flaviar.com/
172.66.43.165301 Moved Permanently 0 B IP 172.66.43.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: flaviar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 27 Oct 2022 10:16:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 27 Oct 2022 11:16:31 GMT
Location: https://flaviar.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8inVC63hyyz4F%2F%2FMQR9UJLH2jKsmsEjsDJZrgkC6hw%2F50Ed%2FtkLCCXgXpxr9wFSUfRW7vQMSgrkqNRgQk7AMumJzvlZ5ZDjQ8%2ByVxXWrNlRRJ2STQC09Ro%2BlOPwH"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 760aad39dbcf0b61-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4c9ec202b798d350b6582220b7bb8457
d16ca24cd60b349231ad06fa5db32f54a3bc9e09
df036d315a613ac6396b77afb0a4ea5f793091786be0cbf3f3a0d043bc1d1d3c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF036D315A613AC6396B77AFB0A4EA5F793091786BE0CBF3F3A0D043BC1D1D3C"
Last-Modified: Wed, 26 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17731
Expires: Thu, 27 Oct 2022 15:12:02 GMT
Date: Thu, 27 Oct 2022 10:16:31 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 45bfdf3b823cd24564c8ac296a8b5b19
b0c442eb4f87556b3beb18ca8039dd4399b73f16
32113c679dda1f710ba67e537fdd0d435ccc186a238e3b14e48deb7b0700c693
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6591
Cache-Control: max-age=90262
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 10:16:31 GMT
Etag: "6358fe56-1d7"
Expires: Fri, 28 Oct 2022 11:20:53 GMT
Last-Modified: Wed, 26 Oct 2022 09:31:02 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8db408c487f7d35bba323046736e8d3a
01b91e2dce7c6d3de9adfe6ff4d38f9b24ab7db0
9aeafc72c1a969243e1fc96f68ce18888034a749ee70582208bf814bd40b61a5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9AEAFC72C1A969243E1FC96F68CE18888034A749EE70582208BF814BD40B61A5"
Last-Modified: Tue, 25 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5058
Expires: Thu, 27 Oct 2022 11:40:49 GMT
Date: Thu, 27 Oct 2022 10:16:31 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Cd2dY7pY6vY64Qv9qZDCWVQ5+1kyCzzVGipt6uLsC6Ey1StApuB+zPcGwO8GD4wlBO5mggzz1Gg=
x-amz-request-id: R18BJDNPQ8NBGFWD
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 27 Oct 2022 10:09:47 GMT
age: 404
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 10:16:31 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash b2d5760ba190576c475845f03e3ccc8e
9a3963f39a5070596c8753d4080e9aff2532f33a
3aafe8ebe2cf07bb6cad4e2c424e0dcb53439bb03f14cddcfe6bd149201fd5e5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=137678
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 10:16:31 GMT
Etag: "6359d14d-116"
Expires: Sat, 29 Oct 2022 00:31:09 GMT
Last-Modified: Thu, 27 Oct 2022 00:31:09 GMT
Server: nginx
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash b2d5760ba190576c475845f03e3ccc8e
9a3963f39a5070596c8753d4080e9aff2532f33a
3aafe8ebe2cf07bb6cad4e2c424e0dcb53439bb03f14cddcfe6bd149201fd5e5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=137678
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 10:16:32 GMT
Etag: "6359d14d-116"
Expires: Sat, 29 Oct 2022 00:31:10 GMT
Last-Modified: Thu, 27 Oct 2022 00:31:09 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d72d2f5d05f03753594e43fd34398221
ac6795c1c33f3fa2139e7f8dc601c3e6de6029a5
036c965156cf07faecc342cb2e30b7a20def68ad4a10423951ce871a7a3a6777
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3932
Cache-Control: max-age=168949
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 10:16:32 GMT
Etag: "635a3c19-1d7"
Expires: Sat, 29 Oct 2022 09:12:21 GMT
Last-Modified: Thu, 27 Oct 2022 08:06:49 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
143.204.55.101200 OK 6.1 kB URL HTTP/2 widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
IP 143.204.55.101:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (19239)
Hash 5add60196e5f96a414fb4b9586764e5d
633f471b3c2fcedeef9cad90cb5bf56f5fe55588
5370f4ba91dda790c7cae92817b812fcbd1ab367cbb4862f5669960ae4e2c9e0
GET /bootstrap/v5/tp.widget.bootstrap.min.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 6124
last-modified: Mon, 30 May 2022 14:38:02 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Thu, 27 Oct 2022 01:34:28 GMT
cache-control: max-age=86400
etag: "5add60196e5f96a414fb4b9586764e5d"
x-cache: Hit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: cL7qUM2Z4J67cSpnQWlhEnEyBSLzuI896x_4nIomnoNahEJpp-iJww==
age: 31325
X-Firefox-Spdy: h2
use.typekit.net/bne0epn.js
23.36.76.186200 OK 6.7 kB URL HTTP/2 use.typekit.net/bne0epn.js
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (2258)
Hash 56c323529b45591f153e4f5a72d75c0e
cfada07aa803d4651a773d0e4536e036bcfd134c
2953f691618da33aef7c7b909532b8a918bf95dc02c9d44816c526fd40bed81d
GET /bne0epn.js HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/javascript;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: public, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 6730
date: Thu, 27 Oct 2022 10:16:32 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 4cdf16c5333628708fae7b304303fc48
23654b66838aa89e8b975a9e6c0251d2f8f18366
6f3935f102b0dcfee703eb07abcf04d9181fdfe13fae4d7566aed743a00beb9c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 10:16:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-K4F6SWQ
142.250.74.168200 OK 116 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-K4F6SWQ
IP 142.250.74.168:0
File type Unicode text, UTF-8 text, with very long lines (26871), with no line terminators
Size 116 kB (116339 bytes)
Hash 48a9697c1f016fa22b75bcdaaf8d617c
b8468d8ca770406034bf6034ed61f070d3ef3c05
a91e2fff9d205d7205dded443d34adff85eb9b53207d0799c90107d0508bc72a
GET /gtm.js?id=GTM-K4F6SWQ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 27 Oct 2022 10:16:32 GMT
expires: Thu, 27 Oct 2022 10:16:32 GMT
cache-control: private, max-age=900
last-modified: Thu, 27 Oct 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 109100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 30 kB IP 142.250.74.35:0
Hash 400f215d28e624020a91cd587c3ba50b
0e42119642fecd2bfb5941271e1a183df5f7f9bb
f77e26e91f9004e117c1774f44c1dc9aa903f5668c445dfd9dbedf954077c997
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 10:16:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
52.89.17.198101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.17.198:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2cTXcSOmTvNKX4+UCmsu/g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 7CpP1viDRt3c/8xUT9N/xjXIEug=
www.googleoptimize.com/optimize.js?id=GTM-NLP39W9
142.250.74.46200 OK 69 kB URL HTTP/2 www.googleoptimize.com/optimize.js?id=GTM-NLP39W9
IP 142.250.74.46:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash d0ca2c5b416a06eb649fbb4b39c09404
a41722077cb30f7a94df9d0effa6daf2789a57a2
a575b70419da4a47fbc51b070821e6985e942ebdf435945c17dfeabe2785f114
GET /optimize.js?id=GTM-NLP39W9 HTTP/1.1
Host: www.googleoptimize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 27 Oct 2022 10:16:32 GMT
expires: Thu, 27 Oct 2022 10:16:32 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45241
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
use.typekit.net/af/8de6d2/00000000000000003b9adc6b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
23.36.76.186200 OK 101 kB URL HTTP/2 use.typekit.net/af/8de6d2/00000000000000003b9adc6b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
Size 101 kB (100914 bytes)
Hash 91fd6dd1889271778dd2f00fa8833e87
29d20c6e1ecf9ad9e51cd943ad2a085d7b1f929d
52b04e743e62f443c57ed6f83bbf6ae16be235f71feb256cd99888c602378bff
GET /af/8de6d2/00000000000000003b9adc6b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 29392
etag: "2bd51188b101f4cf29ce1d8dfdbe91d00fc07ba6"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Thu, 27 Oct 2022 10:16:33 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/85d455/00000000000000003b9adc6a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
23.36.76.186200 OK 84 kB URL HTTP/2 use.typekit.net/af/85d455/00000000000000003b9adc6a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
Hash 3eb32a9a6f50c5cce6a9c742d15f377b
956ec45dca2dfe2f8d8e7b67f6a03c1a6adfd12a
8b2a9a2f90dfef26d88117d0c47c0b73ba690b70f6e02ad6ea2e82810ece6594
GET /af/85d455/00000000000000003b9adc6a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 30656
etag: "374d4e049d59d33f7c1b988631b115ad96597d60"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Thu, 27 Oct 2022 10:16:33 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/379cfa/00000000000000003b9adc6d/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
23.36.76.186200 OK 12 kB URL HTTP/2 use.typekit.net/af/379cfa/00000000000000003b9adc6d/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 11668, version 1.0\012- data
Hash 71eca0957e4d35fc26852895f49491f8
d9ba92c55ef2a7370857143922344880bac2bf6e
4e2db239b50398011c1fb49a5ea7e296a9babab1a7b4968d1974d417f1ab805b
GET /af/379cfa/00000000000000003b9adc6d/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 11668
etag: "a53237c24cbd279f0405e007f31ec7f47234819b"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Thu, 27 Oct 2022 10:16:33 GMT
X-Firefox-Spdy: h2
widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7
143.204.55.101200 OK 2.1 kB URL HTTP/2 widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7
IP 143.204.55.101:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (6826)
Hash 1307e3fd5846bacc989c2fd05996f010
3fd96ecea8c4a91980939fe1e1efe9ec0f47eebc
39f14c526d9f43a24b5c1e219e7ee63500f90b39517d18085573dcf73eb33d87
GET /trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7 HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 2144
last-modified: Tue, 04 Oct 2022 10:34:09 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Thu, 27 Oct 2022 10:16:33 GMT
cache-control: max-age=86400
etag: "1307e3fd5846bacc989c2fd05996f010"
x-cache: Hit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 6pHVz4fZB5oRq8SP5w1RJdjskYfep5L8RAM2sBoTWVsRmoBwS5P2rw==
age: 9007
X-Firefox-Spdy: h2
widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7
143.204.55.101200 OK 5.1 kB URL HTTP/2 widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7
IP 143.204.55.101:0
Hash e03fc3bb33e0167c5c8dd89f04697a18
3094e671f95737ee4a903f4edcc77008ed41daf2
e132821e6cea34a47150fe4e485e52f8553e0a19665a2c5547126102b52f50cd
GET /trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7 HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 2144
last-modified: Tue, 04 Oct 2022 10:34:09 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Thu, 27 Oct 2022 10:16:33 GMT
cache-control: max-age=86400
etag: "1307e3fd5846bacc989c2fd05996f010"
x-cache: Hit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 9MevUaR2c7osfS_2YkbTV3MlrX9ZqyURtSpFoUJgfT4v8HjOuMaixQ==
age: 9007
X-Firefox-Spdy: h2
p.typekit.net/p.gif?s=1&k=bne0epn&ht=tk&h=flaviar.com&f=28578.28579.28736&a=7301736&js=1.21.0&app=typekit&e=js&_=1666865792979
23.36.76.186200 OK 35 B URL HTTP/2 p.typekit.net/p.gif?s=1&k=bne0epn&ht=tk&h=flaviar.com&f=28578.28579.28736&a=7301736&js=1.21.0&app=typekit&e=js&_=1666865792979
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 81144d75b3e69e9aa2fa3e9d83a64d03
f0fbc60b50edf5b2a0b76e0aa0537b76bf346ffc
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
GET /p.gif?s=1&k=bne0epn&ht=tk&h=flaviar.com&f=28578.28579.28736&a=7301736&js=1.21.0&app=typekit&e=js&_=1666865792979 HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: image/gif
cross-origin-resource-policy: cross-origin
etag: "61c32ad2-23"
last-modified: Wed, 22 Dec 2021 13:40:34 GMT
server: nginx
content-length: 35
unused62: 8096267
date: Thu, 27 Oct 2022 10:16:33 GMT
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash e7cc5ddf4e1a1b1f0e38948a0435cbda
b9b5150043f91624e8f197f51f7f078a32a644cf
06e4e06733f584d24b1e480ffe316f3d3de74954e54f54f8bf9c094c3da976cc
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=167672
Date: Thu, 27 Oct 2022 10:16:33 GMT
Etag: "635a3c2f-1d7"
Expires: Sat, 29 Oct 2022 08:51:05 GMT
Last-Modified: Thu, 27 Oct 2022 08:07:11 GMT
Server: ECS (nyb/1D1F)
X-Cache: Miss from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: GvVo6LOAxtOxWlfNEy9ygKbKl8c4Lkpa364ZsonLub0BH5-Ji2wDRA==
Age: 2634
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash e7cc5ddf4e1a1b1f0e38948a0435cbda
b9b5150043f91624e8f197f51f7f078a32a644cf
06e4e06733f584d24b1e480ffe316f3d3de74954e54f54f8bf9c094c3da976cc
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=167827
Date: Thu, 27 Oct 2022 10:16:33 GMT
Etag: "635a3c2f-1d7"
Expires: Sat, 29 Oct 2022 08:53:40 GMT
Last-Modified: Thu, 27 Oct 2022 08:07:11 GMT
Server: ECS (dcb/7FA6)
X-Cache: Miss from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: dBGnBLLiKG4TT95PuGsQE7QEMVu00Dl9n8dEsTHpbOfaWVdJ8PaiAw==
Age: 2789
widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/main.js
143.204.55.101200 OK 17 kB URL HTTP/2 widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/main.js
IP 143.204.55.101:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (55452)
Hash 93d7d7afc794dd57add6ab0e6cb1e7a5
f3192d2eb299e4111ac69821274555c54d34dd5e
07125f97b71d0a4b48f6ff11db9e9cbaa6ee1bd510ee795cb05353a3cd087f84
GET /trustboxes/5419b6ffb0d04a076446a9af/main.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 17072
last-modified: Tue, 04 Oct 2022 10:34:10 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Thu, 27 Oct 2022 05:20:59 GMT
cache-control: max-age=86400
etag: "93d7d7afc794dd57add6ab0e6cb1e7a5"
x-cache: Hit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: edYOMdb2o_8ToAWq5U5nj9FuK7nfYAcFcyJC2zOr45Nj0mSpPUQ30g==
age: 17735
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b7a4efdf1e3f0c74c887911ca7376de9
0d7ad9338b1a4424322db1e1988f89f2b96a34a2
bace54416818aae7feecad50f3b238ec4559d53ace95d16e06f0d3cbfb36cd9c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "BACE54416818AAE7FEECAD50F3B238EC4559D53ACE95D16E06F0D3CBFB36CD9C"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11738
Expires: Thu, 27 Oct 2022 13:32:11 GMT
Date: Thu, 27 Oct 2022 10:16:33 GMT
Connection: keep-alive
consent.cookiebot.com/uc.js?cbid=d053bff0-f51a-4434-ab3e-b7ec8831e3ed
104.84.152.64200 OK 32 kB URL HTTP/2 consent.cookiebot.com/uc.js?cbid=d053bff0-f51a-4434-ab3e-b7ec8831e3ed
IP 104.84.152.64:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65499)
Hash 3c4e162c3321e924fd3d27dc6d095f08
9d2027cab49aaf66a89a521c16133ba818ff3d9d
425713b3dc09882376e466e3e6798ade37f8262d82138cf0e11ecbe92e2d565b
GET /uc.js?cbid=d053bff0-f51a-4434-ab3e-b7ec8831e3ed HTTP/1.1
Host: consent.cookiebot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Tue, 04 Oct 2022 09:02:48 GMT
accept-ranges: bytes
etag: "0ac913d0d7d81:0"
vary: Accept-Encoding
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
access-control-expose-headers: Request-Context
content-length: 31718
cache-control: public, max-age=163
expires: Thu, 27 Oct 2022 10:19:16 GMT
date: Thu, 27 Oct 2022 10:16:33 GMT
X-Firefox-Spdy: h2
aacdn.nagich.com/style/style.css
172.67.68.188200 OK 4.3 kB URL HTTP/2 aacdn.nagich.com/style/style.css
IP 172.67.68.188:0
File type ASCII text, with very long lines (18524), with no line terminators
Hash bb675d11e33e816032257c05d01ec6c9
1e1acf1a80473762d566358062fce43fc744652e
6be5685ef472e22ec81b829b8aea9c8607ed0b281fcffec2b41ffc27cc13be79
GET /style/style.css HTTP/1.1
Host: aacdn.nagich.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 10:16:33 GMT
content-type: text/css
cache-control: public, max-age=2204800
last-modified: Sun, 02 Oct 2022 09:01:39 GMT
etag: W/"809b15953dd6d81:0"
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: deny
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 2161550
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6F5%2F029Xvf5mYHJBhMmJi3ocJsYmCknhofaBbWsLAw4Aib4ZRdDV3nwwCpdr7OAUyrgNkW8l1Z1X0Zi2OK12MXuiZYIxbNK77CY26PbMD4ha2jYEK1CSPjNtNL%2BnimOb7rI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 760aad4bff8a0b49-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2601
Expires: Thu, 27 Oct 2022 10:59:54 GMT
Date: Thu, 27 Oct 2022 10:16:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2601
Expires: Thu, 27 Oct 2022 10:59:54 GMT
Date: Thu, 27 Oct 2022 10:16:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2601
Expires: Thu, 27 Oct 2022 10:59:54 GMT
Date: Thu, 27 Oct 2022 10:16:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2601
Expires: Thu, 27 Oct 2022 10:59:54 GMT
Date: Thu, 27 Oct 2022 10:16:33 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5dac341-2b9d-4d07-ab3f-dafe74f88664.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5dac341-2b9d-4d07-ab3f-dafe74f88664.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2193431d88baf9af6829421cd13743ff
a192ab139ad0dc5cf206986eb06028ddad224e46
c535e09fb4a53ca580f5f5926d1494c50b6ad6c7c9ec78df6b7015213852b737
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5dac341-2b9d-4d07-ab3f-dafe74f88664.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9720
x-amzn-requestid: 6b4749ca-bcb9-4274-a309-e6d463851a6a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aV_n6FOSIAMFroA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63524632-56186f1f2a0bf68f6dba843b;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 07:11:46 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DjRLNrY4BFc3GwHGBW40LIyh-RYT3hshdKPxXok4KE97fGvatXN6yQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 11:12:06 GMT
age: 83067
etag: "a192ab139ad0dc5cf206986eb06028ddad224e46"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F529195e0-f6ac-4fd1-b685-62456b469ad7.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F529195e0-f6ac-4fd1-b685-62456b469ad7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c92c49279a7704d715e50836676d1abb
3092b4dbd87f7e5a2eff65c463da9c5103ff748a
6941145d63e68abf0f20081517faa4082eed3c59f8b8a69066f70b29d90fd355
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F529195e0-f6ac-4fd1-b685-62456b469ad7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4709
x-amzn-requestid: c2923a57-57c4-4d62-83bc-e4c8b61aa2bd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aocuiGeeIAMF9Dg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359a7f6-7e47cfe804e333cc540f162a;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:34:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: M72Vjcyc06ihmWcqr2_Xrk8dGcC5pCoDidg5rhtRkVddavcUFE6G6w==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:47:37 GMT
etag: "3092b4dbd87f7e5a2eff65c463da9c5103ff748a"
content-type: image/jpeg
age: 44936
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91ee720c15dc69de45080d0c951353af
5292b31a99d90bcb7071f327b93d52034bdf9dcb
7fbe9f0f6db08fd539f2e8d4ac22e3b4d5ca14f7cde69f8424cce8b361d026e6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4524
x-amzn-requestid: a493efe7-11c7-4032-b36b-7f838f8180bc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aljicH_6IAMFqpQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63587fa9-0f15eae7680ea7b15e5e47ec;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 00:30:33 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OV7g4Y4fcQGijljebzHQtnpKdcPKw6LTxqORxxBJL2lFPYQLLoyNuQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 27 Oct 2022 00:44:24 GMT
age: 34329
etag: "5292b31a99d90bcb7071f327b93d52034bdf9dcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd660616a-1641-4ad3-bf62-59dfe54ba2e9.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd660616a-1641-4ad3-bf62-59dfe54ba2e9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd902e06ceaeb060cec24c464c11738d
ffdfde08eb38e20b01c550fd4b1bb871304bb0ea
593f5c12c617c7217205d8aa95fe5f0c46014e5be8f2c8d3010cdd876faeb7dd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd660616a-1641-4ad3-bf62-59dfe54ba2e9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5247
x-amzn-requestid: 7e07eeaa-b95a-4283-8ca7-fb28e9e30258
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aRpdhGDJIAMFd7A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63508923-4e947c3539ad0d6d777a47cd;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 23:32:51 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -YRLmJMcCGHOfiEy_FwyogtW6h5rmYiu9EMZfXG4Jg8tJRtIxlKKnw==
via: 1.1 f313d3df80c4dab8f5399614116801cc.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:51:10 GMT
age: 44723
etag: "ffdfde08eb38e20b01c550fd4b1bb871304bb0ea"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F577b3c1d-3b6e-4105-8d19-8557bacffa02.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F577b3c1d-3b6e-4105-8d19-8557bacffa02.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4ded5eb41644bfe7ea87cff5ab0d79f0
9b13eca2d768277b92c05a8a82743018489783a6
3de7fcc3e9c8a107e4c5d6e59506ec71e68129a8351e47af63930873775ac3f9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F577b3c1d-3b6e-4105-8d19-8557bacffa02.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15768
x-amzn-requestid: ab678277-5d12-4ae2-9af7-f15fab294657
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aRoclEbBoAMFz9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63508783-344a14d17bfcd6b12ffe02b0;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 23:25:55 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: AgS3Yq-WCRRnFvCxMcwq13lQz8cGvvdwZ51C3H0szmB0iyZLb9mf-A==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:58:12 GMT
age: 44301
etag: "9b13eca2d768277b92c05a8a82743018489783a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1cba4a5a-0803-4870-b5e5-cbf33536e53e.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1cba4a5a-0803-4870-b5e5-cbf33536e53e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3185609c8bfba0bf8d54812276331c42
4a14cc85d23798bd3476516b49a3c3ff7bcd0d98
e57871dad12531fccf75d0bc4930c18c3c95c706b2bfd89e620b1e097b40a08e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1cba4a5a-0803-4870-b5e5-cbf33536e53e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6493
x-amzn-requestid: f5ca8ddd-d103-43e2-b3b7-ece16e1312a6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ainrUE-pIAMF9rA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63575315-5f7287ea785008c44b0ff490;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 03:08:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: LOj8fvtUhiwgFnrZG9v0iJ1At2O4vsdXM6tCPF8Blr-AOA-ALbuIkQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 27 Oct 2022 03:39:20 GMT
age: 23833
etag: "4a14cc85d23798bd3476516b49a3c3ff7bcd0d98"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
consent.cookiebot.com/d053bff0-f51a-4434-ab3e-b7ec8831e3ed/cc.js?renew=false&referer=flaviar.com&dnt=false&init=false&georegions=%5B%7B%22r%22%3A%22US-06%22%2C%22i%22%3A%226b04ee58-2401-4074-bb6b-0969a4c527d9%22%7D%5D
104.84.152.64200 OK 156 B URL HTTP/2 consent.cookiebot.com/d053bff0-f51a-4434-ab3e-b7ec8831e3ed/cc.js?renew=false&referer=flaviar.com&dnt=false&init=false&georegions=%5B%7B%22r%22%3A%22US-06%22%2C%22i%22%3A%226b04ee58-2401-4074-bb6b-0969a4c527d9%22%7D%5D
IP 104.84.152.64:0
ASN #20940 Akamai International B.V.
File type ASCII text, with CRLF line terminators
Hash 3477de123b1bcca0a96d557218c3c72c
279660604c7c2e9d5be154df57180849efca1e34
9331664c1938651f09a14fb45d0af5fd86a72c2d9aff0bc26193e239ddb38268
GET /d053bff0-f51a-4434-ab3e-b7ec8831e3ed/cc.js?renew=false&referer=flaviar.com&dnt=false&init=false&georegions=%5B%7B%22r%22%3A%22US-06%22%2C%22i%22%3A%226b04ee58-2401-4074-bb6b-0969a4c527d9%22%7D%5D HTTP/1.1
Host: consent.cookiebot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, max-age=1200
content-type: application/x-javascript; charset=utf-8
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 10:16:33 GMT
vary: Accept-Encoding
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
access-control-expose-headers: Request-Context
content-length: 156
date: Thu, 27 Oct 2022 10:16:34 GMT
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 2fe327b672fe204626114804e417ac0b
08fec2c55abf784699b1c7cff790495b8b45d12d
2668eeff3b53062fd39602d7f504ca4d03161f34f948bfe11ef189fb636fdf3a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 10:16:34 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 24 Oct 2022 02:06:53 GMT
Expires: Mon, 31 Oct 2022 02:06:52 GMT
Etag: "08fec2c55abf784699b1c7cff790495b8b45d12d"
Cache-Control: max-age=315617,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 760aad4bb8e40b69-OSL
cdn.segmentify.com/06e2e4b6-5e17-4dbf-9574-c462c3d742d7/segmentify.js
34.120.65.227200 OK 50 kB URL HTTP/2 cdn.segmentify.com/06e2e4b6-5e17-4dbf-9574-c462c3d742d7/segmentify.js
IP 34.120.65.227:0
File type ASCII text, with very long lines (56611)
Hash eba325be518772a43052d5ee9c02c11e
d18b96827d608828b60ed259dc8bb8ae85aa9a3a
64704a972b88f34956cf88481f3e5df853ffac8473b3908dbfc9fe841fb3ddf6
GET /06e2e4b6-5e17-4dbf-9574-c462c3d742d7/segmentify.js HTTP/1.1
Host: cdn.segmentify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdtmJMOvIj1IjAtfVBgpn8GKTaKV1puvFZll9-Ub58HHRtn8kgiLxi-BIFy5U56C1UtxngYGhQLsH8il7VFuA34K5kIBaEDO
x-goog-generation: 1666755570998084
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 50338
content-encoding: gzip
x-goog-hash: crc32c=GHcVHA==, md5=66MlvlGHcqQwUtXunALBHg==
x-goog-storage-class: STANDARD
accept-ranges: bytes
vary: Accept-Encoding
content-length: 50338
access-control-allow-origin: *
access-control-expose-headers: Origin, Accept, Content-Type, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token
server: UploadServer
date: Thu, 27 Oct 2022 10:10:47 GMT
expires: Thu, 03 Nov 2022 10:10:47 GMT
cache-control: public, max-age=604800
last-modified: Wed, 26 Oct 2022 03:39:31 GMT
etag: "eba325be518772a43052d5ee9c02c11e"
content-type: application/javascript
age: 347
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 2fe327b672fe204626114804e417ac0b
08fec2c55abf784699b1c7cff790495b8b45d12d
2668eeff3b53062fd39602d7f504ca4d03161f34f948bfe11ef189fb636fdf3a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 10:16:34 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 24 Oct 2022 02:06:53 GMT
Expires: Mon, 31 Oct 2022 02:06:52 GMT
Etag: "08fec2c55abf784699b1c7cff790495b8b45d12d"
Cache-Control: max-age=315617,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 760aad4d4a800b69-OSL
region1.analytics.google.com/g/collect?v=2&tid=G-94QYBVSJNV>m=2oeaq0&_p=1565594964&_gaz=1&cid=319829034.1666865793&ul=en-us&sr=1280x1024&_s=1&sid=1666865792&sct=1&seg=0&dl=https%3A%2F%2Fflaviar.com%2F&dt=Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar&en=page_view&_fv=1&_nsi=1&_ss=1&up.membership_status=anonymous
216.239.32.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-94QYBVSJNV>m=2oeaq0&_p=1565594964&_gaz=1&cid=319829034.1666865793&ul=en-us&sr=1280x1024&_s=1&sid=1666865792&sct=1&seg=0&dl=https%3A%2F%2Fflaviar.com%2F&dt=Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar&en=page_view&_fv=1&_nsi=1&_ss=1&up.membership_status=anonymous
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-94QYBVSJNV>m=2oeaq0&_p=1565594964&_gaz=1&cid=319829034.1666865793&ul=en-us&sr=1280x1024&_s=1&sid=1666865792&sct=1&seg=0&dl=https%3A%2F%2Fflaviar.com%2F&dt=Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar&en=page_view&_fv=1&_nsi=1&_ss=1&up.membership_status=anonymous HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://flaviar.com
date: Thu, 27 Oct 2022 10:16:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 7d4b826b3cd4f4fffd35abd60c407bdb
28e5a20b197bf6972fd097c3b302c1dd89b68f09
681fd035abbbf788f315fea7402f5e0d77b51f6167e237ff7516335911499b21
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 10:16:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/g/collect?v=2&tid=G-94QYBVSJNV&cid=319829034.1666865793>m=2oeaq0&aip=1
173.194.222.157204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-94QYBVSJNV&cid=319829034.1666865793>m=2oeaq0&aip=1
IP 173.194.222.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-94QYBVSJNV&cid=319829034.1666865793>m=2oeaq0&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://flaviar.com
date: Thu, 27 Oct 2022 10:16:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 7d4b826b3cd4f4fffd35abd60c407bdb
28e5a20b197bf6972fd097c3b302c1dd89b68f09
681fd035abbbf788f315fea7402f5e0d77b51f6167e237ff7516335911499b21
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 10:16:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 881fcd197c36ccf6c654a4f74666d828
2ac389c648d6fc4a3be8ce5948dc00a79f5bd95e
5c23a336ecb84876d8e27eb1ec0dcea44afa980fcf060976e18d574e981ddc20
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 10:16:34 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 24 Oct 2022 20:28:57 GMT
Expires: Mon, 31 Oct 2022 20:28:56 GMT
Etag: "2ac389c648d6fc4a3be8ce5948dc00a79f5bd95e"
Cache-Control: max-age=381741,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 760aad4dbae00b69-OSL
widget.trustpilot.com/trustbox-data/5419b6ffb0d04a076446a9af?businessUnitId=5c63d6134064df0001fff3b7&locale=en-US
143.204.55.101200 OK 2.8 kB URL HTTP/2 widget.trustpilot.com/trustbox-data/5419b6ffb0d04a076446a9af?businessUnitId=5c63d6134064df0001fff3b7&locale=en-US
IP 143.204.55.101:0
Hash dfb0e28a4ecf6f0cfc7c724befae4afa
585939f426f6d119ea5b59601bc9e8989ea5db75
5e21d3bb9db7d8037e6135b588ed8c204100b94716bd941a48d579333cb76051
GET /trustbox-data/5419b6ffb0d04a076446a9af?businessUnitId=5c63d6134064df0001fff3b7&locale=en-US HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
content-length: 482
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-fallback-status: BYPASS
x-skip-cache-cookie: 0
x-xss-protection: 1; mode=block
cache-control: public,max-age=1800
date: Thu, 27 Oct 2022 10:02:20 GMT
etag: "f2a8fa72ec707dbc0669401adbdc8eee"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: CJuSFXV6v06IQ378NxtR2xw0JG4n_ItCTNUTprIkZCUaiS_egkIHkA==
age: 854
X-Firefox-Spdy: h2
cdn.sgmntfy.com/pa.js
34.149.223.191200 OK 3.7 kB IP 34.149.223.191:0
File type ASCII text, with very long lines (3744), with no line terminators
Hash 7327381bba6f249fe470d17c0dca2cb4
b6fac12855c66c4841a38d07934fc22302e881ef
393195c622ffdab45d8f71e6988cdcc65ef85102061defa603882dc9f80d11ec
Analyzer Verdict Alert quad9 Sinkholed
GET /pa.js HTTP/1.1
Host: cdn.sgmntfy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvkCt7KUYYqiK41kYd8gpoaQ97f4k1s02YBz1ViMibGeVhn6b0FgweOkggf5Qb3fVNUmcax-VYgU71of4FL2NHktfrhADSK
x-goog-generation: 1654598345914433
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 3744
content-language: en
x-goog-hash: crc32c=EasKAQ==, md5=cyc4G7pvJJ/kcNF8DcostA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 3744
server: UploadServer
date: Thu, 27 Oct 2022 10:01:32 GMT
expires: Thu, 27 Oct 2022 11:01:32 GMT
cache-control: public, max-age=3600
age: 902
last-modified: Tue, 07 Jun 2022 10:39:06 GMT
etag: "7327381bba6f249fe470d17c0dca2cb4"
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
widget.trustpilot.com/trustbox-data/5419b6ffb0d04a076446a9af?businessUnitId=5c63d6134064df0001fff3b7&locale=en-US
143.204.55.101200 OK 482 B URL HTTP/2 widget.trustpilot.com/trustbox-data/5419b6ffb0d04a076446a9af?businessUnitId=5c63d6134064df0001fff3b7&locale=en-US
IP 143.204.55.101:0
File type JSON data\012- , ASCII text, with very long lines (1051), with no line terminators
Hash e81fd515bedfce53b70842e9b5ae8e07
5a7c4fed4ec3cc1ea08d9d8080c9382dd18048b1
09fea9d61bc8a7188a1e416575680e691fa034ea8fb19db819ae08d386bfa2e1
GET /trustbox-data/5419b6ffb0d04a076446a9af?businessUnitId=5c63d6134064df0001fff3b7&locale=en-US HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
content-length: 482
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-fallback-status: BYPASS
x-skip-cache-cookie: 0
x-xss-protection: 1; mode=block
cache-control: public,max-age=1800
date: Thu, 27 Oct 2022 10:02:20 GMT
etag: "f2a8fa72ec707dbc0669401adbdc8eee"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: dP1nln5RFFjaz62oUw84CoehZJ4vepMjU9x0_ctmSkj8uAJoNIC6Hg==
age: 854
X-Firefox-Spdy: h2
widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=28px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fflaviar.com%2F&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5c63d6134064df0001fff3b7&widgetId=5419b6ffb0d04a076446a9af
143.204.55.101204 No Content 0 B URL HTTP/2 widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=28px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fflaviar.com%2F&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5c63d6134064df0001fff3b7&widgetId=5419b6ffb0d04a076446a9af
IP 143.204.55.101:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stats/TrustboxImpression?locale=en-US&styleHeight=28px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fflaviar.com%2F&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5c63d6134064df0001fff3b7&widgetId=5419b6ffb0d04a076446a9af HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
cache-control: no-store,no-cache
date: Thu, 27 Oct 2022 10:16:33 GMT
pragma: no-cache
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 2PAG7Sq4PIg-H1hM66eU6I_GYbxHFrIMxnAS58oDTDlME2BfE2DCEg==
X-Firefox-Spdy: h2
widget.trustpilot.com/stats/TrustboxView?locale=en-US&styleHeight=42px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fflaviar.com%2F&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5c63d6134064df0001fff3b7&widgetId=5419b6ffb0d04a076446a9af
143.204.55.101204 No Content 0 B URL HTTP/2 widget.trustpilot.com/stats/TrustboxView?locale=en-US&styleHeight=42px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fflaviar.com%2F&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5c63d6134064df0001fff3b7&widgetId=5419b6ffb0d04a076446a9af
IP 143.204.55.101:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stats/TrustboxView?locale=en-US&styleHeight=42px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fflaviar.com%2F&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5c63d6134064df0001fff3b7&widgetId=5419b6ffb0d04a076446a9af HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
cache-control: no-store,no-cache
date: Thu, 27 Oct 2022 10:16:33 GMT
pragma: no-cache
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zkxjZwuJU9AcExwl0p4fQ-TBuHojT4iTk83qPFrKFWz_pPY6pghCzA==
X-Firefox-Spdy: h2
widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=42px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fflaviar.com%2F&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5c63d6134064df0001fff3b7&widgetId=5419b6ffb0d04a076446a9af
143.204.55.101204 No Content 0 B URL HTTP/2 widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=42px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fflaviar.com%2F&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5c63d6134064df0001fff3b7&widgetId=5419b6ffb0d04a076446a9af
IP 143.204.55.101:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stats/TrustboxImpression?locale=en-US&styleHeight=42px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fflaviar.com%2F&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5c63d6134064df0001fff3b7&widgetId=5419b6ffb0d04a076446a9af HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
cache-control: no-store,no-cache
date: Thu, 27 Oct 2022 10:16:33 GMT
pragma: no-cache
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: AnTA-Mzb0cE9jGX_vIKmus1lN6h6BuX5tH2I1FFmleRpDiKEvQUjNg==
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 881fcd197c36ccf6c654a4f74666d828
2ac389c648d6fc4a3be8ce5948dc00a79f5bd95e
5c23a336ecb84876d8e27eb1ec0dcea44afa980fcf060976e18d574e981ddc20
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 10:16:34 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 24 Oct 2022 20:28:57 GMT
Expires: Mon, 31 Oct 2022 20:28:56 GMT
Etag: "2ac389c648d6fc4a3be8ce5948dc00a79f5bd95e"
Cache-Control: max-age=381741,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 760aad4f4d1a0b69-OSL
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 27 Oct 2022 08:41:09 GMT
expires: Thu, 27 Oct 2022 10:41:09 GMT
cache-control: public, max-age=7200
age: 5725
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b3f691dd015f1e89124ff513ef96aef9
1f8bc004da03321868fa1218f6c21916a944b2a0
5c74f21a5e9897d6671a87e1100749c46eda882c5d49aae706841f5968c5adab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1215
Cache-Control: max-age=150051
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 10:16:34 GMT
Etag: "6359fce6-1d7"
Expires: Sat, 29 Oct 2022 03:57:25 GMT
Last-Modified: Thu, 27 Oct 2022 03:37:10 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f046e6113dd1e5e499c765516be08b17
c2253055e09b46209469853cad8720e64f84a1bf
18663a8f0b5d4d7581b771da6c2dc897bc2b82d51d7dac1a56d22f9bebab6fb3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 10:16:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ce5d09bafa968f66bc7828927cb90e05
d6445e57629d1fcb89ac2fefdc5071cf82f71a59
e6b4e02dcd04a13ac1c6ce72819b8f20b1b5555a516151264b9a685532c38632
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 10:16:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 84409c129527969831699eb02cd244b9
e1bd7e37698890246e939b31510f3ab3aac605c6
54a130a13a831b71441be9bfbd1b74d8a7433a8e4bb4ab3f5ed9edde6bcd3964
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: PVMTBecGqMm3BclI5cP3dEpGxU0+HzSqpFAX5/ZV6dsYLziLGRuVxg72F6GngsOl1v7aWc/nMcv5Vd9qfpPWSQ==
priority: u=3,i
content-length: 27076
x-fb-trip-id: 1904183273
date: Thu, 27 Oct 2022 10:16:34 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
142.250.74.106200 OK 33 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
IP 142.250.74.106:0
File type ASCII text, with very long lines (32086)
Hash 430e927c980ad4079de727fa59dd93f2
891aaada9a55a91292999f6d50fd300439905982
e8728df8617340bd8c10bc8d27d3a725a48871a269c850e8598689938ec6e2ed
GET /ajax/libs/jquery/1.11.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33434
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 23 Oct 2022 02:47:33 GMT
expires: Mon, 23 Oct 2023 02:47:33 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 372541
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b3f691dd015f1e89124ff513ef96aef9
1f8bc004da03321868fa1218f6c21916a944b2a0
5c74f21a5e9897d6671a87e1100749c46eda882c5d49aae706841f5968c5adab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1215
Cache-Control: max-age=150051
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 10:16:34 GMT
Etag: "6359fce6-1d7"
Expires: Sat, 29 Oct 2022 03:57:25 GMT
Last-Modified: Thu, 27 Oct 2022 03:37:10 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-94QYBVSJNV&cid=319829034.1666865793>m=2oeaq0&aip=1&z=1900510064
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-94QYBVSJNV&cid=319829034.1666865793>m=2oeaq0&aip=1&z=1900510064
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-94QYBVSJNV&cid=319829034.1666865793>m=2oeaq0&aip=1&z=1900510064 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 10:16:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
public.fbot.me/events/06cc9139-6a61-41fc-88db-9ec21e04eecf/profile/xhr
3.208.202.179200 OK 2 B URL HTTP/2 public.fbot.me/events/06cc9139-6a61-41fc-88db-9ec21e04eecf/profile/xhr
IP 3.208.202.179:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /events/06cc9139-6a61-41fc-88db-9ec21e04eecf/profile/xhr HTTP/1.1
Host: public.fbot.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Referer: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 10:16:34 GMT
content-length: 2
server: nginx/1.23.2
access-control-allow-origin: https://flaviar.com
access-control-allow-credentials: true
access-control-allow-methods: POST, GET
access-control-allow-headers: Authorization, Content-Type
info: {"connection":"upgrade","host":"public.fbot.me","x-forwarded-for":"91.90.42.154","x-forwarded-proto":"https","x-forwarded-port":"443","x-amzn-trace-id":"Root=1-635a5a82-67f913d472c189550b20e0c6","user-agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0","accept":"*/*","accept-language":"en-US,en;q=0.5","accept-encoding":"gzip, deflate, br","access-control-request-method":"POST","access-control-request-headers":"authorization,content-type","referer":"https://flaviar.com/","origin":"https://flaviar.com","sec-fetch-dest":"empty","sec-fetch-mode":"cors","sec-fetch-site":"cross-site"}
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f046e6113dd1e5e499c765516be08b17
c2253055e09b46209469853cad8720e64f84a1bf
18663a8f0b5d4d7581b771da6c2dc897bc2b82d51d7dac1a56d22f9bebab6fb3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 10:16:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ce5d09bafa968f66bc7828927cb90e05
d6445e57629d1fcb89ac2fefdc5071cf82f71a59
e6b4e02dcd04a13ac1c6ce72819b8f20b1b5555a516151264b9a685532c38632
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 10:16:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
public.fbot.me/events/06cc9139-6a61-41fc-88db-9ec21e04eecf/profile/xhr
3.208.202.179200 OK 514 B URL HTTP/2 public.fbot.me/events/06cc9139-6a61-41fc-88db-9ec21e04eecf/profile/xhr
IP 3.208.202.179:0
File type JSON data\012- , ASCII text, with very long lines (514), with no line terminators
Hash 1a8fcf84e17d061f786a805cd26534e6
36d1910c864dafd3dbd76930c865755442af1d88
cfc892357db2bb7d6e46f656696b3d10949ad0599d529f1df78356fc744ac840
POST /events/06cc9139-6a61-41fc-88db-9ec21e04eecf/profile/xhr HTTP/1.1
Host: public.fbot.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaviar.com/
Authorization:
Content-Type: application/json
Origin: https://flaviar.com
Content-Length: 215
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 10:16:34 GMT
content-type: application/json
content-length: 514
server: nginx/1.23.2
access-control-allow-origin: https://flaviar.com
set-cookie: globalId=05a87b03-cadb-4fcd-ad31-4b1c9f2ef260; Max-Age=315360000; Domain=.fbot.me; Path=/; HttpOnly; Secure; SameSite=None
access-control-allow-credentials: true
X-Firefox-Spdy: h2
aacdn.nagich.com/core/4.3.7/accessibility.js
172.67.68.188200 OK 14 kB URL HTTP/2 aacdn.nagich.com/core/4.3.7/accessibility.js
IP 172.67.68.188:0
File type Unicode text, UTF-8 text, with very long lines (42570), with no line terminators
Hash 299d2db303a27da1aca93b4aa22b9672
5e44ea47d094cc01856fb91c7873fe63e76ebe34
b5faa35672a34e974ff6ee2ee4c46974516be6e5e989c4338f82c0ae904a9a8c
GET /core/4.3.7/accessibility.js HTTP/1.1
Host: aacdn.nagich.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 10:16:33 GMT
content-type: application/javascript
cache-control: public, max-age=2204800
last-modified: Wed, 20 Jul 2022 11:28:32 GMT
etag: W/"03079d72b9cd81:0"
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: deny
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 2161551
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=74fROLN6HlE99pbhhrz1z1JzCIi4hsOwrdBvQ0d7PM9l6cuV4S7W5B8B4P0AEE3jOJfl5X64lAN6EY94jonUkoKRzbjyV5PO0mNAYQuB4PBB95YeDzY224373CNCa22IqPc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 760aad4baf330b49-OSL
content-encoding: br
X-Firefox-Spdy: h2
gandalf-eu.segmentify.com//get/key/v1.json?count=2
35.246.234.8200 31 B URL HTTP/1.1 gandalf-eu.segmentify.com//get/key/v1.json?count=2
IP 35.246.234.8:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type JSON data\012- , ASCII text, with no line terminators
Hash 34a4744e8cc6be04e50dbc63ae246c7c
9ac0ca0a43fede0fceba3db355732b11590b3474
cae68ed53bb3a1becf6025c7eb08bd0e8dbc5eae76f59ba7f1360b5809a5f2f6
GET //get/key/v1.json?count=2 HTTP/1.1
Host: gandalf-eu.segmentify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Encoding: br
Content-Type: application/json;charset=UTF-8
Date: Thu, 27 Oct 2022 10:16:34 GMT
Server: nginx
Transfer-Encoding: chunked
X-Server-Name: 399674c60029ffe99fbcb3b4975d245d
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash a63ea2903767bb46326d85331e42e34e
b113b248df6025ed117551b7baa1960316122415
4ba54e12a06237d2c396d93e1cf9513b066074df9993ee408ee2bfb365c5f3c6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 10:16:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-28959768-20&cid=319829034.1666865793&jid=1359382881&npa=1&_u=aCDAgEAjQAAAAEAAI~&z=548376404
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-28959768-20&cid=319829034.1666865793&jid=1359382881&npa=1&_u=aCDAgEAjQAAAAEAAI~&z=548376404
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-28959768-20&cid=319829034.1666865793&jid=1359382881&npa=1&_u=aCDAgEAjQAAAAEAAI~&z=548376404 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 10:16:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-28959768-1&cid=319829034.1666865793&jid=891760548&npa=1&_u=aCDAgEAjQAAAAEAAI~&z=752946954
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-28959768-1&cid=319829034.1666865793&jid=891760548&npa=1&_u=aCDAgEAjQAAAAEAAI~&z=752946954
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-28959768-1&cid=319829034.1666865793&jid=891760548&npa=1&_u=aCDAgEAjQAAAAEAAI~&z=752946954 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 10:16:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 26e60c83d7af169687cbd74f7ca924e0
00f7ceb935fe1cc423f95718a04076e4f5eca150
a041e2901d418b289c3129ce7c07a66e598f6d3ac076732635b0a9ac6fbabb89
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 10:16:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.facebook.com/tr/?id=1649789958596951&ev=PageView&dl=https%3A%2F%2Fflaviar.com%2F&rl=&if=false&ts=1666865794426&sw=1280&sh=1024&v=2.9.88&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1666865794422.169113202&eid=ob3_plugin-set_9f0286b5cfb0c3019f9d6ff1230641b25a78f80f0fb2e10b05587f7fe40a2d56&it=1666865793968&coo=false&tm=1&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1649789958596951&ev=PageView&dl=https%3A%2F%2Fflaviar.com%2F&rl=&if=false&ts=1666865794426&sw=1280&sh=1024&v=2.9.88&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1666865794422.169113202&eid=ob3_plugin-set_9f0286b5cfb0c3019f9d6ff1230641b25a78f80f0fb2e10b05587f7fe40a2d56&it=1666865793968&coo=false&tm=1&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1649789958596951&ev=PageView&dl=https%3A%2F%2Fflaviar.com%2F&rl=&if=false&ts=1666865794426&sw=1280&sh=1024&v=2.9.88&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1666865794422.169113202&eid=ob3_plugin-set_9f0286b5cfb0c3019f9d6ff1230641b25a78f80f0fb2e10b05587f7fe40a2d56&it=1666865793968&coo=false&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Thu, 27 Oct 2022 10:16:35 GMT
X-Firefox-Spdy: h2
beacon-v2.helpscout.net/
54.230.111.17200 OK 328 B IP 54.230.111.17:0
File type ASCII text, with very long lines (458), with no line terminators
Hash 36971613ee7da8c4cfcf37624dc21535
69d60f3e11c3605519fadbd7456876aea9ed5604
44bc8bb90a38adc6689a5b239fb58615e4928810617821da0b1762249ff69692
GET / HTTP/1.1
Host: beacon-v2.helpscout.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 328
last-modified: Fri, 21 Oct 2022 15:46:33 GMT
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Thu, 27 Oct 2022 10:15:51 GMT
cache-control: max-age=120, s-maxage=120, public
etag: "36971613ee7da8c4cfcf37624dc21535"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2_iYEdOvKST5W6oa9cwxd6q3klBYa_-WcgpQFNO0MKhUHOWvpkqSVA==
age: 55
X-Firefox-Spdy: h2
beacon-v2.helpscout.net/static/js/vendor.06c7227b.js
54.230.111.17200 OK 22 kB URL HTTP/2 beacon-v2.helpscout.net/static/js/vendor.06c7227b.js
IP 54.230.111.17:0
File type ASCII text, with very long lines (64482), with no line terminators
Hash 3f4a5cbde86a1c38d64756f63411e950
4f660ae52eb3e6c2fb9b07232a39f7dbd8fc920b
bf7ee1af4166e65a9d8aa2587a87f4a22965e9917c1f222c6ddb985fa2397d88
GET /static/js/vendor.06c7227b.js HTTP/1.1
Host: beacon-v2.helpscout.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 22285
last-modified: Fri, 21 Oct 2022 15:46:34 GMT
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Thu, 27 Oct 2022 08:25:48 GMT
cache-control: max-age=315360000, s-maxage=7200, public
etag: "3f4a5cbde86a1c38d64756f63411e950"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QcGpVMSB32D_8Aaz7Il_URovYFRwFXnWTMF-_mkDQvq1u91omsDnLw==
age: 6649
X-Firefox-Spdy: h2
beacon-v2.helpscout.net/static/js/main.851b6206.js
54.230.111.17200 OK 9.7 kB URL HTTP/2 beacon-v2.helpscout.net/static/js/main.851b6206.js
IP 54.230.111.17:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (24956)
Hash e81d1139b42169d1465671d20714f09c
177f08d314e1824ade1ffd099b57297d7469bc7d
9d2fa5e7e2b2aab9b325f87fc0a231fa6d74dd957a7aa88229d9c64227056840
GET /static/js/main.851b6206.js HTTP/1.1
Host: beacon-v2.helpscout.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 9696
last-modified: Fri, 21 Oct 2022 15:46:34 GMT
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Thu, 27 Oct 2022 08:25:33 GMT
cache-control: max-age=315360000, s-maxage=7200, public
etag: "e81d1139b42169d1465671d20714f09c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gRsdOYDAdYb4DwIveYaZeNjirEzybm4q1Sfv_qvVO2naEbYQy-ba1g==
age: 6664
X-Firefox-Spdy: h2
sc-static.net/scevent.min.js
54.230.82.240200 OK 12 kB URL HTTP/2 sc-static.net/scevent.min.js
IP 54.230.82.240:0
File type ASCII text, with very long lines (27662), with no line terminators
Hash 599ac934f2d697f304bb4981384e6ae1
a866b414d7cc3e9aea733b321ca106887d6a1224
7ab5dda992f7bfca9000338ffc7894fc3193ce37959d4ca560fa3196cc51db67
GET /scevent.min.js HTTP/1.1
Host: sc-static.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 11954
server: CloudFront
date: Thu, 27 Oct 2022 10:16:35 GMT
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Content-Type
cache-control: private, s-maxage=0, max-age=600
set-cookie: X-AB=0d6e407936704bd380072f5891d28b0e;max-age=86400;expires=Fri, 28 Oct 2022 09:14:52 GMT;Path=/scevent.min.js; Secure; SameSite=None
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: AntXg4jEN-lybffu0BOZGOZXhkuqT0D4L-Nm3_JlaGQV5eIy53kTmg==
X-Firefox-Spdy: h2
www.redditstatic.com/ads/pixel.js
151.101.85.140200 OK 7.7 kB URL HTTP/2 www.redditstatic.com/ads/pixel.js
IP 151.101.85.140:0
File type ASCII text, with very long lines (25224)
Hash 95212d33cfff78ad59f5af5b20c48c53
9b99a4091a6eb716bc68f1428e3c86eca068b25b
bd69f250efa08cb2c0a06c35d91fda762779820d87779019c25211f4559ebb1d
GET /ads/pixel.js HTTP/1.1
Host: www.redditstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 19 Jul 2022 22:48:09 GMT
etag: "95212d33cfff78ad59f5af5b20c48c53"
cache-control: public, max-age=60
content-encoding: gzip
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 27 Oct 2022 10:16:35 GMT
vary: Accept-Encoding,Origin
server: snooserv
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-length: 7722
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash c16685d68ca10bd35de4a08eff98d309
77026dbd64fc0cd992744b0a254e3ec1abc3ad38
7bf812553784e02e711b5442d116cec0a68cf67d7caa4618c96b0abbeed48814
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5338
Cache-Control: max-age=149142
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 10:16:35 GMT
Etag: "6359e93f-138"
Expires: Sat, 29 Oct 2022 03:42:17 GMT
Last-Modified: Thu, 27 Oct 2022 02:13:19 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
93.184.220.29200 OK 28 kB IP 93.184.220.29:0
Hash 74a82d37de350c4b32dbd51d582d0cd8
a005d2cdfe0e8bbb0870c39fd9571fc93483d073
704714066ddf8d5ce2118e1bbc4f0ca5aa516f3c9af06667c4a1030fc1af194d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3494
Cache-Control: max-age=120274
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 10:16:35 GMT
Etag: "63597fb0-2d7"
Expires: Fri, 28 Oct 2022 19:41:09 GMT
Last-Modified: Wed, 26 Oct 2022 18:42:56 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 727
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 30bc5dd4562c1c4569dec3f1efed36a8
bcc6e9d92080e97c6ebee153841053e795c42705
606f06c39f2ad2e02b69e91fbc62594e621186c81510a22e13b21b983785d335
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 592
Cache-Control: max-age=157341
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 10:16:35 GMT
Etag: "635a1bd0-1d7"
Expires: Sat, 29 Oct 2022 05:58:56 GMT
Last-Modified: Thu, 27 Oct 2022 05:49:04 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 30bc5dd4562c1c4569dec3f1efed36a8
bcc6e9d92080e97c6ebee153841053e795c42705
606f06c39f2ad2e02b69e91fbc62594e621186c81510a22e13b21b983785d335
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3924
Cache-Control: max-age=160673
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 10:16:35 GMT
Etag: "635a1bd0-1d7"
Expires: Sat, 29 Oct 2022 06:54:28 GMT
Last-Modified: Thu, 27 Oct 2022 05:49:04 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
tr.snapchat.com/cm/i?pid=b838e1c8-e5cb-4d99-bda2-d5594b71ff41&u_scsid=a18903cf-c7fe-4299-a94e-59cc063beacf&u_sclid=9528c804-0c4f-4e60-89b5-ade88bcd917a
35.190.43.134200 OK 0 B URL HTTP/2 tr.snapchat.com/cm/i?pid=b838e1c8-e5cb-4d99-bda2-d5594b71ff41&u_scsid=a18903cf-c7fe-4299-a94e-59cc063beacf&u_sclid=9528c804-0c4f-4e60-89b5-ade88bcd917a
IP 35.190.43.134:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/i?pid=b838e1c8-e5cb-4d99-bda2-d5594b71ff41&u_scsid=a18903cf-c7fe-4299-a94e-59cc063beacf&u_sclid=9528c804-0c4f-4e60-89b5-ade88bcd917a HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 10:16:35 GMT
content-type: text/html
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 0
x-envoy-upstream-service-time: 0
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
beacon-v2.helpscout.net/static/js/full-beacon-init.332e8c49.chunk.js
54.230.111.17200 OK 101 kB URL HTTP/2 beacon-v2.helpscout.net/static/js/full-beacon-init.332e8c49.chunk.js
IP 54.230.111.17:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 101 kB (101305 bytes)
Hash 4e629afbf6f1edbf291412993beec634
c3d903dbf49c9241cfe55196e5b5f1388a413ecc
37de53f72994f33c9b46526add6c5312a3af74f18669a081d05999729811084c
GET /static/js/full-beacon-init.332e8c49.chunk.js HTTP/1.1
Host: beacon-v2.helpscout.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 101305
last-modified: Fri, 21 Oct 2022 15:46:34 GMT
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Thu, 27 Oct 2022 09:56:07 GMT
cache-control: max-age=315360000, s-maxage=7200, public
etag: "4e629afbf6f1edbf291412993beec634"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wqvp1UrUpEYpEIMgs_19bJhUJQZWkztH7bmgJKtxrKm1SjDl0hLADA==
age: 1232
X-Firefox-Spdy: h2
shop.pe/widget/widget_async.js
35.227.244.1301 Moved Permanently 178 B URL HTTP/2 shop.pe/widget/widget_async.js
IP 35.227.244.1:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /widget/widget_async.js HTTP/1.1
Host: shop.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 27 Oct 2022 10:16:35 GMT
content-type: text/html
content-length: 178
location: https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
x-frame-options: deny
content-security-policy: frame-ancestors none;
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tr.snapchat.com/p?pid=b838e1c8-e5cb-4d99-bda2-d5594b71ff41&ev=PAGE_VIEW&intg=gtm&pl=https%3A%2F%2Fflaviar.com%2F&bt=1d53c387&if=false&m_dcl=2719&m_fcps=2634&m_pi=2586&m_pl=4300&m_pv=v2&m_rd=4581&m_sl=4475&rf=&trackId=1cdb4204-ee54-4a58-bc89-78994cef1c4e&ts=1666865794767&u_c1=d1bbbbd6-7a1d-42b7-9ef2-aff5a6777cd9&u_sclid=9528c804-0c4f-4e60-89b5-ade88bcd917a&u_scsid=a18903cf-c7fe-4299-a94e-59cc063beacf&v=2.0.0
35.190.43.134200 OK 68 B URL HTTP/2 tr.snapchat.com/p?pid=b838e1c8-e5cb-4d99-bda2-d5594b71ff41&ev=PAGE_VIEW&intg=gtm&pl=https%3A%2F%2Fflaviar.com%2F&bt=1d53c387&if=false&m_dcl=2719&m_fcps=2634&m_pi=2586&m_pl=4300&m_pv=v2&m_rd=4581&m_sl=4475&rf=&trackId=1cdb4204-ee54-4a58-bc89-78994cef1c4e&ts=1666865794767&u_c1=d1bbbbd6-7a1d-42b7-9ef2-aff5a6777cd9&u_sclid=9528c804-0c4f-4e60-89b5-ade88bcd917a&u_scsid=a18903cf-c7fe-4299-a94e-59cc063beacf&v=2.0.0
IP 35.190.43.134:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /p?pid=b838e1c8-e5cb-4d99-bda2-d5594b71ff41&ev=PAGE_VIEW&intg=gtm&pl=https%3A%2F%2Fflaviar.com%2F&bt=1d53c387&if=false&m_dcl=2719&m_fcps=2634&m_pi=2586&m_pl=4300&m_pv=v2&m_rd=4581&m_sl=4475&rf=&trackId=1cdb4204-ee54-4a58-bc89-78994cef1c4e&ts=1666865794767&u_c1=d1bbbbd6-7a1d-42b7-9ef2-aff5a6777cd9&u_sclid=9528c804-0c4f-4e60-89b5-ade88bcd917a&u_scsid=a18903cf-c7fe-4299-a94e-59cc063beacf&v=2.0.0 HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 10:16:35 GMT
access-control-allow-origin: *
cache-control: no-cache, no-transform
set-cookie: sc_at=v2|H4sIAAAAAAAAAAXBgQ0AIAgDsItIUNmc52jQKzjetmee3nBNV7KAH9vKaXsIgy8i/VU1kiLmQvkHhtjVgzIAAAA=;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
content-type: image/png
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 68
x-envoy-upstream-service-time: 1
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 30bc5dd4562c1c4569dec3f1efed36a8
bcc6e9d92080e97c6ebee153841053e795c42705
606f06c39f2ad2e02b69e91fbc62594e621186c81510a22e13b21b983785d335
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 592
Cache-Control: max-age=157341
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 10:16:35 GMT
Etag: "635a1bd0-1d7"
Expires: Sat, 29 Oct 2022 05:58:56 GMT
Last-Modified: Thu, 27 Oct 2022 05:49:04 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 28682699adfd6c7764de791010f3a7f7
06e375b195585864847852c206e1c2744a44dc0f
9de46685d7557a3d9d17a0eaaed36384a49195e3263c3e75dfed7cdc30d94e09
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3494
Cache-Control: max-age=120274
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 10:16:35 GMT
Etag: "63597fb0-2d7"
Expires: Fri, 28 Oct 2022 19:41:09 GMT
Last-Modified: Wed, 26 Oct 2022 18:42:56 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 727
tr.snapchat.com/hm
35.190.43.134200 OK 0 B IP 35.190.43.134:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /hm HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://flaviar.com
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-headers: Authorization,Content-Type,x-grpc-web,X-Snap-Route-Tag,x-cof-user-agent,x-snap-client-user-agent,bitmoji-token,X-Snap-Access-Token
access-control-max-age: 600
date: Thu, 27 Oct 2022 10:16:35 GMT
server: API Gateway
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fbcapi.flaviar.com/events
54.153.41.73200 OK 0 B URL HTTP/2 fbcapi.flaviar.com/events
IP 54.153.41.73:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /events HTTP/1.1
Host: fbcapi.flaviar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 321
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Cookie: _ga_94QYBVSJNV=GS1.1.1666865792.1.0.1666865792.60.0.0; _ga=GA1.2.319829034.1666865793; _gid=GA1.2.220026219.1666865794; _dc_gtm_UA-28959768-20=1; _dc_gtm_UA-28959768-1=1; _sgf_user_id=21111226989150209; _sgf_session_id=21111226989150208; _fbp=fb.1.1666865794422.169113202
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 10:16:35 GMT
content-length: 0
vary: origin
access-control-allow-credentials: true
access-control-allow-origin: https://flaviar.com
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 53996cdcdfc96d688c8be74fea2734a2
8811938010ce528668efbcbd52644f794430e62c
c77933ce4d6c95f5c2704d5ed65a6b08ccd18340327bbc2423a0f27a694286b2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5134
Cache-Control: max-age=152140
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 10:16:35 GMT
Etag: "6359f5c1-139"
Expires: Sat, 29 Oct 2022 04:32:15 GMT
Last-Modified: Thu, 27 Oct 2022 03:06:41 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 313
gum.criteo.com/syncframe?topUrl=flaviar.com&origin=onetag&us_privacy=1---
178.250.2.146200 OK 5.1 kB URL HTTP/2 gum.criteo.com/syncframe?topUrl=flaviar.com&origin=onetag&us_privacy=1---
IP 178.250.2.146:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (13465)
Hash 92171b174fa2960878ac6d29dbd72f53
04ec360415648ac314cfdc69ecf668e4b06654fc
f2927b54e95fe0de99a2f4c7744485bfb0f4e0e6d63f88b8b432b759225a4a96
GET /syncframe?topUrl=flaviar.com&origin=onetag&us_privacy=1--- HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 10:16:35 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=0f9f066e-5f1d-44c8-a4ce-d2b172a075d6; expires=Tue, 21 Nov 2023 10:16:35 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 317647
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
d3hb14vkzrxvla.cloudfront.net/v1/00e580f3-b08f-44e2-b7b0-5949db5bfaf3
54.230.245.184200 OK 0 B URL HTTP/2 d3hb14vkzrxvla.cloudfront.net/v1/00e580f3-b08f-44e2-b7b0-5949db5bfaf3
IP 54.230.245.184:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v1/00e580f3-b08f-44e2-b7b0-5949db5bfaf3 HTTP/1.1
Host: d3hb14vkzrxvla.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: beacon-device-id,correlationid,helpscout-origin,helpscout-release
Referer: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
date: Thu, 27 Oct 2022 10:16:35 GMT
access-control-allow-origin: https://flaviar.com
access-control-allow-methods: GET
access-control-allow-headers: beacon-device-id, correlationid, helpscout-origin, helpscout-release
access-control-allow-credentials: true
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
x-ratelimit-limit-identify-hour: 25
x-ratelimit-remaining-identify-hour: 25
x-ratelimit-limit-general-minute: 60
x-ratelimit-remaining-general-minute: 60
x-ratelimit-limit-conversations-hour: 10
x-ratelimit-remaining-conversations-hour: 10
x-ratelimit-limit-attachments-hour: 10
x-ratelimit-remaining-attachments-hour: 10
x-ratelimit-limit-chat-tokens-hour: 25
x-ratelimit-remaining-chat-tokens-hour: 25
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin,Access-Control-Request-Method
x-cache: Miss from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: C3U_gvCusrdwTiahmEFPuO-MWGHEw0TIMWesx7Fc2KVrRfEDCf9ACw==
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 46c0296d1866ea007b39e008dddfb535
6b11ab2e1e63301c729f81b2213892d20cf8d026
c51a15ddd6b54686ab05e1f8bcb1252242033eb80158548f1bbb0fd59ac9e736
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=132730
Date: Thu, 27 Oct 2022 10:16:35 GMT
Etag: "6359af74-1d7"
Expires: Fri, 28 Oct 2022 23:08:45 GMT
Last-Modified: Wed, 26 Oct 2022 22:06:44 GMT
Server: ECS (nyb/1D07)
X-Cache: Miss from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ziPMcsaynUVaoFAO-41_fWtmkFpgy4icp8v5YYNrMwFl7Y_ziJYiJA==
Age: 3721
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash fc9a0d7c674f145c17a3ab5e2c6bd05f
b419323ec888429463b033bbf8da48487ca1ed78
f170822273337af181bb5619357200fc1b1be0cd9eda5574afeae362fd708769
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=150073
Date: Thu, 27 Oct 2022 10:16:35 GMT
Etag: "6359eaa9-1d7"
Expires: Sat, 29 Oct 2022 03:57:48 GMT
Last-Modified: Thu, 27 Oct 2022 02:19:21 GMT
Server: ECS (nyb/1D0F)
X-Cache: Miss from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 7u-0Tj51ImIISS_ospvD6se4vcw5k9-TWWXx3A74tml5PcKaxOvSIQ==
Age: 5907
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash fc9a0d7c674f145c17a3ab5e2c6bd05f
b419323ec888429463b033bbf8da48487ca1ed78
f170822273337af181bb5619357200fc1b1be0cd9eda5574afeae362fd708769
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=149894
Date: Thu, 27 Oct 2022 10:16:35 GMT
Etag: "6359eaa9-1d7"
Expires: Sat, 29 Oct 2022 03:54:49 GMT
Last-Modified: Thu, 27 Oct 2022 02:19:21 GMT
Server: ECS (bsa/EB1A)
X-Cache: Miss from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: BLSsMU5KN9vlbOlR9kyOxgY327WFc4dcO3EbJXTHgEq4-k3pr1RdSQ==
Age: 5728
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash b72ade62e81d6b476ef9533d1e53d9ab
356e9c26f6c733368e21dc54c8c6c39bb8043485
1cb6d22a51bbcc85b5ea63db4215527ce72b7c7c1e23f142405b60bbe915be3f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 574
Cache-Control: max-age=168840
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 10:16:35 GMT
Etag: "635a48cd-13a"
Expires: Sat, 29 Oct 2022 09:10:35 GMT
Last-Modified: Thu, 27 Oct 2022 09:01:01 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash b72ade62e81d6b476ef9533d1e53d9ab
356e9c26f6c733368e21dc54c8c6c39bb8043485
1cb6d22a51bbcc85b5ea63db4215527ce72b7c7c1e23f142405b60bbe915be3f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 574
Cache-Control: max-age=168840
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 10:16:35 GMT
Etag: "635a48cd-13a"
Expires: Sat, 29 Oct 2022 09:10:35 GMT
Last-Modified: Thu, 27 Oct 2022 09:01:01 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 314
api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
75.2.40.13200 OK 18 B URL HTTP/2 api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
IP 75.2.40.13:0
File type ASCII text, with no line terminators
Hash cc7fd95a87ea3721ce1853bf3c4dd75e
7f687f7881adf0fc407378d375a61b8f198c0912
0f06a4c8d34690d4e42c81f232a5bdfe9fcbde8a54b5ccd0609a313e90da0879
OPTIONS /v1/personalize/simple?pageviews=1&isMobile=0 HTTP/1.1
Host: api.sail-personalize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-lib-version,x-referring-url
Referer: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 10:16:35 GMT
content-type: text/plain
content-length: 18
access-control-allow-origin: https://flaviar.com
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: OPTIONS,GET,POST,PUT,DELETE
access-control-allow-headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
allow: HEAD,GET,OPTIONS
X-Firefox-Spdy: h2
rb9yp8py.flaviar.com/assets/wxyz.rb.js
159.203.152.67200 OK 10 kB URL HTTP/1.1 rb9yp8py.flaviar.com/assets/wxyz.rb.js
IP 159.203.152.67:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (347)
Hash 28da32c8a3559274180a454ca5231e08
37b980c1eaa6fb94ae0bea7ff55e2ccbb6319ae7
6e9d6535db0d92b4bf9c7263eafa6fd552da77999bd86eb5e2f0e3d97aeebc62
GET /assets/wxyz.rb.js HTTP/1.1
Host: rb9yp8py.flaviar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaviar.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Thu, 27 Oct 2022 10:16:35 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
75.2.40.13200 OK 194 B URL HTTP/2 api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
IP 75.2.40.13:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1d5d23252fdb5cbd34ad6b83b7275f85
036f2e01414019a23188548502e54b10d56f9560
c6776d9b04e8e6ae5f212e5abaeb48cb0284d1a236f8dd6a6e1ddc57340fd7f8
GET /v1/personalize/simple?pageviews=1&isMobile=0 HTTP/1.1
Host: api.sail-personalize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaviar.com/
authorization: Bearer 65de79281e7de94b00f804e81e0d65c0
content-type: application/json
x-lib-version: v1.0.1
x-referring-url: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 10:16:35 GMT
content-type: application/json
content-length: 194
access-control-allow-origin: *
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-store
expires: -1
allowedheaders: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
allowedorigins: *
allowedmethods: GET,OPTIONS
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/landing?gcs=G111&rnd=1147507251.1666865795&url=https%3A%2F%2Fflaviar.com%2F>m=2wgaq0K4F6SWQ&auid=2057797579.1666865795
142.250.74.66200 OK 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/landing?gcs=G111&rnd=1147507251.1666865795&url=https%3A%2F%2Fflaviar.com%2F>m=2wgaq0K4F6SWQ&auid=2057797579.1666865795
IP 142.250.74.66:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/landing?gcs=G111&rnd=1147507251.1666865795&url=https%3A%2F%2Fflaviar.com%2F>m=2wgaq0K4F6SWQ&auid=2057797579.1666865795 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaviar.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 10:16:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 27-Oct-2022 10:31:36 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
splow.flaviar.com/com.snowplowanalytics.snowplow/tp2
172.66.40.91200 OK 0 B URL HTTP/2 splow.flaviar.com/com.snowplowanalytics.snowplow/tp2
IP 172.66.40.91:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: splow.flaviar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 10:16:36 GMT
content-length: 0
access-control-allow-origin: https://flaviar.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-max-age: 5
x-robots-tag: noindex, nofollow, nosnippet, noarchive
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ALNoiR2HUjtCYcn%2FTM%2FYrFurX7J5vZAALvNdwV7y73X6PBtckyd9MAIWTeEuwnwKhBDtOM5jG4G7r6I4ybh%2BlqvKzAJAgmcjhq1k2wSi8FwG66D46bK6w0kBpYBhW243cNRH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 760aad555dcbb50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rb9yp8py.flaviar.com/integrations?source=flaviar
159.203.152.67200 OK 59 B URL HTTP/1.1 rb9yp8py.flaviar.com/integrations?source=flaviar
IP 159.203.152.67:0
ASN #14061 DIGITALOCEAN-ASN
Hash b13b075ac18d7ecbf705dad11323402e
124e2c4307c6beabfd3e751f14a4f7acb02eb6ce
03db7011ba06ed159ca1b7dee62dc5a01ee2d0a3d6f3b0294004cd455251b7f2
GET /integrations?source=flaviar HTTP/1.1
Host: rb9yp8py.flaviar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Cookie: _ga_94QYBVSJNV=GS1.1.1666865792.1.0.1666865792.60.0.0; _ga=GA1.2.319829034.1666865793; _gid=GA1.2.220026219.1666865794; _dc_gtm_UA-28959768-20=1; _dc_gtm_UA-28959768-1=1; _sgf_user_id=21111226989150209; _sgf_session_id=21111226989150208; _fbp=fb.1.1666865794422.169113202; _gcl_au=1.1.2057797579.1666865795; _rdt_uuid=1666865794738.ba1e82d2-8404-4860-b01e-ba40979737d6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: openresty
Date: Thu, 27 Oct 2022 10:16:36 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
flask.nextdoor.com/pixel?pid=ee9a8748-65eb-47b1-b84d-1953b8f4c959&ev=PAGE_VIEW&pl=https%3A%2F%2Fflaviar.com%2F&ndclid=&rf=&sem=&tm=0
44.229.18.91204 No Content 0 B URL HTTP/2 flask.nextdoor.com/pixel?pid=ee9a8748-65eb-47b1-b84d-1953b8f4c959&ev=PAGE_VIEW&pl=https%3A%2F%2Fflaviar.com%2F&ndclid=&rf=&sem=&tm=0
IP 44.229.18.91:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?pid=ee9a8748-65eb-47b1-b84d-1953b8f4c959&ev=PAGE_VIEW&pl=https%3A%2F%2Fflaviar.com%2F&ndclid=&rf=&sem=&tm=0 HTTP/1.1
Host: flask.nextdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 27 Oct 2022 10:16:36 GMT
server: istio-envoy
context-id: 083c5c50-4f13-458f-a785-6637773486a3
x-envoy-upstream-service-time: 1
X-Firefox-Spdy: h2
rb9yp8py.flaviar.com/v2/rb?url=https%3A%2F%2Fflaviar.com%2F&action=view&source=flaviar&rb_source=flaviar&script_version=wxyz.rb.js&sessionId=a4be4697-71e1-4f11-9826-447d53401aa2&uid=rbos-6ae6473b-157e-44eb-95d6-0b866ed6fcd7
159.203.152.67200 OK 44 B URL HTTP/1.1 rb9yp8py.flaviar.com/v2/rb?url=https%3A%2F%2Fflaviar.com%2F&action=view&source=flaviar&rb_source=flaviar&script_version=wxyz.rb.js&sessionId=a4be4697-71e1-4f11-9826-447d53401aa2&uid=rbos-6ae6473b-157e-44eb-95d6-0b866ed6fcd7
IP 159.203.152.67:0
ASN #14061 DIGITALOCEAN-ASN
File type GIF image data, version 89a, 1 x 1\012- data
Hash 75e9566b8523b76993b790444d697848
46bcf0fe72739cd1bc11b7d525d6fdaf4533a845
039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d
GET /v2/rb?url=https%3A%2F%2Fflaviar.com%2F&action=view&source=flaviar&rb_source=flaviar&script_version=wxyz.rb.js&sessionId=a4be4697-71e1-4f11-9826-447d53401aa2&uid=rbos-6ae6473b-157e-44eb-95d6-0b866ed6fcd7 HTTP/1.1
Host: rb9yp8py.flaviar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Cookie: _ga_94QYBVSJNV=GS1.1.1666865792.1.0.1666865792.60.0.0; _ga=GA1.2.319829034.1666865793; _gid=GA1.2.220026219.1666865794; _dc_gtm_UA-28959768-20=1; _dc_gtm_UA-28959768-1=1; _sgf_user_id=21111226989150209; _sgf_session_id=21111226989150208; _fbp=fb.1.1666865794422.169113202; _gcl_au=1.1.2057797579.1666865795; _rdt_uuid=1666865794738.ba1e82d2-8404-4860-b01e-ba40979737d6; cto_bundle=vLYB1l9oQWhFcHVGQ1Z6SGhBVHJmQzl4amI3V0R6b0prbWFjV1F0V3JRRUxJJTJCRWZ4ZFJZeVVQa2NQV0w3cnJCdzBRVWlPd0pjUnJhczRPOXRSQllZJTJGT2JvY2FHb3gxJTJCRyUyQmNtSUpVTU5vSDdmN2owbDVHQnk5cU5lSjAwY1R5amdMRFJhc3RFZU9xUmVOSVIyV29sOGh3R2NGQSUzRCUzRA; rbuid=rbos-6ae6473b-157e-44eb-95d6-0b866ed6fcd7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: openresty
Date: Thu, 27 Oct 2022 10:16:36 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: rbuid=rbos-6ae6473b-157e-44eb-95d6-0b866ed6fcd7; domain=flaviar.com; path=/;Max-Age=2592000; SameSite=None; Secure
amplify.outbrain.com/cp/obtp.js
23.38.201.81200 OK 3.5 kB URL HTTP/1.1 amplify.outbrain.com/cp/obtp.js
IP 23.38.201.81:0
File type ASCII text, with very long lines (8656), with no line terminators
Hash 6cff2cb49ee772adf066904fd18efd9a
8b876016198b0fc9862d2b6e29a80251c5422e72
85d26923c638ce50f36f7b69f9f50d2a6d6863abed574af143e24a14a343f9d2
GET /cp/obtp.js HTTP/1.1
Host: amplify.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "0d5508c59e34b5d35cde5aea2aa1c2fd:1665301953.026714"
Last-Modified: Sun, 09 Oct 2022 07:50:08 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1200
Expires: Thu, 27 Oct 2022 10:36:36 GMT
Date: Thu, 27 Oct 2022 10:16:36 GMT
Content-Length: 3471
Connection: keep-alive
gandalf-eu.segmentify.com//add/events/v1.json?apiKey=06e2e4b6-5e17-4dbf-9574-c462c3d742d7
35.246.234.8200 OK 0 B URL HTTP/1.1 gandalf-eu.segmentify.com//add/events/v1.json?apiKey=06e2e4b6-5e17-4dbf-9574-c462c3d742d7
IP 35.246.234.8:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS //add/events/v1.json?apiKey=06e2e4b6-5e17-4dbf-9574-c462c3d742d7 HTTP/1.1
Host: gandalf-eu.segmentify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-sfy-api-key
Referer: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type, Accept, Authorization, X-Switch-User, X-Switch-Account, X-Switch-Region, X-Sfy-Api-Key
Access-Control-Allow-Methods: GET, POST, PUT, DELETE
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3600
Connection: keep-alive
Content-Length: 0
Content-Type: application/json
Date: Thu, 27 Oct 2022 10:16:36 GMT
Server: nginx
X-Server-Name: 954b0a27b6131b61ce7ca07d0e642523
d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
143.204.55.91200 OK 906 B URL HTTP/2 d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
IP 143.204.55.91:0
File type ASCII text, with very long lines (559)
Hash 0e44a7714ef31a605e8e84281c24a930
415f9ffa410ab2b537e04c34e89781b2c89effb2
8e69ca11c764b61cce214c20fd09e06103e61568668ddea2423f58647665f23c
GET /widget/widget_async.js HTTP/1.1
Host: d3rr3d0n31t48m.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 906
last-modified: Wed, 26 Oct 2022 15:29:48 GMT
content-encoding: gzip
x-amz-meta-mtime: 1666798187.42
accept-ranges: bytes
server: AmazonS3
date: Thu, 27 Oct 2022 09:30:38 GMT
cache-control: max-age=3600, public
etag: "0e44a7714ef31a605e8e84281c24a930"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: j-wBXD69PFFh4GamjV3ZndX28juqxJqzKd55bhPdqw1ifE0_uxg5Rg==
age: 2768
X-Firefox-Spdy: h2
static.ads-twitter.com/uwt.js
151.101.84.157200 OK 15 kB URL HTTP/2 static.ads-twitter.com/uwt.js
IP 151.101.84.157:0
File type ASCII text, with very long lines (57443), with no line terminators
Hash 1e9c4d503a9e162d8b549dc3d9c040e2
1fa99d7d7e878cdd45567af4b0c3c65542036c1d
f936c0124c595fe5d0c7858277f3a5f3bd104de39d36ac92557501fa1dec8563
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 30 Aug 2022 20:19:10 GMT
cache-control: no-cache
content-type: application/javascript; charset=utf-8
content-encoding: gzip
etag: "d4de8398858246712016031c834bb061+gzip+gzip"
accept-ranges: bytes
date: Thu, 27 Oct 2022 10:16:36 GMT
x-served-by: cache-iad-kcgs7200165-IAD, cache-bma1652-BMA
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15317
X-Firefox-Spdy: h2
bat.bing.com/bat.js
13.107.21.200200 OK 11 kB IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (38826), with no line terminators
Hash 293ae3e0fc8b0d5c143fdf9d8490228d
3976c659b908e70818a3a1ac71860b497fe2d1a9
04a840d967ae836e14179bde574cabf14a1fc871182ca0f8193e7a0b06c727ab
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11367
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ranges: bytes
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
set-cookie: MUID=375D71D207AE60BC0A02639806F96145; domain=.bing.com; expires=Tue, 21-Nov-2023 10:16:36 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 80ED0B5D46CF4C6A9911C51295795A46 Ref B: OSL30EDGE0415 Ref C: 2022-10-27T10:16:36Z
date: Thu, 27 Oct 2022 10:16:36 GMT
X-Firefox-Spdy: h2
gandalf-eu.segmentify.com//add/events/v1.json?apiKey=06e2e4b6-5e17-4dbf-9574-c462c3d742d7
35.246.234.8200 7.9 kB URL HTTP/1.1 gandalf-eu.segmentify.com//add/events/v1.json?apiKey=06e2e4b6-5e17-4dbf-9574-c462c3d742d7
IP 35.246.234.8:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type JSON data\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (34285), with no line terminators
Hash 09ccf8b259c4e51f3970ea4eebe5c8fc
ae4bc257e09b8d86096bf8f26e11e3ed6d6e292b
d97792cc46962aefb9b42bbfef03f2d0b185ce7dc59c089ff797bef7dddeb3f6
POST //add/events/v1.json?apiKey=06e2e4b6-5e17-4dbf-9574-c462c3d742d7 HTTP/1.1
Host: gandalf-eu.segmentify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
X-Sfy-Api-Key: 06e2e4b6-5e17-4dbf-9574-c462c3d742d7
Content-Length: 1143
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Encoding: br
Content-Type: application/json;charset=UTF-8
Date: Thu, 27 Oct 2022 10:16:36 GMT
Server: nginx
Transfer-Encoding: chunked
X-Server-Name: e50eafe57688af3a47ec4fb3140ed864
sslwidget.criteo.com/event?a=95340&v=5.12.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3Dundefined%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.1.0&p3=e%3Ddis&adce=1&bundle=vLYB1l9oQWhFcHVGQ1Z6SGhBVHJmQzl4amI3V0R6b0prbWFjV1F0V3JRRUxJJTJCRWZ4ZFJZeVVQa2NQV0w3cnJCdzBRVWlPd0pjUnJhczRPOXRSQllZJTJGT2JvY2FHb3gxJTJCRyUyQmNtSUpVTU5vSDdmN2owbDVHQnk5cU5lSjAwY1R5amdMRFJhc3RFZU9xUmVOSVIyV29sOGh3R2NGQSUzRCUzRA&tld=flaviar.com&dy=1&fu=https%253A%252F%252Fflaviar.com%252F&dtycbr=87878&cs=1---&cv=1
178.250.0.163302 Found 0 B URL HTTP/2 sslwidget.criteo.com/event?a=95340&v=5.12.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3Dundefined%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.1.0&p3=e%3Ddis&adce=1&bundle=vLYB1l9oQWhFcHVGQ1Z6SGhBVHJmQzl4amI3V0R6b0prbWFjV1F0V3JRRUxJJTJCRWZ4ZFJZeVVQa2NQV0w3cnJCdzBRVWlPd0pjUnJhczRPOXRSQllZJTJGT2JvY2FHb3gxJTJCRyUyQmNtSUpVTU5vSDdmN2owbDVHQnk5cU5lSjAwY1R5amdMRFJhc3RFZU9xUmVOSVIyV29sOGh3R2NGQSUzRCUzRA&tld=flaviar.com&dy=1&fu=https%253A%252F%252Fflaviar.com%252F&dtycbr=87878&cs=1---&cv=1
IP 178.250.0.163:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event?a=95340&v=5.12.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3Dundefined%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.1.0&p3=e%3Ddis&adce=1&bundle=vLYB1l9oQWhFcHVGQ1Z6SGhBVHJmQzl4amI3V0R6b0prbWFjV1F0V3JRRUxJJTJCRWZ4ZFJZeVVQa2NQV0w3cnJCdzBRVWlPd0pjUnJhczRPOXRSQllZJTJGT2JvY2FHb3gxJTJCRyUyQmNtSUpVTU5vSDdmN2owbDVHQnk5cU5lSjAwY1R5amdMRFJhc3RFZU9xUmVOSVIyV29sOGh3R2NGQSUzRCUzRA&tld=flaviar.com&dy=1&fu=https%253A%252F%252Fflaviar.com%252F&dtycbr=87878&cs=1---&cv=1 HTTP/1.1
Host: sslwidget.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 27 Oct 2022 10:16:35 GMT
server: Kestrel
content-length: 0
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
expires: 0
location: https://widget.us.criteo.com/event?a=95340&v=5.12.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3Dundefined%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.1.0&p3=e%3Ddis&adce=1&bundle=vLYB1l9oQWhFcHVGQ1Z6SGhBVHJmQzl4amI3V0R6b0prbWFjV1F0V3JRRUxJJTJCRWZ4ZFJZeVVQa2NQV0w3cnJCdzBRVWlPd0pjUnJhczRPOXRSQllZJTJGT2JvY2FHb3gxJTJCRyUyQmNtSUpVTU5vSDdmN2owbDVHQnk5cU5lSjAwY1R5amdMRFJhc3RFZU9xUmVOSVIyV29sOGh3R2NGQSUzRCUzRA&tld=flaviar.com&dy=1&fu=https%253A%252F%252Fflaviar.com%252F&dtycbr=87878&cs=1---&cv=1
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
server-processing-duration-in-ticks: 4575683
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
alb.reddit.com/rp.gif?ts=1666865794739&id=t2_h2e6q&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=ba1e82d2-8404-4860-b01e-ba40979737d6&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1280&sw=1024&v=rdt_02c59ad6
151.101.85.140200 OK 42 B URL HTTP/2 alb.reddit.com/rp.gif?ts=1666865794739&id=t2_h2e6q&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=ba1e82d2-8404-4860-b01e-ba40979737d6&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1280&sw=1024&v=rdt_02c59ad6
IP 151.101.85.140:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /rp.gif?ts=1666865794739&id=t2_h2e6q&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=ba1e82d2-8404-4860-b01e-ba40979737d6&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1280&sw=1024&v=rdt_02c59ad6 HTTP/1.1
Host: alb.reddit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
cross-origin-resource-policy: cross-origin
content-type: image/gif
accept-ranges: bytes
date: Thu, 27 Oct 2022 10:16:36 GMT
via: 1.1 varnish
content-length: 42
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 79afc78036a5f81c5fe89cfa184de461
0bdc094878c9308f2dce822cce1c525103f36dab
3f560108d0aa2e8acf4181587897763def4b11c15c112290acf3277b09577314
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3515
Cache-Control: max-age=92196
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 10:16:36 GMT
Etag: "635911ed-139"
Expires: Fri, 28 Oct 2022 11:53:12 GMT
Last-Modified: Wed, 26 Oct 2022 10:54:37 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 313
ocsp.godaddy.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash 6ca1867f112df053fd77af62c78cb5a1
90bea8471c7c490bb225d57b73ddbb1f7b72cbc2
4d60698b8d3d08aae6d4c711a4d4e5c9f6b90d6294b4aeba06331794c34d5f0f
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 27 Oct 2022 10:16:37 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 15024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 27 Oct 2022 00:43:57 GMT
Expires: Fri, 28 Oct 2022 00:43:57 GMT
ETag: "90bea8471c7c490bb225d57b73ddbb1f7b72cbc2"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.digicert.com/
93.184.220.29200 OK 435 B IP 93.184.220.29:0
Hash 7102960aa3027b810d6e9da4eb226a6c
ac8b4c3834ba215b05ea72e78e52ed9bd093d480
ddbfcf74b243b758a80b9ada36e678199f3f1f284d51989f8f5deabf05774180
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2687
Cache-Control: max-age=91368
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 10:16:36 GMT
Etag: "635911ed-139"
Expires: Fri, 28 Oct 2022 11:39:24 GMT
Last-Modified: Wed, 26 Oct 2022 10:54:37 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 313
alb.reddit.com/rp.gif?ts=1666865794740&id=t2_h2e6q&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=ba1e82d2-8404-4860-b01e-ba40979737d6&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1280&sw=1024&v=rdt_02c59ad6
151.101.85.140200 OK 42 B URL HTTP/2 alb.reddit.com/rp.gif?ts=1666865794740&id=t2_h2e6q&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=ba1e82d2-8404-4860-b01e-ba40979737d6&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1280&sw=1024&v=rdt_02c59ad6
IP 151.101.85.140:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /rp.gif?ts=1666865794740&id=t2_h2e6q&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=ba1e82d2-8404-4860-b01e-ba40979737d6&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1280&sw=1024&v=rdt_02c59ad6 HTTP/1.1
Host: alb.reddit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
cross-origin-resource-policy: cross-origin
content-type: image/gif
accept-ranges: bytes
date: Thu, 27 Oct 2022 10:16:36 GMT
via: 1.1 varnish
content-length: 42
X-Firefox-Spdy: h2
t.co/i/adsct?bci=3&eci=2&event_id=873f3973-6f93-4e3e-95a3-28a91e4a6fdf&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=7c375a16-27c0-4863-88f9-6708283b2a8e&tw_document_href=https%3A%2F%2Fflaviar.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv73t&type=javascript&version=2.3.27
104.244.42.5200 OK 43 B URL HTTP/2 t.co/i/adsct?bci=3&eci=2&event_id=873f3973-6f93-4e3e-95a3-28a91e4a6fdf&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=7c375a16-27c0-4863-88f9-6708283b2a8e&tw_document_href=https%3A%2F%2Fflaviar.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv73t&type=javascript&version=2.3.27
IP 104.244.42.5:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=873f3973-6f93-4e3e-95a3-28a91e4a6fdf&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=7c375a16-27c0-4863-88f9-6708283b2a8e&tw_document_href=https%3A%2F%2Fflaviar.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv73t&type=javascript&version=2.3.27 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 10:16:36 GMT
perf: 7626143928
server: tsa_o
set-cookie: muc_ads=1820a748-ecc0-4032-9661-6001a9fb454e; Max-Age=63072000; Expires=Sat, 26 Oct 2024 10:16:36 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 6a4528d9030e7867
strict-transport-security: max-age=0
x-response-time: 106
x-connection-hash: 0f008e9fe79fb46d77dd2d73e4b411beb8147304bc5277663fc692faed88459a
X-Firefox-Spdy: h2
dynamic.criteo.com/js/ld/ld.js?a=95340
178.250.2.140200 OK 15 kB URL HTTP/2 dynamic.criteo.com/js/ld/ld.js?a=95340
IP 178.250.2.140:0
File type ASCII text, with very long lines (43225)
Hash 45aec590f29c4fb13e7d87747dcf997d
0aa1f5ad44f9d280e39409363be9e0edbdc84750
76905ffdf4f16aa44e6f0039903be51cc5490b475fd2abbe732cea4258a465e1
GET /js/ld/ld.js?a=95340 HTTP/1.1
Host: dynamic.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 10:16:34 GMT
content-type: application/javascript; charset=utf-8
server: Kestrel
cache-control: public,max-age=10800
content-encoding: br
vary: Origin, Accept-Encoding
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
d3rr3d0n31t48m.cloudfront.net/widget/triggerRunner.js?v=c317b78
143.204.55.91200 OK 3.8 kB URL HTTP/2 d3rr3d0n31t48m.cloudfront.net/widget/triggerRunner.js?v=c317b78
IP 143.204.55.91:0
File type ASCII text, with very long lines (583)
Hash 0d29a0cfc90f44b98c46cc5a0b8de1da
ba0002015dc6ba20e5556c4e347f3774032b9508
323c3630ba2cce4f57b2126ce643f875fbec809ead0aed15b9b0e683b5d10e7c
GET /widget/triggerRunner.js?v=c317b78 HTTP/1.1
Host: d3rr3d0n31t48m.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 3772
date: Wed, 26 Oct 2022 15:30:29 GMT
last-modified: Wed, 26 Oct 2022 15:29:49 GMT
etag: "0d29a0cfc90f44b98c46cc5a0b8de1da"
cache-control: max-age=2592000, public
content-encoding: gzip
x-amz-meta-mtime: 1666798187.4
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Uh_FoPL7bNBLrzrylQZ11SYyiaqNp5g4gV3Nus4288Ah76YPSAGBxQ==
age: 67568
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=5715081&tm=gtm002&Ver=2&mid=d038f3b8-037f-4014-8894-8367d953ce01&sid=700bf42055e011eda83a81bcc5fce1f6&vid=700c01d055e011ed8c0d27104b773573&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar&p=https%3A%2F%2Fflaviar.com%2F&r=<=4300&evt=pageLoad&sv=1&rn=71782
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=5715081&tm=gtm002&Ver=2&mid=d038f3b8-037f-4014-8894-8367d953ce01&sid=700bf42055e011eda83a81bcc5fce1f6&vid=700c01d055e011ed8c0d27104b773573&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar&p=https%3A%2F%2Fflaviar.com%2F&r=<=4300&evt=pageLoad&sv=1&rn=71782
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=5715081&tm=gtm002&Ver=2&mid=d038f3b8-037f-4014-8894-8367d953ce01&sid=700bf42055e011eda83a81bcc5fce1f6&vid=700c01d055e011ed8c0d27104b773573&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar&p=https%3A%2F%2Fflaviar.com%2F&r=<=4300&evt=pageLoad&sv=1&rn=71782 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=13C05725C08A622F0536456FC1DD63C4; domain=.bing.com; expires=Tue, 21-Nov-2023 10:16:37 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AAB1DCD27FD7422CBD62EC6E024AECE4 Ref B: OSL30EDGE0415 Ref C: 2022-10-27T10:16:36Z
date: Thu, 27 Oct 2022 10:16:37 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 1.2 kB IP 93.184.220.29:0
Hash 8c2f91d6e8d40bfc4fd9abf36c2025bc
5bdf90043b31c9b24160455b04b80b5d7ffb5ff0
c8e917ae85ee127a22299eb9523d3260cd6c5663044f5df745373933a8552710
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 282
Cache-Control: max-age=129998
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 10:16:37 GMT
Etag: "6359b239-13a"
Expires: Fri, 28 Oct 2022 22:23:15 GMT
Last-Modified: Wed, 26 Oct 2022 22:18:33 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash a2005c8e0796684cecebe2123084597b
33a35df21d2304021cbeacd19a76f3b082696b7b
65fe9d3cb8a05bd1d5b2421390197031eafb214de1c63891fc38210680543ffc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4580
Cache-Control: max-age=134296
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 10:16:37 GMT
Etag: "6359b239-13a"
Expires: Fri, 28 Oct 2022 23:34:53 GMT
Last-Modified: Wed, 26 Oct 2022 22:18:33 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 314
bat.bing.com/p/action/5715081.js
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/5715081.js
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/5715081.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=1B1EEA80570D62960036F8CA565A6361; domain=.bing.com; expires=Tue, 21-Nov-2023 10:16:37 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1A810A8F09F04F6CA4486E1D84D159B2 Ref B: OSL30EDGE0415 Ref C: 2022-10-27T10:16:36Z
date: Thu, 27 Oct 2022 10:16:37 GMT
X-Firefox-Spdy: h2
d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=70bd6a9
143.204.55.91200 OK 48 kB URL HTTP/2 d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=70bd6a9
IP 143.204.55.91:0
File type ASCII text, with very long lines (778)
Hash b28e6ad2d1949f114026642567fd46dd
b6006a3952c596dc21f48ebdb702cf7802683343
4ddc112eae9b8d89d239c248f588f4630184c06b5fa39c08b07f21d51dd26986
GET /widget/widget.js?v=70bd6a9 HTTP/1.1
Host: d3rr3d0n31t48m.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 47702
date: Wed, 26 Oct 2022 15:30:30 GMT
last-modified: Wed, 26 Oct 2022 15:29:49 GMT
etag: "b28e6ad2d1949f114026642567fd46dd"
cache-control: max-age=2592000, public
content-encoding: gzip
x-amz-meta-mtime: 1666798185.86
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: cElaYpDD2JkLh3H9FJg6hJ4OSZVE0zVkrOUq7UCh9IhQuUU0UhJvLA==
age: 67568
X-Firefox-Spdy: h2
analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=873f3973-6f93-4e3e-95a3-28a91e4a6fdf&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=7c375a16-27c0-4863-88f9-6708283b2a8e&tw_document_href=https%3A%2F%2Fflaviar.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv73t&type=javascript&version=2.3.27
104.244.42.131200 OK 43 B URL HTTP/2 analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=873f3973-6f93-4e3e-95a3-28a91e4a6fdf&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=7c375a16-27c0-4863-88f9-6708283b2a8e&tw_document_href=https%3A%2F%2Fflaviar.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv73t&type=javascript&version=2.3.27
IP 104.244.42.131:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=873f3973-6f93-4e3e-95a3-28a91e4a6fdf&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=7c375a16-27c0-4863-88f9-6708283b2a8e&tw_document_href=https%3A%2F%2Fflaviar.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv73t&type=javascript&version=2.3.27 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 10:16:36 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_3m1jt78j9DwqBlOihqY6IA=="; Max-Age=63072000; Expires=Sat, 26 Oct 2024 10:16:37 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 472226d22116989a
strict-transport-security: max-age=631138519
x-response-time: 103
x-connection-hash: e69fc5c39b540ca0143046736ce21eab19c451f805d9d1f1cc77c6b90aefd7b4
X-Firefox-Spdy: h2
analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=2a7be9c1-21ba-481f-9b2d-d2c4576089b1&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=7c375a16-27c0-4863-88f9-6708283b2a8e&tw_document_href=https%3A%2F%2Fflaviar.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv73t&type=javascript&version=2.3.27
104.244.42.131200 OK 43 B URL HTTP/2 analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=2a7be9c1-21ba-481f-9b2d-d2c4576089b1&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=7c375a16-27c0-4863-88f9-6708283b2a8e&tw_document_href=https%3A%2F%2Fflaviar.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv73t&type=javascript&version=2.3.27
IP 104.244.42.131:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=2a7be9c1-21ba-481f-9b2d-d2c4576089b1&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=7c375a16-27c0-4863-88f9-6708283b2a8e&tw_document_href=https%3A%2F%2Fflaviar.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv73t&type=javascript&version=2.3.27 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 10:16:36 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_8rzru+XvNw3Jzv7QkHu98Q=="; Max-Age=63072000; Expires=Sat, 26 Oct 2024 10:16:37 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 89ffc6dd2c5180e9
strict-transport-security: max-age=631138519
x-response-time: 103
x-connection-hash: e69fc5c39b540ca0143046736ce21eab19c451f805d9d1f1cc77c6b90aefd7b4
X-Firefox-Spdy: h2
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7e99ca89f47c42c52867a777665e16a1
1864e991c410a35af09409633dd67f4e8e859d3c
d1beb1e38214ccf96ee10b067644a6371e4146168723a43ccdf42b2d8bdc1760
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5163
Cache-Control: max-age=93861
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 10:16:37 GMT
Etag: "635911ff-1d7"
Expires: Fri, 28 Oct 2022 12:20:58 GMT
Last-Modified: Wed, 26 Oct 2022 10:54:55 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7e99ca89f47c42c52867a777665e16a1
1864e991c410a35af09409633dd67f4e8e859d3c
d1beb1e38214ccf96ee10b067644a6371e4146168723a43ccdf42b2d8bdc1760
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5792
Cache-Control: max-age=94490
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 10:16:37 GMT
Etag: "635911ff-1d7"
Expires: Fri, 28 Oct 2022 12:31:27 GMT
Last-Modified: Wed, 26 Oct 2022 10:54:55 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 02f147ed92ca325ba0bc428aac0a80f4
fbcda615375d2e68d3ee345afbfe54e59bbfc67d
181e78a26d0cdc7404427cdb4d5200bc532b097a546104c4b9abfdfbe5b91b2d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6444
Cache-Control: max-age=152004
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 10:16:37 GMT
Etag: "6359f01d-13a"
Expires: Sat, 29 Oct 2022 04:30:01 GMT
Last-Modified: Thu, 27 Oct 2022 02:42:37 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 314
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 766999718fe6ac8d709f7d14a2422514
0f4879c673181932d7b8134bd4fd6e0ef431fd1e
d4854bad81c794b5bd677022e030e9b3ea675dc9ee8307647cd55cb577deb031
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 10:16:37 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 24 Oct 2022 03:37:45 GMT
Expires: Mon, 31 Oct 2022 03:37:44 GMT
Etag: "0f4879c673181932d7b8134bd4fd6e0ef431fd1e"
Cache-Control: max-age=321066,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 760aad616f560b69-OSL
tr.outbrain.com/cachedClickId?marketerId=00cf895e7b627a414bdcc05c54e01b7ae7
70.42.32.31200 OK 56 B URL HTTP/1.1 tr.outbrain.com/cachedClickId?marketerId=00cf895e7b627a414bdcc05c54e01b7ae7
IP 70.42.32.31:0
File type ASCII text, with no line terminators
Hash 77fbe8ab311fa20557d95906363035ed
5806df80f09a37e070d5f37c49f19797c2763fd0
4fa9f4ca5bfa56b9f8467324e3654f4a717dcd40b70c05b538092d8a101b0599
GET /cachedClickId?marketerId=00cf895e7b627a414bdcc05c54e01b7ae7 HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 10:16:37 GMT
Content-Type: application/javascript
Content-Length: 56
X-TraceId: 44a7ffed17ea50fb493414232b0800ed
content-encoding: gzip
dx.mountain.com/spx?dxver=4.0.0&shaid=33038&tdr=&plh=https%3A%2F%2Fflaviar.com%2F&cb=24819497216540344term=value
35.83.209.52200 4.0 kB URL HTTP/1.1 dx.mountain.com/spx?dxver=4.0.0&shaid=33038&tdr=&plh=https%3A%2F%2Fflaviar.com%2F&cb=24819497216540344term=value
IP 35.83.209.52:0
Hash bcb319a42ac366ef53e5252c8cebeda6
a1629fa2035bbc243f678d25b1e3674f2b0bbb92
b70c0cd665e7e914fb95345a37459780dc33947512fadfb54af5d3ab7e4b37f9
GET /spx?dxver=4.0.0&shaid=33038&tdr=&plh=https%3A%2F%2Fflaviar.com%2F&cb=24819497216540344term=value HTTP/1.1
Host: dx.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-encoding: gzip
content-type: application/javascript;charset=utf-8
date: Thu, 27 Oct 2022 10:16:36 GMT
connection: close
ads.nextdoor.com/public/pixel/ndp.js
44.229.18.91200 OK 3.4 kB URL HTTP/2 ads.nextdoor.com/public/pixel/ndp.js
IP 44.229.18.91:0
Hash 75280c6884b23e048004c95ec138c13c
afd321e3035ae667afc168336adc72461540a572
8c33272ae6be8d299f5554df67fbec3745dc71ababc69d9b83a8d6f9ae6e66ec
GET /public/pixel/ndp.js HTTP/1.1
Host: ads.nextdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 10:16:35 GMT
content-type: application/javascript
server: istio-envoy
last-modified: Mon, 24 Oct 2022 18:12:28 GMT
vary: Accept-Encoding
etag: W/"6356d58c-19c7"
content-security-policy: frame-ancestors 'self' *.lightning.force.com nextdoor.com *.nextdoor.com nextdoor-test.com *.nextdoor-test.com;
content-encoding: gzip
x-envoy-upstream-service-time: 1
X-Firefox-Spdy: h2
widget.us.criteo.com/event?a=95340&v=5.12.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3Dundefined%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.1.0&p3=e%3Ddis&adce=1&bundle=vLYB1l9oQWhFcHVGQ1Z6SGhBVHJmQzl4amI3V0R6b0prbWFjV1F0V3JRRUxJJTJCRWZ4ZFJZeVVQa2NQV0w3cnJCdzBRVWlPd0pjUnJhczRPOXRSQllZJTJGT2JvY2FHb3gxJTJCRyUyQmNtSUpVTU5vSDdmN2owbDVHQnk5cU5lSjAwY1R5amdMRFJhc3RFZU9xUmVOSVIyV29sOGh3R2NGQSUzRCUzRA&tld=flaviar.com&dy=1&fu=https%253A%252F%252Fflaviar.com%252F&dtycbr=87878&cs=1---&cv=1
74.119.119.150200 OK 4.7 kB URL HTTP/2 widget.us.criteo.com/event?a=95340&v=5.12.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3Dundefined%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.1.0&p3=e%3Ddis&adce=1&bundle=vLYB1l9oQWhFcHVGQ1Z6SGhBVHJmQzl4amI3V0R6b0prbWFjV1F0V3JRRUxJJTJCRWZ4ZFJZeVVQa2NQV0w3cnJCdzBRVWlPd0pjUnJhczRPOXRSQllZJTJGT2JvY2FHb3gxJTJCRyUyQmNtSUpVTU5vSDdmN2owbDVHQnk5cU5lSjAwY1R5amdMRFJhc3RFZU9xUmVOSVIyV29sOGh3R2NGQSUzRCUzRA&tld=flaviar.com&dy=1&fu=https%253A%252F%252Fflaviar.com%252F&dtycbr=87878&cs=1---&cv=1
IP 74.119.119.150:0
Hash f8bb94591aaf4e0f14f0d376840e03bc
d479964e409eb3e924bb74157730c7db0d238ffa
31e32f6d83d42907b043bf24e366d3a10f5bb6abb3267d1bd8638a835b984089
GET /event?a=95340&v=5.12.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3Dundefined%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.1.0&p3=e%3Ddis&adce=1&bundle=vLYB1l9oQWhFcHVGQ1Z6SGhBVHJmQzl4amI3V0R6b0prbWFjV1F0V3JRRUxJJTJCRWZ4ZFJZeVVQa2NQV0w3cnJCdzBRVWlPd0pjUnJhczRPOXRSQllZJTJGT2JvY2FHb3gxJTJCRyUyQmNtSUpVTU5vSDdmN2owbDVHQnk5cU5lSjAwY1R5amdMRFJhc3RFZU9xUmVOSVIyV29sOGh3R2NGQSUzRCUzRA&tld=flaviar.com&dy=1&fu=https%253A%252F%252Fflaviar.com%252F&dtycbr=87878&cs=1---&cv=1 HTTP/1.1
Host: widget.us.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaviar.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 10:16:36 GMT
content-type: application/x-javascript
server: Kestrel
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
expires: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
timing-allow-origin: *
server-processing-duration-in-ticks: 19002800
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
matching.ivitrack.com/sync?realm=criteo&uid=k-EpKJqtWka9xPSgJCWXYLMmN44Shfy6evmfN6Qw
34.117.157.22200 OK 42 B URL HTTP/2 matching.ivitrack.com/sync?realm=criteo&uid=k-EpKJqtWka9xPSgJCWXYLMmN44Shfy6evmfN6Qw
IP 34.117.157.22:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /sync?realm=criteo&uid=k-EpKJqtWka9xPSgJCWXYLMmN44Shfy6evmfN6Qw HTTP/1.1
Host: matching.ivitrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: istio-envoy
date: Thu, 27 Oct 2022 10:16:37 GMT
content-type: image/gif
content-length: 42
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 717b997d68b8ae294c9ea9f2336b2785
cd7a7d8b202531e41c5fdfcf4a2166caa2464fb7
a891705f20a49bde4fc322ae50efe05949fd4b728a0092cdff22d2036985b824
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A891705F20A49BDE4FC322AE50EFE05949FD4B728A0092CDFF22D2036985B824"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15310
Expires: Thu, 27 Oct 2022 14:31:47 GMT
Date: Thu, 27 Oct 2022 10:16:37 GMT
Connection: keep-alive
shopper.shop.pe/input.js
35.190.54.17200 OK 8.9 kB IP 35.190.54.17:0
File type ASCII text, with very long lines (17023)
Hash 59ca2c390b4a140196dd06ead7968dd5
0ff331d4f67b3e4816542b23f5877407e97c50e5
3c85433a8f668cab07a4a59d8180ad79b0333e23369289aca9f19e465a8abac6
GET /input.js HTTP/1.1
Host: shopper.shop.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdtwCp46UWxHhbUvt49_4SZ5lZuzZeBWzn3g-gdb3MohBpKqCqLCJ8cLi46K5vJGQCARqaaZEaQzIo_3pRZQ8NXugw
x-goog-generation: 1650549267910243
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 8883
content-encoding: gzip
x-goog-hash: crc32c=BLS7fA==, md5=WcosOQtKFAGW3Qbq15aN1Q==
x-goog-storage-class: STANDARD
accept-ranges: bytes
vary: Accept-Encoding
content-length: 8883
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
server: UploadServer
date: Thu, 27 Oct 2022 10:03:16 GMT
expires: Thu, 27 Oct 2022 14:03:16 GMT
cache-control: public, max-age=14400
age: 801
last-modified: Thu, 21 Apr 2022 13:54:28 GMT
etag: "59ca2c390b4a140196dd06ead7968dd5"
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 41b1ae9aac77afbc77817620b91bc100
881c5a0affec43840b55f9cb8011bcf80fdbe6f9
fe48d4b0227b0ad262093284b488dcd262776d3991af944f9a00b05ac2989bc7
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=155765
Date: Thu, 27 Oct 2022 10:16:37 GMT
Etag: "635a0695-1d7"
Expires: Sat, 29 Oct 2022 05:32:42 GMT
Last-Modified: Thu, 27 Oct 2022 04:18:29 GMT
Server: ECS (nyb/1D18)
X-Cache: Miss from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: dRtz7JheOH3hsACCjyja-qU8oYK1OUUmJrsmLVFWDz3VkHk0sYD0_A==
Age: 4453
35.85.84.151/is
35.85.84.151200 OK 32 B IP 35.85.84.151:0
File type ASCII text, with no line terminators
Hash 1dbfc7d4cb0747901631aec6e0fa36a3
eefbbbdb611315a8402133b99a33c4197630e61f
d9dd36631335ab7834facbc79cce1da754dc93b7dcffc1bcca18e20759607d86
GET /is HTTP/1.1
Host: 35.85.84.151
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Thu, 27 Oct 2022 10:16:37 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
x-application-context: application:prod:8080
content-type: text/plain;charset=utf-8
content-length: 32
x-envoy-upstream-service-time: 1
server: istio-envoy
connection: close
gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
178.250.2.146302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
IP 178.250.2.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 27 Oct 2022 10:16:36 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=
server-processing-duration-in-ticks: 508055
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-w6UMNdWka9xPSgJCWXYLMmN44ShBSsz-PYAviw
23.38.200.22200 OK 45 B URL HTTP/2 contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-w6UMNdWka9xPSgJCWXYLMmN44ShBSsz-PYAviw
IP 23.38.200.22:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash 99cceceaed4d575484b69ddaf9ed66a7
1e3a3b15296b585833a22d987a387aa58aa1642d
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
GET /cksync.php?cs=3&type=crt&ovsid=k-w6UMNdWka9xPSgJCWXYLMmN44ShBSsz-PYAviw HTTP/1.1
Host: contextual.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
content-length: 45
content-type: image/gif
set-cookie: visitor-id=3098673973580240000V10; Expires=Fri, 27 Oct 2023 10:16:37 GMT; domain=.media.net; Path=/;
data-c-ts=1666865797;Expires=Sat, 26 Nov 2022 10:16:37 GMT;path=/;domain=.media.net;
data-c=k-w6UMNdWka9xPSgJCWXYLMmN44ShBSsz-PYAviw~~3;Expires=Sat, 26 Nov 2022 10:16:37 GMT;path=/;domain=.media.net;
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=31536000
x-mnet-hl2: E
expires: Thu, 27 Oct 2022 10:16:37 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 27 Oct 2022 10:16:37 GMT
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash dcb0d6e71e0ec55016c95a66eb02e6b1
a6be3dc6aa5e89c91cf7409e1e95e0179d99269c
0b3e7289e636e73bf50a05fd2670b47b03ee79dcaaaad0587a54341d08e58a3a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 10:16:37 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 25 Oct 2022 13:56:48 GMT
Expires: Tue, 01 Nov 2022 13:56:47 GMT
Etag: "a6be3dc6aa5e89c91cf7409e1e95e0179d99269c"
Cache-Control: max-age=444609,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 760aad643a340b69-OSL
ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
185.89.210.244307 Redirection 222 B URL HTTP/1.1 ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
IP 185.89.210.244:0
File type gzip compressed data, from Unix\012- data
Hash ee38227cca935fd3dc0c5d26378ffd73
d2339bb6eb598b3981d3b24117812680762f67f3
5c8fc25d0ccf286691b14daa91023637134a2f17e3f8d009cce2a498c2854841
GET /getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Thu, 27 Oct 2022 10:16:37 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
AN-X-Request-Uuid: d2199f6d-b7a5-4a23-a02b-d0550f7a1dc9
Set-Cookie: uuid2=3074643830403224113; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 25-Jan-2023 10:16:37 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.godaddy.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash cd1cb542e286fa39ee42dbcb1e8c4257
f61db108b11570dc44a1303b1a39d7ddc936c6e7
2987644573f0b93aabb90955796cc61d4f3583a3a7bf4db580765596e0e84d43
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 27 Oct 2022 10:16:38 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 15024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 27 Oct 2022 00:29:14 GMT
Expires: Fri, 28 Oct 2022 00:29:14 GMT
ETag: "f61db108b11570dc44a1303b1a39d7ddc936c6e7"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-gd0CV9Wka9xPSgJCWXYLMmN44ShkrIC1J09tKuJ-2rx4MljK
3.67.233.38200 OK 20 B URL HTTP/2 exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-gd0CV9Wka9xPSgJCWXYLMmN44ShkrIC1J09tKuJ-2rx4MljK
IP 3.67.233.38:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /usersync/push?partner=criteo&partnerId=k-gd0CV9Wka9xPSgJCWXYLMmN44ShkrIC1J09tKuJ-2rx4MljK HTTP/1.1
Host: exchange.mediavine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 10:16:37 GMT
content-type: text/html; charset=utf-8
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
cache-control: private, no-cache
set-cookie: mv_tokens=%7B%22mv_uuid%22%3A%227116fa80-55e0-11ed-931c-158f99f39985%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Thu, 10 Nov 2022 10:16:37 GMT; Secure; SameSite=None
mv_tokens_eu-v1=%7B%22mv_uuid%22%3A%227116fa80-55e0-11ed-931c-158f99f39985%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Thu, 10 Nov 2022 10:16:37 GMT; Secure; SameSite=None
am_tokens=%7B%22mv_uuid%22%3A%227116fa80-55e0-11ed-931c-158f99f39985%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Thu, 10 Nov 2022 10:16:37 GMT; Secure; SameSite=None
am_tokens_eu-v1=%7B%22mv_uuid%22%3A%227116fa80-55e0-11ed-931c-158f99f39985%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Thu, 10 Nov 2022 10:16:37 GMT; Secure; SameSite=None
criteo=%7B%22id%22%3A%22k-gd0CV9Wka9xPSgJCWXYLMmN44ShkrIC1J09tKuJ-2rx4MljK%22%2C%22version%22%3A%22criteo%22%7D; Path=/; Expires=Thu, 10 Nov 2022 10:16:37 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
criteo-sync.teads.tv/um?eid=80&uid=k-SJchyNWka9xPSgJCWXYLMmN44SijRoFDHf_UMA
23.195.255.234200 OK 23 B URL HTTP/2 criteo-sync.teads.tv/um?eid=80&uid=k-SJchyNWka9xPSgJCWXYLMmN44SijRoFDHf_UMA
IP 23.195.255.234:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash da5b449fff36752a93779fa4067cd2eb
71a96eea77f21ab5f1819b96c4cedd5cd34476ca
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
GET /um?eid=80&uid=k-SJchyNWka9xPSgJCWXYLMmN44SijRoFDHf_UMA HTTP/1.1
Host: criteo-sync.teads.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
server: akka-http/10.2.9
content-length: 23
expires: Thu, 27 Oct 2022 10:16:37 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 27 Oct 2022 10:16:37 GMT
X-Firefox-Spdy: h2
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
185.89.210.244302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
IP 185.89.210.244:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Thu, 27 Oct 2022 10:16:37 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
AN-X-Request-Uuid: 9d64d190-47db-41e7-ac6e-ebac14429055
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cf4edbeffd6e0ebd77f4447fb875bc65
ac03e63094465a5ce96aeef2d695a72c8a8bccfa
c7a187001f30d4adab9d5eb91bc5ec52ec9c93cc81edee7a4b9e4538270797ef
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2846
Cache-Control: max-age=139062
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 10:16:37 GMT
Etag: "6359cb9d-1d7"
Expires: Sat, 29 Oct 2022 00:54:19 GMT
Last-Modified: Thu, 27 Oct 2022 00:06:53 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-0tCsutWka9xPSgJCWXYLMmN44SjXo7wF523_Nw
185.80.36.245302 Found 0 B URL HTTP/1.1 r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-0tCsutWka9xPSgJCWXYLMmN44SjXo7wF523_Nw
IP 185.80.36.245:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rum?cm_dsp_id=20&external_user_id=k-0tCsutWka9xPSgJCWXYLMmN44SjXo7wF523_Nw HTTP/1.1
Host: r.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Thu, 27 Oct 2022 10:16:37 GMT
Server: Apache
Cache-Control: no-cache
Expires: 0
Location: /rum?cm_dsp_id=20&external_user_id=k-0tCsutWka9xPSgJCWXYLMmN44SjXo7wF523_Nw&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Content-Length: 0
Set-Cookie: CMID=Y1pahXEX1gVZp-RAko2OOwAA; Path=/; Domain=casalemedia.com; Expires=Fri, 27 Oct 2023 10:16:37 GMT; Max-Age=31536000; Secure; SameSite=None
CMPS=5047; Path=/; Domain=casalemedia.com; Expires=Wed, 25 Jan 2023 10:16:37 GMT; Max-Age=7776000; Secure; SameSite=None
CMPRO=5047; Path=/; Domain=casalemedia.com; Expires=Wed, 25 Jan 2023 10:16:37 GMT; Max-Age=7776000; Secure; SameSite=None
Keep-Alive: timeout=1, max=500
Connection: Keep-Alive
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 420cc1e3ba12a60329a997f5e6449f7b
c407e6c43bad42e6ce5ac30dabd346324dec5b3b
fabe4898b0e2c25953a19517b6633d5c02b152cd3037ec105b5feca0be180a97
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=139912
Date: Thu, 27 Oct 2022 10:16:37 GMT
Etag: "6359c4a3-1d7"
Expires: Sat, 29 Oct 2022 01:08:29 GMT
Last-Modified: Wed, 26 Oct 2022 23:37:07 GMT
Server: ECS (nyb/1D2D)
X-Cache: Miss from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: McFzrPIWU7mwDlrksdbFFEUacpR5Sh4JJU8Dc-auqPgECJPCkiZvAA==
Age: 5482
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 78ea1cc967e2bf3d3f0adee48115a576
0a915928003d2dbacdf2ac5110c1d9ab76b82d08
68efee95cf9219f8d11f24fe745ce5fd962b41b2767c7eb5986ed1a74bfba68a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4391
Cache-Control: max-age=107471
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 10:16:37 GMT
Etag: "63594a2d-138"
Expires: Fri, 28 Oct 2022 16:07:48 GMT
Last-Modified: Wed, 26 Oct 2022 14:54:37 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 312
pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-3S9hqtWka9xPSgJCWXYLMmN44Sg8gLDuGCcEeQ&expires=30
213.19.162.80204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-3S9hqtWka9xPSgJCWXYLMmN44Sg8gLDuGCcEeQ&expires=30
IP 213.19.162.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=6434&nid=2149&put=k-3S9hqtWka9xPSgJCWXYLMmN44Sg8gLDuGCcEeQ&expires=30 HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 1da0c96602e9a1076eae4f5554c05cf3
Content-Type: image/gif
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e851f417836510d64d649597ba37a9c4
5b1ae682e8a27814a78a77bdfaf21b79c6f9aab2
b3aaf4057c861b74afda46c003b900321780b12ef854f8e3344ce3b82ae9e1ff
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2578
Cache-Control: max-age=102049
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 10:16:37 GMT
Etag: "63593c14-1d7"
Expires: Fri, 28 Oct 2022 14:37:26 GMT
Last-Modified: Wed, 26 Oct 2022 13:54:28 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-m6HmGtWka9xPSgJCWXYLMmN44SihAEYk5N5f5A
3.127.83.254302 Found 0 B URL HTTP/2 ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-m6HmGtWka9xPSgJCWXYLMmN44SihAEYk5N5f5A
IP 3.127.83.254:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?publisher_dsp_id=38&external_user_id=k-m6HmGtWka9xPSgJCWXYLMmN44SihAEYk5N5f5A HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 27 Oct 2022 10:16:37 GMT
content-type: text/plain
content-length: 0
location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-m6HmGtWka9xPSgJCWXYLMmN44SihAEYk5N5f5A
set-cookie: tuuid=b2b376bd-ed62-4db1-960b-f22d1337798c; Expires=Wed, 25 Jan 2023 10:16:37 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
tuuid_lu=1666865797; Expires=Wed, 25 Jan 2023 10:16:37 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-26o69tWka9xPSgJCWXYLMmN44ShtMNcAA30raQ
185.86.139.106200 OK 43 B URL HTTP/1.1 rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-26o69tWka9xPSgJCWXYLMmN44ShtMNcAA30raQ
IP 185.86.139.106:0
ASN #201081 SmartAdServer SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /redir/?partnerid=79&partneruserid=k-26o69tWka9xPSgJCWXYLMmN44ShtMNcAA30raQ HTTP/1.1
Host: rtb-csync.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: image/gif
date: Thu, 27 Oct 2022 10:16:37 GMT
cache-control: no-cache,no-store
pragma: no-cache
set-cookie: pid=8081742555699750983; expires=Mon, 27 Nov 2023 10:16:37 GMT; domain=smartadserver.com; path=/
TestIfCookieP=ok; expires=Mon, 27 Nov 2023 10:16:37 GMT; domain=smartadserver.com; path=/
csync=79:k-26o69tWka9xPSgJCWXYLMmN44ShtMNcAA30raQ; expires=Fri, 27 Oct 2023 10:16:37 GMT; domain=smartadserver.com; path=/
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cm.adform.net/pixel?adform_pid=15&adform_pc=k-eISlzNWka9xPSgJCWXYLMmN44Sgz5M5b2bhviQ
37.157.4.23200 OK 43 B URL HTTP/2 cm.adform.net/pixel?adform_pid=15&adform_pc=k-eISlzNWka9xPSgJCWXYLMmN44Sgz5M5b2bhviQ
IP 37.157.4.23:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /pixel?adform_pid=15&adform_pc=k-eISlzNWka9xPSgJCWXYLMmN44Sgz5M5b2bhviQ HTTP/1.1
Host: cm.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 10:16:37 GMT
content-type: image/gif
content-length: 43
last-modified: Wed, 11 Oct 2017 13:40:08 GMT
etag: "59de1f38-2b"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d2244bdeb3416db6783aaa0060205145
408181be56dd6d2ba9cbfd235137836989472bf2
3e6c9935f80e74063b2a739f84b193c9ab5cc2762e5ad33017924c11c4a49c01
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3716
Cache-Control: max-age=170508
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 10:16:37 GMT
Etag: "635a430d-1d7"
Expires: Sat, 29 Oct 2022 09:38:25 GMT
Last-Modified: Thu, 27 Oct 2022 08:36:29 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-ENKJk9Wka9xPSgJCWXYLMmN44SjMeyZ0gosb1g&expires=30
3.64.4.43200 OK 43 B URL HTTP/1.1 x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-ENKJk9Wka9xPSgJCWXYLMmN44SjMeyZ0gosb1g&expires=30
IP 3.64.4.43:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/sync?dsp_id=46&user_id=k-ENKJk9Wka9xPSgJCWXYLMmN44SjMeyZ0gosb1g&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Date: Thu, 27 Oct 2022 10:16:37 GMT
Content-Length: 43
Connection: keep-alive
ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-m6HmGtWka9xPSgJCWXYLMmN44SihAEYk5N5f5A
3.127.83.254200 OK 43 B URL HTTP/2 ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-m6HmGtWka9xPSgJCWXYLMmN44SihAEYk5N5f5A
IP 3.127.83.254:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/match?publisher_dsp_id=38&external_user_id=k-m6HmGtWka9xPSgJCWXYLMmN44SihAEYk5N5f5A HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 10:16:37 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-0tCsutWka9xPSgJCWXYLMmN44SjXo7wF523_Nw&C=1
185.80.36.245200 OK 43 B URL HTTP/1.1 r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-0tCsutWka9xPSgJCWXYLMmN44SjXo7wF523_Nw&C=1
IP 185.80.36.245:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /rum?cm_dsp_id=20&external_user_id=k-0tCsutWka9xPSgJCWXYLMmN44SjXo7wF523_Nw&C=1 HTTP/1.1
Host: r.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 10:16:38 GMT
Server: Apache
Cache-Control: no-cache
Content-Type: image/gif
Expires: 0
Pragma: no-cache
Content-Length: 43
Keep-Alive: timeout=1, max=499
Connection: Keep-Alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cb2fad488dade0fc384a0476d896382d
0d4c7831b92c6d76de26e4496c29c6c1d6888609
170fb30ca9710c8596f0375caf43221487313cf9bc83f7117b846326a6254f23
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1343
Cache-Control: max-age=155559
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 10:16:38 GMT
Etag: "635a11ee-1d7"
Expires: Sat, 29 Oct 2022 05:29:17 GMT
Last-Modified: Thu, 27 Oct 2022 05:06:54 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-EvyhOdWka9xPSgJCWXYLMmN44Sg7X_NPZ8Yjsw
185.64.190.80200 OK 42 B URL HTTP/2 simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-EvyhOdWka9xPSgJCWXYLMmN44Sg7X_NPZ8Yjsw
IP 185.64.190.80:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-EvyhOdWka9xPSgJCWXYLMmN44Sg7X_NPZ8Yjsw HTTP/1.1
Host: simage2.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 10:16:37 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_97=3385-uid:k-EvyhOdWka9xPSgJCWXYLMmN44Sg7X_NPZ8Yjsw&KRTB&23144-uid:k-EvyhOdWka9xPSgJCWXYLMmN44Sg7X_NPZ8Yjsw&KRTB&23286-uid:k-EvyhOdWka9xPSgJCWXYLMmN44Sg7X_NPZ8Yjsw&KRTB&23287-uid:k-EvyhOdWka9xPSgJCWXYLMmN44Sg7X_NPZ8Yjsw; domain=pubmatic.com; secure; expires=Sat, 26-Nov-2022 10:16:37 GMT; path=/
PugT=1666865797; domain=pubmatic.com; secure; expires=Sat, 26-Nov-2022 10:16:37 GMT; path=/
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 35d22aebdfb267bf48769599160336e6
ecf93ff9f917cff6fb23645aa7df19c7527ba56e
42ea422335839bd312eaf29a2da7a99e5a7e674619a8a794125af7f9a320edc6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5104
Cache-Control: max-age=105651
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 10:16:38 GMT
Etag: "63594049-1d7"
Expires: Fri, 28 Oct 2022 15:37:29 GMT
Last-Modified: Wed, 26 Oct 2022 14:12:25 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 32fe9d67ac195a7747e4853e558bd203
29f53a4d3d0803bf862851e903410308f49a8eee
e53ef2c10750dfe87455d073923111427af9b821998eebd2d966b15f1ac84f2a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=101427
Date: Thu, 27 Oct 2022 10:16:38 GMT
Etag: "63592cbc-1d7"
Expires: Fri, 28 Oct 2022 14:27:05 GMT
Last-Modified: Wed, 26 Oct 2022 12:49:00 GMT
Server: ECS (bsa/EB12)
X-Cache: Miss from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: sRwynsWoGicnb6zAKaDvC-0IpnbxtjLGVFplNSv3scSLq8Pb15bf4g==
Age: 5885
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 9ea3620767f0599ee95178b572dad19e
d69126b46796ec0b985341dfb80c362bcb98c868
31765679f16b24eb8e641367103c8960381d59ad9fdc519075d9ed4293478975
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=151864
Date: Thu, 27 Oct 2022 10:16:38 GMT
Etag: "635a0268-1d7"
Expires: Sat, 29 Oct 2022 04:27:42 GMT
Last-Modified: Thu, 27 Oct 2022 04:00:40 GMT
Server: ECS (bsa/EB1A)
X-Cache: Miss from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: m8BJVGAKQAnwbF2q7x-Xtgw3xhqYFyOQCOXz0T6sncJCFRQAYg7BpQ==
Age: 1622
dpm.demdex.net/ibs:dpid=28645&dpuuid=
54.229.2.193302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=28645&dpuuid=
IP 54.229.2.193:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=28645&dpuuid= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v044-0896c1d8e.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=18967968244537958381468065115763411631; Max-Age=15552000; Expires=Tue, 25 Apr 2023 10:16:38 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: JmnO5TyuSko=
Content-Length: 0
Connection: keep-alive
ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-_oMETdWka9xPSgJCWXYLMmN44Si0Rzra5Jrhkw
3.126.56.137302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-_oMETdWka9xPSgJCWXYLMmN44Si0Rzra5Jrhkw
IP 3.126.56.137:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58301/sync?_origin=1&uid=k-_oMETdWka9xPSgJCWXYLMmN44Si0Rzra5Jrhkw HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 27 Oct 2022 10:16:38 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-_oMETdWka9xPSgJCWXYLMmN44Si0Rzra5Jrhkw&verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBIZaWmMCEAgZdArCseDlN4PAipPdzWsFEgEBAQGsW2NkYwAAAAAA_eMAAA&S=AQAAAnTEUcPwNTfuqoOx_h578pY; Expires=Fri, 27 Oct 2023 16:16:38 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ad.yieldlab.net/m?dt_id=8664&ext_id=k-fU9y1dWka9xPSgJCWXYLMmN44SiGvMM4d5mnQg
23.13.245.180204 No Content 0 B URL HTTP/1.1 ad.yieldlab.net/m?dt_id=8664&ext_id=k-fU9y1dWka9xPSgJCWXYLMmN44SiGvMM4d5mnQg
IP 23.13.245.180:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /m?dt_id=8664&ext_id=k-fU9y1dWka9xPSgJCWXYLMmN44SiGvMM4d5mnQg HTTP/1.1
Host: ad.yieldlab.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
x-application-context: application
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Pragma: no-cache
Expires: Wed, 26 Oct 2022 10:16:38 GMT
Date: Thu, 27 Oct 2022 10:16:38 GMT
Connection: keep-alive
Set-Cookie: id=14ca557a-ec2d-4ef5-b03b-8ff4b2ca9d9f; Path=/; Domain=yieldlab.net; Expires=Fri, 27-Oct-2023 10:16:38 GMT; Max-Age=31536000; Secure; SameSite=None
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash bc62641c43374379d3e3daed23d5f4af
12270bf2676b33b60d60e61903b35f24f1857870
ed844466f75cca4a8e6b3b8d8ab08cd1cbb82284fe71f84e7840c893ec7ae343
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 10:16:38 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 26 Oct 2022 03:11:52 GMT
Expires: Wed, 02 Nov 2022 03:11:51 GMT
Etag: "12270bf2676b33b60d60e61903b35f24f1857870"
Cache-Control: max-age=492312,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 760aad65cbba0b69-OSL
match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-mAP1J9Wka9xPSgJCWXYLMmN44SiHUsbVPS6diQ
52.57.80.202204 No Content 0 B URL HTTP/2 match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-mAP1J9Wka9xPSgJCWXYLMmN44SiHUsbVPS6diQ
IP 52.57.80.202:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-mAP1J9Wka9xPSgJCWXYLMmN44SiHUsbVPS6diQ HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 27 Oct 2022 10:16:38 GMT
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash a6886f0f755878fcfa668d7e30712378
41a9b08cb7faf2ca305fd17c99115293ad4de5a2
60de2168ffb5ef726073431d54043ad72f66a82526e270a72ddb21dd54448eb4
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=97749
Date: Thu, 27 Oct 2022 10:16:38 GMT
Etag: "6359218a-1d7"
Expires: Fri, 28 Oct 2022 13:25:47 GMT
Last-Modified: Wed, 26 Oct 2022 12:01:14 GMT
Server: ECS (bsa/EB12)
X-Cache: Miss from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 7SpU-VNwO6mPpAoIUoRdLJZhFVaUuLWdVCT_SS3g8Db92ARclVQwrg==
Age: 5073
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
54.229.2.193200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
IP 54.229.2.193:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-2-v044-066fbe967.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: uU8p/0RqTuU=
Content-Length: 59
Connection: keep-alive
visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-stA2V9Wka9xPSgJCWXYLMmN44Sg1Llw_KVnHNA
185.255.84.152200 OK 49 B URL HTTP/2 visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-stA2V9Wka9xPSgJCWXYLMmN44Sg1Llw_KVnHNA
IP 185.255.84.152:0
ASN #200271 Iguane Solutions SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 4408efc0174f07ad685c456f1de521ca
e3bc3250f8f32bd98dc7b05fd8940b74617eb8d1
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
GET /visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-stA2V9Wka9xPSgJCWXYLMmN44Sg1Llw_KVnHNA HTTP/1.1
Host: visitor.omnitagjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
expires: 0
p3p: CP="CAO PSA OUR"
pragma: no-cache
set-cookie: ayl_visitor=c93f47fae581082ca71a6b46b811eca7; Path=/; Domain=omnitagjs.com; Max-Age=2592000; Secure; SameSite=None
vary: Accept-Encoding
x-content-type-options: nosniff
date: Thu, 27 Oct 2022 10:16:37 GMT
content-length: 49
x-envoy-upstream-service-time: 13
server: ayl-lb-fra02
X-Firefox-Spdy: h2
eb2.3lift.com/xuid?mid=2711&xuid=k-_vlVtNWka9xPSgJCWXYLMmN44SixtwXNrW6awA&dongle=013b
76.223.111.18200 OK 37 B URL HTTP/2 eb2.3lift.com/xuid?mid=2711&xuid=k-_vlVtNWka9xPSgJCWXYLMmN44SixtwXNrW6awA&dongle=013b
IP 76.223.111.18:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /xuid?mid=2711&xuid=k-_vlVtNWka9xPSgJCWXYLMmN44SixtwXNrW6awA&dongle=013b HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 10:16:38 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-_oMETdWka9xPSgJCWXYLMmN44Si0Rzra5Jrhkw&verify=true
3.126.56.137204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-_oMETdWka9xPSgJCWXYLMmN44Si0Rzra5Jrhkw&verify=true
IP 3.126.56.137:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58301/sync?_origin=1&uid=k-_oMETdWka9xPSgJCWXYLMmN44Si0Rzra5Jrhkw&verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 27 Oct 2022 10:16:38 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBIZaWmMCEPCX3jwxSNXZRls1byXToKMFEgEBAQGsW2NkYwAAAAAA_eMAAA&S=AQAAAqu5bemLa0PE9k6iuzSHcqY; Expires=Fri, 27 Oct 2023 16:16:38 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
178.250.2.146302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
IP 178.250.2.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 27 Oct 2022 10:16:37 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
server-processing-duration-in-ticks: 960715
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 909d6f1f469c1eb471ce18a55193c7bf
d08cb851d36f89eff65b9eddfccb0b0520a210db
434151023ad1bc9e4fec22a1423702ad3be81a88bad3d7d57c138efd88d7167a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=159466
Date: Thu, 27 Oct 2022 10:16:38 GMT
Etag: "635a0f1c-1d7"
Expires: Sat, 29 Oct 2022 06:34:24 GMT
Last-Modified: Thu, 27 Oct 2022 04:54:52 GMT
Server: ECS (nyb/1DD2)
X-Cache: Miss from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ib0qe12TTYrIq6BJAWWdonNNOC2n0sCo9chIWFRykHZSjfagyuBdig==
Age: 5972
sync.outbrain.com/cookie-sync?p=criteo&uid=k-d36SFtWka9xPSgJCWXYLMmN44SgeqzNT13q9EQ
70.42.32.31200 OK 0 B URL HTTP/1.1 sync.outbrain.com/cookie-sync?p=criteo&uid=k-d36SFtWka9xPSgJCWXYLMmN44SgeqzNT13q9EQ
IP 70.42.32.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie-sync?p=criteo&uid=k-d36SFtWka9xPSgJCWXYLMmN44SgeqzNT13q9EQ HTTP/1.1
Host: sync.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 10:16:38 GMT
Content-Length: 0
Cache-Control: no-cache
X-TraceId: ad661b36ee8e72fc7d8a835674a1cc71
addshoppers.s3.amazonaws.com/customize/632b240c36963004c36631fb/95a70ba5ad45471ab18a70910459026d.js?_t=1666205658
52.217.80.220200 OK 1.6 kB URL HTTP/1.1 addshoppers.s3.amazonaws.com/customize/632b240c36963004c36631fb/95a70ba5ad45471ab18a70910459026d.js?_t=1666205658
IP 52.217.80.220:0
File type ASCII text, with very long lines (8442), with no line terminators
Hash 5f15e569fc7c2eb9512cc87a8b76782e
291c5970663d651b90f3b6d332dafa352f4b183f
2eb42f949da91a0036ac124117179d5173868712144e56bb87c8dc3942a34fd1
GET /customize/632b240c36963004c36631fb/95a70ba5ad45471ab18a70910459026d.js?_t=1666205658 HTTP/1.1
Host: addshoppers.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: OCiKRfBU6ZW/8zR97xJl89z95CkF+qlOr4M4mogTNqJNPaIH3NXBJU4VMbzcZGREL02O/CpR6/w=
x-amz-request-id: ZMSZZCKPEZBFYHW8
Date: Thu, 27 Oct 2022 10:16:39 GMT
Last-Modified: Wed, 19 Oct 2022 18:54:19 GMT
ETag: "5f15e569fc7c2eb9512cc87a8b76782e"
Cache-Control: max-age=2592000, public
Content-Encoding: gzip
x-amz-version-id: YxCI6h4XmMvlnIY01wBkUyM6ePoGrvRe
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
Server: AmazonS3
Content-Length: 1581
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 272be178017c452bc303d59e3e5b6570
acb101015cf50799c18d6ddbe057bdf03240bba0
5aaafc98f17ffd74fbc45d3357d374e5498dfcf46027cf23785021bde2b0e6d8
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=92273
Date: Thu, 27 Oct 2022 10:16:38 GMT
Etag: "63591372-1d7"
Expires: Fri, 28 Oct 2022 11:54:31 GMT
Last-Modified: Wed, 26 Oct 2022 11:01:06 GMT
Server: ECS (nyb/1D17)
X-Cache: Miss from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: omk2wdOWUck8zAqZB2IxMTf8JU8OsDiMEJNMWeyztLt7CZRFDHcopw==
Age: 3205
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash dc96dccaf76d41d5a85b96a4553ba708
2c1f493f90a4805f2356c8ead9c9265e70590b80
e6193e7c7f400e1b49f5398e758c4b2efe3fb1958e0893c7a4d764ed81414a28
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=113594
Date: Thu, 27 Oct 2022 10:16:38 GMT
Etag: "63595c90-1d7"
Expires: Fri, 28 Oct 2022 17:49:52 GMT
Last-Modified: Wed, 26 Oct 2022 16:13:04 GMT
Server: ECS (nyb/1D18)
X-Cache: Miss from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 49Fmy2LjO1yWEMs6UF_rkpllz136CjVdHSRB7heo0UnVjYznmd9xJw==
Age: 5808
sync-criteo.ads.yieldmo.com/sync?id=k-_ObYUtWka9xPSgJCWXYLMmN44Sg4s9r0LrHx9g&pn_id=criteo&ext=1
54.229.200.163200 OK 43 B URL HTTP/2 sync-criteo.ads.yieldmo.com/sync?id=k-_ObYUtWka9xPSgJCWXYLMmN44Sg4s9r0LrHx9g&pn_id=criteo&ext=1
IP 54.229.200.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /sync?id=k-_ObYUtWka9xPSgJCWXYLMmN44Sg4s9r0LrHx9g&pn_id=criteo&ext=1 HTTP/1.1
Host: sync-criteo.ads.yieldmo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 10:16:38 GMT
content-type: image/gif
content-length: 43
set-cookie: yieldmo_id=g31f770eb4a946f6e296%7C1666865798207%7C0%7C; Domain=.yieldmo.com; Expires=Fri, 27-Oct-2023 10:16:38 GMT; Path=/; Secure; SameSite=None; Secure
ptrcriteo=k-_ObYUtWka9xPSgJCWXYLMmN44Sg4s9r0LrHx9g; Domain=ads.yieldmo.com; Expires=Fri, 27-Oct-2023 10:16:38 GMT; Path=/; Secure; SameSite=None; Secure
access-control-allow-origin: *
access-control-request-headers: Cache-Control, Pragma
access-control-allow-methods: GET, OPTIONS
pragma: no-cache
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cd91d776e2a88118db6fd6ed94801341
174def6c6618c6b17ad89fc628e39a5603c0c1b0
f57ca7e808d5c0fba51977347e40798f7059122835bb876bea134431d9f96fca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2690
Cache-Control: max-age=91755
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 10:16:38 GMT
Etag: "6359136f-1d7"
Expires: Fri, 28 Oct 2022 11:45:53 GMT
Last-Modified: Wed, 26 Oct 2022 11:01:03 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
nytrng.com/iframe?vcp=4dd5h0np&as_id=c99a90a06c57470ab5dfd159ea386d73
75.2.91.175200 OK 410 B URL HTTP/2 nytrng.com/iframe?vcp=4dd5h0np&as_id=c99a90a06c57470ab5dfd159ea386d73
IP 75.2.91.175:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (410), with no line terminators
Hash 5b13fe54dcac87469e99c7294297c174
e3a074c3fa25f38c0a1fd5883086105dbd97bad2
e0226227bce47b62dd8ae863f8f616eb2fb15f98d2296d96f830ac7747623673
GET /iframe?vcp=4dd5h0np&as_id=c99a90a06c57470ab5dfd159ea386d73 HTTP/1.1
Host: nytrng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 10:16:38 GMT
content-type: text/html; charset=utf-8
content-length: 410
server: gunicorn
X-Firefox-Spdy: h2
beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
52.214.159.83204 No Content 0 B URL HTTP/2 beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
IP 52.214.159.83:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usermatch.gif?partner=criteo&partner_uid= HTTP/1.1
Host: beacon.krxd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 27 Oct 2022 10:16:38 GMT
set-cookie: _kuid_=PKat5vEa; Expires=Tue, 25-Apr-23 10:16:38 GMT; Max-Age=15552000; Domain=.krxd.net; Path=/
cache-control: private, no-cache, no-store
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-served-by: beacon-n013-dub-prod.krxd.net
x-request-time: D=31 t=1666865798
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
178.250.2.146302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
IP 178.250.2.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 27 Oct 2022 10:16:37 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=
server-processing-duration-in-ticks: 813524
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash e77b26dd51d81618a5d8c72e7857345e
86122edb554ad2e8f391fde45ccdaab9db83aa71
4a13eda5a93d8cac73d4d4e49bdc7a1fb5434d93dd3b1b0d13e6d40ef5e2d0b9
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=116036
Date: Thu, 27 Oct 2022 10:16:38 GMT
Etag: "63596ed6-1d7"
Expires: Fri, 28 Oct 2022 18:30:34 GMT
Last-Modified: Wed, 26 Oct 2022 17:31:02 GMT
Server: ECS (nyb/1D34)
X-Cache: Miss from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: bLSCe2AQRsfOz1hZt8_ue3Y1yTSjUjHwUpZLuHpEZ9KV5FTwb9M2fA==
Age: 3572
cdn.nytrng.com/pl.2.2.min.js
143.204.55.42200 OK 0 B URL HTTP/2 cdn.nytrng.com/pl.2.2.min.js
IP 143.204.55.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pl.2.2.min.js HTTP/1.1
Host: cdn.nytrng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nytrng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/plain
content-length: 0
last-modified: Wed, 31 Jul 2019 16:57:19 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Wed, 12 Oct 2022 22:50:45 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Error from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: t3w-jLqjediUDMi7mmazEQAfllSS4bcX2XXvHVQhvpf94F5ygSPKtA==
age: 2397473
X-Firefox-Spdy: h2
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 33ac7703bb069d93746284fb105640ff
b79cd3f77f548e02562ffbe6cb510a96a7dd88bb
b81d48416dadb786e712b373c372ca870616cedf987188a935c0c5e1b4f0086d
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "B81D48416DADB786E712B373C372CA870616CEDF987188A935C0C5E1B4F0086D"
Last-Modified: Thu, 27 Oct 2022 08:00:00 UTC
Content-Length: 1586
Cache-Control: public, no-transform, must-revalidate, max-age=3069
Expires: Thu, 27 Oct 2022 11:07:47 GMT
Date: Thu, 27 Oct 2022 10:16:38 GMT
Connection: keep-alive
s.thebrighttag.com/cs?btt=0&tp=cr&uid=
3.141.157.49200 OK 35 B URL HTTP/2 s.thebrighttag.com/cs?btt=0&tp=cr&uid=
IP 3.141.157.49:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /cs?btt=0&tp=cr&uid= HTTP/1.1
Host: s.thebrighttag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 10:16:38 GMT
content-type: image/gif
content-length: 35
x-bt-requestid: 71c3b540-55e0-11ed-9604-0000ac170054
cache-control: private, must-revalidate
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin:
server: nginx
p3p: CP=NOI DSP COR NID
X-Firefox-Spdy: h2
gs.mountain.com/gs
34.212.4.35200 OK 144 B IP 34.212.4.35:0
File type ASCII text, with no line terminators
Hash 95c6dba9e1987a61733fae9c41f6082a
315387744243105eda2d10f8f755e0aabe3f8d01
0bc91a520ab19ed4b1d43c79331b4c1ef573146699064f536937ec7eee7a4b17
GET /gs HTTP/1.1
Host: gs.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Cookie: guid=7183ed5e-55e0-11ed-ad17-6bc2fddbdfbc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Thu, 27 Oct 2022 10:16:38 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
x-application-context: application:prod:8080
content-type: application/javascript;charset=utf-8
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
cache-control: public, max-age=31536000
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 144
x-envoy-upstream-service-time: 0
server: istio-envoy
connection: close
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash d410eaf10b5726c95a17b9af87c08888
7b83678b9f3bd6577e6de0f931b67c3b648462a9
bad147284d28a64d6ca3ff58f2866613836ec5015b4fe04af90ca5e730d0fb58
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 10:16:40 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Mon, 31 Oct 2022 07:29:24 GMT
ETag: "7b83678b9f3bd6577e6de0f931b67c3b648462a9"
Last-Modified: Thu, 27 Oct 2022 07:29:25 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1688
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 760aad724f59b518-OSL
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash d410eaf10b5726c95a17b9af87c08888
7b83678b9f3bd6577e6de0f931b67c3b648462a9
bad147284d28a64d6ca3ff58f2866613836ec5015b4fe04af90ca5e730d0fb58
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 10:16:40 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Mon, 31 Oct 2022 07:29:24 GMT
ETag: "7b83678b9f3bd6577e6de0f931b67c3b648462a9"
Last-Modified: Thu, 27 Oct 2022 07:29:25 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1688
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 760aad724a5ab521-OSL
px.mountain.com/st?ga_tracking_id=UA-28959768-20&ga_client_id=319829034.1666865793&shpt=Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-28959768-20%22%2C%22ga_client_id%22%3A%22319829034.1666865793%22%2C%22shpt%22%3A%22Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar%22%2C%22dcm_cid%22%3A%221666865792.1%22%2C%22dcm_gid%22%3A%22220026219.1666865794%22%2C%22mntnis%22%3A%22H9oQWFe2cT8BGF5wZJtlrTQVXQZuy5gT%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A7%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=1666865792.1&dcm_gid=220026219.1666865794&dxver=4.0.0&shaid=33038&plh=https%3A%2F%2Fflaviar.com%2F&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue%2Ccriteo%3Dtrue&cb=1666865798386609&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1666865799144
52.42.124.195200 OK 1.3 kB URL HTTP/1.1 px.mountain.com/st?ga_tracking_id=UA-28959768-20&ga_client_id=319829034.1666865793&shpt=Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-28959768-20%22%2C%22ga_client_id%22%3A%22319829034.1666865793%22%2C%22shpt%22%3A%22Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar%22%2C%22dcm_cid%22%3A%221666865792.1%22%2C%22dcm_gid%22%3A%22220026219.1666865794%22%2C%22mntnis%22%3A%22H9oQWFe2cT8BGF5wZJtlrTQVXQZuy5gT%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A7%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=1666865792.1&dcm_gid=220026219.1666865794&dxver=4.0.0&shaid=33038&plh=https%3A%2F%2Fflaviar.com%2F&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue%2Ccriteo%3Dtrue&cb=1666865798386609&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1666865799144
IP 52.42.124.195:0
Hash 93829995c3a5745560de1e3f84e0abaa
ffd515a47b25f1859ae66ebed8c416e0f3191ba2
ac43a29f2985f5b1fef2b6c2fa431f6c94f60cdbb5c61c88f5a81dae653241e8
GET /st?ga_tracking_id=UA-28959768-20&ga_client_id=319829034.1666865793&shpt=Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-28959768-20%22%2C%22ga_client_id%22%3A%22319829034.1666865793%22%2C%22shpt%22%3A%22Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar%22%2C%22dcm_cid%22%3A%221666865792.1%22%2C%22dcm_gid%22%3A%22220026219.1666865794%22%2C%22mntnis%22%3A%22H9oQWFe2cT8BGF5wZJtlrTQVXQZuy5gT%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A7%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=1666865792.1&dcm_gid=220026219.1666865794&dxver=4.0.0&shaid=33038&plh=https%3A%2F%2Fflaviar.com%2F&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue%2Ccriteo%3Dtrue&cb=1666865798386609&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1666865799144 HTTP/1.1
Host: px.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Cookie: guid=7183ed5e-55e0-11ed-ad17-6bc2fddbdfbc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Thu, 27 Oct 2022 10:16:39 GMT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
set-cookie: tt=H4sIAAAAAAAAAKtWKlOyMtJR8guKNzY2MLaINzK3NFayMkAWsTC2AIsgcw3NzMwszEzNLS0tTAxrAdy5xF1GAAAA;Domain=px.mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
rt="MzMwMzg6MTY2Njg2NTc5OQ==";Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
guid=7183ed5e-55e0-11ed-ad17-6bc2fddbdfbc;Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
content-encoding: gzip
connection: close
aacdn.nagich.com/style/btncolor.css
172.67.68.188200 OK 0 B URL HTTP/2 aacdn.nagich.com/style/btncolor.css
IP 172.67.68.188:0
GET /style/btncolor.css HTTP/1.1
Host: aacdn.nagich.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 10:16:33 GMT
content-type: text/css
cache-control: public, max-age=2204800
last-modified: Mon, 11 Feb 2019 11:17:50 GMT
etag: W/"4c2a96cfbc1d41:0"
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: deny
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 2161550
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G2ZbN5Lsp67rEE6VzFum9e%2FQfgYAGUZlOKntZohCBd%2FA59v%2BowJG5F8S91stjx%2Bbrtyqr7oU5xpAjf37B%2FPnStH8R2ny7uqFELH6moZiQBjb9GL3hw4jlA%2F%2Bfemv%2BzkgXlU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 760aad4bff8b0b49-OSL
content-encoding: br
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=onetag&domain=flaviar.com&sn=FirefoxSyncframe&so=0&topUrl=flaviar.com&info=D2EkO180M0RITmhlJTJCZkMwOUJGQlhaMUN2czQzZjlaYjJweVlqM2psMUQ0dTJZSHNncWNiN1BucWtteTBMdmNKb0RuR08&idsd=-1395786780,701415595&cw=1&lsw=1
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=onetag&domain=flaviar.com&sn=FirefoxSyncframe&so=0&topUrl=flaviar.com&info=D2EkO180M0RITmhlJTJCZkMwOUJGQlhaMUN2czQzZjlaYjJweVlqM2psMUQ0dTJZSHNncWNiN1BucWtteTBMdmNKb0RuR08&idsd=-1395786780,701415595&cw=1&lsw=1
IP 178.250.2.146:0
GET /sid/json?origin=onetag&domain=flaviar.com&sn=FirefoxSyncframe&so=0&topUrl=flaviar.com&info=D2EkO180M0RITmhlJTJCZkMwOUJGQlhaMUN2czQzZjlaYjJweVlqM2psMUQ0dTJZSHNncWNiN1BucWtteTBMdmNKb0RuR08&idsd=-1395786780,701415595&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?topUrl=flaviar.com&origin=onetag&us_privacy=1---
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 10:16:35 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1802817
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
px.mountain.com/st?ga_tracking_id=UA-28959768-20&ga_client_id=319829034.1666865793&shpt=Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-28959768-20%22%2C%22ga_client_id%22%3A%22319829034.1666865793%22%2C%22shpt%22%3A%22Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar%22%2C%22dcm_cid%22%3A%221666865792.1%22%2C%22dcm_gid%22%3A%22220026219.1666865794%22%2C%22mntnis%22%3A%22H9oQWFe2cT8BGF5wZJtlrTQVXQZuy5gT%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A7%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=1666865792.1&dcm_gid=220026219.1666865794&dxver=4.0.0&shaid=33038&plh=https%3A%2F%2Fflaviar.com%2F&cb=24819497216540344term%3Dvalue&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue%2Ccriteo%3Dtrue
52.42.124.195200 OK 0 B URL HTTP/1.1 px.mountain.com/st?ga_tracking_id=UA-28959768-20&ga_client_id=319829034.1666865793&shpt=Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-28959768-20%22%2C%22ga_client_id%22%3A%22319829034.1666865793%22%2C%22shpt%22%3A%22Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar%22%2C%22dcm_cid%22%3A%221666865792.1%22%2C%22dcm_gid%22%3A%22220026219.1666865794%22%2C%22mntnis%22%3A%22H9oQWFe2cT8BGF5wZJtlrTQVXQZuy5gT%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A7%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=1666865792.1&dcm_gid=220026219.1666865794&dxver=4.0.0&shaid=33038&plh=https%3A%2F%2Fflaviar.com%2F&cb=24819497216540344term%3Dvalue&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue%2Ccriteo%3Dtrue
IP 52.42.124.195:0
GET /st?ga_tracking_id=UA-28959768-20&ga_client_id=319829034.1666865793&shpt=Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-28959768-20%22%2C%22ga_client_id%22%3A%22319829034.1666865793%22%2C%22shpt%22%3A%22Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar%22%2C%22dcm_cid%22%3A%221666865792.1%22%2C%22dcm_gid%22%3A%22220026219.1666865794%22%2C%22mntnis%22%3A%22H9oQWFe2cT8BGF5wZJtlrTQVXQZuy5gT%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A7%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=1666865792.1&dcm_gid=220026219.1666865794&dxver=4.0.0&shaid=33038&plh=https%3A%2F%2Fflaviar.com%2F&cb=24819497216540344term%3Dvalue&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue%2Ccriteo%3Dtrue HTTP/1.1
Host: px.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Thu, 27 Oct 2022 10:16:38 GMT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
set-cookie: guid=7183ed5e-55e0-11ed-ad17-6bc2fddbdfbc;Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
content-encoding: gzip
connection: close
ak.sail-horizon.com/spm/spm.v1.min.js
143.204.55.54200 OK 0 B URL HTTP/2 ak.sail-horizon.com/spm/spm.v1.min.js
IP 143.204.55.54:0
GET /spm/spm.v1.min.js HTTP/1.1
Host: ak.sail-horizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 15 Sep 2022 23:20:31 GMT
server: AmazonS3
content-encoding: gzip
date: Thu, 27 Oct 2022 10:15:18 GMT
cache-control: max-age=600; must-revalidate
etag: W/"97dd801dd26ae0172c7875245d92f506"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: -esXnBoZ7kuJsAGxzwUS36NxRwEcZzaYXNbf4b9LowTYGMS1-J4Oiw==
age: 78
X-Firefox-Spdy: h2
criteo-partners.tremorhub.com/sync?UICR=k-L3F9StWka9xPSgJCWXYLMmN44Sh1p2FDqwTvSg
23.20.239.3200 OK 0 B URL HTTP/2 criteo-partners.tremorhub.com/sync?UICR=k-L3F9StWka9xPSgJCWXYLMmN44Sh1p2FDqwTvSg
IP 23.20.239.3:0
GET /sync?UICR=k-L3F9StWka9xPSgJCWXYLMmN44Sh1p2FDqwTvSg HTTP/1.1
Host: criteo-partners.tremorhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 10:16:38 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
X-Firefox-Spdy: h2
getrockerbox.com/customdomain/rb9yp8py.flaviar.com/wxyz.rb.js
172.64.102.36301 Moved Permanently 0 B URL HTTP/2 getrockerbox.com/customdomain/rb9yp8py.flaviar.com/wxyz.rb.js
IP 172.64.102.36:0
GET /customdomain/rb9yp8py.flaviar.com/wxyz.rb.js HTTP/1.1
Host: getrockerbox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Thu, 27 Oct 2022 10:16:35 GMT
content-type: text/html
location: https://rb9yp8py.flaviar.com/assets/wxyz.rb.js
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pUpFTmJA2QyOkv%2FNxjWau3LZ90hODv9%2F2BI52EtPDNtIqWZcDOMH8TfRCDkETPs7bKPhlXyAtmtcrzXe0bkEiYIvrPh1gsLoAP6jJbw2tUIuhoz1T%2F8rKdFGlpZx9NejjVWH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 760aad550d0a76f9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tr.snapchat.com/collector/is_enabled?pids=b838e1c8-e5cb-4d99-bda2-d5594b71ff41&tld=com
35.190.43.134200 OK 0 B URL HTTP/2 tr.snapchat.com/collector/is_enabled?pids=b838e1c8-e5cb-4d99-bda2-d5594b71ff41&tld=com
IP 35.190.43.134:0
GET /collector/is_enabled?pids=b838e1c8-e5cb-4d99-bda2-d5594b71ff41&tld=com HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 10:16:35 GMT
access-control-allow-origin: https://flaviar.com
content-type: application/json
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time: 0
content-encoding: gzip
vary: Accept-Encoding
server: API Gateway
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
185.235.84.146200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 185.235.84.146:0
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 10:16:35 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 90520
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
static.fbot.me/friendbuy.js
143.204.55.91200 OK 0 B URL HTTP/2 static.fbot.me/friendbuy.js
IP 143.204.55.91:0
GET /friendbuy.js HTTP/1.1
Host: static.fbot.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 25 Oct 2022 20:53:06 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: BH6u7_fU1Z.yGJ6bX0VQrMqaR2X1mAtc
server: AmazonS3
content-encoding: gzip
date: Thu, 27 Oct 2022 10:15:32 GMT
cache-control: max-age=300
etag: W/"6a644451405d983c01c0f6399abb9b67"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: M1uQBp9YYqdUuKg3c7zD3Xsar7H3UkR5ZHVSYxVbzu8vIhnCDBGR0w==
age: 62
X-Firefox-Spdy: h2
aacdn.nagich.com/assets/images/11.svg
172.67.68.188200 OK 0 B URL HTTP/2 aacdn.nagich.com/assets/images/11.svg
IP 172.67.68.188:0
GET /assets/images/11.svg HTTP/1.1
Host: aacdn.nagich.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 10:16:34 GMT
content-type: image/svg+xml
cache-control: public, max-age=2204800
last-modified: Thu, 01 Aug 2019 12:47:47 GMT
etag: W/"42b27526748d51:0"
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: deny
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 2161551
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=roHwMSPounhOQJJhe0hUEuSBnN2HZLOFto7O%2BrHVn%2F9I5b2JdEUjiTAaeEm1RH7nx90TTAD71zJpfrMu%2BUHz5HXQ%2Fp2fFRrwYX9lF3KEqAl8WyGbl4cnCULXljXso58DZlQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 760aad501c070b49-OSL
content-encoding: br
X-Firefox-Spdy: h2
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-vguEV9Wka9xPSgJCWXYLMmN44SiYABWf92qSaA
141.226.228.48200 OK 0 B URL HTTP/2 sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-vguEV9Wka9xPSgJCWXYLMmN44SiYABWf92qSaA
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
GET /sg/criteortb-network/1/rtb-h/?taboola_hm=k-vguEV9Wka9xPSgJCWXYLMmN44SiYABWf92qSaA HTTP/1.1
Host: sync-t1.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 10:16:37 GMT
x-fastly-to-nlb-rtt: 22066
access-control-allow-credentials: true
X-Firefox-Spdy: h2
dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-7C0-GtWka9xPSgJCWXYLMmN44Sjl5Htww-10QQ&google_error=3
178.250.0.163200 OK 0 B URL HTTP/2 dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-7C0-GtWka9xPSgJCWXYLMmN44Sjl5Htww-10QQ&google_error=3
IP 178.250.0.163:0
GET /dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-7C0-GtWka9xPSgJCWXYLMmN44Sjl5Htww-10QQ&google_error=3 HTTP/1.1
Host: dis.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 10:16:37 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
timing-allow-origin: *
server-processing-duration-in-ticks: 295028
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
178.250.0.163200 OK 0 B URL HTTP/2 dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
IP 178.250.0.163:0
GET /dis/rtb/appnexus/cookiematch.aspx?appnxsid=0 HTTP/1.1
Host: dis.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 10:16:37 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
timing-allow-origin: *
server-processing-duration-in-ticks: 455317
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
flaviar.com/
172.66.40.91200 OK 0 B IP 172.66.40.91:0
GET / HTTP/1.1
Host: flaviar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 27 Oct 2022 10:16:31 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: PHPSESSID=007aa179eeaf555b339757f15f33bc46; expires=Fri, 28-Oct-2022 10:16:31 GMT; Max-Age=86400; path=/; secure; HttpOnly
cache-control: max-age=0, must-revalidate, private
link: <https://cdn.flaviar.com/build/runtime.73118620.js>; rel="preload"; as="script",<https://cdn.flaviar.com/build/2.c0dcb335.js>; rel="preload"; as="script",<https://cdn.flaviar.com/build/1.e1f7a7db.js>; rel="preload"; as="script",<https://cdn.flaviar.com/build/app.959489c7.js>; rel="preload"; as="script",<https://cdn.flaviar.com/build/6.ce717dae.js>; rel="preload"; as="script",<https://cdn.flaviar.com/build/app-main.12150ee0.js>; rel="preload"; as="script",<https://cdn.flaviar.com/build/4.2a092778.css>; rel="preload"; as="style",<https://cdn.flaviar.com/build/app-style.a23ee597.css>; rel="preload"; as="style",<https://cdn.flaviar.com/build/landing-frontpage.59f58989.css>; rel="preload"; as="style",<https://cdn.flaviar.com/build/menu-style.bd588e42.css>; rel="preload"; as="style"
expires: Thu, 27 Oct 2022 10:16:31 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f5LfxCGgP4df0aba9OMOTRJXdna9as8BBmW3SNqh3xSbhA%2BLErTuw3BDrLJIBKBNb%2Funm0eXUkbZiHjhlzhSCfWcC37mavi3rjF%2BjolBUFfjMvQgHpLWlgVcP9Kp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 760aad3d6e7fb51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
campaign.fbot.me/06cc9139-6a61-41fc-88db-9ec21e04eecf/campaigns.js
54.230.111.120200 OK 0 B URL HTTP/2 campaign.fbot.me/06cc9139-6a61-41fc-88db-9ec21e04eecf/campaigns.js
IP 54.230.111.120:0
GET /06cc9139-6a61-41fc-88db-9ec21e04eecf/campaigns.js HTTP/1.1
Host: campaign.fbot.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 26 Oct 2022 14:08:01 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: ZFYPz0LvDQeTzFzyQa5IXg2uTJ5QGvmh
server: AmazonS3
content-encoding: gzip
date: Thu, 27 Oct 2022 10:16:35 GMT
cache-control: max-age=30
etag: W/"51638cd4dee6abc80b4002b78b0944b7"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1ZO1vi19iQA5xEBfvtp29S3R0mZl1YG9RfV_0FUYt2wwgunAsqtkGQ==
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=zNrEfl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czQzZjlaYjJweVlqM2psMUQ0dTJZSHZDSjJybyUyRk9WMXdjVndYTWhPWFU0ZQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 10:16:35 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=D2EkO180M0RITmhlJTJCZkMwOUJGQlhaMUN2czQzZjlaYjJweVlqM2psMUQ0dTJZSHNncWNiN1BucWtteTBMdmNKb0RuR08; expires=Tue, 21 Nov 2023 10:16:35 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 286959
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
d3hb14vkzrxvla.cloudfront.net/v1/00e580f3-b08f-44e2-b7b0-5949db5bfaf3
54.230.245.184200 OK 0 B URL HTTP/2 d3hb14vkzrxvla.cloudfront.net/v1/00e580f3-b08f-44e2-b7b0-5949db5bfaf3
IP 54.230.245.184:0
GET /v1/00e580f3-b08f-44e2-b7b0-5949db5bfaf3 HTTP/1.1
Host: d3hb14vkzrxvla.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
correlationId: 735bbdc4-2909-4dc3-859f-e769a7ca76d7
Helpscout-Origin: Beacon-Embed
Helpscout-Release: 2.2.29
Beacon-Device-ID: 2b966469-8851-41de-9091-fbb146a4f99d
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Thu, 27 Oct 2022 10:15:56 GMT
access-control-allow-origin: https://flaviar.com
access-control-expose-headers: Resource-ID
access-control-allow-credentials: true
cache-control: max-age=300
x-ratelimit-limit-identify-hour: 25
x-ratelimit-remaining-identify-hour: 25
x-ratelimit-limit-general-minute: 60
x-ratelimit-remaining-general-minute: 60
x-ratelimit-limit-conversations-hour: 10
x-ratelimit-remaining-conversations-hour: 10
x-ratelimit-limit-attachments-hour: 10
x-ratelimit-remaining-attachments-hour: 10
x-ratelimit-limit-chat-tokens-hour: 25
x-ratelimit-remaining-chat-tokens-hour: 25
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 27cThLJ21cB935p4fXX_NxMKnwaV4lKNfWTuiKgadIQ__d9ae4NHsw==
age: 39
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
185.235.84.23200 OK 0 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 185.235.84.23:0
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 10:16:35 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 101247
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2