flaviar.com/mars/mars-iwai-45-whisky/
172.66.43.165301 Moved Permanently 0 B URL HTTP/1.1 flaviar.com/mars/mars-iwai-45-whisky/
IP 172.66.43.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /mars/mars-iwai-45-whisky/ HTTP/1.1
Host: flaviar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 04 Dec 2022 11:26:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 04 Dec 2022 12:26:23 GMT
Location: https://flaviar.com/mars/mars-iwai-45-whisky/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uhTVZi6xJv8uq%2Bb0Lqme0ZkkrrNx6GhVONstVsTJ0F6FiglLdb8T9pS4DghhrIX%2FV2dPuBBapY5XF8Caus0j%2BAVQQQ6fh%2FUGnuiSxvsHXtOrEuQVIiDPUOqix4pu"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77442fd7591ab4ee-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12506
Expires: Sun, 04 Dec 2022 14:54:50 GMT
Date: Sun, 04 Dec 2022 11:26:24 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb2c0697c6d9a96a5411dd2952947458
79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4
3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1449
Cache-Control: max-age=170942
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:26:24 GMT
Etag: "638c76f5-1d7"
Expires: Tue, 06 Dec 2022 10:55:26 GMT
Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4927
Expires: Sun, 04 Dec 2022 12:48:31 GMT
Date: Sun, 04 Dec 2022 11:26:24 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 04 Dec 2022 11:20:06 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 378
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 3I4801bxtqHaDTmrwiPomRY7Jv/GElD5NiUdmmyh/H11YiMFoo8Au5Hq55fRg3q1pHYny7+AwG0=
x-amz-request-id: ZHXKBC41ZSG8E836
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 04 Dec 2022 10:46:57 GMT
age: 2367
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash b0c35679bda97f7ddac26af1b96c1b32
b04145c6a9a67e2a794cf3dfaeb9fa2e28a1d3c0
c372128d6ddf56cd3cd1d8afedbb96abd17f6d3e6114f404cc018366795c4d02
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=137088
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:26:24 GMT
Etag: "638bf860-117"
Expires: Tue, 06 Dec 2022 01:31:12 GMT
Last-Modified: Sun, 04 Dec 2022 01:31:12 GMT
Server: nginx
Content-Length: 279
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 11:26:24 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 04 Dec 2022 11:11:19 GMT
cache-control: public,max-age=3600
age: 905
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 31b129c94a90b1e695b21395cb54e378
a3cae46b48d469cc61ab0581303bcd5f5b654db9
fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1452
Cache-Control: max-age=165879
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:26:24 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 09:31:03 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash b0c35679bda97f7ddac26af1b96c1b32
b04145c6a9a67e2a794cf3dfaeb9fa2e28a1d3c0
c372128d6ddf56cd3cd1d8afedbb96abd17f6d3e6114f404cc018366795c4d02
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=137088
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:26:25 GMT
Etag: "638bf860-117"
Expires: Tue, 06 Dec 2022 01:31:13 GMT
Last-Modified: Sun, 04 Dec 2022 01:31:12 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f54a71942ab5d7fdc54672cf84aa76db
e03db706ad371c93ddd3cc4a3e4c329777bb5f4b
87453ee6a206085c9b82594123a30bf59f7354733d19f21e388dea70768198c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:26:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3c4319f54a5675ee9acda96c58f97ac6
210ea86db1836d430b321d59b4bd1b016c914f22
cb20ad3ec895ed3a2ae9b1a90dda6b7cc174d8851f3a15ba054a435746cbdc65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:26:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-K4F6SWQ
172.217.21.168200 OK 109 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-K4F6SWQ
IP 172.217.21.168:0
File type ASCII text, with very long lines (49758)
Size 109 kB (109318 bytes)
Hash 67d156348b5c852c53144a727a364596
e39964c4428eda82c8c5926601a468d75a35befc
344edb3183a042122a513181a99fef9ccf11cf17c190b824c9ecbac088d33267
GET /gtm.js?id=GTM-K4F6SWQ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 04 Dec 2022 11:26:25 GMT
expires: Sun, 04 Dec 2022 11:26:25 GMT
cache-control: private, max-age=900
last-modified: Sun, 04 Dec 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 109318
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/dab28f34/www-player.css
172.217.21.174200 OK 50 kB URL HTTP/2 www.youtube.com/s/player/dab28f34/www-player.css
IP 172.217.21.174:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 9abf9c15a58d40e7ecc2302b4bfb153e
5195babba42ed31eb39751e8c917277ace5e19a4
1eca62432d16bb94000cf099705eee38903254825032b27ddf3d5decbe3d3114
GET /s/player/dab28f34/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/kFvN2avNdKk
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 49849
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 16:01:14 GMT
expires: Fri, 01 Dec 2023 16:01:14 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Dec 2022 01:20:18 GMT
content-type: text/css
age: 242711
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.38.139.17101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.38.139.17:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: UZNmVmsOmltOtxESC2zguQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: OfpcfE6PawdzIO45yFlyn6liCvo=
www.youtube.com/s/player/dab28f34/www-embed-player.vflset/www-embed-player.js
172.217.21.174200 OK 99 kB URL HTTP/2 www.youtube.com/s/player/dab28f34/www-embed-player.vflset/www-embed-player.js
IP 172.217.21.174:0
File type ASCII text, with very long lines (679)
Hash a9a95fc3a85fc2904a0cffd12ff9b01c
b3db5cd9996da5ffa51fe22a57898a79abfe32df
2ef638f9e81beb63874104df180f7d1de54c01d6e22857f39e16c1581a3f3f7e
GET /s/player/dab28f34/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/kFvN2avNdKk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 99243
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 16:01:14 GMT
expires: Fri, 01 Dec 2023 16:01:14 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Dec 2022 01:20:18 GMT
content-type: text/javascript
age: 242711
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 72 kB IP 142.250.74.131:0
Hash 117e2898c6b1c7877ba0f42aac59e7b1
46c84c4b3b0bb3eb9d0897038c94be8b3d2371c3
f7147880398d12ae1bf890be36d92dd369bc0d0cbd6a1fa7c7aed1b36896c7d2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:26:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/s/player/dab28f34/fetch-polyfill.vflset/fetch-polyfill.js
172.217.21.174200 OK 2.8 kB URL HTTP/2 www.youtube.com/s/player/dab28f34/fetch-polyfill.vflset/fetch-polyfill.js
IP 172.217.21.174:0
File type Algol 68 source text\012- Pascal source, ASCII text, with very long lines (555)
Hash 80fe2d229007996c8397073b00755dc7
121f82c77bcf2a297a1085e3b092415c463fcafe
033dfa8941482c82d4f1aaa4a9172fb379b9e46a02d5b36297c5476bbbfdea2c
GET /s/player/dab28f34/fetch-polyfill.vflset/fetch-polyfill.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/kFvN2avNdKk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 2786
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 16:01:14 GMT
expires: Fri, 01 Dec 2023 16:01:14 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Dec 2022 01:20:18 GMT
content-type: text/javascript
age: 242711
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
use.typekit.net/bne0epn.js
23.33.119.19200 OK 6.7 kB URL HTTP/2 use.typekit.net/bne0epn.js
IP 23.33.119.19:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (2258)
Hash 56c323529b45591f153e4f5a72d75c0e
cfada07aa803d4651a773d0e4536e036bcfd134c
2953f691618da33aef7c7b909532b8a918bf95dc02c9d44816c526fd40bed81d
GET /bne0epn.js HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/javascript;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: public, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 6730
date: Sun, 04 Dec 2022 11:26:25 GMT
X-Firefox-Spdy: h2
www.youtube.com/s/player/dab28f34/player_ias.vflset/en_US/base.js
172.217.21.174200 OK 594 kB URL HTTP/2 www.youtube.com/s/player/dab28f34/player_ias.vflset/en_US/base.js
IP 172.217.21.174:0
File type ASCII text, with very long lines (554)
Size 594 kB (593839 bytes)
Hash e540cb39c83560fdc65c81d42d4ce798
1f1b1272c2f2f2006091be5fab8afec22589644c
58e751edbbb737746b3807f70dd3951c104017d10bb278a8be58ad814451c388
GET /s/player/dab28f34/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/kFvN2avNdKk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding, Origin
content-encoding: br
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 593839
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 16:09:00 GMT
expires: Fri, 01 Dec 2023 16:09:00 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Dec 2022 01:20:18 GMT
content-type: text/javascript
age: 242245
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f54a71942ab5d7fdc54672cf84aa76db
e03db706ad371c93ddd3cc4a3e4c329777bb5f4b
87453ee6a206085c9b82594123a30bf59f7354733d19f21e388dea70768198c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:26:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10484
Expires: Sun, 04 Dec 2022 14:21:10 GMT
Date: Sun, 04 Dec 2022 11:26:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 1.1 kB IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ab5f366739be5602404368397fd20648
3632148ddadeff560c2533bb53a54f361d56d7e3
7a5272c7cb77ae706e92da11d66b41206145f01bec2f453fbaa2f10059d87bff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10484
Expires: Sun, 04 Dec 2022 14:21:10 GMT
Date: Sun, 04 Dec 2022 11:26:26 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
34.120.237.76200 OK 25 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
IP 34.120.237.76:0
Hash c696793ac4def5ad4d9da41fe9a36ca5
1e85519f1c2bafffbdf503fb93502c3da1ae9f56
5a6b260c658269c66262cb45155027ae8b77d7c8d3b12285277d17626c91ef9f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Uz-wJTZjej3sjP-O68BQ4hB_kkAecG0o7GkeZUan90ZgV87g0Cg_ZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:52:38 GMT
age: 48828
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10484
Expires: Sun, 04 Dec 2022 14:21:10 GMT
Date: Sun, 04 Dec 2022 11:26:26 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c01fe1cccdb3b672bbade6d98217ffe9
a9a529dc9894827f6243a1bf57f81caa4fe88fc2
c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: z5uqgjB-Bsl0U55a8aFi37cpJ65Vnbjm6bJ2GnMpaO7RXsMZsOCbPQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:44:01 GMT
age: 49345
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash db1701b7b9d161a0c935bb6e10b17893
22a8c4bd58c729c1abcf794466e8f3231dfb034b
b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8315
x-amzn-requestid: f1bcc33b-aad9-4d3b-b1f9-49282f2d4fb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMGVboAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-13472a097177d4751c8f7a8c;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6UQ_BhPmpVpe9w6gsExB-EpNq_syeCCK6fr4Y1FFK1jDJh_n1Sd0Eg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:52:47 GMT
age: 48819
etag: "22a8c4bd58c729c1abcf794466e8f3231dfb034b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10484
Expires: Sun, 04 Dec 2022 14:21:10 GMT
Date: Sun, 04 Dec 2022 11:26:26 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14dcca2a9c4792d835ee709bcd947402
1d702df3a64258628f4124eafd580695f2d350af
da01dcd8fef7c50bdb6f7a8a6a4955694092f479df3dba72f7fa69d7280d07b2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16143
x-amzn-requestid: dc86fad4-4e53-42c9-9b0a-5e4d2cfcd087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGyLGqmoAMFnaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a7-0ea324b31e8c6578098b8ab9;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kRs3oBWnSs5asyPdvz6kkooy7pqm2Yr8R_2x8EXCVn3dBz_aEJurRQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 07:26:41 GMT
age: 14385
etag: "1d702df3a64258628f4124eafd580695f2d350af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61cc2744-b517-4404-bfa2-25fadadfa3f3.jpeg
34.120.237.76200 OK 18 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61cc2744-b517-4404-bfa2-25fadadfa3f3.jpeg
IP 34.120.237.76:0
Hash 7212ec76e7035ad678737317553ad8c7
ea46535cfd62cf6006f124623b1bf0712b96c3cd
4fc7ddcaa6809efb87a64457f0c1bbe7a8fd285eaa47d8989efc8b2eb82b73ab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61cc2744-b517-4404-bfa2-25fadadfa3f3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10431
x-amzn-requestid: f79ab5e7-8c1b-4827-a531-aaa19c1d80aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsCGEwxIAMF34g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc073-6358d2950955884c470c0a89;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PQ7xh995cd1UVi3z42EVZGjQjHLLvtAP5BBC-xLEEGr4mEiXS6fC-w==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:47:06 GMT
age: 49160
etag: "8637105f41058bc0d2b259d462b560881928adb6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a6e7b32ac999cf3c899a234c621fa91a
fc5d4f3163ebb9faf85968cbb1d194e8e68418be
f12db3aed126006fee00649aba0b3eaae900de200b85b9523866a90b5494f18e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8989
x-amzn-requestid: abce0b01-f70c-42ad-b242-5a24735fe4c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltl4Gk2oAMFSWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc2f2-1cccffff5199dffe70264a95;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:43:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PFl7VUrzRkMFNnTiIw_cbGCyrEFn43eUSlZfT0nUhUmjjyXT7JfjMA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:50:01 GMT
age: 48985
etag: "fc5d4f3163ebb9faf85968cbb1d194e8e68418be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
consent.cookiebot.com/uc.js?cbid=d053bff0-f51a-4434-ab3e-b7ec8831e3ed
95.101.10.153200 OK 32 kB URL HTTP/2 consent.cookiebot.com/uc.js?cbid=d053bff0-f51a-4434-ab3e-b7ec8831e3ed
IP 95.101.10.153:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65499)
Hash c8f7ad4768a16672f57131490149c3d0
c943c68aaa059f06744868bb239f06d900d41464
b5a1e40fab60b20e8b25517f6a7e6d27f21af0788959cdf3d52f5b94164cba0c
GET /uc.js?cbid=d053bff0-f51a-4434-ab3e-b7ec8831e3ed HTTP/1.1
Host: consent.cookiebot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Tue, 22 Nov 2022 07:34:39 GMT
accept-ranges: bytes
etag: "db2e3fe144fed81:0"
vary: Accept-Encoding
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
access-control-expose-headers: Request-Context
content-length: 31718
cache-control: public, max-age=662
expires: Sun, 04 Dec 2022 11:37:28 GMT
date: Sun, 04 Dec 2022 11:26:26 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/379cfa/00000000000000003b9adc6d/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
23.33.119.19200 OK 12 kB URL HTTP/2 use.typekit.net/af/379cfa/00000000000000003b9adc6d/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
IP 23.33.119.19:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 11668, version 1.0\012- data
Hash 71eca0957e4d35fc26852895f49491f8
d9ba92c55ef2a7370857143922344880bac2bf6e
4e2db239b50398011c1fb49a5ea7e296a9babab1a7b4968d1974d417f1ab805b
GET /af/379cfa/00000000000000003b9adc6d/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 11668
etag: "a53237c24cbd279f0405e007f31ec7f47234819b"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Sun, 04 Dec 2022 11:26:26 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/85d455/00000000000000003b9adc6a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
23.33.119.19200 OK 31 kB URL HTTP/2 use.typekit.net/af/85d455/00000000000000003b9adc6a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
IP 23.33.119.19:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 30656, version 1.0\012- data
Hash 09848390b847375a8dbf4a3808750013
d8b5db5923705fba6073a52d2145d086c5030527
ead661c1cd323f4f9a023be4cea810a9bcbc3498871593a256fc9221a52f1417
GET /af/85d455/00000000000000003b9adc6a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 30656
etag: "374d4e049d59d33f7c1b988631b115ad96597d60"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Sun, 04 Dec 2022 11:26:26 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/8de6d2/00000000000000003b9adc6b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
23.33.119.19200 OK 29 kB URL HTTP/2 use.typekit.net/af/8de6d2/00000000000000003b9adc6b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
IP 23.33.119.19:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 29392, version 1.0\012- data
Hash ea9b57a664fddcc8ca4ac7057ed8b53b
4cfa452e318ab308c8009ad1257fed42e46ba093
360e1a5c62337c585e8f8b9ba82cd440d4540c444e905665452b93fe785c082b
GET /af/8de6d2/00000000000000003b9adc6b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 29392
etag: "2bd51188b101f4cf29ce1d8dfdbe91d00fc07ba6"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Sun, 04 Dec 2022 11:26:26 GMT
X-Firefox-Spdy: h2
www.googleoptimize.com/optimize.js?id=GTM-NLP39W9
142.250.74.78200 OK 46 kB URL HTTP/2 www.googleoptimize.com/optimize.js?id=GTM-NLP39W9
IP 142.250.74.78:0
File type ASCII text, with very long lines (1921)
Hash 1030528ddca462e9560c75f48c3af98f
647afe96be514ae0b09a915972aa860f923de8fd
7b6b2fab625f5410bc2d969650fa96ff98762383c3ca4f31b0d17311cf9bb698
GET /optimize.js?id=GTM-NLP39W9 HTTP/1.1
Host: www.googleoptimize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 04 Dec 2022 11:26:26 GMT
expires: Sun, 04 Dec 2022 11:26:26 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46283
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 949f8cf9987f789fb6ce3f3f0a1570b5
c0fb383547c137640b4548d49465b5d1c1fc5f79
fa7ca629f6431bc4beb7f05643a7353d45233296791869a6a721709305c5b586
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "FA7CA629F6431BC4BEB7F05643A7353D45233296791869A6A721709305C5B586"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13796
Expires: Sun, 04 Dec 2022 15:16:22 GMT
Date: Sun, 04 Dec 2022 11:26:26 GMT
Connection: keep-alive
p.typekit.net/p.gif?s=1&k=bne0epn&ht=tk&h=flaviar.com&f=28578.28579.28736&a=7301736&js=1.21.0&app=typekit&e=js&_=1670153184650
23.33.119.19200 OK 35 B URL HTTP/2 p.typekit.net/p.gif?s=1&k=bne0epn&ht=tk&h=flaviar.com&f=28578.28579.28736&a=7301736&js=1.21.0&app=typekit&e=js&_=1670153184650
IP 23.33.119.19:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 81144d75b3e69e9aa2fa3e9d83a64d03
f0fbc60b50edf5b2a0b76e0aa0537b76bf346ffc
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
GET /p.gif?s=1&k=bne0epn&ht=tk&h=flaviar.com&f=28578.28579.28736&a=7301736&js=1.21.0&app=typekit&e=js&_=1670153184650 HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: image/gif
cross-origin-resource-policy: cross-origin
etag: "61c32ad2-23"
last-modified: Wed, 22 Dec 2021 13:40:34 GMT
server: nginx
content-length: 35
date: Sun, 04 Dec 2022 11:26:26 GMT
X-Firefox-Spdy: h2
consentcdn.cookiebot.com/sdk/bc-v4.min.html
104.110.3.72200 OK 392 B URL HTTP/2 consentcdn.cookiebot.com/sdk/bc-v4.min.html
IP 104.110.3.72:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (627), with no line terminators
Hash e7268eccad39bd651697fa793a52cc5c
47299cefa2397b0c1d0c5bf232390a5cf1bcc4d3
907e16c84d35556e4ed841a3511915e6d4bb4e9d68cfca178a740e90b4d80e35
GET /sdk/bc-v4.min.html HTTP/1.1
Host: consentcdn.cookiebot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: text/html
etag: "3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
last-modified: Mon, 04 Apr 2022 07:23:49 GMT
server: AkamaiNetStorage
x-akamai-transformed: 9 - 0 pmb=mRUM,1
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=29771517
expires: Tue, 14 Nov 2023 01:18:23 GMT
date: Sun, 04 Dec 2022 11:26:26 GMT
content-length: 392
server-timing: cdn-cache; desc=HIT, edge; dur=1
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 918a11dad84f94fa7d58eb006868aab8
f917a9fab6dc126463fc05353204b79a2e75fdc3
d1a68e36768c668f2c83414ee6c58ed70c83c34e1e5f77a4365c0e4bdd799736
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 11:26:27 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 14:06:53 GMT
Expires: Thu, 08 Dec 2022 14:06:52 GMT
Etag: "f917a9fab6dc126463fc05353204b79a2e75fdc3"
Cache-Control: max-age=354625,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77442fe84d5eb524-OSL
consent.cookiebot.com/d053bff0-f51a-4434-ab3e-b7ec8831e3ed/cc.js?renew=false&referer=flaviar.com&dnt=false&init=false&georegions=%5B%7B%22r%22%3A%22US-06%22%2C%22i%22%3A%226b04ee58-2401-4074-bb6b-0969a4c527d9%22%7D%5D
95.101.10.153200 OK 156 B URL HTTP/2 consent.cookiebot.com/d053bff0-f51a-4434-ab3e-b7ec8831e3ed/cc.js?renew=false&referer=flaviar.com&dnt=false&init=false&georegions=%5B%7B%22r%22%3A%22US-06%22%2C%22i%22%3A%226b04ee58-2401-4074-bb6b-0969a4c527d9%22%7D%5D
IP 95.101.10.153:0
ASN #20940 Akamai International B.V.
File type ASCII text, with CRLF line terminators
Hash 3477de123b1bcca0a96d557218c3c72c
279660604c7c2e9d5be154df57180849efca1e34
9331664c1938651f09a14fb45d0af5fd86a72c2d9aff0bc26193e239ddb38268
GET /d053bff0-f51a-4434-ab3e-b7ec8831e3ed/cc.js?renew=false&referer=flaviar.com&dnt=false&init=false&georegions=%5B%7B%22r%22%3A%22US-06%22%2C%22i%22%3A%226b04ee58-2401-4074-bb6b-0969a4c527d9%22%7D%5D HTTP/1.1
Host: consent.cookiebot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, max-age=1200
content-type: application/x-javascript; charset=utf-8
content-encoding: gzip
last-modified: Sun, 04 Dec 2022 11:26:27 GMT
vary: Accept-Encoding
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
access-control-expose-headers: Request-Context
content-length: 156
date: Sun, 04 Dec 2022 11:26:27 GMT
X-Firefox-Spdy: h2
cdn.segmentify.com/06e2e4b6-5e17-4dbf-9574-c462c3d742d7/segmentify.js
34.120.65.227200 OK 54 kB URL HTTP/2 cdn.segmentify.com/06e2e4b6-5e17-4dbf-9574-c462c3d742d7/segmentify.js
IP 34.120.65.227:0
File type ASCII text, with very long lines (56611)
Hash 59d3191327af6d1963c46bdc1a9d7f7c
f588ddd2bf668befc9da337c051235e628a4ba25
74ca0770de02af299ed0768fd9b75c81639bcce95f4bbdf2ca4578cbb4ddc66e
GET /06e2e4b6-5e17-4dbf-9574-c462c3d742d7/segmentify.js HTTP/1.1
Host: cdn.segmentify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdv4wnSiG_QVvXtwlu2AS2uuRpcgf80ONM22gYLa31rxvFEnhWBCoKKtUtL_9ReIWZDbDO1a-7y4zYM6VDRXSVq-qtM4pTcY
x-goog-generation: 1669719626932169
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 53629
content-encoding: gzip
x-goog-hash: crc32c=DJpF2Q==, md5=WdMZEyevbRljxGvcGp1/fA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
vary: Accept-Encoding
content-length: 53629
access-control-allow-origin: *
access-control-expose-headers: Origin, Accept, Content-Type, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token
server: UploadServer
date: Fri, 02 Dec 2022 10:29:49 GMT
expires: Fri, 09 Dec 2022 10:29:49 GMT
cache-control: public, max-age=604800
last-modified: Tue, 29 Nov 2022 11:00:27 GMT
etag: "59d3191327af6d1963c46bdc1a9d7f7c"
content-type: application/javascript
age: 176198
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 663979bbd831a40bec8611cfac8d77af
aa43c96676a33100f244e6772e37adc2b6f89b76
60c21027da288e857f546b531dd226d81206bfa85a35985b0e1587a68dec4d5b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:26:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-94QYBVSJNV&cid=1099071175.1670153185>m=2oebu0&aip=1&z=1335322697
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-94QYBVSJNV&cid=1099071175.1670153185>m=2oebu0&aip=1&z=1335322697
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-94QYBVSJNV&cid=1099071175.1670153185>m=2oebu0&aip=1&z=1335322697 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 11:26:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd0b48347644ddc60fb16b04140cfcb7
ef8d6c8e3c979e98c82655290150aa14fe5d44d1
f3d27c16653ed979a7cce2dc6239a48a86c7dab2fc34949b540802e50b05275a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4665
Cache-Control: max-age=118009
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:26:27 GMT
Etag: "638b9ba3-1d7"
Expires: Mon, 05 Dec 2022 20:13:16 GMT
Last-Modified: Sat, 03 Dec 2022 18:55:31 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 918a11dad84f94fa7d58eb006868aab8
f917a9fab6dc126463fc05353204b79a2e75fdc3
d1a68e36768c668f2c83414ee6c58ed70c83c34e1e5f77a4365c0e4bdd799736
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 11:26:27 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 14:06:53 GMT
Expires: Thu, 08 Dec 2022 14:06:52 GMT
Etag: "f917a9fab6dc126463fc05353204b79a2e75fdc3"
Cache-Control: max-age=354624,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77442feb188eb524-OSL
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 663979bbd831a40bec8611cfac8d77af
aa43c96676a33100f244e6772e37adc2b6f89b76
60c21027da288e857f546b531dd226d81206bfa85a35985b0e1587a68dec4d5b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:26:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
campaign.fbot.me/06cc9139-6a61-41fc-88db-9ec21e04eecf/campaigns.js
54.230.111.11200 OK 25 kB URL HTTP/2 campaign.fbot.me/06cc9139-6a61-41fc-88db-9ec21e04eecf/campaigns.js
IP 54.230.111.11:0
Hash 8dc9b8b9ed4600ede28c5271b4b876a7
1caa2c997c0ca68e820260453f23f15ee4890a10
a560567240456fea1082c8ef6566c5fef180366bced0873165566b188d082217
GET /06cc9139-6a61-41fc-88db-9ec21e04eecf/campaigns.js HTTP/1.1
Host: campaign.fbot.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 09:06:28 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: dEkiO068.JJoOvIRp4TEWm96aq7RJgI1
server: AmazonS3
content-encoding: gzip
date: Sun, 04 Dec 2022 11:26:27 GMT
cache-control: max-age=30
etag: W/"ed1d8967ee1c956c2188672719b3f2e8"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vlTB59CnNoBg01041OmJ51fPS84-LYQ4VrtOmls6Ya4Z0rydvmmDjw==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:26:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 527270c920717a17c8998236e198b641
a8ebf66713625958d02c9721e9804d3f5eaaad94
837bbb5c76cd2496c0695b85bc2a1e37c6608000a5f46b8d86fd700ed1cc7432
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 11:26:27 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 08:28:55 GMT
Expires: Fri, 09 Dec 2022 08:28:54 GMT
Etag: "a8ebf66713625958d02c9721e9804d3f5eaaad94"
Cache-Control: max-age=420746,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77442febba090b3d-OSL
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 16:40:43 GMT
expires: Fri, 01 Dec 2023 16:40:43 GMT
cache-control: public, max-age=31536000
age: 240344
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 21:48:03 GMT
expires: Fri, 01 Dec 2023 21:48:03 GMT
cache-control: public, max-age=31536000
age: 221904
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
157.240.240.1200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.240.1:0
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: lLQELSkvZcXlR64JDPSqVc3YYWyflHM0Q+EkGYQNWWBgNdYTcm6WJaTAxF0mrZMbRfK/P31/Xn3zf+fBSgrRVA==
content-length: 27340
x-fb-trip-id: 1679558926
date: Sun, 04 Dec 2022 11:26:27 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sgmntfy.com/pa.js
34.149.223.191200 OK 3.7 kB IP 34.149.223.191:0
File type ASCII text, with very long lines (3744), with no line terminators
Hash 7327381bba6f249fe470d17c0dca2cb4
b6fac12855c66c4841a38d07934fc22302e881ef
393195c622ffdab45d8f71e6988cdcc65ef85102061defa603882dc9f80d11ec
Analyzer Verdict Alert quad9 Sinkholed
GET /pa.js HTTP/1.1
Host: cdn.sgmntfy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdsAIeGwsZqeK_Zcr7PfxUy69R-H3vGbOzFZYpWgjbZXDiE9mvjIo75fhvthQNn0vmEAuyFqvchm0AYHdEAzQ3uIxGRx7E8L
x-goog-generation: 1654598345914433
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 3744
content-language: en
x-goog-hash: crc32c=EasKAQ==, md5=cyc4G7pvJJ/kcNF8DcostA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 3744
server: UploadServer
date: Sun, 04 Dec 2022 10:37:50 GMT
expires: Sun, 04 Dec 2022 11:37:50 GMT
cache-control: public, max-age=3600
age: 2917
last-modified: Tue, 07 Jun 2022 10:39:06 GMT
etag: "7327381bba6f249fe470d17c0dca2cb4"
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd0b48347644ddc60fb16b04140cfcb7
ef8d6c8e3c979e98c82655290150aa14fe5d44d1
f3d27c16653ed979a7cce2dc6239a48a86c7dab2fc34949b540802e50b05275a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4665
Cache-Control: max-age=118009
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:26:27 GMT
Etag: "638b9ba3-1d7"
Expires: Mon, 05 Dec 2022 20:13:16 GMT
Last-Modified: Sat, 03 Dec 2022 18:55:31 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 122124f83967c12700f5a6f5546b0f1f
d7acd2db61ad811c388a44b7bd407fa5f4aea8ee
b6b9e0b6c241b4eeb5161b1c297dec2aa6188032017074ee7f8e5533fab87a4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:26:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
142.250.74.42200 OK 33 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
IP 142.250.74.42:0
File type ASCII text, with very long lines (32086)
Hash 430e927c980ad4079de727fa59dd93f2
891aaada9a55a91292999f6d50fd300439905982
e8728df8617340bd8c10bc8d27d3a725a48871a269c850e8598689938ec6e2ed
GET /ajax/libs/jquery/1.11.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33434
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 18:56:26 GMT
expires: Wed, 29 Nov 2023 18:56:26 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 405001
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 122124f83967c12700f5a6f5546b0f1f
d7acd2db61ad811c388a44b7bd407fa5f4aea8ee
b6b9e0b6c241b4eeb5161b1c297dec2aa6188032017074ee7f8e5533fab87a4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:26:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2dabd839729e9b0fb2558253d850126b
64f617aa0afb52168ef3519a4cf9829ac61ee007
1a47e4d0efdac6fbec990e3e168bfdfe615ff8953158773e8b1940d4d91eee18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:26:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2dabd839729e9b0fb2558253d850126b
64f617aa0afb52168ef3519a4cf9829ac61ee007
1a47e4d0efdac6fbec990e3e168bfdfe615ff8953158773e8b1940d4d91eee18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:26:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-28959768-20&cid=1099071175.1670153185&jid=1765780555&gjid=1772011731&_gid=838961215.1670153185&npa=1&_u=aCDAgEAjQAAAAEAAI~&z=461910457
108.177.14.157200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-28959768-20&cid=1099071175.1670153185&jid=1765780555&gjid=1772011731&_gid=838961215.1670153185&npa=1&_u=aCDAgEAjQAAAAEAAI~&z=461910457
IP 108.177.14.157:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-28959768-20&cid=1099071175.1670153185&jid=1765780555&gjid=1772011731&_gid=838961215.1670153185&npa=1&_u=aCDAgEAjQAAAAEAAI~&z=461910457 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://flaviar.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 04 Dec 2022 11:26:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-28959768-1&cid=1099071175.1670153185&jid=1450790049&gjid=1046742979&_gid=838961215.1670153185&npa=1&_u=aCDAgEAjQAAAAEAAI~&z=402559350
108.177.14.157200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-28959768-1&cid=1099071175.1670153185&jid=1450790049&gjid=1046742979&_gid=838961215.1670153185&npa=1&_u=aCDAgEAjQAAAAEAAI~&z=402559350
IP 108.177.14.157:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-28959768-1&cid=1099071175.1670153185&jid=1450790049&gjid=1046742979&_gid=838961215.1670153185&npa=1&_u=aCDAgEAjQAAAAEAAI~&z=402559350 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://flaviar.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 04 Dec 2022 11:26:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 527270c920717a17c8998236e198b641
a8ebf66713625958d02c9721e9804d3f5eaaad94
837bbb5c76cd2496c0695b85bc2a1e37c6608000a5f46b8d86fd700ed1cc7432
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 11:26:27 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 08:28:55 GMT
Expires: Fri, 09 Dec 2022 08:28:54 GMT
Etag: "a8ebf66713625958d02c9721e9804d3f5eaaad94"
Cache-Control: max-age=420746,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77442fec5a01b524-OSL
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2dabd839729e9b0fb2558253d850126b
64f617aa0afb52168ef3519a4cf9829ac61ee007
1a47e4d0efdac6fbec990e3e168bfdfe615ff8953158773e8b1940d4d91eee18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:26:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.analytics.google.com/g/collect?v=2&tid=G-94QYBVSJNV>m=2oebu0&_p=1853020180&_gaz=1&cid=1099071175.1670153185&ul=en-us&sr=1280x1024&_s=1&sid=1670153184&sct=1&seg=0&dl=https%3A%2F%2Fflaviar.com%2Fmars%2Fmars-iwai-45-whisky%2F&dt=Mars%20Iwai%2045%20Whisky%20%C2%BB%20Get%20Free%20Shipping%20%7C%20Flaviar&en=page_view&_fv=1&_nsi=1&_ss=1&up.membership_status=anonymous
216.239.32.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-94QYBVSJNV>m=2oebu0&_p=1853020180&_gaz=1&cid=1099071175.1670153185&ul=en-us&sr=1280x1024&_s=1&sid=1670153184&sct=1&seg=0&dl=https%3A%2F%2Fflaviar.com%2Fmars%2Fmars-iwai-45-whisky%2F&dt=Mars%20Iwai%2045%20Whisky%20%C2%BB%20Get%20Free%20Shipping%20%7C%20Flaviar&en=page_view&_fv=1&_nsi=1&_ss=1&up.membership_status=anonymous
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-94QYBVSJNV>m=2oebu0&_p=1853020180&_gaz=1&cid=1099071175.1670153185&ul=en-us&sr=1280x1024&_s=1&sid=1670153184&sct=1&seg=0&dl=https%3A%2F%2Fflaviar.com%2Fmars%2Fmars-iwai-45-whisky%2F&dt=Mars%20Iwai%2045%20Whisky%20%C2%BB%20Get%20Free%20Shipping%20%7C%20Flaviar&en=page_view&_fv=1&_nsi=1&_ss=1&up.membership_status=anonymous HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://flaviar.com
date: Sun, 04 Dec 2022 11:26:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 68570b7de13c7dfdf686da25ce10d668
61c1304152f11e6a83c383fff8d5e498c4385e6f
537302c07522f4bf1e766fbb1a8da346f59526715a5fcecd3f6aa4817b6b32ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:26:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/id
142.250.74.98302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Sun, 04 Dec 2022 11:26:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=1649789958596951&ev=PageView&dl=https%3A%2F%2Fflaviar.com%2Fmars%2Fmars-iwai-45-whisky%2F&rl=&if=false&ts=1670153185330&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1670153185327.231168855&eid=ob3_plugin-set_ae89c4e34d188cd269fba67266e11cdb7fc5adbc7f866533ef10df5b5e8cac5c&it=1670153185042&coo=false&tm=1&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1649789958596951&ev=PageView&dl=https%3A%2F%2Fflaviar.com%2Fmars%2Fmars-iwai-45-whisky%2F&rl=&if=false&ts=1670153185330&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1670153185327.231168855&eid=ob3_plugin-set_ae89c4e34d188cd269fba67266e11cdb7fc5adbc7f866533ef10df5b5e8cac5c&it=1670153185042&coo=false&tm=1&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1649789958596951&ev=PageView&dl=https%3A%2F%2Fflaviar.com%2Fmars%2Fmars-iwai-45-whisky%2F&rl=&if=false&ts=1670153185330&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1670153185327.231168855&eid=ob3_plugin-set_ae89c4e34d188cd269fba67266e11cdb7fc5adbc7f866533ef10df5b5e8cac5c&it=1670153185042&coo=false&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sun, 04 Dec 2022 11:26:27 GMT
X-Firefox-Spdy: h2
static.doubleclick.net/instream/ad_status.js
142.250.74.134200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.134:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 04 Dec 2022 11:21:04 GMT
expires: Sun, 04 Dec 2022 11:36:04 GMT
cache-control: public, max-age=900
age: 323
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
gandalf-eu.segmentify.com//get/key/v1.json?count=2
35.246.234.8200 32 B URL HTTP/1.1 gandalf-eu.segmentify.com//get/key/v1.json?count=2
IP 35.246.234.8:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type JSON data\012- , ASCII text, with no line terminators
Hash 2dda502074962f949b3c1e98741c1b3b
03099f2bbc9ef418ba7a0ffab102df15126caa63
f34dd223605417cb533ee5d263306b6d534ee0ec492bf395dc3ac66008ff8a49
GET //get/key/v1.json?count=2 HTTP/1.1
Host: gandalf-eu.segmentify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Encoding: br
Content-Type: application/json;charset=UTF-8
Date: Sun, 04 Dec 2022 11:26:27 GMT
Server: nginx
Transfer-Encoding: chunked
X-Server-Name: 954b0a27b6131b61ce7ca07d0e642523
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 68570b7de13c7dfdf686da25ce10d668
61c1304152f11e6a83c383fff8d5e498c4385e6f
537302c07522f4bf1e766fbb1a8da346f59526715a5fcecd3f6aa4817b6b32ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:26:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.106200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sun, 04 Dec 2022 11:26:27 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.106200 OK 8.0 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.106:0
File type JSON data\012- , ASCII text, with very long lines (10913), with no line terminators
Hash 9be30fb0b34822f4ccb53da61b022566
4f0ec07982add1481398e7bdb690d4ac6cf567de
a8de456a465a3ec7a51f8e1e1c8049dd4c328965a84d93f28dda7aa2a75f2818
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 04 Dec 2022 11:26:27 GMT
server: ESF
cache-control: private
content-length: 8024
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7c9e0bb25e8c28e8b10038806b0a7190
9fa6097aeb8eacde8ba7c9ab80a7a7d2405ae2bc
f4864000960be2f888ed7d2467f74130231fed6f56ad48ff15861f5769e95a58
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:26:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/G-wi0KRrIjmTWIDOn44AFVMvZ_aKLO1c96DfwAE3d4M.js
142.250.74.132200 OK 16 kB URL HTTP/2 www.google.com/js/th/G-wi0KRrIjmTWIDOn44AFVMvZ_aKLO1c96DfwAE3d4M.js
IP 142.250.74.132:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (8362), with no line terminators
Hash fff1c72a8666ec7b0c3cbf89ae5d512a
2bd0143fd2190a402531935d3f4836342a2760c5
1f645285ef45d0a9bf588278eda606aebcfcd027241739d60675aa68d4452d79
GET /js/th/G-wi0KRrIjmTWIDOn44AFVMvZ_aKLO1c96DfwAE3d4M.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14211
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 06:09:06 GMT
expires: Thu, 30 Nov 2023 06:09:06 GMT
cache-control: public, max-age=31536000
age: 364642
last-modified: Thu, 03 Nov 2022 10:00:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 35c66ab0dafc0ed05c3f2e1b8829e3b7
e8fac7e103462c9cb3fab7ed1c1cfa07813ccd74
09270f5899964b5438d18e198fb9f50ed079fb0ee1c54a9cd668b96abdb8c228
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:26:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
public.fbot.me/events/06cc9139-6a61-41fc-88db-9ec21e04eecf/profile/xhr
3.227.33.217200 OK 2 B URL HTTP/2 public.fbot.me/events/06cc9139-6a61-41fc-88db-9ec21e04eecf/profile/xhr
IP 3.227.33.217:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /events/06cc9139-6a61-41fc-88db-9ec21e04eecf/profile/xhr HTTP/1.1
Host: public.fbot.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Referer: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:26:28 GMT
content-length: 2
server: nginx/1.23.2
access-control-allow-origin: https://flaviar.com
access-control-allow-credentials: true
access-control-allow-methods: POST, GET
access-control-allow-headers: Authorization, Content-Type
info: {"connection":"upgrade","host":"public.fbot.me","x-forwarded-for":"91.90.42.154","x-forwarded-proto":"https","x-forwarded-port":"443","x-amzn-trace-id":"Root=1-638c83e4-20e33bcc52a2e65e453ddf46","user-agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0","accept":"*/*","accept-language":"en-US,en;q=0.5","accept-encoding":"gzip, deflate, br","access-control-request-method":"POST","access-control-request-headers":"authorization,content-type","referer":"https://flaviar.com/","origin":"https://flaviar.com","sec-fetch-dest":"empty","sec-fetch-mode":"cors","sec-fetch-site":"cross-site"}
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 64eb3a8f7cc11324c6f4c77e1c11f7ee
8ad889db020018b726362929a9477872a6808f0a
481082e2478f937b15faec7128ab1a60bf1157b417bfa63022472f434ae240fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:26:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi_webp/kFvN2avNdKk/maxresdefault.webp
142.250.74.86200 OK 179 kB URL HTTP/2 i.ytimg.com/vi_webp/kFvN2avNdKk/maxresdefault.webp
IP 142.250.74.86:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 179 kB (178966 bytes)
Hash 40ff4224f345f74baa2a03117e66da4b
690b8377c7680627d12c5b6cf6b62e47fad6c212
f6b33059e64d922d120cd7bc0c88bb762af4625f4703cc67438c5a3189691d06
GET /vi_webp/kFvN2avNdKk/maxresdefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 178966
date: Sun, 04 Dec 2022 11:26:28 GMT
expires: Sun, 04 Dec 2022 13:26:28 GMT
cache-control: public, max-age=7200
etag: "1669648154"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
yt3.ggpht.com/-tbZlDJ55pZ9PPZFtw09GqRxnsEDlcHrYgBJMfTk4wb_vw9TeVjn1wIHhHxT1rsqvQ8klfhk=s68-c-k-c0x00ffffff-no-rj
142.250.74.65200 OK 891 B URL HTTP/2 yt3.ggpht.com/-tbZlDJ55pZ9PPZFtw09GqRxnsEDlcHrYgBJMfTk4wb_vw9TeVjn1wIHhHxT1rsqvQ8klfhk=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.65:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash ebf79bbcf89eed3c9afd9c3e60117fcd
fd4e590547cee589b62578aaf8a61f943e2e82bf
022fcfdb411ab1d38882781205b9c1dda4b080f8fbd7eed77e45165a81641896
GET /-tbZlDJ55pZ9PPZFtw09GqRxnsEDlcHrYgBJMfTk4wb_vw9TeVjn1wIHhHxT1rsqvQ8klfhk=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 891
x-xss-protection: 0
date: Sun, 04 Dec 2022 08:49:09 GMT
expires: Sun, 06 Nov 2022 07:26:28 GMT
cache-control: public, max-age=86400, no-transform
age: 9439
etag: "v1"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 35c66ab0dafc0ed05c3f2e1b8829e3b7
e8fac7e103462c9cb3fab7ed1c1cfa07813ccd74
09270f5899964b5438d18e198fb9f50ed079fb0ee1c54a9cd668b96abdb8c228
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:26:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 64eb3a8f7cc11324c6f4c77e1c11f7ee
8ad889db020018b726362929a9477872a6808f0a
481082e2478f937b15faec7128ab1a60bf1157b417bfa63022472f434ae240fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:26:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 33293c6f943b72fa36a0c09973c2dd89
a6b0c5c974c7f99537eeae2cebcfe67c333c479a
efdfed1463520f7decc4144e8c6f219eec6d14386ff20e9f5b635115a6754c48
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EFDFED1463520F7DECC4144E8C6F219EEC6D14386FF20E9F5B635115A6754C48"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21561
Expires: Sun, 04 Dec 2022 17:25:49 GMT
Date: Sun, 04 Dec 2022 11:26:28 GMT
Connection: keep-alive
fbcapi.flaviar.com/events
54.153.41.73200 OK 0 B URL HTTP/2 fbcapi.flaviar.com/events
IP 54.153.41.73:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /events HTTP/1.1
Host: fbcapi.flaviar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 346
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Cookie: _ga_94QYBVSJNV=GS1.1.1670153184.1.0.1670153184.60.0.0; _ga=GA1.2.1099071175.1670153185; _gid=GA1.2.838961215.1670153185; _dc_gtm_UA-28959768-20=1; _dc_gtm_UA-28959768-1=1; _fbp=fb.1.1670153185327.231168855
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:26:28 GMT
content-length: 0
vary: origin
access-control-allow-credentials: true
access-control-allow-origin: https://flaviar.com
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
public.fbot.me/events/06cc9139-6a61-41fc-88db-9ec21e04eecf/profile/xhr
3.227.33.217200 OK 514 B URL HTTP/2 public.fbot.me/events/06cc9139-6a61-41fc-88db-9ec21e04eecf/profile/xhr
IP 3.227.33.217:0
File type JSON data\012- , ASCII text, with very long lines (514), with no line terminators
Hash 1996f072b787238b63107e2eba268206
6d04551c17be975402baaf3f2ede3a45890af97d
b3bcde85323ec396b2ab3612d2e825419fa2abf2d79492f8f5d2a189ef72f2bb
POST /events/06cc9139-6a61-41fc-88db-9ec21e04eecf/profile/xhr HTTP/1.1
Host: public.fbot.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaviar.com/
Authorization:
Content-Type: application/json
Origin: https://flaviar.com
Content-Length: 215
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:26:28 GMT
content-type: application/json
content-length: 514
server: nginx/1.23.2
access-control-allow-origin: https://flaviar.com
set-cookie: globalId=adbc121c-1849-4aa0-95bb-af5d2ccebd73; Max-Age=315360000; Domain=.fbot.me; Path=/; HttpOnly; Secure; SameSite=None
access-control-allow-credentials: true
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.106200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sun, 04 Dec 2022 11:26:29 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.106200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.106:0
File type JSON data\012- , ASCII text, with no line terminators
Hash e9d681cfe6ac765a2251048fedda9908
0cd2f5517874c3689c59d8ef7c2c80640ffb6db9
3c1ac8b1904ddb96d090cb0f1e79885ad71476e7a47cb3db0868abb23ecd48b8
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1034
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 04 Dec 2022 11:26:29 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
gandalf-eu.segmentify.com//add/events/v1.json?apiKey=06e2e4b6-5e17-4dbf-9574-c462c3d742d7
35.246.234.8200 OK 0 B URL HTTP/1.1 gandalf-eu.segmentify.com//add/events/v1.json?apiKey=06e2e4b6-5e17-4dbf-9574-c462c3d742d7
IP 35.246.234.8:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS //add/events/v1.json?apiKey=06e2e4b6-5e17-4dbf-9574-c462c3d742d7 HTTP/1.1
Host: gandalf-eu.segmentify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-sfy-api-key
Referer: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type, Accept, Authorization, X-Switch-User, X-Switch-Account, X-Switch-Region, X-Sfy-Api-Key
Access-Control-Allow-Methods: GET, POST, PUT, DELETE
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3600
Connection: keep-alive
Content-Length: 0
Content-Type: application/json
Date: Sun, 04 Dec 2022 11:26:29 GMT
Server: nginx
X-Server-Name: 954b0a27b6131b61ce7ca07d0e642523
gandalf-eu.segmentify.com//add/events/v1.json?apiKey=06e2e4b6-5e17-4dbf-9574-c462c3d742d7
35.246.234.8200 8.2 kB URL HTTP/1.1 gandalf-eu.segmentify.com//add/events/v1.json?apiKey=06e2e4b6-5e17-4dbf-9574-c462c3d742d7
IP 35.246.234.8:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type JSON data\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (35618), with no line terminators
Hash 596abce7f71c0a0ed50777c1f7d7164b
ebe78aeef258a48e062f7d5a75b8a1a2ee5ce39e
331f4664b8d174357287758efba9a46e7c7dca6f12e7c9bbec23e24ccc666101
POST //add/events/v1.json?apiKey=06e2e4b6-5e17-4dbf-9574-c462c3d742d7 HTTP/1.1
Host: gandalf-eu.segmentify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
X-Sfy-Api-Key: 06e2e4b6-5e17-4dbf-9574-c462c3d742d7
Content-Length: 1196
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Encoding: br
Content-Type: application/json;charset=UTF-8
Date: Sun, 04 Dec 2022 11:26:29 GMT
Server: nginx
Transfer-Encoding: chunked
X-Server-Name: e50eafe57688af3a47ec4fb3140ed864
beacon-v2.helpscout.net/
143.204.55.78200 OK 327 B IP 143.204.55.78:0
File type ASCII text, with very long lines (458), with no line terminators
Hash 8eaaed7c414ca20a595de1c34c39cb89
a4772375ae791db7927813ddc4e9c20245f541cb
cfc837b04610f8f568ac5369bea161b0802253dddb5bf6b8095a50129210fcee
GET / HTTP/1.1
Host: beacon-v2.helpscout.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 327
last-modified: Fri, 02 Dec 2022 12:11:23 GMT
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Sun, 04 Dec 2022 11:26:29 GMT
cache-control: max-age=120, s-maxage=120, public
etag: "8eaaed7c414ca20a595de1c34c39cb89"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: SMUZxqjMPx4LCFBTQV8qfEml2HA-mec3wnAczUhvNuiaSM9T0TULkw==
age: 4
X-Firefox-Spdy: h2
beacon-v2.helpscout.net/static/js/vendor.ddc3f9c8.js
143.204.55.78200 OK 22 kB URL HTTP/2 beacon-v2.helpscout.net/static/js/vendor.ddc3f9c8.js
IP 143.204.55.78:0
File type ASCII text, with very long lines (64495), with no line terminators
Hash 4c71758a7a3b1975809a202503770fb0
1382704a13f28aa2587efe4a019ef0ba7c9be07b
925cfc228dff8aad3a5fbe4ec924715835df033a32ad06660d90d1abd243bcc9
GET /static/js/vendor.ddc3f9c8.js HTTP/1.1
Host: beacon-v2.helpscout.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 22295
last-modified: Tue, 29 Nov 2022 15:46:59 GMT
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Sun, 04 Dec 2022 09:36:35 GMT
cache-control: max-age=315360000, s-maxage=7200, public
etag: "4c71758a7a3b1975809a202503770fb0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: __7MvZwaGLZ0Aafe0jQh8IoHvfJCd8189QkYvAXZ6IO1wAm9Za2Z8A==
age: 6595
X-Firefox-Spdy: h2
beacon-v2.helpscout.net/static/js/main.25d3718c.js
143.204.55.78200 OK 9.7 kB URL HTTP/2 beacon-v2.helpscout.net/static/js/main.25d3718c.js
IP 143.204.55.78:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (24954)
Hash ae50fc23ab34a7db0e3057972f1a1768
ff4b9a5805e9974b10cd13cfb2e1fc15b3fd3d3b
bf9aba5f51f7155aeaf72571623ee59f31c8bbe1555e3eba04d5a7384591d98b
GET /static/js/main.25d3718c.js HTTP/1.1
Host: beacon-v2.helpscout.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 9696
last-modified: Fri, 02 Dec 2022 12:11:24 GMT
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Sun, 04 Dec 2022 10:12:11 GMT
cache-control: max-age=315360000, s-maxage=7200, public
etag: "ae50fc23ab34a7db0e3057972f1a1768"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: hknhQbSK9U3G-DUqwek6MQKSXk3IepvO5TFnoKsOBQUC63-lDoVxJw==
age: 4459
X-Firefox-Spdy: h2
www.redditstatic.com/ads/pixel.js
151.101.129.140200 OK 7.7 kB URL HTTP/2 www.redditstatic.com/ads/pixel.js
IP 151.101.129.140:0
File type ASCII text, with very long lines (25224)
Hash 3528fd00b652f61a266eb584d96f4fcc
d89e16aa1323c6c4f1ed3941122020684a599361
77efa9f2ddfdca7a45df37bbcd22fdaeb7b97161a2acd87e21eb78bdeaad1332
GET /ads/pixel.js HTTP/1.1
Host: www.redditstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Mon, 07 Nov 2022 16:45:46 GMT
etag: "3528fd00b652f61a266eb584d96f4fcc"
cache-control: public, max-age=60
content-encoding: gzip
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 04 Dec 2022 11:26:29 GMT
vary: Accept-Encoding,Origin
server: snooserv
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-length: 7722
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2a34be5c7e7ef311f4446485dfa55438
da731f4a447036e289bc66eed4d1a5bba19b17e9
00c9bc3af5490d4e741860fb95114b52ddec1831b80b7a3cbe181365cb39a23c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1642
Cache-Control: max-age=144808
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:26:29 GMT
Etag: "638c1023-117"
Expires: Tue, 06 Dec 2022 03:39:57 GMT
Last-Modified: Sun, 04 Dec 2022 03:12:35 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 279
fbcapi.flaviar.com/events
54.153.41.73200 OK 0 B URL HTTP/2 fbcapi.flaviar.com/events
IP 54.153.41.73:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /events HTTP/1.1
Host: fbcapi.flaviar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 421
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Cookie: _ga_94QYBVSJNV=GS1.1.1670153184.1.0.1670153184.60.0.0; _ga=GA1.2.1099071175.1670153185; _gid=GA1.2.838961215.1670153185; _dc_gtm_UA-28959768-20=1; _dc_gtm_UA-28959768-1=1; _fbp=fb.1.1670153185327.231168855; _sgf_user_id=21138157312598017; _sgf_session_id=21138157312598016; _sgf_exp=; _sgf_push_permission_asked=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:26:29 GMT
content-length: 0
vary: origin
access-control-allow-credentials: true
access-control-allow-origin: https://flaviar.com
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 5f6a350645f3a01cc7b1e5a8fda543bb
e654607b7e4a03d4fba7d0e78393ddbd2a4ef50f
aa57a077000a3830402113bd2fd2aa8f3ceca727461f97401f15cc5fc36a3249
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5999
Cache-Control: max-age=122192
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:26:29 GMT
Etag: "638ba6c6-2d7"
Expires: Mon, 05 Dec 2022 21:23:01 GMT
Last-Modified: Sat, 03 Dec 2022 19:43:02 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 727
sc-static.net/scevent.min.js
54.192.99.254200 OK 12 kB URL HTTP/2 sc-static.net/scevent.min.js
IP 54.192.99.254:0
File type ASCII text, with very long lines (27646), with no line terminators
Hash 62585b7e4a4eab6ba3984a2cd4de5365
14e3b07044b095c9b8fd7b84bf00adb32233edb0
8e0a43da6d5b986bdf45ccdc4bfc11742086d59e2dbf2ae3a04701602c6b8bb7
GET /scevent.min.js HTTP/1.1
Host: sc-static.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 11972
server: CloudFront
date: Sun, 04 Dec 2022 11:26:29 GMT
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Content-Type
cache-control: private, s-maxage=0, max-age=600
set-cookie: X-AB=0d6e407936704bd380072f5891d28b0e;max-age=86400;expires=Mon, 05 Dec 2022 10:31:52 GMT;Path=/scevent.min.js; Secure; SameSite=None
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 9ee3245d13c492e7e4abb0f2de012802.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: RM-RAbEWAncoQgtaM4D9PJHQZw-Ks28ImkHEFHXjfeHuWjN5ED_fFw==
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 8b129125171aa50e40f0d0e26d1a6c4e
d1376718e6dd2b03aab6f632af2438b8ae3e49b2
96b4c4d6e7843adcee8a1cda47dc0d485752afc26d633c0e97892c6040e460fd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1389
Cache-Control: max-age=86620
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:26:29 GMT
Etag: "638b2dd5-138"
Expires: Mon, 05 Dec 2022 11:30:09 GMT
Last-Modified: Sat, 03 Dec 2022 11:07:01 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 312
beacon-v2.helpscout.net/static/js/full-beacon-init.1e2eeb6d.chunk.js
143.204.55.78200 OK 102 kB URL HTTP/2 beacon-v2.helpscout.net/static/js/full-beacon-init.1e2eeb6d.chunk.js
IP 143.204.55.78:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 102 kB (102425 bytes)
Hash 9cf1e4e02632694d08fd57e643116df4
4b0b867cab40e723b48bcb05bcf9fc44cd4f0455
57cce511458526710733751653693b7e47449094e2caf964e32f501f4172260a
GET /static/js/full-beacon-init.1e2eeb6d.chunk.js HTTP/1.1
Host: beacon-v2.helpscout.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 102425
last-modified: Fri, 02 Dec 2022 12:11:24 GMT
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Sun, 04 Dec 2022 10:12:14 GMT
cache-control: max-age=315360000, s-maxage=7200, public
etag: "9cf1e4e02632694d08fd57e643116df4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ymADTDIc0j03a5l5B4Y1403xiWOfV5LmDmx0AdaHdFQK9aBMDueMrg==
age: 4456
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2a34be5c7e7ef311f4446485dfa55438
da731f4a447036e289bc66eed4d1a5bba19b17e9
00c9bc3af5490d4e741860fb95114b52ddec1831b80b7a3cbe181365cb39a23c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1642
Cache-Control: max-age=144808
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:26:29 GMT
Etag: "638c1023-117"
Expires: Tue, 06 Dec 2022 03:39:57 GMT
Last-Modified: Sun, 04 Dec 2022 03:12:35 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 279
shop.pe/widget/widget_async.js
35.227.244.1301 Moved Permanently 300 B URL HTTP/2 shop.pe/widget/widget_async.js
IP 35.227.244.1:0
Hash 08da37e21bfad40ba850967b3cfa0a4e
59618d038fe5edaaa168f7b2fa38f2a754f8bfa6
7987dac09bdbe5643fc6f2d625f92ceeb68eef2c1c656749a8af16a1e9a058dc
GET /widget/widget_async.js HTTP/1.1
Host: shop.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 04 Dec 2022 11:26:29 GMT
content-type: text/html
content-length: 178
location: https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
x-frame-options: deny
content-security-policy: frame-ancestors none;
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 5f6a350645f3a01cc7b1e5a8fda543bb
e654607b7e4a03d4fba7d0e78393ddbd2a4ef50f
aa57a077000a3830402113bd2fd2aa8f3ceca727461f97401f15cc5fc36a3249
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5999
Cache-Control: max-age=122192
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:26:29 GMT
Etag: "638ba6c6-2d7"
Expires: Mon, 05 Dec 2022 21:23:01 GMT
Last-Modified: Sat, 03 Dec 2022 19:43:02 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 727
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd36ebd5eb5328893c62a3dc37ea5897
36f061db4e68ed9ec3925b5c8696ceca7fa647b0
473315f87ee2576df224a9160a4905bf65f41bff1994aa952e34b70026848f23
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 608
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:26:29 GMT
Last-Modified: Sun, 04 Dec 2022 11:16:21 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
splow.flaviar.com/com.snowplowanalytics.snowplow/tp2
172.66.40.91200 OK 0 B URL HTTP/2 splow.flaviar.com/com.snowplowanalytics.snowplow/tp2
IP 172.66.40.91:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: splow.flaviar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:26:29 GMT
content-length: 0
access-control-allow-origin: https://flaviar.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 5
x-robots-tag: noindex, nofollow, nosnippet, noarchive
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WySx3zLN%2F1XTAv%2BRqcL1qJrPf9hwvg%2F4IjNHw3TGHegu7MiZ7g6f7yvbzCIJAhR8BrIwVDO5qs7I52B1LI1%2FM2wMmxVhSFYUyP2jAY%2FLGvHdhJU8oF2WtuQqGF68b7izoMqy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 77442ffb8d2bb505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd36ebd5eb5328893c62a3dc37ea5897
36f061db4e68ed9ec3925b5c8696ceca7fa647b0
473315f87ee2576df224a9160a4905bf65f41bff1994aa952e34b70026848f23
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 301
Cache-Control: max-age=156458
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:26:29 GMT
Etag: "638c42e2-1d7"
Expires: Tue, 06 Dec 2022 06:54:07 GMT
Last-Modified: Sun, 04 Dec 2022 06:49:06 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
aacdn.nagich.com/assets/images/11.svg
104.26.14.45200 OK 15 kB URL HTTP/2 aacdn.nagich.com/assets/images/11.svg
IP 104.26.14.45:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators
Hash 8c9661087a5d2248df0998925c77da53
3c423d3586abb4dbf1c5fd90031e6474d108ee37
fdfb0be63db120a398720510daef729e404e2b83d6b0d855a84dbaf8d58c2e98
GET /assets/images/11.svg HTTP/1.1
Host: aacdn.nagich.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:26:28 GMT
content-type: image/svg+xml
cache-control: public, max-age=2204800
last-modified: Thu, 01 Aug 2019 12:47:47 GMT
etag: W/"42b27526748d51:0"
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: deny
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 2163898
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1I4p1Ryrj1JrMqrLanj9S%2BrCu%2BHY3nNo1O%2Ba00o7Tg%2BiytLxU6ACk7cbjLmUg51zz5avKCV%2FmDPAxKoyG%2BPmvFBxabriUwG5eBGirDG4nU0bHSxd6e%2BpxD1zDFvmD%2Bjp4bI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77442ff5ce8bb521-OSL
content-encoding: br
X-Firefox-Spdy: h2
tr.snapchat.com/p?pid=b838e1c8-e5cb-4d99-bda2-d5594b71ff41&ev=PAGE_VIEW&intg=gtm&pl=https%3A%2F%2Fflaviar.com%2Fmars%2Fmars-iwai-45-whisky%2F&bt=1d53c387&if=false&m_dcl=2680&m_fcps=2149&m_pi=2630&m_pl=5609&m_pv=v2&m_rd=6024&m_sl=5970&rf=&trackId=744c2cd9-52c6-45b3-8e3f-5def3e6969bd&ts=1670153187506&u_c1=f81dea4c-81ab-477f-8a60-284941201058&u_sclid=1f9ecb4f-28d0-468e-9a87-8fd7628424d7&u_scsid=7c7c8a00-a861-49b7-94fc-16a24e829663&v=2.0.0
35.190.43.134200 OK 68 B URL HTTP/2 tr.snapchat.com/p?pid=b838e1c8-e5cb-4d99-bda2-d5594b71ff41&ev=PAGE_VIEW&intg=gtm&pl=https%3A%2F%2Fflaviar.com%2Fmars%2Fmars-iwai-45-whisky%2F&bt=1d53c387&if=false&m_dcl=2680&m_fcps=2149&m_pi=2630&m_pl=5609&m_pv=v2&m_rd=6024&m_sl=5970&rf=&trackId=744c2cd9-52c6-45b3-8e3f-5def3e6969bd&ts=1670153187506&u_c1=f81dea4c-81ab-477f-8a60-284941201058&u_sclid=1f9ecb4f-28d0-468e-9a87-8fd7628424d7&u_scsid=7c7c8a00-a861-49b7-94fc-16a24e829663&v=2.0.0
IP 35.190.43.134:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /p?pid=b838e1c8-e5cb-4d99-bda2-d5594b71ff41&ev=PAGE_VIEW&intg=gtm&pl=https%3A%2F%2Fflaviar.com%2Fmars%2Fmars-iwai-45-whisky%2F&bt=1d53c387&if=false&m_dcl=2680&m_fcps=2149&m_pi=2630&m_pl=5609&m_pv=v2&m_rd=6024&m_sl=5970&rf=&trackId=744c2cd9-52c6-45b3-8e3f-5def3e6969bd&ts=1670153187506&u_c1=f81dea4c-81ab-477f-8a60-284941201058&u_sclid=1f9ecb4f-28d0-468e-9a87-8fd7628424d7&u_scsid=7c7c8a00-a861-49b7-94fc-16a24e829663&v=2.0.0 HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:26:29 GMT
access-control-allow-origin: *
cache-control: no-cache, no-transform
set-cookie: sc_at=v2|H4sIAAAAAAAAAAXBgQ0AIQgDwIlI2j6IjoNRp2D4vwtwi1l2dN3cC7YCNL9FPdXLqW6OBOPjXI0fRSbRATIAAAA=;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
content-type: image/png
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 68
x-envoy-upstream-service-time: 0
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd36ebd5eb5328893c62a3dc37ea5897
36f061db4e68ed9ec3925b5c8696ceca7fa647b0
473315f87ee2576df224a9160a4905bf65f41bff1994aa952e34b70026848f23
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 608
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:26:29 GMT
Last-Modified: Sun, 04 Dec 2022 11:16:21 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
tr.snapchat.com/p?pid=b838e1c8-e5cb-4d99-bda2-d5594b71ff41&ev=VIEW_CONTENT&intg=gtm&pl=https%3A%2F%2Fflaviar.com%2Fmars%2Fmars-iwai-45-whisky%2F&bt=1d53c387&if=false&m_dcl=2680&m_fcps=2149&m_pi=2630&m_pl=5609&m_pv=v2&m_rd=6130&m_sl=5970&rf=&trackId=925d3df4-c5e5-4d5d-8b2e-41488c342c81&ts=1670153187612&u_c1=f81dea4c-81ab-477f-8a60-284941201058&u_sclid=1f9ecb4f-28d0-468e-9a87-8fd7628424d7&u_scsid=7c7c8a00-a861-49b7-94fc-16a24e829663&v=2.0.0
35.190.43.134200 OK 68 B URL HTTP/2 tr.snapchat.com/p?pid=b838e1c8-e5cb-4d99-bda2-d5594b71ff41&ev=VIEW_CONTENT&intg=gtm&pl=https%3A%2F%2Fflaviar.com%2Fmars%2Fmars-iwai-45-whisky%2F&bt=1d53c387&if=false&m_dcl=2680&m_fcps=2149&m_pi=2630&m_pl=5609&m_pv=v2&m_rd=6130&m_sl=5970&rf=&trackId=925d3df4-c5e5-4d5d-8b2e-41488c342c81&ts=1670153187612&u_c1=f81dea4c-81ab-477f-8a60-284941201058&u_sclid=1f9ecb4f-28d0-468e-9a87-8fd7628424d7&u_scsid=7c7c8a00-a861-49b7-94fc-16a24e829663&v=2.0.0
IP 35.190.43.134:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /p?pid=b838e1c8-e5cb-4d99-bda2-d5594b71ff41&ev=VIEW_CONTENT&intg=gtm&pl=https%3A%2F%2Fflaviar.com%2Fmars%2Fmars-iwai-45-whisky%2F&bt=1d53c387&if=false&m_dcl=2680&m_fcps=2149&m_pi=2630&m_pl=5609&m_pv=v2&m_rd=6130&m_sl=5970&rf=&trackId=925d3df4-c5e5-4d5d-8b2e-41488c342c81&ts=1670153187612&u_c1=f81dea4c-81ab-477f-8a60-284941201058&u_sclid=1f9ecb4f-28d0-468e-9a87-8fd7628424d7&u_scsid=7c7c8a00-a861-49b7-94fc-16a24e829663&v=2.0.0 HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Cookie: sc_at=v2|H4sIAAAAAAAAAAXBgQ0AIQgDwIlI2j6IjoNRp2D4vwtwi1l2dN3cC7YCNL9FPdXLqW6OBOPjXI0fRSbRATIAAAA=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:26:29 GMT
access-control-allow-origin: *
cache-control: no-cache, no-transform
content-type: image/png
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 68
x-envoy-upstream-service-time: 0
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 9e9c5381eccb8d6924c2d11a30fed97f
666527f800c563be45bc7a2f5cfab8196f541187
cf89082d1df3adfe44fd5d909555333f4f264dd5a12bbc096ff846df9c663dc9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1291
Cache-Control: max-age=110302
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:26:30 GMT
Etag: "638b8ab9-139"
Expires: Mon, 05 Dec 2022 18:04:52 GMT
Last-Modified: Sat, 03 Dec 2022 17:43:21 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 313
ak.sail-horizon.com/spm/spm.v1.min.js
143.204.55.93200 OK 45 kB URL HTTP/2 ak.sail-horizon.com/spm/spm.v1.min.js
IP 143.204.55.93:0
File type ASCII text, with very long lines (32036)
Hash f3ff62cf1217a4b774aa02912f124728
bee28940c6a39608884bba3550f219db016f4de4
dee027c2a90f6bb94a09d4ec3b5d65877feaf3e6b9f5774a57e1dffed417196a
GET /spm/spm.v1.min.js HTTP/1.1
Host: ak.sail-horizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 15 Sep 2022 23:20:31 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 04 Dec 2022 11:19:57 GMT
cache-control: max-age=600; must-revalidate
etag: W/"97dd801dd26ae0172c7875245d92f506"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Q4GsMtPwWD5G-9cNhHgzfq_av8U6Jdh0Vaxhs6N5oW0dLRJrsNwwjw==
age: 393
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash ee00ac7a24f2be13f49a39c476f9f707
98a87636f9dbd123b21b0c4adf164c68603da8ba
6edf8fd4b338be0cfa4ce5fd22a6adc145f0f47576447a03c277bea70a43a5eb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1419
Cache-Control: max-age=169105
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:26:30 GMT
Etag: "638c6fec-139"
Expires: Tue, 06 Dec 2022 10:24:55 GMT
Last-Modified: Sun, 04 Dec 2022 10:01:16 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash ee00ac7a24f2be13f49a39c476f9f707
98a87636f9dbd123b21b0c4adf164c68603da8ba
6edf8fd4b338be0cfa4ce5fd22a6adc145f0f47576447a03c277bea70a43a5eb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1422
Cache-Control: max-age=169108
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:26:30 GMT
Etag: "638c6fec-139"
Expires: Tue, 06 Dec 2022 10:24:58 GMT
Last-Modified: Sun, 04 Dec 2022 10:01:16 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 313
ocsp.sca1b.amazontrust.com/
54.230.96.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.96.118:0
Hash 28df86ee6b3fef8f46624298c218fca6
b38f5120c1f1d2cf2947b4d0ae7b5b787e1cc6c8
0111ed50bd1681dfcd7b9ddfdd873f16427f0261b8e39926712a51695eff02f5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=144792
Date: Sun, 04 Dec 2022 11:26:30 GMT
Etag: "638c11bc-1d7"
Expires: Tue, 06 Dec 2022 03:39:42 GMT
Last-Modified: Sun, 04 Dec 2022 03:19:24 GMT
Server: ECS (bsa/EB1F)
X-Cache: Miss from cloudfront
Via: 1.1 10ba4f180c8b00c38f956300d7b2f4c8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN1-C1
X-Amz-Cf-Id: -0aBB78ZXQe7Z5YkUCI0drG1JSWNvGBYk8a3xcxq09rkdYi-1xg6Aw==
Age: 1218
ocsp.sca1b.amazontrust.com/
54.230.96.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.96.118:0
Hash 28df86ee6b3fef8f46624298c218fca6
b38f5120c1f1d2cf2947b4d0ae7b5b787e1cc6c8
0111ed50bd1681dfcd7b9ddfdd873f16427f0261b8e39926712a51695eff02f5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=144711
Date: Sun, 04 Dec 2022 11:26:30 GMT
Etag: "638c11bc-1d7"
Expires: Tue, 06 Dec 2022 03:38:21 GMT
Last-Modified: Sun, 04 Dec 2022 03:19:24 GMT
Server: ECS (bsa/EB1C)
X-Cache: Miss from cloudfront
Via: 1.1 2922b040e786628776b5684dc8791b62.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN1-C1
X-Amz-Cf-Id: WuZJdGZjHhpKBAVq5w9_cAu5bLQe6lqBByCGHbA522QB17LyohmJ-A==
Age: 1137
rb9yp8py.flaviar.com/assets/wxyz.rb.js
162.243.45.117200 OK 10 kB URL HTTP/1.1 rb9yp8py.flaviar.com/assets/wxyz.rb.js
IP 162.243.45.117:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (347)
Hash 46f395d8bdc29802f09a64a95a192e39
bf4266cdba32c81498002bef7c746bb20df0ac6d
b9c74b5f30111282496c5860c76e8e73697c52e94a939898ea2dae9a6a5314e0
GET /assets/wxyz.rb.js HTTP/1.1
Host: rb9yp8py.flaviar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaviar.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Sun, 04 Dec 2022 11:26:30 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
99.83.154.140200 OK 18 B URL HTTP/2 api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
IP 99.83.154.140:0
File type ASCII text, with no line terminators
Hash cc7fd95a87ea3721ce1853bf3c4dd75e
7f687f7881adf0fc407378d375a61b8f198c0912
0f06a4c8d34690d4e42c81f232a5bdfe9fcbde8a54b5ccd0609a313e90da0879
OPTIONS /v1/personalize/simple?pageviews=1&isMobile=0 HTTP/1.1
Host: api.sail-personalize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-lib-version,x-referring-url
Referer: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:26:30 GMT
content-type: text/plain
content-length: 18
access-control-allow-origin: https://flaviar.com
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: OPTIONS,GET,POST,PUT,DELETE
access-control-allow-headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
allow: HEAD,GET,OPTIONS
X-Firefox-Spdy: h2
d3hb14vkzrxvla.cloudfront.net/v1/00e580f3-b08f-44e2-b7b0-5949db5bfaf3
108.156.223.190200 OK 0 B URL HTTP/2 d3hb14vkzrxvla.cloudfront.net/v1/00e580f3-b08f-44e2-b7b0-5949db5bfaf3
IP 108.156.223.190:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v1/00e580f3-b08f-44e2-b7b0-5949db5bfaf3 HTTP/1.1
Host: d3hb14vkzrxvla.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: beacon-device-id,correlationid,helpscout-origin,helpscout-release
Referer: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
date: Sun, 04 Dec 2022 11:25:35 GMT
access-control-allow-origin: https://flaviar.com
access-control-allow-methods: GET
access-control-allow-headers: beacon-device-id, correlationid, helpscout-origin, helpscout-release
access-control-allow-credentials: true
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
x-ratelimit-limit-attachments-hour: 10
x-ratelimit-remaining-attachments-hour: 10
x-ratelimit-limit-chat-tokens-hour: 25
x-ratelimit-remaining-chat-tokens-hour: 25
x-ratelimit-limit-identify-hour: 25
x-ratelimit-remaining-identify-hour: 25
x-ratelimit-limit-general-minute: 60
x-ratelimit-remaining-general-minute: 60
x-ratelimit-limit-conversations-hour: 10
x-ratelimit-remaining-conversations-hour: 10
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 c2a2605b27d8d5dae5fbbd9bff6b8a24.cloudfront.net (CloudFront)
x-amz-cf-pop: DFW56-P4
x-amz-cf-id: SiFkO19mY8jhOy1w3NSkwNnjEjCJTi4IRDnqUakZQTuKVK-ystye8A==
age: 55
X-Firefox-Spdy: h2
rb9yp8py.flaviar.com/assets/wxyz.rb.js
162.243.45.117200 OK 10 kB URL HTTP/1.1 rb9yp8py.flaviar.com/assets/wxyz.rb.js
IP 162.243.45.117:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (347)
Hash 46f395d8bdc29802f09a64a95a192e39
bf4266cdba32c81498002bef7c746bb20df0ac6d
b9c74b5f30111282496c5860c76e8e73697c52e94a939898ea2dae9a6a5314e0
GET /assets/wxyz.rb.js HTTP/1.1
Host: rb9yp8py.flaviar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaviar.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Sun, 04 Dec 2022 11:26:30 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
rb9yp8py.flaviar.com/integrations?source=flaviar
162.243.45.117200 OK 59 B URL HTTP/1.1 rb9yp8py.flaviar.com/integrations?source=flaviar
IP 162.243.45.117:0
ASN #14061 DIGITALOCEAN-ASN
Hash b13b075ac18d7ecbf705dad11323402e
124e2c4307c6beabfd3e751f14a4f7acb02eb6ce
03db7011ba06ed159ca1b7dee62dc5a01ee2d0a3d6f3b0294004cd455251b7f2
GET /integrations?source=flaviar HTTP/1.1
Host: rb9yp8py.flaviar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Cookie: _ga_94QYBVSJNV=GS1.1.1670153184.1.0.1670153184.60.0.0; _ga=GA1.2.1099071175.1670153185; _gid=GA1.2.838961215.1670153185; _dc_gtm_UA-28959768-20=1; _dc_gtm_UA-28959768-1=1; _fbp=fb.1.1670153185327.231168855; _sgf_user_id=21138157312598017; _sgf_session_id=21138157312598016; _sgf_exp=; _sgf_push_permission_asked=true; _gcl_au=1.1.530407433.1670153187; _rdt_uuid=1670153187292.2e5443f5-8a07-449f-855e-49c47aa994c5; _scid=f81dea4c-81ab-477f-8a60-284941201058; cto_bundle=8rnQ9V9CQ2N6UmMxRWl3aVBIMlIyRmtvdiUyQjc2YWJOTUR2cEMlMkJTVkE4N1MlMkJaUTdIRTk0OTA5VCUyQjFtUDJZcTZBcWJIMGFONVBjZFVzSm1yNTh1S3M5eEpaNjUweVFJektWOG83RFV6S0J6SjFPWEVBTjAlMkZ0UDVBcmtvTDNrVU5YdUVhY2xQbENNTDdSRWdsaGpESyUyQndpR3lwMmclM0QlM0Q
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: openresty
Date: Sun, 04 Dec 2022 11:26:30 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
99.83.154.140200 OK 195 B URL HTTP/2 api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
IP 99.83.154.140:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 89943a616e3ee62dbdd8c89b3e8763e3
68c26e80a5b995791ca4d2dcdc138d1d5e98b193
a55ed7e9841ce752ef1f89f5a16d8289b72a12478c071adf06c653f64b36be69
GET /v1/personalize/simple?pageviews=1&isMobile=0 HTTP/1.1
Host: api.sail-personalize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaviar.com/
authorization: Bearer 65de79281e7de94b00f804e81e0d65c0
content-type: application/json
x-lib-version: v1.0.1
x-referring-url: https://flaviar.com/mars/mars-iwai-45-whisky/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:26:30 GMT
content-type: application/json
content-length: 195
access-control-allow-origin: *
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-store
expires: -1
allowedheaders: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
allowedorigins: *
allowedmethods: GET,OPTIONS
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
rb9yp8py.flaviar.com/v2/rb?url=https%3A%2F%2Fflaviar.com%2Fmars%2Fmars-iwai-45-whisky%2F&action=view&source=flaviar&rb_source=flaviar&script_version=wxyz.rb.js&sessionId=27071c82-dcdf-4560-b2a2-532002729811&uid=rbos-62964b71-9d86-4f1b-9a59-209b61150543
162.243.45.117200 OK 44 B URL HTTP/1.1 rb9yp8py.flaviar.com/v2/rb?url=https%3A%2F%2Fflaviar.com%2Fmars%2Fmars-iwai-45-whisky%2F&action=view&source=flaviar&rb_source=flaviar&script_version=wxyz.rb.js&sessionId=27071c82-dcdf-4560-b2a2-532002729811&uid=rbos-62964b71-9d86-4f1b-9a59-209b61150543
IP 162.243.45.117:0
ASN #14061 DIGITALOCEAN-ASN
File type GIF image data, version 89a, 1 x 1\012- data
Hash 75e9566b8523b76993b790444d697848
46bcf0fe72739cd1bc11b7d525d6fdaf4533a845
039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d
GET /v2/rb?url=https%3A%2F%2Fflaviar.com%2Fmars%2Fmars-iwai-45-whisky%2F&action=view&source=flaviar&rb_source=flaviar&script_version=wxyz.rb.js&sessionId=27071c82-dcdf-4560-b2a2-532002729811&uid=rbos-62964b71-9d86-4f1b-9a59-209b61150543 HTTP/1.1
Host: rb9yp8py.flaviar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Cookie: _ga_94QYBVSJNV=GS1.1.1670153184.1.0.1670153184.60.0.0; _ga=GA1.2.1099071175.1670153185; _gid=GA1.2.838961215.1670153185; _dc_gtm_UA-28959768-20=1; _dc_gtm_UA-28959768-1=1; _fbp=fb.1.1670153185327.231168855; _sgf_user_id=21138157312598017; _sgf_session_id=21138157312598016; _sgf_exp=; _sgf_push_permission_asked=true; _gcl_au=1.1.530407433.1670153187; _rdt_uuid=1670153187292.2e5443f5-8a07-449f-855e-49c47aa994c5; _scid=f81dea4c-81ab-477f-8a60-284941201058; cto_bundle=8rnQ9V9CQ2N6UmMxRWl3aVBIMlIyRmtvdiUyQjc2YWJOTUR2cEMlMkJTVkE4N1MlMkJaUTdIRTk0OTA5VCUyQjFtUDJZcTZBcWJIMGFONVBjZFVzSm1yNTh1S3M5eEpaNjUweVFJektWOG83RFV6S0J6SjFPWEVBTjAlMkZ0UDVBcmtvTDNrVU5YdUVhY2xQbENNTDdSRWdsaGpESyUyQndpR3lwMmclM0QlM0Q; rbuid=rbos-62964b71-9d86-4f1b-9a59-209b61150543
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: openresty
Date: Sun, 04 Dec 2022 11:26:30 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: rbuid=rbos-62964b71-9d86-4f1b-9a59-209b61150543; domain=flaviar.com; path=/;Max-Age=2592000; SameSite=None; Secure
rb9yp8py.flaviar.com/v2/rb?url=https%3A%2F%2Fflaviar.com%2Fmars%2Fmars-iwai-45-whisky%2F&action=view_product&source=flaviar&rb_source=flaviar&script_version=wxyz.rb.js&sessionId=27071c82-dcdf-4560-b2a2-532002729811&products=%5B%7B%22name%22%3A%22Mars%20Iwai%2045%20Whisky%22%2C%22id%22%3A%22%22%2C%22brand%22%3A%22Mars%22%2C%22price%22%3A%220%22%2C%22product_type%22%3A%22bottle%22%2C%22availability%22%3A%22OutOfStock%22%2C%22category%22%3A%22Japanese%20Whisky%22%7D%5D&Availability=OutOfStock&uid=rbos-62964b71-9d86-4f1b-9a59-209b61150543
162.243.45.117200 OK 44 B URL HTTP/1.1 rb9yp8py.flaviar.com/v2/rb?url=https%3A%2F%2Fflaviar.com%2Fmars%2Fmars-iwai-45-whisky%2F&action=view_product&source=flaviar&rb_source=flaviar&script_version=wxyz.rb.js&sessionId=27071c82-dcdf-4560-b2a2-532002729811&products=%5B%7B%22name%22%3A%22Mars%20Iwai%2045%20Whisky%22%2C%22id%22%3A%22%22%2C%22brand%22%3A%22Mars%22%2C%22price%22%3A%220%22%2C%22product_type%22%3A%22bottle%22%2C%22availability%22%3A%22OutOfStock%22%2C%22category%22%3A%22Japanese%20Whisky%22%7D%5D&Availability=OutOfStock&uid=rbos-62964b71-9d86-4f1b-9a59-209b61150543
IP 162.243.45.117:0
ASN #14061 DIGITALOCEAN-ASN
File type GIF image data, version 89a, 1 x 1\012- data
Hash 75e9566b8523b76993b790444d697848
46bcf0fe72739cd1bc11b7d525d6fdaf4533a845
039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d
GET /v2/rb?url=https%3A%2F%2Fflaviar.com%2Fmars%2Fmars-iwai-45-whisky%2F&action=view_product&source=flaviar&rb_source=flaviar&script_version=wxyz.rb.js&sessionId=27071c82-dcdf-4560-b2a2-532002729811&products=%5B%7B%22name%22%3A%22Mars%20Iwai%2045%20Whisky%22%2C%22id%22%3A%22%22%2C%22brand%22%3A%22Mars%22%2C%22price%22%3A%220%22%2C%22product_type%22%3A%22bottle%22%2C%22availability%22%3A%22OutOfStock%22%2C%22category%22%3A%22Japanese%20Whisky%22%7D%5D&Availability=OutOfStock&uid=rbos-62964b71-9d86-4f1b-9a59-209b61150543 HTTP/1.1
Host: rb9yp8py.flaviar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Cookie: _ga_94QYBVSJNV=GS1.1.1670153184.1.0.1670153184.60.0.0; _ga=GA1.2.1099071175.1670153185; _gid=GA1.2.838961215.1670153185; _dc_gtm_UA-28959768-20=1; _dc_gtm_UA-28959768-1=1; _fbp=fb.1.1670153185327.231168855; _sgf_user_id=21138157312598017; _sgf_session_id=21138157312598016; _sgf_exp=; _sgf_push_permission_asked=true; _gcl_au=1.1.530407433.1670153187; _rdt_uuid=1670153187292.2e5443f5-8a07-449f-855e-49c47aa994c5; _scid=f81dea4c-81ab-477f-8a60-284941201058; cto_bundle=8rnQ9V9CQ2N6UmMxRWl3aVBIMlIyRmtvdiUyQjc2YWJOTUR2cEMlMkJTVkE4N1MlMkJaUTdIRTk0OTA5VCUyQjFtUDJZcTZBcWJIMGFONVBjZFVzSm1yNTh1S3M5eEpaNjUweVFJektWOG83RFV6S0J6SjFPWEVBTjAlMkZ0UDVBcmtvTDNrVU5YdUVhY2xQbENNTDdSRWdsaGpESyUyQndpR3lwMmclM0QlM0Q; rbuid=rbos-62964b71-9d86-4f1b-9a59-209b61150543
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: openresty
Date: Sun, 04 Dec 2022 11:26:30 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: rbuid=rbos-62964b71-9d86-4f1b-9a59-209b61150543; domain=flaviar.com; path=/;Max-Age=2592000; SameSite=None; Secure
gum.criteo.com/sid/json?origin=onetag&domain=flaviar.com&sn=FirefoxSyncframe&so=0&topUrl=flaviar.com&info=emAfT180M0RITmhlJTJCZkMwOUJGQlhaMUN2czBpSTZYNmVRU2RxQ3pyeDFMSjFSTjVuc2MzVTNmbjVJdFVpbGNTaHJaMzA&idsd=-1959749433,1378893580&cw=1&lsw=1
178.250.2.146200 OK 1.4 kB URL HTTP/2 gum.criteo.com/sid/json?origin=onetag&domain=flaviar.com&sn=FirefoxSyncframe&so=0&topUrl=flaviar.com&info=emAfT180M0RITmhlJTJCZkMwOUJGQlhaMUN2czBpSTZYNmVRU2RxQ3pyeDFMSjFSTjVuc2MzVTNmbjVJdFVpbGNTaHJaMzA&idsd=-1959749433,1378893580&cw=1&lsw=1
IP 178.250.2.146:0
Hash 737fcf3a82bad2760997555543843f03
f9a202a79d47a6520a2e9c54d643b02929a1f693
a63f10e299f21a0cabbe9348f8028c7da8d700c251a9544a5cdb03be813e5c5e
GET /sid/json?origin=onetag&domain=flaviar.com&sn=FirefoxSyncframe&so=0&topUrl=flaviar.com&info=emAfT180M0RITmhlJTJCZkMwOUJGQlhaMUN2czBpSTZYNmVRU2RxQ3pyeDFMSjFSTjVuc2MzVTNmbjVJdFVpbGNTaHJaMzA&idsd=-1959749433,1378893580&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?topUrl=flaviar.com&origin=onetag&us_privacy=1---
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:26:29 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1402690
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
amplify.outbrain.com/cp/obtp.js
2.18.173.74200 OK 5.3 kB URL HTTP/1.1 amplify.outbrain.com/cp/obtp.js
IP 2.18.173.74:0
Hash 95f5596006b73316a629cf9d180b4f2b
dc73b729de6dc88d4d3592a43cdb2a775c9e15a2
da200ad6fb4b5a4f6e199d678ab603f06dac50dce137f639313814fd3c8327e7
GET /cp/obtp.js HTTP/1.1
Host: amplify.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "fe80c55f1e1387116ff9765261ed192c:1669645506.686439"
Last-Modified: Mon, 28 Nov 2022 14:22:05 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1200
Expires: Sun, 04 Dec 2022 11:46:30 GMT
Date: Sun, 04 Dec 2022 11:26:30 GMT
Content-Length: 5269
Connection: keep-alive
d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
143.204.55.117200 OK 905 B URL HTTP/2 d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
IP 143.204.55.117:0
File type ASCII text, with very long lines (559)
Hash 8f9a4e574f11ca1ea10db98fd6687660
24524c8493f0ca5573f353600dd66ba22406cd9c
f16fda04be22fc56edd4df978a54704d27b942f694ba82fab5a7d3b1c13428b8
GET /widget/widget_async.js HTTP/1.1
Host: d3rr3d0n31t48m.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 905
last-modified: Tue, 15 Nov 2022 21:39:30 GMT
content-encoding: gzip
x-amz-meta-mtime: 1668548367.69
accept-ranges: bytes
server: AmazonS3
date: Sun, 04 Dec 2022 11:11:25 GMT
cache-control: max-age=3600, public
etag: "8f9a4e574f11ca1ea10db98fd6687660"
x-cache: Hit from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: I2GXhHMIU11BbEv_0qjhJfaJRbwT43GDhhY6NdzK4J20H8A1OBHy_Q==
age: 907
X-Firefox-Spdy: h2
bat.bing.com/bat.js
13.107.21.200200 OK 11 kB IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (39007), with no line terminators
Hash 22e2e3226eb5ada04929a2e43307eeda
04615fa88f80567974bdeb0f103ca5909746ebd7
41feebdfb0b03cd7fee2eb886adef6f3f1f85d3f14215e9a388d2a50e42efb9b
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11421
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 09 Nov 2022 21:23:50 GMT
accept-ranges: bytes
etag: "077538f81f4d81:0"
vary: Accept-Encoding
set-cookie: MUID=312FDDF1FD29654E26BACF81FCDC6462; domain=.bing.com; expires=Fri, 29-Dec-2023 11:26:30 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2342F6A8A3E844298756339CEAE7F831 Ref B: OSL30EDGE0221 Ref C: 2022-12-04T11:26:30Z
date: Sun, 04 Dec 2022 11:26:30 GMT
X-Firefox-Spdy: h2
static.ads-twitter.com/uwt.js
151.101.244.157200 OK 15 kB URL HTTP/2 static.ads-twitter.com/uwt.js
IP 151.101.244.157:0
File type ASCII text, with very long lines (57596), with no line terminators
Hash 573e6a7f86f6f3063763360ef0672c01
b12eab3b4ac8872d49ac6e15f9cd17741765c0cf
02445eb022a04139531f0ce8d8980c31083a1c670936f1477f5cfc4d252133f7
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
cache-control: no-cache
content-type: application/javascript; charset=utf-8
content-encoding: gzip
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
accept-ranges: bytes
date: Sun, 04 Dec 2022 11:26:30 GMT
x-served-by: cache-iad-kjyo7100147-IAD, cache-hel1410030-HEL
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15375
X-Firefox-Spdy: h2
sslwidget.criteo.com/event?a=95340&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3Dundefined%26site_type%3Dd&p2=e%3Dvp%26p%3D%26tms%3Dgtm-ee-1.1.0&p3=e%3Dvp%26p%3D%26tms%3Dgtm-ee-1.1.0&p4=e%3Ddis&adce=1&bundle=8rnQ9V9CQ2N6UmMxRWl3aVBIMlIyRmtvdiUyQjc2YWJOTUR2cEMlMkJTVkE4N1MlMkJaUTdIRTk0OTA5VCUyQjFtUDJZcTZBcWJIMGFONVBjZFVzSm1yNTh1S3M5eEpaNjUweVFJektWOG83RFV6S0J6SjFPWEVBTjAlMkZ0UDVBcmtvTDNrVU5YdUVhY2xQbENNTDdSRWdsaGpESyUyQndpR3lwMmclM0QlM0Q&tld=flaviar.com&dy=1&fu=https%253A%252F%252Fflaviar.com%252Fmars%252Fmars-iwai-45-whisky%252F&dtycbr=45048&cs=1---&cv=1
178.250.2.151302 Found 0 B URL HTTP/2 sslwidget.criteo.com/event?a=95340&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3Dundefined%26site_type%3Dd&p2=e%3Dvp%26p%3D%26tms%3Dgtm-ee-1.1.0&p3=e%3Dvp%26p%3D%26tms%3Dgtm-ee-1.1.0&p4=e%3Ddis&adce=1&bundle=8rnQ9V9CQ2N6UmMxRWl3aVBIMlIyRmtvdiUyQjc2YWJOTUR2cEMlMkJTVkE4N1MlMkJaUTdIRTk0OTA5VCUyQjFtUDJZcTZBcWJIMGFONVBjZFVzSm1yNTh1S3M5eEpaNjUweVFJektWOG83RFV6S0J6SjFPWEVBTjAlMkZ0UDVBcmtvTDNrVU5YdUVhY2xQbENNTDdSRWdsaGpESyUyQndpR3lwMmclM0QlM0Q&tld=flaviar.com&dy=1&fu=https%253A%252F%252Fflaviar.com%252Fmars%252Fmars-iwai-45-whisky%252F&dtycbr=45048&cs=1---&cv=1
IP 178.250.2.151:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event?a=95340&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3Dundefined%26site_type%3Dd&p2=e%3Dvp%26p%3D%26tms%3Dgtm-ee-1.1.0&p3=e%3Dvp%26p%3D%26tms%3Dgtm-ee-1.1.0&p4=e%3Ddis&adce=1&bundle=8rnQ9V9CQ2N6UmMxRWl3aVBIMlIyRmtvdiUyQjc2YWJOTUR2cEMlMkJTVkE4N1MlMkJaUTdIRTk0OTA5VCUyQjFtUDJZcTZBcWJIMGFONVBjZFVzSm1yNTh1S3M5eEpaNjUweVFJektWOG83RFV6S0J6SjFPWEVBTjAlMkZ0UDVBcmtvTDNrVU5YdUVhY2xQbENNTDdSRWdsaGpESyUyQndpR3lwMmclM0QlM0Q&tld=flaviar.com&dy=1&fu=https%253A%252F%252Fflaviar.com%252Fmars%252Fmars-iwai-45-whisky%252F&dtycbr=45048&cs=1---&cv=1 HTTP/1.1
Host: sslwidget.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 04 Dec 2022 11:26:29 GMT
server: Kestrel
content-length: 0
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
expires: 0
location: https://widget.us.criteo.com/event?a=95340&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3Dundefined%26site_type%3Dd&p2=e%3Dvp%26p%3D%26tms%3Dgtm-ee-1.1.0&p3=e%3Dvp%26p%3D%26tms%3Dgtm-ee-1.1.0&p4=e%3Ddis&adce=1&bundle=8rnQ9V9CQ2N6UmMxRWl3aVBIMlIyRmtvdiUyQjc2YWJOTUR2cEMlMkJTVkE4N1MlMkJaUTdIRTk0OTA5VCUyQjFtUDJZcTZBcWJIMGFONVBjZFVzSm1yNTh1S3M5eEpaNjUweVFJektWOG83RFV6S0J6SjFPWEVBTjAlMkZ0UDVBcmtvTDNrVU5YdUVhY2xQbENNTDdSRWdsaGpESyUyQndpR3lwMmclM0QlM0Q&tld=flaviar.com&dy=1&fu=https%253A%252F%252Fflaviar.com%252Fmars%252Fmars-iwai-45-whisky%252F&dtycbr=45048&cs=1---&cv=1
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
server-processing-duration-in-ticks: 27372312
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
s.pinimg.com/ct/core.js
2.18.172.195200 OK 1.1 kB IP 2.18.172.195:0
File type ASCII text, with very long lines (1146), with no line terminators
Hash 8d9d0550c915347e312e24f00d311e50
cb44712b22cb011b759da4e741b543238839c735
57d73d188a6162bec272876156addbd7b02a2c6941c45653b8d3453e998e0b5b
GET /ct/core.js HTTP/1.1
Host: s.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "8d9d0550c915347e312e24f00d311e50"
cache-control: max-age=7200
accept-ranges: bytes
content-type: application/javascript
content-length: 1146
vary: Accept-Encoding, Origin
x-cdn: akamai
access-control-max-age: 86400
access-control-expose-headers: X-CDN
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
alb.reddit.com/rp.gif?ts=1670153187292&id=t2_h2e6q&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=2e5443f5-8a07-449f-855e-49c47aa994c5&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1280&sw=1024&v=rdt_1967aea8
151.101.65.140200 OK 42 B URL HTTP/2 alb.reddit.com/rp.gif?ts=1670153187292&id=t2_h2e6q&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=2e5443f5-8a07-449f-855e-49c47aa994c5&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1280&sw=1024&v=rdt_1967aea8
IP 151.101.65.140:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /rp.gif?ts=1670153187292&id=t2_h2e6q&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=2e5443f5-8a07-449f-855e-49c47aa994c5&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1280&sw=1024&v=rdt_1967aea8 HTTP/1.1
Host: alb.reddit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
cross-origin-resource-policy: cross-origin
content-type: image/gif
accept-ranges: bytes
date: Sun, 04 Dec 2022 11:26:30 GMT
via: 1.1 varnish
content-length: 42
X-Firefox-Spdy: h2
alb.reddit.com/rp.gif?ts=1670153187293&id=t2_h2e6q&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=2e5443f5-8a07-449f-855e-49c47aa994c5&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1280&sw=1024&v=rdt_1967aea8
151.101.65.140200 OK 42 B URL HTTP/2 alb.reddit.com/rp.gif?ts=1670153187293&id=t2_h2e6q&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=2e5443f5-8a07-449f-855e-49c47aa994c5&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1280&sw=1024&v=rdt_1967aea8
IP 151.101.65.140:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /rp.gif?ts=1670153187293&id=t2_h2e6q&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=2e5443f5-8a07-449f-855e-49c47aa994c5&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1280&sw=1024&v=rdt_1967aea8 HTTP/1.1
Host: alb.reddit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
cross-origin-resource-policy: cross-origin
content-type: image/gif
accept-ranges: bytes
date: Sun, 04 Dec 2022 11:26:30 GMT
via: 1.1 varnish
content-length: 42
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 0aa4d9affe7a391bc9e050267c005f02
f5a68f47540ee51f03ed4a2082e02329eda55e9e
b8e5a8c3ea5944de508556599eef8ea20a65983e0f5ad2ac3ea142d002ab46a6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5812
Cache-Control: max-age=93902
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:26:30 GMT
Etag: "638b3900-139"
Expires: Mon, 05 Dec 2022 13:31:32 GMT
Last-Modified: Sat, 03 Dec 2022 11:54:40 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 0aa4d9affe7a391bc9e050267c005f02
f5a68f47540ee51f03ed4a2082e02329eda55e9e
b8e5a8c3ea5944de508556599eef8ea20a65983e0f5ad2ac3ea142d002ab46a6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6085
Cache-Control: max-age=94175
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:26:30 GMT
Etag: "638b3900-139"
Expires: Mon, 05 Dec 2022 13:36:05 GMT
Last-Modified: Sat, 03 Dec 2022 11:54:40 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 313
t.co/i/adsct?bci=3&eci=2&event_id=da9d3401-a854-46ac-8c11-4678e6165cb4&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6416e1eb-db53-4fc5-b6a6-b097cef84a43&tw_document_href=https%3A%2F%2Fflaviar.com%2Fmars%2Fmars-iwai-45-whisky%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv73t&type=javascript&version=2.3.29
104.244.42.133200 OK 43 B URL HTTP/2 t.co/i/adsct?bci=3&eci=2&event_id=da9d3401-a854-46ac-8c11-4678e6165cb4&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6416e1eb-db53-4fc5-b6a6-b097cef84a43&tw_document_href=https%3A%2F%2Fflaviar.com%2Fmars%2Fmars-iwai-45-whisky%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv73t&type=javascript&version=2.3.29
IP 104.244.42.133:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=da9d3401-a854-46ac-8c11-4678e6165cb4&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6416e1eb-db53-4fc5-b6a6-b097cef84a43&tw_document_href=https%3A%2F%2Fflaviar.com%2Fmars%2Fmars-iwai-45-whisky%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv73t&type=javascript&version=2.3.29 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:26:30 GMT
perf: 7626143928
server: tsa_o
set-cookie: muc_ads=2c9267a3-0871-4642-9fea-35ed7af76418; Max-Age=63072000; Expires=Tue, 03 Dec 2024 11:26:31 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 705630ef22ad7cc2
strict-transport-security: max-age=0
x-response-time: 110
x-connection-hash: 5035888b02b669cb7e1f2e64f19a46de2c3b1d495f4096a456cf2f94dee92a2f
X-Firefox-Spdy: h2
t.co/i/adsct?bci=3&eci=2&event_id=1863670f-48f8-4be4-bd63-de75e88c248c&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6416e1eb-db53-4fc5-b6a6-b097cef84a43&tw_document_href=https%3A%2F%2Fflaviar.com%2Fmars%2Fmars-iwai-45-whisky%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv73t&type=javascript&version=2.3.29
104.244.42.133200 OK 43 B URL HTTP/2 t.co/i/adsct?bci=3&eci=2&event_id=1863670f-48f8-4be4-bd63-de75e88c248c&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6416e1eb-db53-4fc5-b6a6-b097cef84a43&tw_document_href=https%3A%2F%2Fflaviar.com%2Fmars%2Fmars-iwai-45-whisky%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv73t&type=javascript&version=2.3.29
IP 104.244.42.133:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=1863670f-48f8-4be4-bd63-de75e88c248c&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6416e1eb-db53-4fc5-b6a6-b097cef84a43&tw_document_href=https%3A%2F%2Fflaviar.com%2Fmars%2Fmars-iwai-45-whisky%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv73t&type=javascript&version=2.3.29 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:26:30 GMT
perf: 7626143928
server: tsa_o
set-cookie: muc_ads=9427f99d-bda7-4fba-99b2-03720004d95f; Max-Age=63072000; Expires=Tue, 03 Dec 2024 11:26:31 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 96514067c5c4d471
strict-transport-security: max-age=0
x-response-time: 115
x-connection-hash: 5035888b02b669cb7e1f2e64f19a46de2c3b1d495f4096a456cf2f94dee92a2f
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash 6e1656ab74031121055842175a0d66e6
7a5ac01cf0098afc71292989ec1b7f23f6222f49
d8227f30dcd684c61e95dbeab7db5ef26ddb144a62bbc51037004c71da4be748
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 04 Dec 2022 11:26:31 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 03 Dec 2022 22:19:18 GMT
Expires: Sun, 04 Dec 2022 22:19:18 GMT
ETag: "7a5ac01cf0098afc71292989ec1b7f23f6222f49"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
d3rr3d0n31t48m.cloudfront.net/widget/triggerRunner.js?v=c317b78
143.204.55.117200 OK 3.8 kB URL HTTP/2 d3rr3d0n31t48m.cloudfront.net/widget/triggerRunner.js?v=c317b78
IP 143.204.55.117:0
File type ASCII text, with very long lines (583)
Hash 6f8d2d39d5726872bebba803a41bb024
2b7c6aa4941537ae52e1f32bfe642dfd440f5cbc
1de43985c42cfd2c6d39a3b7b30957bc1dde1208bd5bbbc94695d4c357383a01
GET /widget/triggerRunner.js?v=c317b78 HTTP/1.1
Host: d3rr3d0n31t48m.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 3772
date: Tue, 15 Nov 2022 21:40:34 GMT
last-modified: Tue, 15 Nov 2022 21:39:30 GMT
etag: "6f8d2d39d5726872bebba803a41bb024"
cache-control: max-age=2592000, public
content-encoding: gzip
x-amz-meta-mtime: 1668548367.68
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: OXhcY5hx80N-9cdlcKzB7ynH6Zi3cAINxv-ox7O3YqEbQSn0k3dtSw==
age: 1604758
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=5715081&tm=gtm002&Ver=2&mid=78374b03-6d90-47c2-a26c-a9526f15298c&sid=7ec0cf2073c611ed90b4b34cd8e026b2&vid=7ec0f28073c611edb1b319587dfdc1d2&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Mars%20Iwai%2045%20Whisky%20%C2%BB%20Get%20Free%20Shipping%20%7C%20Flaviar&p=https%3A%2F%2Fflaviar.com%2Fmars%2Fmars-iwai-45-whisky%2F&r=<=5608&evt=pageLoad&sv=1&rn=486875
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=5715081&tm=gtm002&Ver=2&mid=78374b03-6d90-47c2-a26c-a9526f15298c&sid=7ec0cf2073c611ed90b4b34cd8e026b2&vid=7ec0f28073c611edb1b319587dfdc1d2&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Mars%20Iwai%2045%20Whisky%20%C2%BB%20Get%20Free%20Shipping%20%7C%20Flaviar&p=https%3A%2F%2Fflaviar.com%2Fmars%2Fmars-iwai-45-whisky%2F&r=<=5608&evt=pageLoad&sv=1&rn=486875
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=5715081&tm=gtm002&Ver=2&mid=78374b03-6d90-47c2-a26c-a9526f15298c&sid=7ec0cf2073c611ed90b4b34cd8e026b2&vid=7ec0f28073c611edb1b319587dfdc1d2&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Mars%20Iwai%2045%20Whisky%20%C2%BB%20Get%20Free%20Shipping%20%7C%20Flaviar&p=https%3A%2F%2Fflaviar.com%2Fmars%2Fmars-iwai-45-whisky%2F&r=<=5608&evt=pageLoad&sv=1&rn=486875 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=0A0EE736BE956237056CF546BF60633C; domain=.bing.com; expires=Fri, 29-Dec-2023 11:26:31 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D8A0366170D74854BF6BFC63C297E83B Ref B: OSL30EDGE0221 Ref C: 2022-12-04T11:26:31Z
date: Sun, 04 Dec 2022 11:26:31 GMT
X-Firefox-Spdy: h2
s.pinimg.com/ct/lib/main.9a94ee76.js
2.18.172.195200 OK 21 kB URL HTTP/2 s.pinimg.com/ct/lib/main.9a94ee76.js
IP 2.18.172.195:0
File type Unicode text, UTF-8 text, with very long lines (59858), with no line terminators
Hash e43867aadc515024dd460d8611098a12
c4fd1b2ace2f8a96a38e4b4996be8d7c46fdfd3f
76d528cb411bf6ff7fd77619aa507bec3bdf7f02063add1d9fe9009088f78d98
GET /ct/lib/main.9a94ee76.js HTTP/1.1
Host: s.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "e43867aadc515024dd460d8611098a12"
content-encoding: gzip
accept-ranges: bytes
content-type: application/javascript
content-length: 20728
cache-control: max-age=1209600
vary: Accept-Encoding, Origin
x-cdn: akamai
access-control-max-age: 86400
access-control-expose-headers: X-CDN
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 2752cb5fb329ef4efff0ca05497a1e43
656a2e4623d9dbcc2965dccb9d0f5a271660f70b
98c32ca93b27d7aae504a4be21e6fbdc6df77ee4fb8c62669cddae9a2f96a5e9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5521
Cache-Control: max-age=134653
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:26:31 GMT
Etag: "638bd953-13a"
Expires: Tue, 06 Dec 2022 00:50:44 GMT
Last-Modified: Sat, 03 Dec 2022 23:18:43 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 2752cb5fb329ef4efff0ca05497a1e43
656a2e4623d9dbcc2965dccb9d0f5a271660f70b
98c32ca93b27d7aae504a4be21e6fbdc6df77ee4fb8c62669cddae9a2f96a5e9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5204
Cache-Control: max-age=134336
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:26:31 GMT
Etag: "638bd953-13a"
Expires: Tue, 06 Dec 2022 00:45:27 GMT
Last-Modified: Sat, 03 Dec 2022 23:18:43 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 314
bat.bing.com/p/action/5715081.js
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/5715081.js
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/5715081.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=0D5A5CCCC708688E1F0C4EBCC6FD69BB; domain=.bing.com; expires=Fri, 29-Dec-2023 11:26:31 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7E354FDAD1CF45A38B75398DC2F1B5AB Ref B: OSL30EDGE0221 Ref C: 2022-12-04T11:26:31Z
date: Sun, 04 Dec 2022 11:26:31 GMT
X-Firefox-Spdy: h2
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9b291400ef8d62e8f5f54830a122b442
8529df830a0453c7d79438e76b6f880d1d917c62
c3be4fd4a74f01cf1c073ab7785b24391457cff4406030999688815365b19cc5
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1496
Cache-Control: max-age=123096
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:26:31 GMT
Etag: "638bbbe7-1d7"
Expires: Mon, 05 Dec 2022 21:38:07 GMT
Last-Modified: Sat, 03 Dec 2022 21:13:11 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=90709db
143.204.55.117200 OK 48 kB URL HTTP/2 d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=90709db
IP 143.204.55.117:0
File type ASCII text, with very long lines (778)
Hash db6577d43efa27de385813e4eb9bf7a8
8a6816a745cf7445b211d08c7a0741e1e3e33e93
e946a88e3447423c1cea32a407f7f060ce07bf2947c2e1c56ee6e3041bced35f
GET /widget/widget.js?v=90709db HTTP/1.1
Host: d3rr3d0n31t48m.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 47685
date: Tue, 15 Nov 2022 21:40:33 GMT
last-modified: Tue, 15 Nov 2022 21:39:31 GMT
etag: "db6577d43efa27de385813e4eb9bf7a8"
cache-control: max-age=2592000, public
content-encoding: gzip
x-amz-meta-mtime: 1668548366.14
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: W9u2o9nP0eWmP1fMl1rQ92qYeteCNcCc3dpPqxr39AG3nqNpwTYrxw==
age: 1604759
X-Firefox-Spdy: h2
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9b291400ef8d62e8f5f54830a122b442
8529df830a0453c7d79438e76b6f880d1d917c62
c3be4fd4a74f01cf1c073ab7785b24391457cff4406030999688815365b19cc5
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6088
Cache-Control: max-age=127688
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:26:31 GMT
Etag: "638bbbe7-1d7"
Expires: Mon, 05 Dec 2022 22:54:39 GMT
Last-Modified: Sat, 03 Dec 2022 21:13:11 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 382817d85197bce1d93748cd4dc1abbc
3d1d90bd60106d139c6a0f867be1a8848f5cd85d
36cf9ee8367752e792b56f59086187cfbb3b65d67efed5f8fa77a1500cd00947
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3942
Cache-Control: max-age=148912
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:26:31 GMT
Etag: "638c1731-138"
Expires: Tue, 06 Dec 2022 04:48:23 GMT
Last-Modified: Sun, 04 Dec 2022 03:42:41 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 312
analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=1863670f-48f8-4be4-bd63-de75e88c248c&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6416e1eb-db53-4fc5-b6a6-b097cef84a43&tw_document_href=https%3A%2F%2Fflaviar.com%2Fmars%2Fmars-iwai-45-whisky%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv73t&type=javascript&version=2.3.29
104.244.42.195200 OK 43 B URL HTTP/2 analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=1863670f-48f8-4be4-bd63-de75e88c248c&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6416e1eb-db53-4fc5-b6a6-b097cef84a43&tw_document_href=https%3A%2F%2Fflaviar.com%2Fmars%2Fmars-iwai-45-whisky%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv73t&type=javascript&version=2.3.29
IP 104.244.42.195:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=1863670f-48f8-4be4-bd63-de75e88c248c&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6416e1eb-db53-4fc5-b6a6-b097cef84a43&tw_document_href=https%3A%2F%2Fflaviar.com%2Fmars%2Fmars-iwai-45-whisky%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv73t&type=javascript&version=2.3.29 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:26:31 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_kMf1qL53u0vrHng7Y7/VjQ=="; Max-Age=63072000; Expires=Tue, 03 Dec 2024 11:26:31 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 721c7a5c1cd4abfd
strict-transport-security: max-age=631138519
x-response-time: 105
x-connection-hash: e7fa816440e09bdeec1c261365ee15498187f5ff77321e27702dd6cc61143708
X-Firefox-Spdy: h2
ct.pinterest.com/v3/?tid=2613568940819&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fflaviar.com%2Fmars%2Fmars-iwai-45-whisky%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1670153189112
23.38.200.197200 OK 35 B URL HTTP/2 ct.pinterest.com/v3/?tid=2613568940819&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fflaviar.com%2Fmars%2Fmars-iwai-45-whisky%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1670153189112
IP 23.38.200.197:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9b8d19f4310c758344e40bf17fbc7e85
2290ef058812d5f5e398736e2316cba8cf8093cf
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
GET /v3/?tid=2613568940819&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fflaviar.com%2Fmars%2Fmars-iwai-45-whisky%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1670153189112 HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: image/gif
content-length: 35
access-control-allow-origin: *
x-envoy-upstream-service-time: 2
referrer-policy: origin
x-pinterest-rid: 6836263479939391
date: Sun, 04 Dec 2022 11:26:31 GMT
akamai-grn: 0.274f2417.1670153191.170836d
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
ct.pinterest.com/user/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%2C%22line_items%22%3A%5B%7B%22product_id%22%3A%22%22%2C%22product_category%22%3A%22bottle%22%7D%5D%7D&tid=2613568940819&cb=1670153189111&dep=5%2CEVENT_TAGS_ABSENT
23.38.200.197200 OK 373 B URL HTTP/2 ct.pinterest.com/user/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%2C%22line_items%22%3A%5B%7B%22product_id%22%3A%22%22%2C%22product_category%22%3A%22bottle%22%7D%5D%7D&tid=2613568940819&cb=1670153189111&dep=5%2CEVENT_TAGS_ABSENT
IP 23.38.200.197:0
File type JSON data\012- , ASCII text, with very long lines (533), with no line terminators
Hash 7c95bf1e7580e7dfa7f4f5c10b0addd9
a1e3954cd6a0d4a5fc0a6c344d91e6c24504722b
1f8cb83a1e4eedc470a6d0c6acc5f5ff13fa65639378a8a14d5db82e288b2e17
GET /user/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%2C%22line_items%22%3A%5B%7B%22product_id%22%3A%22%22%2C%22product_category%22%3A%22bottle%22%7D%5D%7D&tid=2613568940819&cb=1670153189111&dep=5%2CEVENT_TAGS_ABSENT HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-expose-headers: Epik,Pin-Unauth
pin-unauth: dWlkPU0yVmtNV0UzWm1RdE0yWmlZeTAwWmpBM0xXSm1NVEF0TVRnMVptRmxOamhoWkdWbA
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
access-control-allow-origin: https://flaviar.com
content-type: application/json; charset=utf-8
content-encoding: gzip
content-length: 373
x-envoy-upstream-service-time: 2
referrer-policy: origin
x-pinterest-rid: 1676075484361286
date: Sun, 04 Dec 2022 11:26:31 GMT
vary: Accept-Encoding
akamai-grn: 0.274f2417.1670153191.170836e
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
ct.pinterest.com/user/?tid=2613568940819&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1670153189109&dep=2%2CPAGE_LOAD
23.38.200.197200 OK 373 B URL HTTP/2 ct.pinterest.com/user/?tid=2613568940819&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1670153189109&dep=2%2CPAGE_LOAD
IP 23.38.200.197:0
File type JSON data\012- , ASCII text, with very long lines (533), with no line terminators
Hash 7c95bf1e7580e7dfa7f4f5c10b0addd9
a1e3954cd6a0d4a5fc0a6c344d91e6c24504722b
1f8cb83a1e4eedc470a6d0c6acc5f5ff13fa65639378a8a14d5db82e288b2e17
GET /user/?tid=2613568940819&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1670153189109&dep=2%2CPAGE_LOAD HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-expose-headers: Epik,Pin-Unauth
pin-unauth: dWlkPVlUWTVOVGhoWmpjdE5EVmhNQzAwTVRnNExUZ3lPVFV0WVRJM05UWXdaR1ZpWWpNeQ
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
access-control-allow-origin: https://flaviar.com
content-type: application/json; charset=utf-8
content-encoding: gzip
content-length: 373
x-envoy-upstream-service-time: 2
referrer-policy: origin
x-pinterest-rid: 1707060769834365
date: Sun, 04 Dec 2022 11:26:31 GMT
vary: Accept-Encoding
akamai-grn: 0.274f2417.1670153191.17083d6
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=da9d3401-a854-46ac-8c11-4678e6165cb4&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6416e1eb-db53-4fc5-b6a6-b097cef84a43&tw_document_href=https%3A%2F%2Fflaviar.com%2Fmars%2Fmars-iwai-45-whisky%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv73t&type=javascript&version=2.3.29
104.244.42.195200 OK 43 B URL HTTP/2 analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=da9d3401-a854-46ac-8c11-4678e6165cb4&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6416e1eb-db53-4fc5-b6a6-b097cef84a43&tw_document_href=https%3A%2F%2Fflaviar.com%2Fmars%2Fmars-iwai-45-whisky%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv73t&type=javascript&version=2.3.29
IP 104.244.42.195:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=da9d3401-a854-46ac-8c11-4678e6165cb4&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6416e1eb-db53-4fc5-b6a6-b097cef84a43&tw_document_href=https%3A%2F%2Fflaviar.com%2Fmars%2Fmars-iwai-45-whisky%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv73t&type=javascript&version=2.3.29 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:26:30 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_oDOFdfmxmUppDKLveSllaw=="; Max-Age=63072000; Expires=Tue, 03 Dec 2024 11:26:31 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: cd515c90885a57e3
strict-transport-security: max-age=631138519
x-response-time: 107
x-connection-hash: e7fa816440e09bdeec1c261365ee15498187f5ff77321e27702dd6cc61143708
X-Firefox-Spdy: h2
ct.pinterest.com/user/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%2C%22line_items%22%3A%5B%7B%22product_id%22%3A%22%22%2C%22product_category%22%3A%22bottle%22%7D%5D%7D&tid=2613568940819&cb=1670153189111&dep=5%2CEVENT_TAGS_ABSENT
23.38.200.197200 OK 373 B URL HTTP/2 ct.pinterest.com/user/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%2C%22line_items%22%3A%5B%7B%22product_id%22%3A%22%22%2C%22product_category%22%3A%22bottle%22%7D%5D%7D&tid=2613568940819&cb=1670153189111&dep=5%2CEVENT_TAGS_ABSENT
IP 23.38.200.197:0
File type JSON data\012- , ASCII text, with very long lines (533), with no line terminators
Hash 7c95bf1e7580e7dfa7f4f5c10b0addd9
a1e3954cd6a0d4a5fc0a6c344d91e6c24504722b
1f8cb83a1e4eedc470a6d0c6acc5f5ff13fa65639378a8a14d5db82e288b2e17
GET /user/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%2C%22line_items%22%3A%5B%7B%22product_id%22%3A%22%22%2C%22product_category%22%3A%22bottle%22%7D%5D%7D&tid=2613568940819&cb=1670153189111&dep=5%2CEVENT_TAGS_ABSENT HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-expose-headers: Epik,Pin-Unauth
pin-unauth: dWlkPU5EQmtaV05oWXpRdE9HSTVPQzAwWVRsbUxUZ3pNRGt0TURBd05HVm1aRFkzTURBeg
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
access-control-allow-origin: https://flaviar.com
content-type: application/json; charset=utf-8
content-encoding: gzip
content-length: 373
x-envoy-upstream-service-time: 1
referrer-policy: origin
x-pinterest-rid: 1321483088855102
date: Sun, 04 Dec 2022 11:26:31 GMT
vary: Accept-Encoding
akamai-grn: 0.274f2417.1670153191.1708403
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
tr.outbrain.com/cachedClickId?marketerId=00cf895e7b627a414bdcc05c54e01b7ae7
64.202.112.159200 OK 56 B URL HTTP/1.1 tr.outbrain.com/cachedClickId?marketerId=00cf895e7b627a414bdcc05c54e01b7ae7
IP 64.202.112.159:0
File type ASCII text, with no line terminators
Hash 77fbe8ab311fa20557d95906363035ed
5806df80f09a37e070d5f37c49f19797c2763fd0
4fa9f4ca5bfa56b9f8467324e3654f4a717dcd40b70c05b538092d8a101b0599
GET /cachedClickId?marketerId=00cf895e7b627a414bdcc05c54e01b7ae7 HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 11:26:31 GMT
Content-Type: application/javascript
Content-Length: 56
X-TraceId: e7a2221a31bd713a8d9927898f86ed9d
content-encoding: gzip
tr.outbrain.com/unifiedPixel?marketerId=00cf895e7b627a414bdcc05c54e01b7ae7&apiObjVersion=1.1&obtpVersion=2.0.5&name=Pageview&dl=https%3A%2F%2Fflaviar.com%2Fmars%2Fmars-iwai-45-whisky%2F&optOut=false&bust=09306619588333137&referrer=
64.202.112.159200 OK 60 B URL HTTP/1.1 tr.outbrain.com/unifiedPixel?marketerId=00cf895e7b627a414bdcc05c54e01b7ae7&apiObjVersion=1.1&obtpVersion=2.0.5&name=Pageview&dl=https%3A%2F%2Fflaviar.com%2Fmars%2Fmars-iwai-45-whisky%2F&optOut=false&bust=09306619588333137&referrer=
IP 64.202.112.159:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fb0fc5c090282e372b8bf8ff13ae3ee2
2de3834253ece606ce4d2a6f10a59654b6fa378b
90a8ffa59ad6227daafa10083d4cff2e9b295c9c82135b5f5cedd65b2e7c8ceb
GET /unifiedPixel?marketerId=00cf895e7b627a414bdcc05c54e01b7ae7&apiObjVersion=1.1&obtpVersion=2.0.5&name=Pageview&dl=https%3A%2F%2Fflaviar.com%2Fmars%2Fmars-iwai-45-whisky%2F&optOut=false&bust=09306619588333137&referrer= HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 11:26:31 GMT
Content-Type: image/gif;
Content-Length: 60
Cache-Control: no-cache
X-TraceId: 91af98470526ff0861f3dae517e733f9
content-encoding: gzip
ct.pinterest.com/ct.html
23.38.200.197200 OK 323 B IP 23.38.200.197:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (565), with no line terminators
Hash b49b45b63051915a8c657060651eb07f
acaddf8021f220d0e4d30e7c8b3d8330ff781af9
4b00fbca5db49c6e4b29a0c873c43671880bcea1b7b3007655183382a318c2dc
GET /ct.html HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=86400
content-type: text/html; charset=utf-8
content-encoding: gzip
content-length: 323
x-envoy-upstream-service-time: 0
referrer-policy: origin
x-pinterest-rid: 1163108271269271
date: Sun, 04 Dec 2022 11:26:31 GMT
vary: Accept-Encoding
akamai-grn: 0.274f2417.1670153191.170866f
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ed3b82833b36ebe92ce575c13175a523
6469b782d6035ed4c178656b7ff77a55f3a2bc85
34ced5a44d2af0a7e72ed912360bfa15b39ec8f30849948b13e7f1a9edda0659
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "34CED5A44D2AF0A7E72ED912360BFA15B39EC8F30849948B13E7F1A9EDDA0659"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10234
Expires: Sun, 04 Dec 2022 14:17:05 GMT
Date: Sun, 04 Dec 2022 11:26:31 GMT
Connection: keep-alive
matching.ivitrack.com/sync?realm=criteo&uid=k-G-dbytgr6lAvuDFsVtamS9R4jpQTxG5ysyHf5w
34.117.157.22200 OK 42 B URL HTTP/2 matching.ivitrack.com/sync?realm=criteo&uid=k-G-dbytgr6lAvuDFsVtamS9R4jpQTxG5ysyHf5w
IP 34.117.157.22:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /sync?realm=criteo&uid=k-G-dbytgr6lAvuDFsVtamS9R4jpQTxG5ysyHf5w HTTP/1.1
Host: matching.ivitrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: istio-envoy
date: Sun, 04 Dec 2022 11:26:31 GMT
content-type: image/gif
content-length: 42
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 1
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ed3b82833b36ebe92ce575c13175a523
6469b782d6035ed4c178656b7ff77a55f3a2bc85
34ced5a44d2af0a7e72ed912360bfa15b39ec8f30849948b13e7f1a9edda0659
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "34CED5A44D2AF0A7E72ED912360BFA15B39EC8F30849948B13E7F1A9EDDA0659"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10234
Expires: Sun, 04 Dec 2022 14:17:05 GMT
Date: Sun, 04 Dec 2022 11:26:31 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
54.230.96.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.96.118:0
Hash 4a33571a71bbdaa1dc49d260452dbf14
97576c010bb1abd80daffe60bfc47ef4df6611c5
b57a93217b66e824bc0586b4ca16d9b8c70268eee170929cd92a6008c050696e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=152045
Date: Sun, 04 Dec 2022 11:26:31 GMT
Etag: "638c2da8-1d7"
Expires: Tue, 06 Dec 2022 05:40:36 GMT
Last-Modified: Sun, 04 Dec 2022 05:18:32 GMT
Server: ECS (bsa/EB11)
X-Cache: Miss from cloudfront
Via: 1.1 10ba4f180c8b00c38f956300d7b2f4c8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN1-C1
X-Amz-Cf-Id: _3sDXYCGpzzms1FTVmRHpnuD36kEAsTvJOukCLq8l6gDkXGtbuDmsQ==
Age: 1324
gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
178.250.2.146302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
IP 178.250.2.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sun, 04 Dec 2022 11:26:31 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=
server-processing-duration-in-ticks: 899935
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-xglagdgr6lAvuDFsVtamS9R4jpRa-uuGBk56QQ
104.18.33.19302 Found 0 B URL HTTP/2 r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-xglagdgr6lAvuDFsVtamS9R4jpRa-uuGBk56QQ
IP 104.18.33.19:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rum?cm_dsp_id=20&external_user_id=k-xglagdgr6lAvuDFsVtamS9R4jpRa-uuGBk56QQ HTTP/1.1
Host: r.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 04 Dec 2022 11:26:32 GMT
content-length: 0
location: /rum?cm_dsp_id=20&external_user_id=k-xglagdgr6lAvuDFsVtamS9R4jpRa-uuGBk56QQ&C=1
cf-ray: 77443009e908fac8-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMID=Y4yD6EUy55NU6ib6jrxbLAAA; Path=/; Domain=casalemedia.com; Expires=Mon, 04 Dec 2023 11:26:32 GMT; Max-Age=31536000; Secure; SameSite=None
CMPS=672; Path=/; Domain=casalemedia.com; Expires=Sat, 04 Mar 2023 11:26:32 GMT; Max-Age=7776000; Secure; SameSite=None
CMPRO=672; Path=/; Domain=casalemedia.com; Expires=Sat, 04 Mar 2023 11:26:32 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wjkjtHYXxwvICU3T1ZUxWk%2BnWcHVkexg00B4zk2Z%2FCjcUi9TrulLgaHXoasTmTCeyXshCwIWxNiq9FkU6K10eYCJ8dw4IGaWaOr9IvTsFQJgZDd%2B07WBCCksTYObL%2FWSDKo1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-ctXgStgr6lAvuDFsVtamS9R4jpSmjbYf9Waf8g&google_cm&google_hm=ay1jdFhnU3RncjZsQXZ1REZzVnRhbVM5UjRqcFNtamJZZjlXYWY4Zw
142.250.74.162302 Found 440 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-ctXgStgr6lAvuDFsVtamS9R4jpSmjbYf9Waf8g&google_cm&google_hm=ay1jdFhnU3RncjZsQXZ1REZzVnRhbVM5UjRqcFNtamJZZjlXYWY4Zw
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 5b2dfdcba3ec3f9503eae75bfb6fab1b
3634a8151eeedb75f478c58202eb20245d1aff89
be0cc33f1f769265debd22fbd826d9aec16de5f9b70ead558a681023a6543318
GET /pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-ctXgStgr6lAvuDFsVtamS9R4jpSmjbYf9Waf8g&google_cm&google_hm=ay1jdFhnU3RncjZsQXZ1REZzVnRhbVM5UjRqcFNtamJZZjlXYWY4Zw HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-ctXgStgr6lAvuDFsVtamS9R4jpSmjbYf9Waf8g&google_cm=&google_hm=ay1jdFhnU3RncjZsQXZ1REZzVnRhbVM5UjRqcFNtamJZZjlXYWY4Zw&google_tc=
date: Sun, 04 Dec 2022 11:26:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 440
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 04-Dec-2022 11:41:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-2QAFS9gr6lAvuDFsVtamS9R4jpSWdQbMn47i8Q
2.18.172.23200 OK 45 B URL HTTP/2 contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-2QAFS9gr6lAvuDFsVtamS9R4jpSWdQbMn47i8Q
IP 2.18.172.23:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash 99cceceaed4d575484b69ddaf9ed66a7
1e3a3b15296b585833a22d987a387aa58aa1642d
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
GET /cksync.php?cs=3&type=crt&ovsid=k-2QAFS9gr6lAvuDFsVtamS9R4jpSWdQbMn47i8Q HTTP/1.1
Host: contextual.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
content-length: 45
content-type: image/gif
set-cookie: visitor-id=3131547923580281000V10; Expires=Mon, 04 Dec 2023 11:26:32 GMT; domain=.media.net; Path=/;
data-c-ts=1670153192;Expires=Tue, 03 Jan 2023 11:26:32 GMT;path=/;domain=.media.net;
data-c=k-2QAFS9gr6lAvuDFsVtamS9R4jpSWdQbMn47i8Q~~3;Expires=Tue, 03 Jan 2023 11:26:32 GMT;path=/;domain=.media.net;
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=31536000
x-mnet-hl2: E
expires: Sun, 04 Dec 2022 11:26:32 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 04 Dec 2022 11:26:32 GMT
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 95708c79ebb8f44d95ffbfae4d8a1487
a72068398ba422c80ed6a6e7773c76acef1e6beb
6999d4b19391b9ba633dc44bddf0cd4e38beaeb2db2317989aa5fd1ad2e281d6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 11:26:32 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 17:58:11 GMT
Expires: Sat, 10 Dec 2022 17:58:10 GMT
Etag: "a72068398ba422c80ed6a6e7773c76acef1e6beb"
Cache-Control: max-age=541297,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774430092e46b524-OSL
ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%2C%22line_items%22%3A%5B%7B%22product_id%22%3A%22%22%2C%22product_category%22%3A%22bottle%22%7D%5D%7D&tid=2613568940819&cb=1670153189254&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fflaviar.com%2Fmars%2Fmars-iwai-45-whisky%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22ecm_enabled%22%3Afalse%7D
23.38.200.197200 OK 35 B URL HTTP/2 ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%2C%22line_items%22%3A%5B%7B%22product_id%22%3A%22%22%2C%22product_category%22%3A%22bottle%22%7D%5D%7D&tid=2613568940819&cb=1670153189254&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fflaviar.com%2Fmars%2Fmars-iwai-45-whisky%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22ecm_enabled%22%3Afalse%7D
IP 23.38.200.197:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9b8d19f4310c758344e40bf17fbc7e85
2290ef058812d5f5e398736e2316cba8cf8093cf
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
GET /v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%2C%22line_items%22%3A%5B%7B%22product_id%22%3A%22%22%2C%22product_category%22%3A%22bottle%22%7D%5D%7D&tid=2613568940819&cb=1670153189254&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fflaviar.com%2Fmars%2Fmars-iwai-45-whisky%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22ecm_enabled%22%3Afalse%7D HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: image/gif
content-length: 35
access-control-allow-origin: *
x-envoy-upstream-service-time: 3
referrer-policy: origin
x-pinterest-rid: 1400719284036635
date: Sun, 04 Dec 2022 11:26:32 GMT
set-cookie: _pinterest_ct_ua="TWc9PSZjV2Rrb2ozQUhlS0RtcWluT0FNNlNhQnE3YVh3R0Ftc0FwalptS1h2TzE3SXpXeHB1VW1HQ1N0cStMTVIzZitGM2tIeW9VM2U1T2dFN0VXT3ZFK05pSWtIV2hsdFNTS0t0SzFncWVmUzVrST0mNWtPcktvUVVONHEzemYzSHFRbXNGU2xEZ3VNPQ=="; Expires=Mon, 04 Dec 2023 11:26:32 GMT; Path=/; Domain=ct.pinterest.com; Secure; SameSite=None
akamai-grn: 0.274f2417.1670153192.17090a3
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%2C%22line_items%22%3A%5B%7B%22product_id%22%3A%22%22%2C%22product_category%22%3A%22bottle%22%7D%5D%7D&tid=2613568940819&cb=1670153189270&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%2C%22pin_unauth%22%3A%22dWlkPVlUWTVOVGhoWmpjdE5EVmhNQzAwTVRnNExUZ3lPVFV0WVRJM05UWXdaR1ZpWWpNeQ%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fflaviar.com%2Fmars%2Fmars-iwai-45-whisky%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22is_eu%22%3Atrue%2C%22ecm_enabled%22%3Afalse%7D
23.38.200.197200 OK 35 B URL HTTP/2 ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%2C%22line_items%22%3A%5B%7B%22product_id%22%3A%22%22%2C%22product_category%22%3A%22bottle%22%7D%5D%7D&tid=2613568940819&cb=1670153189270&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%2C%22pin_unauth%22%3A%22dWlkPVlUWTVOVGhoWmpjdE5EVmhNQzAwTVRnNExUZ3lPVFV0WVRJM05UWXdaR1ZpWWpNeQ%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fflaviar.com%2Fmars%2Fmars-iwai-45-whisky%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22is_eu%22%3Atrue%2C%22ecm_enabled%22%3Afalse%7D
IP 23.38.200.197:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9b8d19f4310c758344e40bf17fbc7e85
2290ef058812d5f5e398736e2316cba8cf8093cf
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
GET /v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%2C%22line_items%22%3A%5B%7B%22product_id%22%3A%22%22%2C%22product_category%22%3A%22bottle%22%7D%5D%7D&tid=2613568940819&cb=1670153189270&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%2C%22pin_unauth%22%3A%22dWlkPVlUWTVOVGhoWmpjdE5EVmhNQzAwTVRnNExUZ3lPVFV0WVRJM05UWXdaR1ZpWWpNeQ%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fflaviar.com%2Fmars%2Fmars-iwai-45-whisky%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22is_eu%22%3Atrue%2C%22ecm_enabled%22%3Afalse%7D HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: image/gif
content-length: 35
access-control-allow-origin: *
x-envoy-upstream-service-time: 2
referrer-policy: origin
x-pinterest-rid: 4960094045196770
date: Sun, 04 Dec 2022 11:26:32 GMT
set-cookie: _pinterest_ct_ua="TWc9PSZUOGZVTzF1K3ZGV3oxOWp6ZnFoQThxdzRZUW1xald0cXdIZDFUd0tqWnRqTy9ERXBJSUllNDRGTFprR2cxemRIRXlWOEk1Z21pSGUyTDFYUk52bkFaYlgxZmc1Mk9GRlBmZUkzdkdsckVEaz0mZVoycjZSSWFkeGRNSUpEMVNNRWlLeXlNdTZFPQ=="; Expires=Mon, 04 Dec 2023 11:26:32 GMT; Path=/; Domain=ct.pinterest.com; Secure; SameSite=None
akamai-grn: 0.274f2417.1670153192.17090b4
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-xglagdgr6lAvuDFsVtamS9R4jpRa-uuGBk56QQ&C=1
104.18.33.19200 OK 43 B URL HTTP/2 r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-xglagdgr6lAvuDFsVtamS9R4jpRa-uuGBk56QQ&C=1
IP 104.18.33.19:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /rum?cm_dsp_id=20&external_user_id=k-xglagdgr6lAvuDFsVtamS9R4jpRa-uuGBk56QQ&C=1 HTTP/1.1
Host: r.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:26:32 GMT
content-type: image/gif
content-length: 43
cf-ray: 7744300ab966fac8-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c4rtOGqg3qiFykAJ10E1YxXpeIv1KBa5xQB1NgjXECVBPq2mKsYZ7PwQyYL1W%2Fa4zC61g8cEGQcRyc9B%2BCenxd1DtqDZrUiM4eNpj%2Fa0VIIpCcG0jITaxX6C9En6OAgaAh7J"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-ctXgStgr6lAvuDFsVtamS9R4jpSmjbYf9Waf8g&google_cm=&google_hm=ay1jdFhnU3RncjZsQXZ1REZzVnRhbVM5UjRqcFNtamJZZjlXYWY4Zw&google_tc=
142.250.74.162302 Found 332 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-ctXgStgr6lAvuDFsVtamS9R4jpSmjbYf9Waf8g&google_cm=&google_hm=ay1jdFhnU3RncjZsQXZ1REZzVnRhbVM5UjRqcFNtamJZZjlXYWY4Zw&google_tc=
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash df142a138b9d2d6a171e6ce5173b5b48
4a0ebf18fcc765cc506087df795271b69309e7c2
a89c2fc94dd22dadb6153c017c079bf163e86cd5c05b8c3216fff391e6ad61e2
GET /pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-ctXgStgr6lAvuDFsVtamS9R4jpSmjbYf9Waf8g&google_cm=&google_hm=ay1jdFhnU3RncjZsQXZ1REZzVnRhbVM5UjRqcFNtamJZZjlXYWY4Zw&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-ctXgStgr6lAvuDFsVtamS9R4jpSmjbYf9Waf8g&google_error=3
date: Sun, 04 Dec 2022 11:26:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 332
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
criteo-sync.teads.tv/um?eid=80&uid=k-uLgXLdgr6lAvuDFsVtamS9R4jpSj_2dTcuGXuA
2.18.173.43200 OK 23 B URL HTTP/2 criteo-sync.teads.tv/um?eid=80&uid=k-uLgXLdgr6lAvuDFsVtamS9R4jpSj_2dTcuGXuA
IP 2.18.173.43:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash da5b449fff36752a93779fa4067cd2eb
71a96eea77f21ab5f1819b96c4cedd5cd34476ca
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
GET /um?eid=80&uid=k-uLgXLdgr6lAvuDFsVtamS9R4jpSj_2dTcuGXuA HTTP/1.1
Host: criteo-sync.teads.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
server: akka-http/10.2.9
content-length: 23
expires: Sun, 04 Dec 2022 11:26:32 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 04 Dec 2022 11:26:32 GMT
X-Firefox-Spdy: h2
ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
185.89.211.132307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
IP 185.89.211.132:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 04 Dec 2022 11:26:32 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
AN-X-Request-Uuid: 38297555-e0dc-4c12-a070-8b2a5381051a
Set-Cookie: uuid2=868272455405055098; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 04-Mar-2023 11:26:32 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash bd713988f2198b52776dbf52f92723ec
a8c3b616316d36a34fcd122233fecb3e7bbf7ac1
1ef638904995777cedae913b933495acf6ab62085f98eeec1ed85c83251313ff
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1317
Cache-Control: max-age=103805
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:26:32 GMT
Etag: "638b7140-139"
Expires: Mon, 05 Dec 2022 16:16:37 GMT
Last-Modified: Sat, 03 Dec 2022 15:54:40 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 744520b70d0eae35ac40ece84669ca6c
139a011cb51181708e1fc7bb759debd204bfcf57
31fa10ca032ba89fa8990871d7123213bf7296486ca73c17733aa0b3ea5ed362
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1506
Cache-Control: max-age=137128
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:26:32 GMT
Etag: "638bf2ae-1d7"
Expires: Tue, 06 Dec 2022 01:32:00 GMT
Last-Modified: Sun, 04 Dec 2022 01:06:54 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
ocsp.sca1b.amazontrust.com/
54.230.96.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.96.118:0
Hash 0a0bec46778e4ea5fe7c731704106c6b
d7e26cea7ebebf23caf0bc3bf1f72625de082a54
00fa3a7a44fa56fb7025e159a01e7ec7bc45c5c159adcd0ce48c86eb710d1d21
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=135117
Date: Sun, 04 Dec 2022 11:26:32 GMT
Etag: "638bebb6-1d7"
Expires: Tue, 06 Dec 2022 00:58:29 GMT
Last-Modified: Sun, 04 Dec 2022 00:37:10 GMT
Server: ECS (bsa/EB13)
X-Cache: Miss from cloudfront
Via: 1.1 2922b040e786628776b5684dc8791b62.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN1-C1
X-Amz-Cf-Id: hnRcZVGniYcr7_uywM4xEq1_2g3G46y7qVe_-leB6hDAi4LZULBrkg==
Age: 1279
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
185.89.211.132302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
IP 185.89.211.132:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Sun, 04 Dec 2022 11:26:32 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
AN-X-Request-Uuid: c5575062-3a5f-4489-9a17-22abb621bb66
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.sca1b.amazontrust.com/
54.230.96.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.96.118:0
Hash 781104b37bdb426ff9a2b0e85226d91b
72111d40cf1dad2e72558893d1f04fec64d9a6f9
0660b8819869e10506a3f0cb08f13b3fa45cc39212982ab57143e98ba2540ac9
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=151155
Date: Sun, 04 Dec 2022 11:26:32 GMT
Etag: "638c297b-1d7"
Expires: Tue, 06 Dec 2022 05:25:47 GMT
Last-Modified: Sun, 04 Dec 2022 05:00:43 GMT
Server: ECS (bsa/EB1A)
X-Cache: Miss from cloudfront
Via: 1.1 10ba4f180c8b00c38f956300d7b2f4c8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN1-C1
X-Amz-Cf-Id: -ec1HtMeq31PKJBLXCFVD2OFIYqbARrcse_Doodyt6S83BITRXtXzg==
Age: 1504
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 89757b50a8055fe5630793960963e992
4686842e9b109dd056936e47c364dd10995c1293
995c2617619bb86561a6620440002d85f54e42a0c46ee19d9c002c273e29264e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1176
Cache-Control: max-age=101129
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:26:32 GMT
Etag: "638b6759-1d7"
Expires: Mon, 05 Dec 2022 15:32:01 GMT
Last-Modified: Sat, 03 Dec 2022 15:12:25 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash dbb66a45515eb4bd61566b8a462222b7
2d18c51e1a9d35c874c96ad0552aa35d88bfc5f9
1929d698afaff5af3fd939389346226a6056b86e4f870b0769755b0cdefd60a6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 11:26:32 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 01:56:49 GMT
Expires: Sat, 10 Dec 2022 01:56:48 GMT
Etag: "2d18c51e1a9d35c874c96ad0552aa35d88bfc5f9"
Cache-Control: max-age=483615,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7744300ab820b524-OSL
pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-U2-ihNgr6lAvuDFsVtamS9R4jpT3K3_STcqjsg&expires=30
69.173.144.138204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-U2-ihNgr6lAvuDFsVtamS9R4jpT3K3_STcqjsg&expires=30
IP 69.173.144.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=6434&nid=2149&put=k-U2-ihNgr6lAvuDFsVtamS9R4jpT3K3_STcqjsg&expires=30 HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7f8c921d04d1982f6d86a43a2b4e47a0
c46c062dbccb06ad9eb7d5994c21acc7b7ed958a
6060a7e93037381cad620517facad87735169b0c421b20b121224b49f13b50f9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 804
Cache-Control: max-age=99683
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:26:32 GMT
Etag: "638b6327-1d7"
Expires: Mon, 05 Dec 2022 15:07:55 GMT
Last-Modified: Sat, 03 Dec 2022 14:54:31 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-tkikfdgr6lAvuDFsVtamS9R4jpQy7vuma04y9g
35.157.175.103302 Found 0 B URL HTTP/2 ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-tkikfdgr6lAvuDFsVtamS9R4jpQy7vuma04y9g
IP 35.157.175.103:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?publisher_dsp_id=38&external_user_id=k-tkikfdgr6lAvuDFsVtamS9R4jpQy7vuma04y9g HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 04 Dec 2022 11:26:32 GMT
content-type: text/plain
content-length: 0
location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-tkikfdgr6lAvuDFsVtamS9R4jpQy7vuma04y9g
set-cookie: tuuid=0c2b3706-317d-4d16-8d92-4542e59a21a8; Expires=Sat, 04 Mar 2023 11:26:32 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
tuuid_lu=1670153192; Expires=Sat, 04 Mar 2023 11:26:32 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-TTtujNgr6lAvuDFsVtamS9R4jpS_3iptw2HZwg
18.159.205.223204 No Content 0 B URL HTTP/2 match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-TTtujNgr6lAvuDFsVtamS9R4jpS_3iptw2HZwg
IP 18.159.205.223:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-TTtujNgr6lAvuDFsVtamS9R4jpS_3iptw2HZwg HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 04 Dec 2022 11:26:32 GMT
X-Firefox-Spdy: h2
rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-jL3RA9gr6lAvuDFsVtamS9R4jpTUXtkX5h3Tpg
185.86.137.110200 OK 43 B URL HTTP/1.1 rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-jL3RA9gr6lAvuDFsVtamS9R4jpTUXtkX5h3Tpg
IP 185.86.137.110:0
ASN #201081 SmartAdServer SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /redir/?partnerid=79&partneruserid=k-jL3RA9gr6lAvuDFsVtamS9R4jpTUXtkX5h3Tpg HTTP/1.1
Host: rtb-csync.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: image/gif
date: Sun, 04 Dec 2022 11:26:31 GMT
cache-control: no-cache,no-store
pragma: no-cache
set-cookie: pid=6578125473761078912; expires=Thu, 04 Jan 2024 11:26:32 GMT; domain=smartadserver.com; path=/
TestIfCookieP=ok; expires=Thu, 04 Jan 2024 11:26:32 GMT; domain=smartadserver.com; path=/
csync=79:k-jL3RA9gr6lAvuDFsVtamS9R4jpTUXtkX5h3Tpg; expires=Mon, 04 Dec 2023 11:26:32 GMT; domain=smartadserver.com; path=/
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x.bidswitch.net/sync?dsp_id=46&user_id=k--ZMOpNgr6lAvuDFsVtamS9R4jpS0a455xcnFqA&expires=30
35.157.180.193302 Found 807 B URL HTTP/2 x.bidswitch.net/sync?dsp_id=46&user_id=k--ZMOpNgr6lAvuDFsVtamS9R4jpS0a455xcnFqA&expires=30
IP 35.157.180.193:0
File type gzip compressed data, from Unix\012- data
Hash c85bf9047bb467ee4eb7e606814858c6
41c65f68c278de5dc09842c457cb610482463117
5a5a73861fb39fbb50ab94652f48d089297f6b1964524f5e08d7e1fd4426e7c8
GET /sync?dsp_id=46&user_id=k--ZMOpNgr6lAvuDFsVtamS9R4jpS0a455xcnFqA&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 04 Dec 2022 11:26:32 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k--ZMOpNgr6lAvuDFsVtamS9R4jpS0a455xcnFqA&expires=30
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=6cb791af-e342-4e57-88ea-0bd079392719; path=/; expires=Mon, 04-Dec-2023 11:26:32 GMT; domain=.bidswitch.net; samesite=none; secure
c=1670153192; path=/; expires=Mon, 04-Dec-2023 11:26:32 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1670153192; path=/; expires=Mon, 04-Dec-2023 11:26:32 GMT; domain=.bidswitch.net; samesite=none; secure
c=1670153192; path=/; expires=Mon, 04-Dec-2023 11:26:32 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-3rwi99gr6lAvuDFsVtamS9R4jpTYYs1nMNFgtw
18.156.0.31302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-3rwi99gr6lAvuDFsVtamS9R4jpTYYs1nMNFgtw
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58301/sync?_origin=1&uid=k-3rwi99gr6lAvuDFsVtamS9R4jpTYYs1nMNFgtw HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 04 Dec 2022 11:26:32 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-3rwi99gr6lAvuDFsVtamS9R4jpTYYs1nMNFgtw&verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBOiDjGMCEOSEuL12QYXcVRACM8my9CUFEgEBAQHVjWOWYwAAAAAA_eMAAA&S=AQAAApVZMbNE1W6zk7H9_lhlR-4; Expires=Mon, 4 Dec 2023 17:26:32 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash 215b075f694ff20a273abb7f6f62c24a
800e79b7ef21534a09ca4047ad376b67586da7ad
7ba3b307bc991e400fd7bf5ca602a41d2c1bb1c5489f7db04c6838bf6619972b
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 04 Dec 2022 11:26:32 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 04 Dec 2022 06:40:17 GMT
Expires: Mon, 05 Dec 2022 06:40:17 GMT
ETag: "800e79b7ef21534a09ca4047ad376b67586da7ad"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 841aa6e47394e8dcb3126e9fbb88fcdf
6d7a773dbf3759d567c66b907b52e61f5d93f9f9
ba2bf4a41df43d5563181e11c44baf6f58afc3fe13a80050a7ec44cd0882c60b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1291
Cache-Control: max-age=167491
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:26:32 GMT
Etag: "638c6a20-1d7"
Expires: Tue, 06 Dec 2022 09:58:03 GMT
Last-Modified: Sun, 04 Dec 2022 09:36:32 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
cm.adform.net/pixel?adform_pid=15&adform_pc=k-l1trm9gr6lAvuDFsVtamS9R4jpSWBTa_tMzAPQ
37.157.2.234200 OK 43 B URL HTTP/2 cm.adform.net/pixel?adform_pid=15&adform_pc=k-l1trm9gr6lAvuDFsVtamS9R4jpSWBTa_tMzAPQ
IP 37.157.2.234:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /pixel?adform_pid=15&adform_pc=k-l1trm9gr6lAvuDFsVtamS9R4jpSWBTa_tMzAPQ HTTP/1.1
Host: cm.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 11:26:32 GMT
content-type: image/gif
content-length: 43
last-modified: Thu, 28 Jul 2022 12:09:37 GMT
etag: "62e27c81-2b"
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3ad43a7a8b270f41308175b62db5732a
12ba23791d4af270f78c4fcfc3fb09636398a651
cd9c4f87165c07494f088237baa4a4838772881e30a7d96bdf1f42a98b188894
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CD9C4F87165C07494F088237BAA4A4838772881E30A7D96BDF1F42A98B188894"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6929
Expires: Sun, 04 Dec 2022 13:22:01 GMT
Date: Sun, 04 Dec 2022 11:26:32 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
54.230.96.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.96.118:0
Hash 25b6359c83340f619ebf9a7bf75be58e
1afc9e9ed1c1c57c8fd6b934489244a25612778a
3e95976d851c18179fa4bff928c3809735d71c27d131359ff839013421aa266c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=93575
Date: Sun, 04 Dec 2022 11:26:32 GMT
Etag: "638b488c-1d7"
Expires: Mon, 05 Dec 2022 13:26:07 GMT
Last-Modified: Sat, 03 Dec 2022 13:01:00 GMT
Server: ECS (bsa/EB1D)
X-Cache: Miss from cloudfront
Via: 1.1 2922b040e786628776b5684dc8791b62.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN1-C1
X-Amz-Cf-Id: 7zdriqglAHxwKzvyx1wuKwosCr94roEgyyDE5xH7YXXEt2IpN3Jt6g==
Age: 1507
dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
178.250.2.151200 OK 86 B URL HTTP/2 dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
IP 178.250.2.151:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash f0a190ee3f4b51131a92dcc05b45944d
6c85ae39ef96d7bafaf5ee812be7a6a1fec6bc8e
4838e507baddf306824b66278d79a12fc3c670e97aa0883eb2af83b25cf302d6
GET /dis/rtb/appnexus/cookiematch.aspx?appnxsid=0 HTTP/1.1
Host: dis.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:26:31 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
timing-allow-origin: *
server-processing-duration-in-ticks: 552050
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k--ZMOpNgr6lAvuDFsVtamS9R4jpS0a455xcnFqA&expires=30
35.157.180.193200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k--ZMOpNgr6lAvuDFsVtamS9R4jpS0a455xcnFqA&expires=30
IP 35.157.180.193:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/sync?dsp_id=46&user_id=k--ZMOpNgr6lAvuDFsVtamS9R4jpS0a455xcnFqA&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:26:32 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
sync.outbrain.com/cookie-sync?p=criteo&uid=k-55UkPdgr6lAvuDFsVtamS9R4jpS9EpEZKHOLtg
70.42.32.95200 OK 0 B URL HTTP/1.1 sync.outbrain.com/cookie-sync?p=criteo&uid=k-55UkPdgr6lAvuDFsVtamS9R4jpS9EpEZKHOLtg
IP 70.42.32.95:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie-sync?p=criteo&uid=k-55UkPdgr6lAvuDFsVtamS9R4jpS9EpEZKHOLtg HTTP/1.1
Host: sync.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 11:26:32 GMT
Content-Length: 0
Cache-Control: no-cache
X-TraceId: 2f72dbb425924443be9faf2a9d4ddf61
e1.emxdgt.com/put?d=d53&uid=k-esK3cdgr6lAvuDFsVtamS9R4jpQEx9VfglcJ-GGoTg8YloJL
18.158.8.202204 No Content 0 B URL HTTP/2 e1.emxdgt.com/put?d=d53&uid=k-esK3cdgr6lAvuDFsVtamS9R4jpQEx9VfglcJ-GGoTg8YloJL
IP 18.158.8.202:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /put?d=d53&uid=k-esK3cdgr6lAvuDFsVtamS9R4jpQEx9VfglcJ-GGoTg8YloJL HTTP/1.1
Host: e1.emxdgt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
content-type: text/html
date: Sun, 04 Dec 2022 11:26:32 GMT
content-length: 0
X-Firefox-Spdy: h2
simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-Iu4V7Ngr6lAvuDFsVtamS9R4jpTr1_HXhbv3Nw
185.64.189.110200 OK 42 B URL HTTP/2 simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-Iu4V7Ngr6lAvuDFsVtamS9R4jpTr1_HXhbv3Nw
IP 185.64.189.110:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-Iu4V7Ngr6lAvuDFsVtamS9R4jpTr1_HXhbv3Nw HTTP/1.1
Host: simage2.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 11:26:31 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_97=3385-uid:k-Iu4V7Ngr6lAvuDFsVtamS9R4jpTr1_HXhbv3Nw&KRTB&23144-uid:k-Iu4V7Ngr6lAvuDFsVtamS9R4jpTr1_HXhbv3Nw&KRTB&23286-uid:k-Iu4V7Ngr6lAvuDFsVtamS9R4jpTr1_HXhbv3Nw&KRTB&23287-uid:k-Iu4V7Ngr6lAvuDFsVtamS9R4jpTr1_HXhbv3Nw; domain=pubmatic.com; secure; expires=Tue, 03-Jan-2023 11:26:31 GMT; path=/
PugT=1670153191; domain=pubmatic.com; secure; expires=Tue, 03-Jan-2023 11:26:31 GMT; path=/
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
X-Firefox-Spdy: h2
shopper.shop.pe/input.js
35.190.54.17200 OK 8.9 kB IP 35.190.54.17:0
File type ASCII text, with very long lines (17023)
Hash 277671bdc75ca43b2c48464d6ab4278f
fa3f6cfe3a34a0586917b256c7d5b8f9b4c1a205
cb280dde0bd7b5868891421254e239ef63551cc351cb246a68e9bc69bd4e0e8e
GET /input.js HTTP/1.1
Host: shopper.shop.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdv33fAS6k14Tt6GcCn5t6Kd3CLQOczRA8NC6GRIF-_lKF5pLvYnyXgVoe09rhjWMgV03FqwaFS8MAjSms4uDzMccQ
x-goog-generation: 1667301507739079
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 8877
content-encoding: gzip
x-goog-hash: crc32c=d2ag2w==, md5=J3ZxvcdcpDssSEZNarQnjw==
x-goog-storage-class: STANDARD
accept-ranges: bytes
vary: Accept-Encoding
content-length: 8877
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
server: UploadServer
date: Sun, 04 Dec 2022 10:47:23 GMT
expires: Sun, 04 Dec 2022 14:47:23 GMT
cache-control: public, max-age=14400
age: 2349
last-modified: Tue, 01 Nov 2022 11:18:27 GMT
etag: "277671bdc75ca43b2c48464d6ab4278f"
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e471e4415d227aa6441e48d6543b2f5d
5d31fde87a692fcde1747dfeec56d42caa2338e9
691eac9590299d938d2b2722a1a3ca784a1f2d7b49b2982f372c3becdcb631ca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1229
Cache-Control: max-age=154853
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:26:32 GMT
Etag: "638c3900-1d7"
Expires: Tue, 06 Dec 2022 06:27:25 GMT
Last-Modified: Sun, 04 Dec 2022 06:06:56 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
eb2.3lift.com/xuid?mid=2711&xuid=k-ExfN1dgr6lAvuDFsVtamS9R4jpR9PTvTQLf1dw&dongle=013b
76.223.111.18200 OK 37 B URL HTTP/2 eb2.3lift.com/xuid?mid=2711&xuid=k-ExfN1dgr6lAvuDFsVtamS9R4jpR9PTvTQLf1dw&dongle=013b
IP 76.223.111.18:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /xuid?mid=2711&xuid=k-ExfN1dgr6lAvuDFsVtamS9R4jpR9PTvTQLf1dw&dongle=013b HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:26:32 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
id5-sync.com/s/966/9.gif?puid=k-dS7OVtgr6lAvuDFsVtamS9R4jpTPR8NJ_EgaNQ
162.19.138.119200 43 B URL HTTP/1.1 id5-sync.com/s/966/9.gif?puid=k-dS7OVtgr6lAvuDFsVtamS9R4jpTPR8NJ_EgaNQ
IP 162.19.138.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /s/966/9.gif?puid=k-dS7OVtgr6lAvuDFsVtamS9R4jpTPR8NJ_EgaNQ HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"
set-cookie: cf=; Max-Age=300; Expires=Sun, 04-Dec-2022 11:31:32 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cip=; Max-Age=300; Expires=Sun, 04-Dec-2022 11:31:32 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cnac=; Max-Age=300; Expires=Sun, 04-Dec-2022 11:31:32 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
car=; Max-Age=300; Expires=Sun, 04-Dec-2022 11:31:32 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
gdpr=; Max-Age=300; Expires=Sun, 04-Dec-2022 11:31:32 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
callback=; Max-Age=300; Expires=Sun, 04-Dec-2022 11:31:32 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
content-type: image/gif;charset=UTF-8
transfer-encoding: chunked
date: Sun, 04 Dec 2022 11:26:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-3rwi99gr6lAvuDFsVtamS9R4jpTYYs1nMNFgtw&verify=true
18.156.0.31204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-3rwi99gr6lAvuDFsVtamS9R4jpTYYs1nMNFgtw&verify=true
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58301/sync?_origin=1&uid=k-3rwi99gr6lAvuDFsVtamS9R4jpTYYs1nMNFgtw&verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 04 Dec 2022 11:26:32 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBOiDjGMCEBUDI6ULLo-AxWLBaKTZqkwFEgEBAQHVjWOWYwAAAAAA_eMAAA&S=AQAAAm3cmA9cC8ozkAQPZrPy7wQ; Expires=Mon, 4 Dec 2023 17:26:32 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ad.yieldlab.net/m?dt_id=8664&ext_id=k-iNJVwdgr6lAvuDFsVtamS9R4jpROBhBSuSLWVw
23.43.133.70204 No Content 0 B URL HTTP/1.1 ad.yieldlab.net/m?dt_id=8664&ext_id=k-iNJVwdgr6lAvuDFsVtamS9R4jpROBhBSuSLWVw
IP 23.43.133.70:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /m?dt_id=8664&ext_id=k-iNJVwdgr6lAvuDFsVtamS9R4jpROBhBSuSLWVw HTTP/1.1
Host: ad.yieldlab.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
x-application-context: application
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Pragma: no-cache
Expires: Sat, 03 Dec 2022 11:26:32 GMT
Date: Sun, 04 Dec 2022 11:26:32 GMT
Connection: keep-alive
Set-Cookie: id=faca8a18-2e1a-4a1c-a499-7822990e2752; Path=/; Domain=prod.svc.y6b.de; Expires=Mon, 04-Dec-2023 11:26:32 GMT; Max-Age=31536000; Secure; SameSite=None
dpm.demdex.net/ibs:dpid=28645&dpuuid=
52.211.247.227302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=28645&dpuuid=
IP 52.211.247.227:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=28645&dpuuid= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v045-0b398da67.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=29216707889802309444533711113501144585; Max-Age=15552000; Expires=Fri, 02 Jun 2023 11:26:32 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: vtSqdykJQEk=
Content-Length: 0
Connection: keep-alive
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-sR26Itgr6lAvuDFsVtamS9R4jpS_IYVPQPJMLw
141.226.228.48200 OK 471 B URL HTTP/2 sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-sR26Itgr6lAvuDFsVtamS9R4jpS_IYVPQPJMLw
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash f6ea289668229920eb646b0178f8a432
51418c31042db3b08ffa3c50a1d7809dc8393ad8
c50efd970149388f8bab4669b66cab41ab381d6347b0489885dc33a4d0d32343
GET /sg/criteortb-network/1/rtb-h/?taboola_hm=k-sR26Itgr6lAvuDFsVtamS9R4jpS_IYVPQPJMLw HTTP/1.1
Host: sync-t1.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 11:26:32 GMT
x-fastly-to-nlb-rtt: 22006
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.96.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.96.118:0
Hash ed1905788781e21fddfadbc6e2c81f8b
044863294a2f2e4e79ca468e40b4657a3fe25457
a72dfe1662a88aa1e966ae22e10f9e52924faaf4fc116210e65a42696d40d301
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 04 Dec 2022 11:26:32 GMT
Last-Modified: Sun, 04 Dec 2022 11:01:37 GMT
Server: ECS (bsa/EB1B)
X-Cache: Miss from cloudfront
Via: 1.1 2922b040e786628776b5684dc8791b62.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN1-C1
X-Amz-Cf-Id: wSkIzs_SY11L30D-xUS0bobHhhN-nknexzAI5pjf0c-bMNvPWb4E7g==
Age: 1495
ocsp.sca1b.amazontrust.com/
54.230.96.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.96.118:0
Hash f5c019434f824ad9785f6d214c4c2b91
f32f6b3d43342ecbef056afc1e160b678a91d856
dbebcf4adfe7ef03b2e80328c69e0f65974162e2d70d9fdbc6e139985f45d960
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=89680
Date: Sun, 04 Dec 2022 11:26:32 GMT
Etag: "638b3a89-1d7"
Expires: Mon, 05 Dec 2022 12:21:12 GMT
Last-Modified: Sat, 03 Dec 2022 12:01:13 GMT
Server: ECS (bsa/EB1B)
X-Cache: Miss from cloudfront
Via: 1.1 10ba4f180c8b00c38f956300d7b2f4c8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN1-C1
X-Amz-Cf-Id: Gi8MXBDJ8RZ8cE9JMMhJBPyTD5kldS_CRkOg9-I9aMWoY1XUGmYVaQ==
Age: 1199
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
52.211.247.227200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
IP 52.211.247.227:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-1-v045-078a58cff.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: JNpRyyJDQJg=
Content-Length: 59
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 4d5edbbb3826a05c6e43a58d47f36f93
3bda921fe553530f2f656383c185f3dc93e1bbcb
e793ff2a601da96b8964028c9fe6d60e4845480547a7f0f31db9dabdd6f64e30
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 04 Dec 2022 11:26:32 GMT
Last-Modified: Sun, 04 Dec 2022 10:55:02 GMT
Server: ECS (nyb/1D1C)
X-Cache: Miss from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: WWZXN4EvM0u7JmlA4bLpmHSNhcj5mN8U4ZZD0qotJFRhN8SedyO5nQ==
Age: 1890
gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
178.250.2.146302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
IP 178.250.2.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sun, 04 Dec 2022 11:26:32 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
server-processing-duration-in-ticks: 1044160
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
sync-criteo.ads.yieldmo.com/sync?id=k-aUO99Ngr6lAvuDFsVtamS9R4jpRQ1YVsl3rvFQ&pn_id=criteo&ext=1
34.248.96.68200 OK 43 B URL HTTP/2 sync-criteo.ads.yieldmo.com/sync?id=k-aUO99Ngr6lAvuDFsVtamS9R4jpRQ1YVsl3rvFQ&pn_id=criteo&ext=1
IP 34.248.96.68:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /sync?id=k-aUO99Ngr6lAvuDFsVtamS9R4jpRQ1YVsl3rvFQ&pn_id=criteo&ext=1 HTTP/1.1
Host: sync-criteo.ads.yieldmo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:26:32 GMT
content-type: image/gif
content-length: 43
set-cookie: yieldmo_id=gbe01c04ac2b5d8eb2ba%7C1670153192629%7C0%7C; Domain=.yieldmo.com; Expires=Mon, 04-Dec-2023 11:26:32 GMT; Path=/; Secure; SameSite=None; Secure
ptrcriteo=k-aUO99Ngr6lAvuDFsVtamS9R4jpRQ1YVsl3rvFQ; Domain=ads.yieldmo.com; Expires=Mon, 04-Dec-2023 11:26:32 GMT; Path=/; Secure; SameSite=None; Secure
access-control-allow-origin: *
access-control-request-headers: Cache-Control, Pragma
access-control-allow-methods: GET, OPTIONS
pragma: no-cache
X-Firefox-Spdy: h2
visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-6GCwH9gr6lAvuDFsVtamS9R4jpSHh5l4cs6CRQ
185.255.84.152200 OK 49 B URL HTTP/2 visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-6GCwH9gr6lAvuDFsVtamS9R4jpSHh5l4cs6CRQ
IP 185.255.84.152:0
ASN #200271 Iguane Solutions SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 4408efc0174f07ad685c456f1de521ca
e3bc3250f8f32bd98dc7b05fd8940b74617eb8d1
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
GET /visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-6GCwH9gr6lAvuDFsVtamS9R4jpSHh5l4cs6CRQ HTTP/1.1
Host: visitor.omnitagjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
expires: 0
p3p: CP="CAO PSA OUR"
pragma: no-cache
set-cookie: ayl_visitor=b66a23c7578de03fa25bc0d795df706b; Path=/; Domain=omnitagjs.com; Max-Age=2592000; Secure; SameSite=None
vary: Accept-Encoding
x-content-type-options: nosniff
date: Sun, 04 Dec 2022 11:26:32 GMT
content-length: 49
x-envoy-upstream-service-time: 52
server: ayl-lb-fra02
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 46922de05eafdebdbbdd8f971c6d57a0
2f2d00ec326a35ab3580070860c7e263ac8df5fe
ef313681caa8a75ea210e796385e449a7d91750ddd7e389f444b9f4a6a06555a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=155166
Date: Sun, 04 Dec 2022 11:26:32 GMT
Etag: "638c3630-1d7"
Expires: Tue, 06 Dec 2022 06:32:38 GMT
Last-Modified: Sun, 04 Dec 2022 05:54:56 GMT
Server: ECS (bsa/EB1D)
X-Cache: Miss from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: eDcb_KZ8WkKo6Gz1oFsioC3FrWkh9VwS9-8GonaLGuwOUhY2fkoamw==
Age: 2262
addshoppers.s3.amazonaws.com/customize/632b240c36963004c36631fb/95a70ba5ad45471ab18a70910459026d.js?_t=1666205658
52.217.85.124200 OK 1.6 kB URL HTTP/1.1 addshoppers.s3.amazonaws.com/customize/632b240c36963004c36631fb/95a70ba5ad45471ab18a70910459026d.js?_t=1666205658
IP 52.217.85.124:0
File type ASCII text, with very long lines (8442), with no line terminators
Hash 5f15e569fc7c2eb9512cc87a8b76782e
291c5970663d651b90f3b6d332dafa352f4b183f
2eb42f949da91a0036ac124117179d5173868712144e56bb87c8dc3942a34fd1
GET /customize/632b240c36963004c36631fb/95a70ba5ad45471ab18a70910459026d.js?_t=1666205658 HTTP/1.1
Host: addshoppers.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: B6SNC+VBqEbV6G4aO9EhWoZZli3Mp19Hvwz88T4XvwG6EWqtogHTAsr/3jHa2znxO2HKChNiSnI=
x-amz-request-id: J6RNRDAFVQPKN34Y
Date: Sun, 04 Dec 2022 11:26:33 GMT
Last-Modified: Wed, 19 Oct 2022 18:54:19 GMT
ETag: "5f15e569fc7c2eb9512cc87a8b76782e"
Cache-Control: max-age=2592000, public
Content-Encoding: gzip
x-amz-version-id: YxCI6h4XmMvlnIY01wBkUyM6ePoGrvRe
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
Server: AmazonS3
Content-Length: 1581
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 85cec64428416d7d04aeb9938de82e61
8390cfbc9a92f4de4c10eb23eb85ce563249f98a
24bbd6dbb6d37e2415598c71670bcb136add875ccfc4588dcce8a73b02b763d3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 652
Cache-Control: max-age=89128
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:26:32 GMT
Etag: "638b3a84-1d7"
Expires: Mon, 05 Dec 2022 12:12:00 GMT
Last-Modified: Sat, 03 Dec 2022 12:01:08 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
nytrng.com/iframe?vcp=4dd5h0np&as_id=d12b3da4a61742b9b3b758ac01d994f0
99.83.128.14200 OK 410 B URL HTTP/2 nytrng.com/iframe?vcp=4dd5h0np&as_id=d12b3da4a61742b9b3b758ac01d994f0
IP 99.83.128.14:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (410), with no line terminators
Hash bc852e81674b7ad80483d6f8831bab86
0d6acd3d2456c79818cbf1ed2d51ef8d231eea1c
62ada3865596a9cf249a4c4ee62ac1d4c3f3d5fbce5cfcc8ee0517681cfd0ca1
GET /iframe?vcp=4dd5h0np&as_id=d12b3da4a61742b9b3b758ac01d994f0 HTTP/1.1
Host: nytrng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:26:32 GMT
content-type: text/html; charset=utf-8
content-length: 410
server: gunicorn
X-Firefox-Spdy: h2
beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
52.16.228.49204 No Content 0 B URL HTTP/2 beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
IP 52.16.228.49:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usermatch.gif?partner=criteo&partner_uid= HTTP/1.1
Host: beacon.krxd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 04 Dec 2022 11:26:32 GMT
set-cookie: _kuid_=PPM4TOpa; Expires=Fri, 02-Jun-23 11:26:32 GMT; Max-Age=15552000; Domain=.krxd.net; Path=/
cache-control: private, no-cache, no-store
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-served-by: beacon-n020-dub-prod.krxd.net
x-request-time: D=30 t=1670153192
X-Firefox-Spdy: h2
cdn.nytrng.com/pl.2.2.min.js
143.204.55.112200 OK 0 B URL HTTP/2 cdn.nytrng.com/pl.2.2.min.js
IP 143.204.55.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pl.2.2.min.js HTTP/1.1
Host: cdn.nytrng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nytrng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/plain
content-length: 0
date: Sat, 12 Nov 2022 07:11:14 GMT
last-modified: Wed, 31 Jul 2019 16:57:19 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 7-ylK0d59py9owyBLGkuYw_PY7c12pVijVmXZQMS-W8gNZ4dcNodrg==
age: 1916119
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
178.250.2.146302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
IP 178.250.2.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sun, 04 Dec 2022 11:26:32 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=
server-processing-duration-in-ticks: 604235
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
aacdn.nagich.com/style/style.css
104.26.14.45200 OK 0 B URL HTTP/2 aacdn.nagich.com/style/style.css
IP 104.26.14.45:0
GET /style/style.css HTTP/1.1
Host: aacdn.nagich.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:26:26 GMT
content-type: text/css
cache-control: public, max-age=2204800
last-modified: Sun, 02 Oct 2022 09:01:39 GMT
etag: W/"809b15953dd6d81:0"
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: deny
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 2163896
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gNCMm9uqRlpcMSwlox2VUfXqdsXyfxSQbb9sco6M65y%2Bd8EbpYHM6EqUh6%2B2keO%2F%2BnlZjImKogUKlByAQL5DDEnAXVB4wFKeOOtpW5ueLeZ40xg290Oest%2BD5mIgtSltFs0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77442fe99fe4b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-5IsZodgr6lAvuDFsVtamS9R4jpSw1DOIuYJrCsSK2PCsr1ct
35.158.195.201200 OK 0 B URL HTTP/2 exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-5IsZodgr6lAvuDFsVtamS9R4jpSw1DOIuYJrCsSK2PCsr1ct
IP 35.158.195.201:0
GET /usersync/push?partner=criteo&partnerId=k-5IsZodgr6lAvuDFsVtamS9R4jpSw1DOIuYJrCsSK2PCsr1ct HTTP/1.1
Host: exchange.mediavine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:26:31 GMT
content-type: text/html; charset=utf-8
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
cache-control: private, no-cache
set-cookie: mv_tokens=%7B%22mv_uuid%22%3A%2280c61f20-73c6-11ed-a454-85bf934c102b%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Sun, 18 Dec 2022 11:26:31 GMT; Secure; SameSite=None
mv_tokens_eu-v1=%7B%22mv_uuid%22%3A%2280c61f20-73c6-11ed-a454-85bf934c102b%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Sun, 18 Dec 2022 11:26:31 GMT; Secure; SameSite=None
am_tokens=%7B%22mv_uuid%22%3A%2280c61f20-73c6-11ed-a454-85bf934c102b%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Sun, 18 Dec 2022 11:26:31 GMT; Secure; SameSite=None
am_tokens_eu-v1=%7B%22mv_uuid%22%3A%2280c61f20-73c6-11ed-a454-85bf934c102b%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Sun, 18 Dec 2022 11:26:31 GMT; Secure; SameSite=None
criteo=%7B%22id%22%3A%22k-5IsZodgr6lAvuDFsVtamS9R4jpSw1DOIuYJrCsSK2PCsr1ct%22%2C%22version%22%3A%22criteo%22%7D; Path=/; Expires=Sun, 18 Dec 2022 11:26:31 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
criteo-partners.tremorhub.com/sync?UICR=k-Clxwr9gr6lAvuDFsVtamS9R4jpTyEjf7uurA-g
52.1.232.55200 OK 0 B URL HTTP/2 criteo-partners.tremorhub.com/sync?UICR=k-Clxwr9gr6lAvuDFsVtamS9R4jpTyEjf7uurA-g
IP 52.1.232.55:0
GET /sync?UICR=k-Clxwr9gr6lAvuDFsVtamS9R4jpTyEjf7uurA-g HTTP/1.1
Host: criteo-partners.tremorhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:26:32 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
X-Firefox-Spdy: h2
flaviar.com/mars/mars-iwai-45-whisky/
172.66.43.165200 OK 0 B URL HTTP/2 flaviar.com/mars/mars-iwai-45-whisky/
IP 172.66.43.165:0
GET /mars/mars-iwai-45-whisky/ HTTP/1.1
Host: flaviar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:26:24 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: PHPSESSID=8d610cfea6a4786da86918ef0b08897d; expires=Mon, 05-Dec-2022 11:26:24 GMT; Max-Age=86400; path=/; secure; HttpOnly
cache-control: max-age=0, must-revalidate, private
link: <https://cdn.flaviar.com/build/runtime.deb34ec8.js>; rel="preload"; as="script",<https://cdn.flaviar.com/build/1.e1f7a7db.js>; rel="preload"; as="script",<https://cdn.flaviar.com/build/2.1d78479b.js>; rel="preload"; as="script",<https://cdn.flaviar.com/build/app.f1fa3d2a.js>; rel="preload"; as="script",<https://cdn.flaviar.com/build/app-product.541ecef6.js>; rel="preload"; as="script",<https://cdn.flaviar.com/build/5.2a092778.css>; rel="preload"; as="style",<https://cdn.flaviar.com/build/app-style.ca1e61bb.css>; rel="preload"; as="style",<https://cdn.flaviar.com/build/menu-style.83f9b35c.css>; rel="preload"; as="style"
expires: Sun, 04 Dec 2022 11:26:24 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ch7syMkgDNANIzj4gdnVeV2yA3PtAuo5yruCrkT85qNoNo5Ss21X8VLWl1uhbYFF8HNOfg1bZ%2FlgEEOw83vZ9AEJu0tnhTAqTmu0lX%2FV8ZuTT9cCuLb17GjeIF4p"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77442fda5faafab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.youtube.com/embed/kFvN2avNdKk
172.217.21.174200 OK 0 B URL HTTP/2 www.youtube.com/embed/kFvN2avNdKk
IP 172.217.21.174:0
GET /embed/kFvN2avNdKk HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 04 Dec 2022 11:26:25 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=UFPNErYc5jo; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=7I6LmU8XIHc; Domain=.youtube.com; Expires=Fri, 02-Jun-2023 11:26:25 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+648; expires=Tue, 03-Dec-2024 11:26:25 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?topUrl=flaviar.com&origin=onetag&us_privacy=1---
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/syncframe?topUrl=flaviar.com&origin=onetag&us_privacy=1---
IP 178.250.2.146:0
GET /syncframe?topUrl=flaviar.com&origin=onetag&us_privacy=1--- HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:26:29 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=176abe8d-5fcd-4ee3-8368-e785a3cae976; expires=Fri, 29 Dec 2023 11:26:29 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 522927
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
widget.us.criteo.com/event?a=95340&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3Dundefined%26site_type%3Dd&p2=e%3Dvp%26p%3D%26tms%3Dgtm-ee-1.1.0&p3=e%3Dvp%26p%3D%26tms%3Dgtm-ee-1.1.0&p4=e%3Ddis&adce=1&bundle=8rnQ9V9CQ2N6UmMxRWl3aVBIMlIyRmtvdiUyQjc2YWJOTUR2cEMlMkJTVkE4N1MlMkJaUTdIRTk0OTA5VCUyQjFtUDJZcTZBcWJIMGFONVBjZFVzSm1yNTh1S3M5eEpaNjUweVFJektWOG83RFV6S0J6SjFPWEVBTjAlMkZ0UDVBcmtvTDNrVU5YdUVhY2xQbENNTDdSRWdsaGpESyUyQndpR3lwMmclM0QlM0Q&tld=flaviar.com&dy=1&fu=https%253A%252F%252Fflaviar.com%252Fmars%252Fmars-iwai-45-whisky%252F&dtycbr=45048&cs=1---&cv=1
74.119.119.150200 OK 0 B URL HTTP/2 widget.us.criteo.com/event?a=95340&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3Dundefined%26site_type%3Dd&p2=e%3Dvp%26p%3D%26tms%3Dgtm-ee-1.1.0&p3=e%3Dvp%26p%3D%26tms%3Dgtm-ee-1.1.0&p4=e%3Ddis&adce=1&bundle=8rnQ9V9CQ2N6UmMxRWl3aVBIMlIyRmtvdiUyQjc2YWJOTUR2cEMlMkJTVkE4N1MlMkJaUTdIRTk0OTA5VCUyQjFtUDJZcTZBcWJIMGFONVBjZFVzSm1yNTh1S3M5eEpaNjUweVFJektWOG83RFV6S0J6SjFPWEVBTjAlMkZ0UDVBcmtvTDNrVU5YdUVhY2xQbENNTDdSRWdsaGpESyUyQndpR3lwMmclM0QlM0Q&tld=flaviar.com&dy=1&fu=https%253A%252F%252Fflaviar.com%252Fmars%252Fmars-iwai-45-whisky%252F&dtycbr=45048&cs=1---&cv=1
IP 74.119.119.150:0
GET /event?a=95340&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3Dundefined%26site_type%3Dd&p2=e%3Dvp%26p%3D%26tms%3Dgtm-ee-1.1.0&p3=e%3Dvp%26p%3D%26tms%3Dgtm-ee-1.1.0&p4=e%3Ddis&adce=1&bundle=8rnQ9V9CQ2N6UmMxRWl3aVBIMlIyRmtvdiUyQjc2YWJOTUR2cEMlMkJTVkE4N1MlMkJaUTdIRTk0OTA5VCUyQjFtUDJZcTZBcWJIMGFONVBjZFVzSm1yNTh1S3M5eEpaNjUweVFJektWOG83RFV6S0J6SjFPWEVBTjAlMkZ0UDVBcmtvTDNrVU5YdUVhY2xQbENNTDdSRWdsaGpESyUyQndpR3lwMmclM0QlM0Q&tld=flaviar.com&dy=1&fu=https%253A%252F%252Fflaviar.com%252Fmars%252Fmars-iwai-45-whisky%252F&dtycbr=45048&cs=1---&cv=1 HTTP/1.1
Host: widget.us.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaviar.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:26:31 GMT
content-type: application/x-javascript
server: Kestrel
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
expires: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
timing-allow-origin: *
server-processing-duration-in-ticks: 12035348
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
dx.mountain.com/spx?dxver=4.0.0&shaid=33038&tdr=&plh=https%3A%2F%2Fflaviar.com%2Fmars%2Fmars-iwai-45-whisky%2F&cb=34709641658751370term=value
54.190.217.118200 0 B URL HTTP/1.1 dx.mountain.com/spx?dxver=4.0.0&shaid=33038&tdr=&plh=https%3A%2F%2Fflaviar.com%2Fmars%2Fmars-iwai-45-whisky%2F&cb=34709641658751370term=value
IP 54.190.217.118:0
GET /spx?dxver=4.0.0&shaid=33038&tdr=&plh=https%3A%2F%2Fflaviar.com%2Fmars%2Fmars-iwai-45-whisky%2F&cb=34709641658751370term=value HTTP/1.1
Host: dx.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-encoding: gzip
content-type: application/javascript;charset=utf-8
date: Sun, 04 Dec 2022 11:26:31 GMT
connection: close
dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-ctXgStgr6lAvuDFsVtamS9R4jpSmjbYf9Waf8g&google_error=3
178.250.2.151200 OK 0 B URL HTTP/2 dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-ctXgStgr6lAvuDFsVtamS9R4jpSmjbYf9Waf8g&google_error=3
IP 178.250.2.151:0
GET /dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-ctXgStgr6lAvuDFsVtamS9R4jpSmjbYf9Waf8g&google_error=3 HTTP/1.1
Host: dis.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:26:31 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
timing-allow-origin: *
server-processing-duration-in-ticks: 299875
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
aacdn.nagich.com/style/btncolor.css
104.26.14.45200 OK 0 B URL HTTP/2 aacdn.nagich.com/style/btncolor.css
IP 104.26.14.45:0
GET /style/btncolor.css HTTP/1.1
Host: aacdn.nagich.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:26:26 GMT
content-type: text/css
cache-control: public, max-age=2204800
last-modified: Mon, 11 Feb 2019 11:17:50 GMT
etag: W/"4c2a96cfbc1d41:0"
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: deny
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 2163896
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B4FP8aneHS6t7v0MFjoXPuAuGqahItZgkwLIIvKZOVd%2F8wPAsTnckDYXqoKFjkpcowbwN8aR8x9Arjy%2BKLbfFQPQQLasCaqEgSzCXQd2TsBnfqD%2BV2H8J0xiaSUEOzF1fFs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77442fe99fe5b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
aacdn.nagich.com/assets/locale/en.json
104.26.14.45200 OK 0 B URL HTTP/2 aacdn.nagich.com/assets/locale/en.json
IP 104.26.14.45:0
GET /assets/locale/en.json HTTP/1.1
Host: aacdn.nagich.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:26:26 GMT
content-type: application/json
cache-control: public, max-age=2204800
last-modified: Tue, 15 Jun 2021 15:40:09 GMT
etag: W/"f45920b9fc61d71:0"
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: deny
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iBb6iVRQL%2FewIkLZ9K%2B1SncEEZAnON6WImr7TE0OpS9OOSbn0jUR1mIpfURXMw%2F5x3t3UwitOt3tougJn%2BkeWYw%2FGfY0DPuGNhfU3mnz23QsZa7tVu0WVrzu3VLuG14F7DI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77442fe99fe6b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=rNaGZV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czBpSTZYNmVRU2RxQ3pyeDFMSjFSTjc0cDRQbGpSJTJGJTJCNnBsandNRzhWdEFs
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:26:29 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=emAfT180M0RITmhlJTJCZkMwOUJGQlhaMUN2czBpSTZYNmVRU2RxQ3pyeDFMSjFSTjVuc2MzVTNmbjVJdFVpbGNTaHJaMzA; expires=Fri, 29 Dec 2023 11:26:30 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 373925
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
178.250.6.220200 OK 0 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 178.250.6.220:0
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:26:29 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 91634
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
tr.snapchat.com/collector/is_enabled?pids=b838e1c8-e5cb-4d99-bda2-d5594b71ff41&tld=com
35.190.43.134200 OK 0 B URL HTTP/2 tr.snapchat.com/collector/is_enabled?pids=b838e1c8-e5cb-4d99-bda2-d5594b71ff41&tld=com
IP 35.190.43.134:0
GET /collector/is_enabled?pids=b838e1c8-e5cb-4d99-bda2-d5594b71ff41&tld=com HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:26:29 GMT
access-control-allow-origin: https://flaviar.com
content-type: application/json
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time: 0
content-encoding: gzip
vary: Accept-Encoding
server: API Gateway
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
px.mountain.com/st?ga_tracking_id=UA-28959768-20&ga_client_id=1099071175.1670153185&shpt=Mars%20Iwai%2045%20Whisky%20%C2%BB%20Get%20Free%20Shipping%20%7C%20Flaviar&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-28959768-20%22%2C%22ga_client_id%22%3A%221099071175.1670153185%22%2C%22shpt%22%3A%22Mars%20Iwai%2045%20Whisky%20%C2%BB%20Get%20Free%20Shipping%20%7C%20Flaviar%22%2C%22dcm_cid%22%3A%221670153184.1%22%2C%22dcm_gid%22%3A%22838961215.1670153185%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A6%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=1670153184.1&dcm_gid=838961215.1670153185&dxver=4.0.0&shaid=33038&plh=https%3A%2F%2Fflaviar.com%2Fmars%2Fmars-iwai-45-whisky%2F&cb=34709641658751370term%3Dvalue&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue%2Ccriteo%3Dtrue
44.235.191.156200 OK 0 B URL HTTP/1.1 px.mountain.com/st?ga_tracking_id=UA-28959768-20&ga_client_id=1099071175.1670153185&shpt=Mars%20Iwai%2045%20Whisky%20%C2%BB%20Get%20Free%20Shipping%20%7C%20Flaviar&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-28959768-20%22%2C%22ga_client_id%22%3A%221099071175.1670153185%22%2C%22shpt%22%3A%22Mars%20Iwai%2045%20Whisky%20%C2%BB%20Get%20Free%20Shipping%20%7C%20Flaviar%22%2C%22dcm_cid%22%3A%221670153184.1%22%2C%22dcm_gid%22%3A%22838961215.1670153185%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A6%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=1670153184.1&dcm_gid=838961215.1670153185&dxver=4.0.0&shaid=33038&plh=https%3A%2F%2Fflaviar.com%2Fmars%2Fmars-iwai-45-whisky%2F&cb=34709641658751370term%3Dvalue&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue%2Ccriteo%3Dtrue
IP 44.235.191.156:0
GET /st?ga_tracking_id=UA-28959768-20&ga_client_id=1099071175.1670153185&shpt=Mars%20Iwai%2045%20Whisky%20%C2%BB%20Get%20Free%20Shipping%20%7C%20Flaviar&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-28959768-20%22%2C%22ga_client_id%22%3A%221099071175.1670153185%22%2C%22shpt%22%3A%22Mars%20Iwai%2045%20Whisky%20%C2%BB%20Get%20Free%20Shipping%20%7C%20Flaviar%22%2C%22dcm_cid%22%3A%221670153184.1%22%2C%22dcm_gid%22%3A%22838961215.1670153185%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A6%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=1670153184.1&dcm_gid=838961215.1670153185&dxver=4.0.0&shaid=33038&plh=https%3A%2F%2Fflaviar.com%2Fmars%2Fmars-iwai-45-whisky%2F&cb=34709641658751370term%3Dvalue&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue%2Ccriteo%3Dtrue HTTP/1.1
Host: px.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Sun, 04 Dec 2022 11:26:32 GMT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
set-cookie: guid=815c44dd-73c6-11ed-8727-076555976a9c;Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
content-encoding: gzip
connection: close
static.fbot.me/friendbuy.js
143.204.55.91200 OK 0 B URL HTTP/2 static.fbot.me/friendbuy.js
IP 143.204.55.91:0
GET /friendbuy.js HTTP/1.1
Host: static.fbot.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 18:54:50 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: 1TJItsrldzDocUTOk9.t5QWqlV.wmjrZ
server: AmazonS3
content-encoding: gzip
date: Sun, 04 Dec 2022 11:22:41 GMT
cache-control: max-age=300
etag: W/"0b5bcf54c4cdbc59dd5b187265ffc20d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: kdD8RSedLy0dAAQVm2WchUAEEdsRmePsGYUWh_BfvTIpZXHzO4zW6Q==
age: 227
X-Firefox-Spdy: h2
aacdn.nagich.com/core/4.3.7/accessibility.js
104.26.14.45200 OK 0 B URL HTTP/2 aacdn.nagich.com/core/4.3.7/accessibility.js
IP 104.26.14.45:0
GET /core/4.3.7/accessibility.js HTTP/1.1
Host: aacdn.nagich.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:26:26 GMT
content-type: application/javascript
cache-control: public, max-age=2204800
last-modified: Wed, 20 Jul 2022 11:28:32 GMT
etag: W/"03079d72b9cd81:0"
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: deny
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 2163896
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8UyP0Fp51dY63dKDe1rj%2FeaszEHynjllh%2FDv8HB7HVcLKAjXnw%2BuBVtSTeg3JWZn4Ld1uJIlMo0QvZE6Te0lmxm%2FTYWv7SK8yFDj43RdInIqXSFaTPXcJRY%2FPgbk94as%2BCM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77442fe86e27b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
178.250.6.229200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 178.250.6.229:0
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:26:29 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 94680
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
getrockerbox.com/customdomain/rb9yp8py.flaviar.com/wxyz.rb.js
172.64.174.31301 Moved Permanently 0 B URL HTTP/2 getrockerbox.com/customdomain/rb9yp8py.flaviar.com/wxyz.rb.js
IP 172.64.174.31:0
GET /customdomain/rb9yp8py.flaviar.com/wxyz.rb.js HTTP/1.1
Host: getrockerbox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sun, 04 Dec 2022 11:26:29 GMT
content-type: text/html
location: https://rb9yp8py.flaviar.com/assets/wxyz.rb.js
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DL3gclxbH%2FLOXTaChjKQiU2ms3PQHucpF0J4gxEQAWm4m6VpSIITMBnSr056cspMn1Yk0YxKg8uwqKkVCd7Qp9CjIQZ4UraVnmb4kZYjN3epudhNH9RCFCK3mKzKyU2AMfSL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77442ffb2a7d88b0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2