid?mid=2711&xuid=k-feuy2JfVEuQzrW6IokHShuDxD2Q7RJ7YpCJFiA&dongle=013b&us_privacy=1--- HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 12 Mar 2023 10:03:14 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
id5-sync.com/s/966/9.gif?puid=k-szm0dpfVEuQzrW6IokHShuDxD2TfPvVnvUOBSA&us_privacy=1---
162.19.138.119200 43 B URL HTTP/1.1 id5-sync.com/s/966/9.gif?puid=k-szm0dpfVEuQzrW6IokHShuDxD2TfPvVnvUOBSA&us_privacy=1---
IP 162.19.138.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /s/966/9.gif?puid=k-szm0dpfVEuQzrW6IokHShuDxD2TfPvVnvUOBSA&us_privacy=1--- HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"
set-cookie: cf=; Max-Age=300; Expires=Sun, 12-Mar-2023 10:08:14 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cip=; Max-Age=300; Expires=Sun, 12-Mar-2023 10:08:14 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cnac=; Max-Age=300; Expires=Sun, 12-Mar-2023 10:08:14 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
car=; Max-Age=300; Expires=Sun, 12-Mar-2023 10:08:14 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
gdpr=; Max-Age=300; Expires=Sun, 12-Mar-2023 10:08:14 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
callback=; Max-Age=300; Expires=Sun, 12-Mar-2023 10:08:14 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
content-type: image/gif;charset=UTF-8
transfer-encoding: chunked
date: Sun, 12 Mar 2023 10:03:14 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash ca5168adfa9c87951ad87e8712c3ed8f
82880af91ad66bd953dc4192b22c9a0be2314a85
aa4fffd2d72a6bacc309a157c787347b0d77b72294ae86f28d28e17bd1b3ba0d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4230
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 12 Mar 2023 10:03:14 GMT
Last-Modified: Sun, 12 Mar 2023 08:52:44 GMT
Server: ECAcc (ska/F7A3)
X-Cache: HIT
Content-Length: 471
ad.yieldlab.net/m?dt_id=8664&ext_id=k-Oh46PZfVEuQzrW6IokHShuDxD2R2w3en1ebQhQ&us_privacy=1---
23.43.133.70204 No Content 0 B URL HTTP/1.1 ad.yieldlab.net/m?dt_id=8664&ext_id=k-Oh46PZfVEuQzrW6IokHShuDxD2R2w3en1ebQhQ&us_privacy=1---
IP 23.43.133.70:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /m?dt_id=8664&ext_id=k-Oh46PZfVEuQzrW6IokHShuDxD2R2w3en1ebQhQ&us_privacy=1--- HTTP/1.1
Host: ad.yieldlab.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
x-application-context: application
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Pragma: no-cache
Expires: Sat, 11 Mar 2023 10:03:14 GMT
Date: Sun, 12 Mar 2023 10:03:14 GMT
Connection: keep-alive
Set-Cookie: id=6a327bc1-09a3-4c60-ad42-96c732e53b54; Path=/; Domain=prod.svc.y6b.de; Expires=Mon, 11-Mar-2024 10:03:14 GMT; Max-Age=31536000; Secure; SameSite=None
visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-jYWD45fVEuQzrW6IokHShuDxD2Q2ha89BRRKpA&us_privacy=1---
185.255.84.152200 OK 49 B URL HTTP/2 visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-jYWD45fVEuQzrW6IokHShuDxD2Q2ha89BRRKpA&us_privacy=1---
IP 185.255.84.152:0
ASN #200271 Iguane Solutions SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 4408efc0174f07ad685c456f1de521ca
e3bc3250f8f32bd98dc7b05fd8940b74617eb8d1
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
GET /visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-jYWD45fVEuQzrW6IokHShuDxD2Q2ha89BRRKpA&us_privacy=1--- HTTP/1.1
Host: visitor.omnitagjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
expires: 0
p3p: CP="CAO PSA OUR"
pragma: no-cache
set-cookie: ayl_visitor=f3554f9c00a82b7184ef2982821beed6; Path=/; Domain=omnitagjs.com; Max-Age=2592000; Secure; SameSite=None
vary: Accept-Encoding
x-content-type-options: nosniff
date: Sun, 12 Mar 2023 10:03:14 GMT
content-length: 49
x-envoy-upstream-service-time: 26
server: ayl-lb-fra02
X-Firefox-Spdy: h2
simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-EGP0kZfVEuQzrW6IokHShuDxD2SwAmNbiuueJg&us_privacy=1---
185.64.190.80200 OK 42 B URL HTTP/2 simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-EGP0kZfVEuQzrW6IokHShuDxD2SwAmNbiuueJg&us_privacy=1---
IP 185.64.190.80:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-EGP0kZfVEuQzrW6IokHShuDxD2SwAmNbiuueJg&us_privacy=1--- HTTP/1.1
Host: simage2.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 12 Mar 2023 10:03:14 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_97=3385-uid:k-EGP0kZfVEuQzrW6IokHShuDxD2SwAmNbiuueJg&KRTB&23144-uid:k-EGP0kZfVEuQzrW6IokHShuDxD2SwAmNbiuueJg&KRTB&23286-uid:k-EGP0kZfVEuQzrW6IokHShuDxD2SwAmNbiuueJg&KRTB&23287-uid:k-EGP0kZfVEuQzrW6IokHShuDxD2SwAmNbiuueJg; domain=pubmatic.com; secure; expires=Tue, 11-Apr-2023 10:03:14 GMT; path=/
PugT=1678615394; domain=pubmatic.com; secure; expires=Tue, 11-Apr-2023 10:03:14 GMT; path=/
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 987ea0c1036b8b5fc70d88b9cb295d26
f7364bd09aa681b86475ca1a8f0b7ffe7bc884ea
6603ffab9ec63fdf98f06e515093cab22c30909c7b31d096f7831526aa42d1f2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6603FFAB9EC63FDF98F06E515093CAB22C30909C7B31D096F7831526AA42D1F2"
Last-Modified: Sat, 11 Mar 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2104
Expires: Sun, 12 Mar 2023 10:38:18 GMT
Date: Sun, 12 Mar 2023 10:03:14 GMT
Connection: keep-alive
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
52.208.79.137200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
IP 52.208.79.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-2-v046-06ec06aa6.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: mkyGTAmeTa8=
Content-Length: 59
Connection: keep-alive
ocsp.r2m01.amazontrust.com/
108.157.228.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 108.157.228.227:0
Hash 8d7d4f8499d3f9b195a36dbe1705ea3c
bdff4aad50c0c61e1126cbb6e94ad8ac182fa7b2
0ce742a366fd4cc1e7d2150c0fde72b289dee0260ff55fd3a59283417f9ea33f
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 12 Mar 2023 10:03:14 GMT
Last-Modified: Sun, 12 Mar 2023 08:30:10 GMT
Server: ECAcc (bsa/EAE4)
X-Cache: Miss from cloudfront
Via: 1.1 eddbc5f97ff2aa6a4fb8714754b065e0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN56-P2
X-Amz-Cf-Id: b_vcJ1Qwrgyf6GBllDFlRGTqmlituBHQ58WEl6IPOVOxHe76e_PWxg==
Age: 5584
gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40&us_privacy=1---
178.250.1.11302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40&us_privacy=1---
IP 178.250.1.11:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40&us_privacy=1--- HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sun, 12 Mar 2023 10:03:14 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
server-processing-duration-in-ticks: 465994
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.r2m02.amazontrust.com/
143.204.48.16200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 143.204.48.16:0
Hash b653145da1cc916de91a669063a00879
74586a2838e2710a9362dde092b4556bba958351
4731b8b76f3175a3771d756a2ee0fc13d5f5517a48a968c88bfc15f5ce97a40c
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 12 Mar 2023 10:03:14 GMT
Last-Modified: Sun, 12 Mar 2023 08:50:04 GMT
Server: ECAcc (nya/796A)
X-Cache: Miss from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: K90p9L7LS7QHqMJ7Zl6VwYgwcjRYExoFdGuvz0viuZV7MpMhbboNCg==
Age: 4390
ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-ZUEvR5fVEuQzrW6IokHShuDxD2RpCm5SrHx8pw&us_privacy=1---
3.121.170.166302 Found 0 B URL HTTP/2 ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-ZUEvR5fVEuQzrW6IokHShuDxD2RpCm5SrHx8pw&us_privacy=1---
IP 3.121.170.166:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?publisher_dsp_id=38&external_user_id=k-ZUEvR5fVEuQzrW6IokHShuDxD2RpCm5SrHx8pw&us_privacy=1--- HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 12 Mar 2023 10:03:14 GMT
content-type: text/plain
content-length: 0
location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-ZUEvR5fVEuQzrW6IokHShuDxD2RpCm5SrHx8pw&us_privacy=1---
set-cookie: tuuid=f20225c1-dc84-4021-823a-c8d3cc83f2ce; Expires=Sat, 10 Jun 2023 10:03:14 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
tuuid_lu=1678615394; Expires=Sat, 10 Jun 2023 10:03:14 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
sync-criteo.ads.yieldmo.com/sync?id=k-3SwJMpfVEuQzrW6IokHShuDxD2R1avZfd1HQdg&pn_id=criteo&ext=1&us_privacy=1---
34.251.42.15200 OK 43 B URL HTTP/2 sync-criteo.ads.yieldmo.com/sync?id=k-3SwJMpfVEuQzrW6IokHShuDxD2R1avZfd1HQdg&pn_id=criteo&ext=1&us_privacy=1---
IP 34.251.42.15:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /sync?id=k-3SwJMpfVEuQzrW6IokHShuDxD2R1avZfd1HQdg&pn_id=criteo&ext=1&us_privacy=1--- HTTP/1.1
Host: sync-criteo.ads.yieldmo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 12 Mar 2023 10:03:14 GMT
content-type: image/gif
content-length: 43
set-cookie: yieldmo_id=gb945d1dafd60d548726%7C1678615394905%7C0%7C; Domain=.yieldmo.com; Expires=Mon, 11-Mar-2024 10:03:14 GMT; Path=/; Secure; SameSite=None; Secure
ptrcriteo=k-3SwJMpfVEuQzrW6IokHShuDxD2R1avZfd1HQdg; Domain=ads.yieldmo.com; Expires=Mon, 11-Mar-2024 10:03:14 GMT; Path=/; Secure; SameSite=None; Secure
access-control-allow-origin: *
access-control-request-headers: Cache-Control, Pragma
access-control-allow-methods: GET, OPTIONS
pragma: no-cache
X-Firefox-Spdy: h2
ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-ZUEvR5fVEuQzrW6IokHShuDxD2RpCm5SrHx8pw&us_privacy=1---
3.121.170.166200 OK 43 B URL HTTP/2 ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-ZUEvR5fVEuQzrW6IokHShuDxD2RpCm5SrHx8pw&us_privacy=1---
IP 3.121.170.166:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/match?publisher_dsp_id=38&external_user_id=k-ZUEvR5fVEuQzrW6IokHShuDxD2RpCm5SrHx8pw&us_privacy=1--- HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 12 Mar 2023 10:03:14 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 0809b9f92ea4e0d1dc89a2b72b1064ab
57a7679df8cf94e8270fb19354124ddbf624980b
b405f6ebceb9c36228e9c6b61b4a4690e8a1d14788989af78831a53df6501f21
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3161
Cache-Control: max-age=135142
Content-Type: application/ocsp-response
Date: Sun, 12 Mar 2023 10:03:14 GMT
Etag: "640d03ef-1d7"
Expires: Mon, 13 Mar 2023 23:35:36 GMT
Last-Modified: Sat, 11 Mar 2023 22:42:55 GMT
Server: ECAcc (ska/F7A5)
X-Cache: HIT
Content-Length: 471
fbcapi.flaviar.com/events
54.153.41.73200 OK 0 B URL HTTP/2 fbcapi.flaviar.com/events
IP 54.153.41.73:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /events HTTP/1.1
Host: fbcapi.flaviar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 322
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Cookie: _ga=GA1.1.2044677251.1678615394; _gid=GA1.2.953478282.1678615394; _ga_94QYBVSJNV=GS1.1.1678615393.1.0.1678615393.60.0.0; _gcl_au=1.1.1804305078.1678615394; _rdt_uuid=1678615393917.dad27b2c-4de9-4a45-a3ea-c8c4e7865657; cto_bundle=bGSPxl9qZlhjeTBNREJLS2RVSHZaaDFrQmtNblRSTFBzS0FJTWVBbWY3NE5LOVI0Ym9jZXNRbiUyRlpyMmhMeGppR2oxRFloa25lYlFFNklneXlZS3pnYWJJJTJGWlRIbDZWWjZzQVdEWnpzRGJyV1Z3a3pIRXdPN3VGQ2NabUFHZ25vR1NtT2pNWWgxZXIlMkJUcTFselF6cDBBUlhNJTJGQSUzRCUzRA; rbuid=rbos-b0ddf651-e82a-4309-8e5d-c08f1dcbdd3b; _dc_gtm_UA-28959768-20=1; _uetsid=1ad64100c0bd11edb9432fffe57c51b3; _uetvid=1ad672d0c0bd11edabb3ed511711e550; _fbp=fb.1.1678615395251.1158382667; _sgf_user_id=21207479704682497; _sgf_session_id=21207479704682496
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 12 Mar 2023 10:03:14 GMT
content-length: 0
vary: origin
access-control-allow-credentials: true
access-control-allow-origin: https://flaviar.com
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
sync.outbrain.com/cookie-sync?p=criteo&uid=k-dZUg3ZfVEuQzrW6IokHShuDxD2SyndfKc4jiZQ&initiator=partner&us_privacy=1---
64.202.112.223200 OK 0 B URL HTTP/1.1 sync.outbrain.com/cookie-sync?p=criteo&uid=k-dZUg3ZfVEuQzrW6IokHShuDxD2SyndfKc4jiZQ&initiator=partner&us_privacy=1---
IP 64.202.112.223:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie-sync?p=criteo&uid=k-dZUg3ZfVEuQzrW6IokHShuDxD2SyndfKc4jiZQ&initiator=partner&us_privacy=1--- HTTP/1.1
Host: sync.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 12 Mar 2023 10:03:14 GMT
Content-Length: 0
Cache-Control: no-cache
X-TraceId: 9764112e5904d1fabf0ac95a92782269
beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
54.75.60.155204 No Content 0 B URL HTTP/2 beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
IP 54.75.60.155:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usermatch.gif?partner=criteo&partner_uid= HTTP/1.1
Host: beacon.krxd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 12 Mar 2023 10:03:15 GMT
set-cookie: _kuid_=Pbg-9L2Q; Expires=Fri, 08-Sep-23 10:03:15 GMT; Max-Age=15552000; Domain=.krxd.net; Path=/
cache-control: private, no-cache, no-store
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-served-by: beacon-n018-dub-prod.krxd.net
x-request-time: D=31 t=1678615395
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40&us_privacy=1---
178.250.1.11302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40&us_privacy=1---
IP 178.250.1.11:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40&us_privacy=1--- HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sun, 12 Mar 2023 10:03:14 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=
server-processing-duration-in-ticks: 286238
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
gs.mountain.com/gs
34.212.4.35200 OK 144 B IP 34.212.4.35:0
File type ASCII text, with no line terminators
Hash 5b48799f4e6534b2a3c3793b83db4e22
4252a466735c3153de1016a769ebffe8e688facf
4634fd38220be6984fd02ace1e0d8c6b47c8c40ee5fd9fb1b23c97711656c707
GET /gs HTTP/1.1
Host: gs.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Cookie: guid=1a81cf75-c0bd-11ed-aa73-dddf20ada182
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Sun, 12 Mar 2023 10:03:15 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
x-application-context: application:prod:8080
content-type: application/javascript;charset=utf-8
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
cache-control: public, max-age=31536000
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 144
x-envoy-upstream-service-time: 2
server: istio-envoy
connection: close
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 157a45d1f6661f7dac02ea9f075b0b38
17ce2f9356c30bd07c1f448b494f9859ca663828
75cd92e2f839ab6f2558166e4edcc5256c0523736b3822b10b30e84fd8aee349
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "75CD92E2F839AB6F2558166E4EDCC5256C0523736B3822B10B30E84FD8AEE349"
Last-Modified: Sun, 12 Mar 2023 02:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=2926
Expires: Sun, 12 Mar 2023 10:52:01 GMT
Date: Sun, 12 Mar 2023 10:03:15 GMT
Connection: keep-alive
s.thebrighttag.com/cs?btt=0&tp=cr&uid=
3.18.193.91200 OK 35 B URL HTTP/2 s.thebrighttag.com/cs?btt=0&tp=cr&uid=
IP 3.18.193.91:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /cs?btt=0&tp=cr&uid= HTTP/1.1
Host: s.thebrighttag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 12 Mar 2023 10:03:15 GMT
content-type: image/gif
content-length: 35
x-bt-requestid: 1b2e6250-c0bd-11ed-9b8a-0000ac170312
cache-control: private, must-revalidate
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin:
server: nginx
p3p: CP=NOI DSP COR NID
X-Firefox-Spdy: h2
px.mountain.com/st?ga_tracking_id=UA-28959768-20&ga_client_id=2044677251.1678615394&shpt=Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-28959768-20%22%2C%22ga_client_id%22%3A%222044677251.1678615394%22%2C%22shpt%22%3A%22Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar%22%2C%22dcm_cid%22%3A%221678615393.1%22%2C%22dcm_gid%22%3A%22953478282.1678615394%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A8%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=1678615393.1&dcm_gid=953478282.1678615394&dxver=4.0.0&shaid=33038&plh=https%3A%2F%2Fflaviar.com%2F&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue%2Ccriteo%3Dtrue&cb=1678615394442212&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1678615395157
52.42.124.195200 OK 1.2 kB URL HTTP/1.1 px.mountain.com/st?ga_tracking_id=UA-28959768-20&ga_client_id=2044677251.1678615394&shpt=Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-28959768-20%22%2C%22ga_client_id%22%3A%222044677251.1678615394%22%2C%22shpt%22%3A%22Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar%22%2C%22dcm_cid%22%3A%221678615393.1%22%2C%22dcm_gid%22%3A%22953478282.1678615394%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A8%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=1678615393.1&dcm_gid=953478282.1678615394&dxver=4.0.0&shaid=33038&plh=https%3A%2F%2Fflaviar.com%2F&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue%2Ccriteo%3Dtrue&cb=1678615394442212&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1678615395157
IP 52.42.124.195:0
File type ASCII text, with very long lines (4895), with no line terminators
Hash aefef00ee087fd219b3336f0f3232fde
8dbcca5a6c4e7b06b9baa6c66f43dd771f432004
96fee32759bba13ffeaf10f14d7857a0010c4b413454a1da35893692ca9ad9fa
GET /st?ga_tracking_id=UA-28959768-20&ga_client_id=2044677251.1678615394&shpt=Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-28959768-20%22%2C%22ga_client_id%22%3A%222044677251.1678615394%22%2C%22shpt%22%3A%22Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar%22%2C%22dcm_cid%22%3A%221678615393.1%22%2C%22dcm_gid%22%3A%22953478282.1678615394%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A8%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=1678615393.1&dcm_gid=953478282.1678615394&dxver=4.0.0&shaid=33038&plh=https%3A%2F%2Fflaviar.com%2F&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue%2Ccriteo%3Dtrue&cb=1678615394442212&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1678615395157 HTTP/1.1
Host: px.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Cookie: guid=1a81cf75-c0bd-11ed-aa73-dddf20ada182
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Sun, 12 Mar 2023 10:03:15 GMT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
set-cookie: tt=H4sIAAAAAAAAAKtWKlOyMtJR8guKNzY2MLaINzK3NFayMkAWsTC2AIsgcw3NzC3MDE2NLU0tzIxqAXDNqfdGAAAA;Domain=px.mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
rt="MzMwMzg6MTY3ODYxNTM5NQ==";Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
guid=1a81cf75-c0bd-11ed-aa73-dddf20ada182;Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
content-encoding: gzip
x-envoy-upstream-service-time: 14
server: istio-envoy
connection: close
transfer-encoding: chunked
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash c12da2093c1c711cf2e7a589cf82c0ef
3e8e13bd384062952f58840eee625830482f3c9f
4d8176190cc567faaa2923f4d39a2a529ce246080895fc3d6cc994439da077e7
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 12 Mar 2023 10:03:16 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Thu, 16 Mar 2023 08:55:33 GMT
ETag: "3e8e13bd384062952f58840eee625830482f3c9f"
Last-Modified: Sun, 12 Mar 2023 08:55:34 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3112
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7a6b34d18df40b45-OSL
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-m665-pfVEuQzrW6IokHShuDxD2QLP1IegkPloA&us_privacy=1---
141.226.228.48200 OK 1.4 kB URL HTTP/2 sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-m665-pfVEuQzrW6IokHShuDxD2QLP1IegkPloA&us_privacy=1---
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash c12da2093c1c711cf2e7a589cf82c0ef
3e8e13bd384062952f58840eee625830482f3c9f
4d8176190cc567faaa2923f4d39a2a529ce246080895fc3d6cc994439da077e7
GET /sg/criteortb-network/1/rtb-h/?taboola_hm=k-m665-pfVEuQzrW6IokHShuDxD2QLP1IegkPloA&us_privacy=1--- HTTP/1.1
Host: sync-t1.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 12 Mar 2023 10:03:14 GMT
x-fastly-to-nlb-rtt: 24070
access-control-allow-credentials: true
X-Firefox-Spdy: h2
match.adsrvr.org/track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=1a81cf75-c0bd-11ed-aa73-dddf20ada182&gdpr=&gdpr_consent=
52.223.40.198200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=1a81cf75-c0bd-11ed-aa73-dddf20ada182&gdpr=&gdpr_consent=
IP 52.223.40.198:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=1a81cf75-c0bd-11ed-aa73-dddf20ada182&gdpr=&gdpr_consent= HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 12 Mar 2023 10:03:16 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
flaviar.com/
172.66.43.165200 OK 0 B IP 172.66.43.165:0
GET / HTTP/1.1
Host: flaviar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 12 Mar 2023 10:03:10 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: PHPSESSID=f07d1f68ec86194e7afcf69fa2d71258; expires=Mon, 13-Mar-2023 10:03:10 GMT; Max-Age=86400; path=/; secure; HttpOnly
cache-control: max-age=0, must-revalidate, private
link: <https://cdn.flaviar.com/build/runtime.e7eca49f.js>; rel="preload"; as="script",<https://cdn.flaviar.com/build/1.e1f7a7db.js>; rel="preload"; as="script",<https://cdn.flaviar.com/build/3.0e6032b6.js>; rel="preload"; as="script",<https://cdn.flaviar.com/build/app.9b6e7b72.js>; rel="preload"; as="script",<https://cdn.flaviar.com/build/7.46b80ce4.js>; rel="preload"; as="script",<https://cdn.flaviar.com/build/app-main.a3302064.js>; rel="preload"; as="script",<https://cdn.flaviar.com/build/5.709396a9.css>; rel="preload"; as="style",<https://cdn.flaviar.com/build/app-style.033a5a26.css>; rel="preload"; as="style",<https://cdn.flaviar.com/build/landing-frontpage.cd35e6fb.css>; rel="preload"; as="style",<https://cdn.flaviar.com/build/menu-style.83f9b35c.css>; rel="preload"; as="style"
expires: Sun, 12 Mar 2023 10:03:10 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HTavwssUQIAS2O8VnFcbWmINURDkBJTthk88FGHPnV%2FSteOMwBiXsl5jZcqD2EZ9TTxlXOUU2Bd%2B9ESkQgTJr4zC2XJi90Q2VEy83jMdkJQeuTNbyYuAXq5UdMMR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a6b34accc3bfac4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0&us_privacy=1---
178.250.1.9200 OK 0 B URL HTTP/2 dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0&us_privacy=1---
IP 178.250.1.9:0
GET /dis/rtb/appnexus/cookiematch.aspx?appnxsid=0&us_privacy=1--- HTTP/1.1
Host: dis.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 12 Mar 2023 10:03:14 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
timing-allow-origin: *
server-processing-duration-in-ticks: 206908
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
aacdn.nagich.com/style/style.css
104.26.14.45200 OK 0 B URL HTTP/2 aacdn.nagich.com/style/style.css
IP 104.26.14.45:0
GET /style/style.css HTTP/1.1
Host: aacdn.nagich.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 12 Mar 2023 10:03:12 GMT
content-type: text/css
cache-control: public, max-age=2204800
last-modified: Sun, 02 Oct 2022 09:01:39 GMT
etag: W/"809b15953dd6d81:0"
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: deny
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 89898
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v78ypWIkwTKCi2zVCUaoivyjEC67w9yazdaQWCFwJBp01Eu0TFYMEcEw4RWBiev7fwM3FSqJNupXQ5VQbMDCwklajhzJBK4te9VQSKh%2BSowra43Nb34f%2BbYE60zBtg%2BGoh0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a6b34b9bb89b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
dynamic.criteo.com/js/ld/ld.js?a=95340
178.250.0.147200 OK 0 B URL HTTP/2 dynamic.criteo.com/js/ld/ld.js?a=95340
IP 178.250.0.147:0
GET /js/ld/ld.js?a=95340 HTTP/1.1
Host: dynamic.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 12 Mar 2023 10:03:12 GMT
content-type: application/javascript; charset=utf-8
server: Kestrel
cache-control: public,max-age=10800
content-encoding: br
vary: Origin, Accept-Encoding
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
campaign.fbot.me/06cc9139-6a61-41fc-88db-9ec21e04eecf/campaigns.js
54.230.111.120200 OK 0 B URL HTTP/2 campaign.fbot.me/06cc9139-6a61-41fc-88db-9ec21e04eecf/campaigns.js
IP 54.230.111.120:0
GET /06cc9139-6a61-41fc-88db-9ec21e04eecf/campaigns.js HTTP/1.1
Host: campaign.fbot.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 15 Dec 2022 13:46:51 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: p6gPN_w4SG47RQE5hfalMZL5TivdunUb
server: AmazonS3
content-encoding: gzip
date: Sun, 12 Mar 2023 10:03:11 GMT
cache-control: max-age=30
etag: W/"0ff3ee9396830061e9ba4b78bac75bb5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: f3Skj4vrXt1ts3sih0s3qwNz7DIvHUMHK2crPRvpT5c1hyVwHGbmTw==
age: 1
X-Firefox-Spdy: h2
getrockerbox.com/customdomain/rb9yp8py.flaviar.com/wxyz.rb.js
172.64.174.31301 Moved Permanently 0 B URL HTTP/2 getrockerbox.com/customdomain/rb9yp8py.flaviar.com/wxyz.rb.js
IP 172.64.174.31:0
GET /customdomain/rb9yp8py.flaviar.com/wxyz.rb.js HTTP/1.1
Host: getrockerbox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sun, 12 Mar 2023 10:03:12 GMT
content-type: text/html
location: https://rb9yp8py.flaviar.com/assets/wxyz.rb.js
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0d30CquY3Fksc1bOHTzZgGaiuLLEHlXzGizlSAICnuEFA%2Bnn%2BiQqBxrJDZT%2BRIVwx1keMz%2BkY%2FjgkXLSyegGqR%2F6ooGSKLrc2EKU%2Bm7Ccm8Cb9hn0rEwmLlI4rUfTENv3Xgw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a6b34bc1b4f887a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
widget.us.criteo.com/event?a=95340&v=5.14.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3Dundefined%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.1.0&p3=e%3Ddis&adce=1&bundle=bGSPxl9qZlhjeTBNREJLS2RVSHZaaDFrQmtNblRSTFBzS0FJTWVBbWY3NE5LOVI0Ym9jZXNRbiUyRlpyMmhMeGppR2oxRFloa25lYlFFNklneXlZS3pnYWJJJTJGWlRIbDZWWjZzQVdEWnpzRGJyV1Z3a3pIRXdPN3VGQ2NabUFHZ25vR1NtT2pNWWgxZXIlMkJUcTFselF6cDBBUlhNJTJGQSUzRCUzRA&tld=flaviar.com&dy=1&fu=https%253A%252F%252Fflaviar.com%252F&dtycbr=48452&cs=1---&cv=1
74.119.119.150200 OK 0 B URL HTTP/2 widget.us.criteo.com/event?a=95340&v=5.14.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3Dundefined%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.1.0&p3=e%3Ddis&adce=1&bundle=bGSPxl9qZlhjeTBNREJLS2RVSHZaaDFrQmtNblRSTFBzS0FJTWVBbWY3NE5LOVI0Ym9jZXNRbiUyRlpyMmhMeGppR2oxRFloa25lYlFFNklneXlZS3pnYWJJJTJGWlRIbDZWWjZzQVdEWnpzRGJyV1Z3a3pIRXdPN3VGQ2NabUFHZ25vR1NtT2pNWWgxZXIlMkJUcTFselF6cDBBUlhNJTJGQSUzRCUzRA&tld=flaviar.com&dy=1&fu=https%253A%252F%252Fflaviar.com%252F&dtycbr=48452&cs=1---&cv=1
IP 74.119.119.150:0
GET /event?a=95340&v=5.14.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3Dundefined%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.1.0&p3=e%3Ddis&adce=1&bundle=bGSPxl9qZlhjeTBNREJLS2RVSHZaaDFrQmtNblRSTFBzS0FJTWVBbWY3NE5LOVI0Ym9jZXNRbiUyRlpyMmhMeGppR2oxRFloa25lYlFFNklneXlZS3pnYWJJJTJGWlRIbDZWWjZzQVdEWnpzRGJyV1Z3a3pIRXdPN3VGQ2NabUFHZ25vR1NtT2pNWWgxZXIlMkJUcTFselF6cDBBUlhNJTJGQSUzRCUzRA&tld=flaviar.com&dy=1&fu=https%253A%252F%252Fflaviar.com%252F&dtycbr=48452&cs=1---&cv=1 HTTP/1.1
Host: widget.us.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaviar.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 12 Mar 2023 10:03:13 GMT
content-type: application/x-javascript
server: Kestrel
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
expires: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
timing-allow-origin: *
server-processing-duration-in-ticks: 14976280
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
insight.adsrvr.org/track/evnt/?adv=76e29rb&ct=0:yx1zelg&fmt=3
52.223.40.198200 OK 0 B URL HTTP/2 insight.adsrvr.org/track/evnt/?adv=76e29rb&ct=0:yx1zelg&fmt=3
IP 52.223.40.198:0
GET /track/evnt/?adv=76e29rb&ct=0:yx1zelg&fmt=3 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 12 Mar 2023 10:03:16 GMT
content-type: image/gif
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
static.fbot.me/friendbuy.js
143.204.55.92200 OK 0 B URL HTTP/2 static.fbot.me/friendbuy.js
IP 143.204.55.92:0
GET /friendbuy.js HTTP/1.1
Host: static.fbot.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 28 Feb 2023 03:42:40 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: FIU9rZgoMVbR3rWtFjzx66VGwoxMaLbi
server: AmazonS3
content-encoding: gzip
date: Sun, 12 Mar 2023 10:02:22 GMT
cache-control: max-age=300
etag: W/"104df02e770dd09d730a4999cc75c3c6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 2RGD1wrTDfDRhQcZPdg2_8A1EL-Fj02hLvVZr298TnUiBBGSQsaHlQ==
age: 50
X-Firefox-Spdy: h2
aacdn.nagich.com/core/4.3.7/accessibility.js
104.26.14.45200 OK 0 B URL HTTP/2 aacdn.nagich.com/core/4.3.7/accessibility.js
IP 104.26.14.45:0
GET /core/4.3.7/accessibility.js HTTP/1.1
Host: aacdn.nagich.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 12 Mar 2023 10:03:12 GMT
content-type: application/javascript
cache-control: public, max-age=2204800
last-modified: Wed, 20 Jul 2022 11:28:32 GMT
etag: W/"4b3b91d72b9cd81:0"
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: deny
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 190047
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LZn3NQ6t6%2BJYg9IJMFZP5sjpP3VLyHi12KddbNIMXzm7P8IEWWCOdtt5djBjO7WdHF31FIUTRAvwh23Ltc2xWGyLsu7a1L%2B70W1xYUoZG4%2B4SEEUQ%2BrKJbBzEF19loj%2FhPM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a6b34b87a2cb521-OSL
content-encoding: br
X-Firefox-Spdy: h2
aacdn.nagich.com/style/btncolor.css
104.26.14.45200 OK 0 B URL HTTP/2 aacdn.nagich.com/style/btncolor.css
IP 104.26.14.45:0
GET /style/btncolor.css HTTP/1.1
Host: aacdn.nagich.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 12 Mar 2023 10:03:12 GMT
content-type: text/css
cache-control: public, max-age=2204800
last-modified: Mon, 11 Feb 2019 11:17:50 GMT
etag: W/"4c2a96cfbc1d41:0"
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: deny
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1780972
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y5ZaEBwTNLXDXF4%2BJlcS5iJWzb8Oje9iErwpJ%2F6qTkr9kPUD26F4teId%2F9kIiMwKFh%2BMRMUXQKNJ44cOTGMbB74YfIm2j%2FNIcr8iZePVG0fcbs4uyTXoU8YgsXnDM1VuECc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a6b34b9bb8bb521-OSL
content-encoding: br
X-Firefox-Spdy: h2
aacdn.nagich.com/assets/images/11.svg
104.26.14.45200 OK 0 B URL HTTP/2 aacdn.nagich.com/assets/images/11.svg
IP 104.26.14.45:0
GET /assets/images/11.svg HTTP/1.1
Host: aacdn.nagich.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 12 Mar 2023 10:03:12 GMT
content-type: image/svg+xml
cache-control: public, max-age=2204800
last-modified: Thu, 01 Aug 2019 12:47:47 GMT
etag: W/"42b27526748d51:0"
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: deny
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1780971
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bBKjmCmNFHOP3y55d0bT668yEOtGtHxOX3B9Cdm5ndt%2Fd4nRuV8JiuPwr34qGJp6VbrTtUH%2FMCqfQ7WmWVJtqxPRfsj1cnQBujjMf8eAuxPE3vEKS5KafulsCZ7G22CPriU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a6b34bacd05b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
185.235.87.217200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 185.235.87.217:0
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 12 Mar 2023 10:03:12 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 414753
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2