flaviar.com/?irclickid=1Y:wNSyDDxyNUnKU6JTwfQQ2UkAxH4yRLTTUV00&ir_cid=3334&ir_affid=10813&utm_medium=affiliates&utm_source=MaxBounty.com%20ULC&ir_partnerid=10813&ir_adid=1215604&ir_campaignid=3334
301 Moved Permanently 0 B URL HTTP/1.1 flaviar.com/?irclickid=1Y:wNSyDDxyNUnKU6JTwfQQ2UkAxH4yRLTTUV00&ir_cid=3334&ir_affid=10813&utm_medium=affiliates&utm_source=MaxBounty.com%20ULC&ir_partnerid=10813&ir_adid=1215604&ir_campaignid=3334
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?irclickid=1Y:wNSyDDxyNUnKU6JTwfQQ2UkAxH4yRLTTUV00&ir_cid=3334&ir_affid=10813&utm_medium=affiliates&utm_source=MaxBounty.com%20ULC&ir_partnerid=10813&ir_adid=1215604&ir_campaignid=3334 HTTP/1.1
Host: flaviar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 08 Dec 2022 09:33:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 08 Dec 2022 10:33:58 GMT
Location: https://flaviar.com/?irclickid=1Y:wNSyDDxyNUnKU6JTwfQQ2UkAxH4yRLTTUV00&ir_cid=3334&ir_affid=10813&utm_medium=affiliates&utm_source=MaxBounty.com%20ULC&ir_partnerid=10813&ir_adid=1215604&ir_campaignid=3334
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dBXEfzlv%2BVWsoaeBmaXLKJmZGhI%2BU9E9fzyqUwUe4Nim%2FqL0eplI3J8IhUlUdi4NUmQHr%2BguG7oFWOV670r132hTzyIzDSBt4vcpuCi1CYm3JJhONBsUmn8MTYbZ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776480a57b490b06-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16287
Expires: Thu, 08 Dec 2022 14:05:25 GMT
Date: Thu, 08 Dec 2022 09:33:58 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 388f6fea5bafa378266622b72311a6ee
447f102dc12172ce1ba44c5e94e1d7bb49d43372
a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5139
Expires: Thu, 08 Dec 2022 10:59:37 GMT
Date: Thu, 08 Dec 2022 09:33:58 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 08 Dec 2022 09:08:11 GMT
content-type: application/json
age: 1547
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 00e7703bd74975689fc9050356aaca6b
9788fe6a36d6f278e8da329ebc5dd87bcd212317
593bc437ff8a8233516c62613d50220fcb25b9f967ed5fb384c253f0db135103
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "593BC437FF8A8233516C62613D50220FCB25B9F967ED5FB384C253F0DB135103"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2732
Expires: Thu, 08 Dec 2022 10:19:30 GMT
Date: Thu, 08 Dec 2022 09:33:58 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 279 B IP
Hash 33f625c9a3e35163f8d45b81cf7706e7
579fca99715be65ce43803685a7464d023f7380e
214a42daecaf171b42ada1db201e1c705ad89ae556a6d40a64b67e5d6d6c32d5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2277
Cache-Control: max-age=146111
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:58 GMT
Etag: "63913e60-117"
Expires: Sat, 10 Dec 2022 02:09:09 GMT
Last-Modified: Thu, 08 Dec 2022 01:31:12 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: z16uTmVmcuFNDiXN9BkCBY1j7nW6D7HvgHAJRuJdwClt/sWNLrjoHoM4PDEXEldVdv1AGEbaY5w=
x-amz-request-id: 4RH1MW63VP2RJKMQ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 08 Dec 2022 08:49:43 GMT
age: 2655
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 09:33:58 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 08 Dec 2022 09:07:58 GMT
age: 1560
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
flaviar.com/?irclickid=1Y:wNSyDDxyNUnKU6JTwfQQ2UkAxH4yRLTTUV00&ir_cid=3334&ir_affid=10813&utm_medium=affiliates&utm_source=MaxBounty.com%20ULC&ir_partnerid=10813&ir_adid=1215604&ir_campaignid=3334
200 OK 10 kB URL HTTP/2 flaviar.com/?irclickid=1Y:wNSyDDxyNUnKU6JTwfQQ2UkAxH4yRLTTUV00&ir_cid=3334&ir_affid=10813&utm_medium=affiliates&utm_source=MaxBounty.com%20ULC&ir_partnerid=10813&ir_adid=1215604&ir_campaignid=3334
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (503)
Hash 36a29acb752624a710f0852cefd8517f
624f22e5c4fd63590688b47665ca05718ab8ff71
1f8adf57b411fb4a5e18f3206748cb22814666d3f75bf3e46f190a2d8ce27aa0
GET /?irclickid=1Y:wNSyDDxyNUnKU6JTwfQQ2UkAxH4yRLTTUV00&ir_cid=3334&ir_affid=10813&utm_medium=affiliates&utm_source=MaxBounty.com%20ULC&ir_partnerid=10813&ir_adid=1215604&ir_campaignid=3334 HTTP/1.1
Host: flaviar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:33:58 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: PHPSESSID=b795257f6a111e058ac6f3dc37e10046; expires=Fri, 09-Dec-2022 09:33:58 GMT; Max-Age=86400; path=/; secure; HttpOnly
cache-control: max-age=0, must-revalidate, private
link: <https://cdn.flaviar.com/build/runtime.9a3426ea.js>; rel="preload"; as="script",<https://cdn.flaviar.com/build/1.e1f7a7db.js>; rel="preload"; as="script",<https://cdn.flaviar.com/build/2.bb78030d.js>; rel="preload"; as="script",<https://cdn.flaviar.com/build/app.c0f32fe0.js>; rel="preload"; as="script",<https://cdn.flaviar.com/build/6.b4527ba4.js>; rel="preload"; as="script",<https://cdn.flaviar.com/build/app-main.fd4a1c88.js>; rel="preload"; as="script",<https://cdn.flaviar.com/build/5.2a092778.css>; rel="preload"; as="style",<https://cdn.flaviar.com/build/app-style.377245f9.css>; rel="preload"; as="style",<https://cdn.flaviar.com/build/landing-frontpage.9b5c61d3.css>; rel="preload"; as="style",<https://cdn.flaviar.com/build/menu-style.83f9b35c.css>; rel="preload"; as="style"
expires: Thu, 08 Dec 2022 09:33:58 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4eSfVdpd5GDt5ywRmBR3FJthKBMqxLliW5WFdtCkavV23A61SOAUKh%2FUosdWyBjBil1%2FO37CTZlvYEJkvWdvfwcW3Iv9sSZFYofjQZVpnZ5ImeedllgcRzwa2HjF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776480a789e0b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
200 OK 6.1 kB URL HTTP/2 widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
IP
File type Unicode text, UTF-8 (with BOM) text, with very long lines (19239)
Hash 5add60196e5f96a414fb4b9586764e5d
633f471b3c2fcedeef9cad90cb5bf56f5fe55588
5370f4ba91dda790c7cae92817b812fcbd1ab367cbb4862f5669960ae4e2c9e0
GET /bootstrap/v5/tp.widget.bootstrap.min.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 6124
last-modified: Mon, 30 May 2022 14:38:02 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Thu, 08 Dec 2022 01:28:24 GMT
cache-control: max-age=86400
etag: "5add60196e5f96a414fb4b9586764e5d"
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: RVyFAdisOPbgWWD7b9ZEQVb0OrE_1QY74GToFqlQ66Hfv_SulTwN2w==
age: 29135
X-Firefox-Spdy: h2
use.typekit.net/bne0epn.js
200 OK 6.7 kB URL HTTP/2 use.typekit.net/bne0epn.js
IP
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (2258)
Hash 56c323529b45591f153e4f5a72d75c0e
cfada07aa803d4651a773d0e4536e036bcfd134c
2953f691618da33aef7c7b909532b8a918bf95dc02c9d44816c526fd40bed81d
GET /bne0epn.js HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/javascript;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: public, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 6730
date: Thu, 08 Dec 2022 09:33:58 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 3.4 kB IP
Hash 8298cb84f2e1de85d43f3a5fcded1c85
c6d1b47266e5f17f4878920cdbbbab4644ad0f64
b774717b4db8002362eab447154434792a0e758b9e0976dd21b681cbb64e7026
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3691
Cache-Control: max-age=88463
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:58 GMT
Etag: "639057aa-1d7"
Expires: Fri, 09 Dec 2022 10:08:21 GMT
Last-Modified: Wed, 07 Dec 2022 09:06:50 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 0c89743226644fddacbe5d50c110b950
b343ae9eb9047cf764b518083d612ffd3652b209
1bf675bb6e12e913a98cd8849c1af9a0c50b0bb8bfa670c86419b41782e06e47
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-K4F6SWQ
200 OK 109 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-K4F6SWQ
IP
File type ASCII text, with very long lines (49620)
Size 109 kB (109070 bytes)
Hash 8676d1e47bee3d8778bfd2bfa31d72c8
85d937fda03e8c4d29620c473f6f7d25c7486546
bd8b530eeaaab06b56367dddf2acb7ec203d9901ddcfeddc16ab137b5005b810
GET /gtm.js?id=GTM-K4F6SWQ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 08 Dec 2022 09:33:59 GMT
expires: Thu, 08 Dec 2022 09:33:59 GMT
cache-control: private, max-age=900
last-modified: Thu, 08 Dec 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 109070
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 0c89743226644fddacbe5d50c110b950
b343ae9eb9047cf764b518083d612ffd3652b209
1bf675bb6e12e913a98cd8849c1af9a0c50b0bb8bfa670c86419b41782e06e47
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:33:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 08MydWIFynMb+vctv4kVkg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: cLPUhb5zEn2Q8WPNabMDIEbIphA=
use.typekit.net/af/8de6d2/00000000000000003b9adc6b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
200 OK 83 kB URL HTTP/2 use.typekit.net/af/8de6d2/00000000000000003b9adc6b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
IP
ASN #20940 Akamai International B.V.
Hash 102950af5ba634517bf751e587ee6236
9b9d5f708e1ce54f0903fb9f0c922bf93dc6b906
ee8670fb5788f89e9794a3dd1508e4f1712b724c85ce8bebfcbe9da57f503309
GET /af/8de6d2/00000000000000003b9adc6b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 29392
etag: "2bd51188b101f4cf29ce1d8dfdbe91d00fc07ba6"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Thu, 08 Dec 2022 09:33:59 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/85d455/00000000000000003b9adc6a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
200 OK 31 kB URL HTTP/2 use.typekit.net/af/85d455/00000000000000003b9adc6a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
IP
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 30656, version 1.0\012- data
Hash 09848390b847375a8dbf4a3808750013
d8b5db5923705fba6073a52d2145d086c5030527
ead661c1cd323f4f9a023be4cea810a9bcbc3498871593a256fc9221a52f1417
GET /af/85d455/00000000000000003b9adc6a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 30656
etag: "374d4e049d59d33f7c1b988631b115ad96597d60"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Thu, 08 Dec 2022 09:33:59 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/379cfa/00000000000000003b9adc6d/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
200 OK 60 kB URL HTTP/2 use.typekit.net/af/379cfa/00000000000000003b9adc6d/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
IP
ASN #20940 Akamai International B.V.
Hash edb65b6a79eb336ec3aa7d26b33147b9
02f2a6cc9b825b638078647a3988740009eb6212
8c98497d7be4781738b8528683585a25a89eeda8b8de7a013e9890a767b24fc7
GET /af/379cfa/00000000000000003b9adc6d/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 11668
etag: "a53237c24cbd279f0405e007f31ec7f47234819b"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Thu, 08 Dec 2022 09:33:59 GMT
X-Firefox-Spdy: h2
widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7
200 OK 2.1 kB URL HTTP/2 widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (6826)
Hash 1307e3fd5846bacc989c2fd05996f010
3fd96ecea8c4a91980939fe1e1efe9ec0f47eebc
39f14c526d9f43a24b5c1e219e7ee63500f90b39517d18085573dcf73eb33d87
GET /trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7 HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 2144
last-modified: Tue, 04 Oct 2022 10:34:09 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Thu, 08 Dec 2022 08:30:09 GMT
cache-control: max-age=86400
etag: "1307e3fd5846bacc989c2fd05996f010"
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: LOcYu0d9EtdUpT3J_uevIst3xnSsiJLo8HaEvFbt9CDljmRKLj9Xlg==
age: 15518
X-Firefox-Spdy: h2
p.typekit.net/p.gif?s=1&k=bne0epn&ht=tk&h=flaviar.com&f=28578.28579.28736&a=7301736&js=1.21.0&app=typekit&e=js&_=1670492039275
200 OK 35 B URL HTTP/2 p.typekit.net/p.gif?s=1&k=bne0epn&ht=tk&h=flaviar.com&f=28578.28579.28736&a=7301736&js=1.21.0&app=typekit&e=js&_=1670492039275
IP
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 81144d75b3e69e9aa2fa3e9d83a64d03
f0fbc60b50edf5b2a0b76e0aa0537b76bf346ffc
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
GET /p.gif?s=1&k=bne0epn&ht=tk&h=flaviar.com&f=28578.28579.28736&a=7301736&js=1.21.0&app=typekit&e=js&_=1670492039275 HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: image/gif
cross-origin-resource-policy: cross-origin
etag: "61c32ad2-23"
last-modified: Wed, 22 Dec 2021 13:40:34 GMT
server: nginx
content-length: 35
unused62: 8096267
date: Thu, 08 Dec 2022 09:33:59 GMT
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 33233b398e29cc20e24ebf4cee716e07
557891c4ca3dd3ceffecef7c9617aca14d0aa673
7099e15d1bfe365ebd73893c759e5ff8b102ce68a65a4de88a89ca5a4502f0e4
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=91302
Date: Thu, 08 Dec 2022 09:33:59 GMT
Etag: "639057be-1d7"
Expires: Fri, 09 Dec 2022 10:55:41 GMT
Last-Modified: Wed, 07 Dec 2022 09:07:10 GMT
Server: ECS (bsa/EB11)
X-Cache: Miss from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Xb_nNQDaKzETwgyDN4GmeXPwriWc4oNKUCKPtIVw5XZLskNJd7Q4cw==
Age: 6511
widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/main.js
200 OK 64 kB URL HTTP/2 widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/main.js
IP
Hash dfcc09a0860efd2477f62f35abf41da9
17b990f0e8e5fcf1ab6907118264e20d2d2b7bc5
5d50eec6a0125f542cbbd8f3eb102bce8becd9f5c0ad63585db75a3dd5e9a675
GET /trustboxes/5419b6ffb0d04a076446a9af/main.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 17072
last-modified: Tue, 04 Oct 2022 10:34:10 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Wed, 07 Dec 2022 19:03:34 GMT
cache-control: max-age=86400
etag: "93d7d7afc794dd57add6ab0e6cb1e7a5"
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rj1iL401RmDM0-rTdtq912BWDOJcwidDHI2kOfPVjzmf61fSQHTOTA==
age: 52226
X-Firefox-Spdy: h2
beacon-v2.helpscout.net/
200 OK 327 B IP
File type ASCII text, with very long lines (458), with no line terminators
Hash 6d9443571334d5ef59eae244740d9a0a
a167a6fb04ab106285c75c3112469e8b356aea1f
1a7bff3797831200ec74e1933f96e0f633bc5c652939abcc8a55ec78d3772cc0
GET / HTTP/1.1
Host: beacon-v2.helpscout.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 327
date: Thu, 08 Dec 2022 09:33:08 GMT
last-modified: Thu, 08 Dec 2022 09:31:47 GMT
etag: "6d9443571334d5ef59eae244740d9a0a"
cache-control: max-age=120, s-maxage=120, public
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: aGyEhhJyf9ofGar5QSNfOD_g1CrXcc-Gf6vmhSK1s2iLVjGiGJm3HA==
age: 53
X-Firefox-Spdy: h2
beacon-v2.helpscout.net/static/js/vendor.ddc3f9c8.js
200 OK 22 kB URL HTTP/2 beacon-v2.helpscout.net/static/js/vendor.ddc3f9c8.js
IP
File type ASCII text, with very long lines (64495), with no line terminators
Hash 4c71758a7a3b1975809a202503770fb0
1382704a13f28aa2587efe4a019ef0ba7c9be07b
925cfc228dff8aad3a5fbe4ec924715835df033a32ad06660d90d1abd243bcc9
GET /static/js/vendor.ddc3f9c8.js HTTP/1.1
Host: beacon-v2.helpscout.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 22295
last-modified: Tue, 29 Nov 2022 15:46:59 GMT
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Thu, 08 Dec 2022 07:36:35 GMT
cache-control: max-age=315360000, s-maxage=7200, public
etag: "4c71758a7a3b1975809a202503770fb0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: pXFKQlXcZM8VrBeMCIw8SCrBw0BXDw8vF9c8EGx1yGvw4dPKyq6e7w==
age: 7046
X-Firefox-Spdy: h2
beacon-v2.helpscout.net/static/js/main.7d3bf394.js
200 OK 9.7 kB URL HTTP/2 beacon-v2.helpscout.net/static/js/main.7d3bf394.js
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (24954)
Hash cf8b7ac5e004ffb1b19029e806efcfa6
540158ac1be4ad68c04de79d4253a01a5ad9235f
70de5489b80cdc341061b62d3a2dcea8870d9532c1e4046a66a0891a55677ffb
GET /static/js/main.7d3bf394.js HTTP/1.1
Host: beacon-v2.helpscout.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 9699
date: Thu, 08 Dec 2022 09:33:08 GMT
last-modified: Thu, 08 Dec 2022 09:31:47 GMT
etag: "cf8b7ac5e004ffb1b19029e806efcfa6"
cache-control: max-age=315360000, s-maxage=7200, public
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: tZjL4GPnGbe-qPUsldrl5GSME-71ZUDxomKBaBAyMx6A_Z2rYExtEA==
age: 53
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 2b80fe68b192c6a0dde701c880acc101
3d1b732d7cc2d71c4582b1ba1baf1437f1e900de
8475b8802299a3c7ba173076294374e747593f29d78f284bd19706f69bdefa04
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "8475B8802299A3C7BA173076294374E747593F29D78F284BD19706F69BDEFA04"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3366
Expires: Thu, 08 Dec 2022 10:30:06 GMT
Date: Thu, 08 Dec 2022 09:34:00 GMT
Connection: keep-alive
consent.cookiebot.com/uc.js?cbid=d053bff0-f51a-4434-ab3e-b7ec8831e3ed
200 OK 32 kB URL HTTP/2 consent.cookiebot.com/uc.js?cbid=d053bff0-f51a-4434-ab3e-b7ec8831e3ed
IP
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65499)
Hash c8f7ad4768a16672f57131490149c3d0
c943c68aaa059f06744868bb239f06d900d41464
b5a1e40fab60b20e8b25517f6a7e6d27f21af0788959cdf3d52f5b94164cba0c
GET /uc.js?cbid=d053bff0-f51a-4434-ab3e-b7ec8831e3ed HTTP/1.1
Host: consent.cookiebot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Tue, 22 Nov 2022 07:34:39 GMT
accept-ranges: bytes
etag: "db2e3fe144fed81:0"
vary: Accept-Encoding
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
access-control-expose-headers: Request-Context
content-length: 31718
cache-control: public, max-age=439
expires: Thu, 08 Dec 2022 09:41:19 GMT
date: Thu, 08 Dec 2022 09:34:00 GMT
X-Firefox-Spdy: h2
www.googleoptimize.com/optimize.js?id=GTM-NLP39W9
200 OK 45 kB URL HTTP/2 www.googleoptimize.com/optimize.js?id=GTM-NLP39W9
IP
File type ASCII text, with very long lines (1921)
Hash e24ea22b6cec862e441795dc959686d1
7e9105f555c1c6cfb27a70099e8f524e0199925c
05d9e443c70a2cd8e7d215f96094b24f8841649c9fdcd6d24a7fab516f1f1bd2
GET /optimize.js?id=GTM-NLP39W9 HTTP/1.1
Host: www.googleoptimize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 08 Dec 2022 09:34:00 GMT
expires: Thu, 08 Dec 2022 09:34:00 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45320
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
widget.trustpilot.com/trustbox-data/5419b6ffb0d04a076446a9af?businessUnitId=5c63d6134064df0001fff3b7&locale=en-US
200 OK 483 B URL HTTP/2 widget.trustpilot.com/trustbox-data/5419b6ffb0d04a076446a9af?businessUnitId=5c63d6134064df0001fff3b7&locale=en-US
IP
File type JSON data\012- , ASCII text, with very long lines (1051), with no line terminators
Hash 8f5d4dc9a089c81f510a0b825d378c1c
3bcd8db2b27faf1ffbfb718ba805522501ce7d67
8867d2c1c95533ff0fa36793a80a10241f5072542458ef892bc868c60f03ac27
GET /trustbox-data/5419b6ffb0d04a076446a9af?businessUnitId=5c63d6134064df0001fff3b7&locale=en-US HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
content-length: 483
cache-control: public,max-age=1800
content-encoding: gzip
date: Thu, 08 Dec 2022 09:15:37 GMT
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
etag: "08e87214eb69163a7a023284ad38e8ae"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: loWV2TQcbaM7lQshNLOZANkOlr_F9l21B0SnY5mr_3X-f7ix3cG6Ig==
age: 1102
X-Firefox-Spdy: h2
widget.trustpilot.com/trustbox-data/5419b6ffb0d04a076446a9af?businessUnitId=5c63d6134064df0001fff3b7&locale=en-US
200 OK 483 B URL HTTP/2 widget.trustpilot.com/trustbox-data/5419b6ffb0d04a076446a9af?businessUnitId=5c63d6134064df0001fff3b7&locale=en-US
IP
File type JSON data\012- , ASCII text, with very long lines (1051), with no line terminators
Hash 8f5d4dc9a089c81f510a0b825d378c1c
3bcd8db2b27faf1ffbfb718ba805522501ce7d67
8867d2c1c95533ff0fa36793a80a10241f5072542458ef892bc868c60f03ac27
GET /trustbox-data/5419b6ffb0d04a076446a9af?businessUnitId=5c63d6134064df0001fff3b7&locale=en-US HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
content-length: 483
cache-control: public,max-age=1800
content-encoding: gzip
date: Thu, 08 Dec 2022 09:15:37 GMT
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
etag: "08e87214eb69163a7a023284ad38e8ae"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: WMly3V5lQBBuURebjGRggwVeSML4NbiFV-Qyt1gHLOMrJENNxZ8pUQ==
age: 1102
X-Firefox-Spdy: h2
widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=28px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1Y%3AwNSyDDxyNUnKU6JTwfQQ2UkAxH4yRLTTUV00%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5c63d6134064df0001fff3b7&widgetId=5419b6ffb0d04a076446a9af
204 No Content 0 B URL HTTP/2 widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=28px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1Y%3AwNSyDDxyNUnKU6JTwfQQ2UkAxH4yRLTTUV00%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5c63d6134064df0001fff3b7&widgetId=5419b6ffb0d04a076446a9af
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stats/TrustboxImpression?locale=en-US&styleHeight=28px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1Y%3AwNSyDDxyNUnKU6JTwfQQ2UkAxH4yRLTTUV00%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5c63d6134064df0001fff3b7&widgetId=5419b6ffb0d04a076446a9af HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
cache-control: no-store,no-cache
date: Thu, 08 Dec 2022 09:33:59 GMT
pragma: no-cache
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _BOfoHrkUA3weImhrbjC07Fq6M43Vm8rMkxvBwpDzCu2rkoFBJvKDg==
X-Firefox-Spdy: h2
widget.trustpilot.com/stats/TrustboxView?locale=en-US&styleHeight=42px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1Y%3AwNSyDDxyNUnKU6JTwfQQ2UkAxH4yRLTTUV00%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5c63d6134064df0001fff3b7&widgetId=5419b6ffb0d04a076446a9af
204 No Content 0 B URL HTTP/2 widget.trustpilot.com/stats/TrustboxView?locale=en-US&styleHeight=42px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1Y%3AwNSyDDxyNUnKU6JTwfQQ2UkAxH4yRLTTUV00%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5c63d6134064df0001fff3b7&widgetId=5419b6ffb0d04a076446a9af
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stats/TrustboxView?locale=en-US&styleHeight=42px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1Y%3AwNSyDDxyNUnKU6JTwfQQ2UkAxH4yRLTTUV00%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5c63d6134064df0001fff3b7&widgetId=5419b6ffb0d04a076446a9af HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
cache-control: no-store,no-cache
date: Thu, 08 Dec 2022 09:33:59 GMT
pragma: no-cache
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: tqPInHVz12nzwPI7C8Oq9H0Lj9SLQXNB0wxwVgPKlJOfUbv3VdDGrg==
X-Firefox-Spdy: h2
consentcdn.cookiebot.com/sdk/bc-v4.min.html
200 OK 392 B URL HTTP/2 consentcdn.cookiebot.com/sdk/bc-v4.min.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (627), with no line terminators
Hash e7268eccad39bd651697fa793a52cc5c
47299cefa2397b0c1d0c5bf232390a5cf1bcc4d3
907e16c84d35556e4ed841a3511915e6d4bb4e9d68cfca178a740e90b4d80e35
GET /sdk/bc-v4.min.html HTTP/1.1
Host: consentcdn.cookiebot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: text/html
etag: "3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
last-modified: Mon, 04 Apr 2022 07:23:49 GMT
server: AkamaiNetStorage
x-akamai-transformed: 9 - 0 pmb=mRUM,1
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=29771517
expires: Fri, 17 Nov 2023 23:25:57 GMT
date: Thu, 08 Dec 2022 09:34:00 GMT
content-length: 392
server-timing: cdn-cache; desc=HIT, edge; dur=1
X-Firefox-Spdy: h2
widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=42px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1Y%3AwNSyDDxyNUnKU6JTwfQQ2UkAxH4yRLTTUV00%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5c63d6134064df0001fff3b7&widgetId=5419b6ffb0d04a076446a9af
204 No Content 0 B URL HTTP/2 widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=42px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1Y%3AwNSyDDxyNUnKU6JTwfQQ2UkAxH4yRLTTUV00%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5c63d6134064df0001fff3b7&widgetId=5419b6ffb0d04a076446a9af
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stats/TrustboxImpression?locale=en-US&styleHeight=42px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1Y%3AwNSyDDxyNUnKU6JTwfQQ2UkAxH4yRLTTUV00%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5c63d6134064df0001fff3b7&widgetId=5419b6ffb0d04a076446a9af HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=5c63d6134064df0001fff3b7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
cache-control: no-store,no-cache
date: Thu, 08 Dec 2022 09:33:59 GMT
pragma: no-cache
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: EamzXYPjW-9YY9mmtBUBcADaW6fIzCUxJ-AMNYkA_QF1Dj5f9Da48A==
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash 7354e62fa39d17a8c644a678143d5683
88a59c502d394ca3b4799373e7af34188af0545a
4cb96b2ecbdfbd891f0e410c2d4666b9a8acdc96d3c78e0c8f6d7ea013691f88
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 09:34:00 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 02:06:55 GMT
Expires: Mon, 12 Dec 2022 02:06:54 GMT
Etag: "88a59c502d394ca3b4799373e7af34188af0545a"
Cache-Control: max-age=318173,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 776480b308fdb50f-OSL
cdn.segmentify.com/06e2e4b6-5e17-4dbf-9574-c462c3d742d7/segmentify.js
200 OK 55 kB URL HTTP/2 cdn.segmentify.com/06e2e4b6-5e17-4dbf-9574-c462c3d742d7/segmentify.js
IP
File type ASCII text, with very long lines (56611)
Hash 67c1cfe6d191bdd8f1569733f204a8a8
072e03303318bff24d0ac85bec55e6fe665ef2d2
fac425c7a5fb458a4fd864a0f55d6189fd6c1875b85b1a54c78d8acc55002928
GET /06e2e4b6-5e17-4dbf-9574-c462c3d742d7/segmentify.js HTTP/1.1
Host: cdn.segmentify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdsgqu9ue5u8RnBTCmLd-WSgwBIlfV3j7BRrx2f5c_x8piD2w1t9aNWvaSdHcuzrCrzauFIYjc7dk33vSeIdY80JNOrpjoOK
x-goog-generation: 1670470958378066
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 54785
content-encoding: gzip
x-goog-hash: crc32c=2vZaVg==, md5=Z8HP5tGRvdjxVpcz8gSoqA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
vary: Accept-Encoding
content-length: 54785
access-control-allow-origin: *
access-control-expose-headers: Origin, Accept, Content-Type, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token
server: UploadServer
date: Thu, 08 Dec 2022 05:59:43 GMT
expires: Thu, 15 Dec 2022 05:59:43 GMT
cache-control: public, max-age=604800
last-modified: Thu, 08 Dec 2022 03:42:38 GMT
etag: "67c1cfe6d191bdd8f1569733f204a8a8"
content-type: application/javascript
age: 12857
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash 7354e62fa39d17a8c644a678143d5683
88a59c502d394ca3b4799373e7af34188af0545a
4cb96b2ecbdfbd891f0e410c2d4666b9a8acdc96d3c78e0c8f6d7ea013691f88
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 09:34:00 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 02:06:55 GMT
Expires: Mon, 12 Dec 2022 02:06:54 GMT
Etag: "88a59c502d394ca3b4799373e7af34188af0545a"
Cache-Control: max-age=318173,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 776480b4bb8ab50f-OSL
beacon-v2.helpscout.net/static/js/full-beacon-init.d46881fe.chunk.js
200 OK 103 kB URL HTTP/2 beacon-v2.helpscout.net/static/js/full-beacon-init.d46881fe.chunk.js
IP
Size 103 kB (102992 bytes)
Hash 606a9ecdd09541c6f7f436a0e2d7e3f6
b47ddf2d5b1081bb2bbd97dbfda03bec3cd24119
099a626286351f4aaf19abc86eee89781cb35a50bba132311dc3a25aaed08384
GET /static/js/full-beacon-init.d46881fe.chunk.js HTTP/1.1
Host: beacon-v2.helpscout.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 102404
date: Thu, 08 Dec 2022 09:33:09 GMT
last-modified: Thu, 08 Dec 2022 09:31:47 GMT
etag: "9798dba76a6c2140a6f72f6c931535e5"
cache-control: max-age=315360000, s-maxage=7200, public
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: yf4ixPLOO-QAD418TKj8w_kaU2JoPpYXiXGMaA8fgpF4jY7-VtzrNw==
age: 52
X-Firefox-Spdy: h2
consent.cookiebot.com/d053bff0-f51a-4434-ab3e-b7ec8831e3ed/cc.js?renew=false&referer=flaviar.com&dnt=false&init=false&georegions=%5B%7B%22r%22%3A%22US-06%22%2C%22i%22%3A%226b04ee58-2401-4074-bb6b-0969a4c527d9%22%7D%5D
200 OK 156 B URL HTTP/2 consent.cookiebot.com/d053bff0-f51a-4434-ab3e-b7ec8831e3ed/cc.js?renew=false&referer=flaviar.com&dnt=false&init=false&georegions=%5B%7B%22r%22%3A%22US-06%22%2C%22i%22%3A%226b04ee58-2401-4074-bb6b-0969a4c527d9%22%7D%5D
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with CRLF line terminators
Hash 3477de123b1bcca0a96d557218c3c72c
279660604c7c2e9d5be154df57180849efca1e34
9331664c1938651f09a14fb45d0af5fd86a72c2d9aff0bc26193e239ddb38268
GET /d053bff0-f51a-4434-ab3e-b7ec8831e3ed/cc.js?renew=false&referer=flaviar.com&dnt=false&init=false&georegions=%5B%7B%22r%22%3A%22US-06%22%2C%22i%22%3A%226b04ee58-2401-4074-bb6b-0969a4c527d9%22%7D%5D HTTP/1.1
Host: consent.cookiebot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, max-age=1200
content-type: application/x-javascript; charset=utf-8
content-encoding: gzip
last-modified: Thu, 08 Dec 2022 09:34:00 GMT
vary: Accept-Encoding
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
access-control-expose-headers: Request-Context
content-length: 156
date: Thu, 08 Dec 2022 09:34:00 GMT
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 1a4c9caa1f185238a62ae27597aaeb15
5dbe1febb6fa2f17962013b1c5656b0c61626be9
21d53250b5135a5a50628638e5e6f73ef42a370340f9ca99a5b8ef693b9b9f32
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 09:34:00 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 20:28:58 GMT
Expires: Mon, 12 Dec 2022 20:28:57 GMT
Etag: "5dbe1febb6fa2f17962013b1c5656b0c61626be9"
Cache-Control: max-age=384296,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 776480b51bf3b50f-OSL
cdn.sgmntfy.com/pa.js
200 OK 3.7 kB IP
File type ASCII text, with very long lines (3744), with no line terminators
Hash 7327381bba6f249fe470d17c0dca2cb4
b6fac12855c66c4841a38d07934fc22302e881ef
393195c622ffdab45d8f71e6988cdcc65ef85102061defa603882dc9f80d11ec
Analyzer Verdict Alert quad9 Sinkholed
GET /pa.js HTTP/1.1
Host: cdn.sgmntfy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycduflDE4clQ4fDz8EIBW5y1K-BTUmTrK7-hLTExJCUMAKcPjs_f5oGCiCvkFeqELB979acTEBS8t4kx8RUSLjLgKiztN3ITo
x-goog-generation: 1654598345914433
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 3744
content-language: en
x-goog-hash: crc32c=EasKAQ==, md5=cyc4G7pvJJ/kcNF8DcostA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 3744
server: UploadServer
date: Thu, 08 Dec 2022 09:13:17 GMT
expires: Thu, 08 Dec 2022 10:13:17 GMT
cache-control: public, max-age=3600
age: 1243
last-modified: Tue, 07 Jun 2022 10:39:06 GMT
etag: "7327381bba6f249fe470d17c0dca2cb4"
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
public.fbot.me/events/06cc9139-6a61-41fc-88db-9ec21e04eecf/profile/xhr
200 OK 2 B URL HTTP/2 public.fbot.me/events/06cc9139-6a61-41fc-88db-9ec21e04eecf/profile/xhr
IP
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /events/06cc9139-6a61-41fc-88db-9ec21e04eecf/profile/xhr HTTP/1.1
Host: public.fbot.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Referer: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:34:00 GMT
content-length: 2
server: nginx/1.23.2
access-control-allow-origin: https://flaviar.com
access-control-allow-credentials: true
access-control-allow-methods: POST, GET
access-control-allow-headers: Authorization, Content-Type
info: {"connection":"upgrade","host":"public.fbot.me","x-forwarded-for":"91.90.42.154","x-forwarded-proto":"https","x-forwarded-port":"443","x-amzn-trace-id":"Root=1-6391af88-65400dc969a35f774f759324","user-agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0","accept":"*/*","accept-language":"en-US,en;q=0.5","accept-encoding":"gzip, deflate, br","access-control-request-method":"POST","access-control-request-headers":"authorization,content-type","referer":"https://flaviar.com/","origin":"https://flaviar.com","sec-fetch-dest":"empty","sec-fetch-mode":"cors","sec-fetch-site":"cross-site"}
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3429
Expires: Thu, 08 Dec 2022 10:31:09 GMT
Date: Thu, 08 Dec 2022 09:34:00 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3429
Expires: Thu, 08 Dec 2022 10:31:09 GMT
Date: Thu, 08 Dec 2022 09:34:00 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg
200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b87d6543345f73653ed4a49b37d7c959
c4f26846b8b72293368ff16915d49297cf12bbb9
aee6aa42e4b5b83b81f74801ff8f0039fc6d38036f42ee81875813c856cf5eef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8659
x-amzn-requestid: 6f420d07-65d5-4bb2-9f1f-e56025de497b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFSYFArIAMF46w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911c0f-0a295e5c48228d5806b4f107;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TSh1BNzzIPhWCfYEiqvQJckSPAyhHobe-HK6msEVeEJ1ruX-_rMSSA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:35:32 GMT
age: 35908
etag: "c4f26846b8b72293368ff16915d49297cf12bbb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3429
Expires: Thu, 08 Dec 2022 10:31:09 GMT
Date: Thu, 08 Dec 2022 09:34:00 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3429
Expires: Thu, 08 Dec 2022 10:31:09 GMT
Date: Thu, 08 Dec 2022 09:34:00 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a21d707-1bf7-4b7f-a23b-7e8f38dd40c5.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a21d707-1bf7-4b7f-a23b-7e8f38dd40c5.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3d44d17585c9a536c8da0e75ed90d175
9dc35d0f6b251004bc1ddc83aea9ee71c95aedd1
6d14a5b5c43b39244434560a83a2bfea6604a4d072943b6147293b7adfd1b7b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a21d707-1bf7-4b7f-a23b-7e8f38dd40c5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10164
x-amzn-requestid: a0cb7259-0a07-44f5-91cd-e96b8d9c9cac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cnAPOGSnoAMFUUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c472e-799b6ee425e29fb70ff7e4ea;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 07:07:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5Q2LRCrEYVZz_KldQARUQ26O1mv0G7rMAPQXGkBzUnERF-WjtZPMJA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 12:11:17 GMT
age: 76963
etag: "9dc35d0f6b251004bc1ddc83aea9ee71c95aedd1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb40390-82ef-453b-afca-e37aa7674ed3.jpeg
200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb40390-82ef-453b-afca-e37aa7674ed3.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f0c8a8dbe6c3ae6eaa2e464296708f5c
98556b27bc3759d0ceb8200ff5bc7b9567e428a5
bfc64a0e18c0137360f746eca256f464e26d23a04521ea629c46ae50ea6af173
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb40390-82ef-453b-afca-e37aa7674ed3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9058
x-amzn-requestid: 1f7fdd3d-1e65-46f7-8ef2-d164bf81e72b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctlz4FtuIAMFjsg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee9b2-4866b3fd61fdb35d34317038;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:05:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6ET1Tfo1QXRpjkWyOE7jfYnWToK8h7ojB31efNc09awacwlCIYEPjA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 07:19:28 GMT
age: 8072
etag: "98556b27bc3759d0ceb8200ff5bc7b9567e428a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15e59c3f-fa3a-4698-96c2-2e89662ffa9f.webp
200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15e59c3f-fa3a-4698-96c2-2e89662ffa9f.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 311cb4353566dfb426dbc692fde93223
979910df445a5c4d3513c8c25e289800335f646d
5ecd5c12620c0b8b6bbf456cb6c016168479a735f4eb67a9a1047677b9d798fb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15e59c3f-fa3a-4698-96c2-2e89662ffa9f.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8179
x-amzn-requestid: 39aa4016-4f48-4d2a-b94b-05432980d66a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czCruHckIAMFkHg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639117e4-1953985a5c8d2da8239ec8e8;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 22:47:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qKaRX4QpQU2U8J-jk1lWjhAooObsgxfHuNXv5Bbc69IEMCXAyIESeQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:50:01 GMT
age: 38639
etag: "979910df445a5c4d3513c8c25e289800335f646d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F234796b8-a59e-4174-a03a-b127b03b60eb.jpeg
200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F234796b8-a59e-4174-a03a-b127b03b60eb.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 57a992ab666f21c6da0057fefb622ff2
c36381d6744ae44360b2a37ca7586028e980714b
afe4050d9b07dcab509c95eb8d75ca410db74bd59f39561e5d190550cb61503e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F234796b8-a59e-4174-a03a-b127b03b60eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13556
x-amzn-requestid: 3e79e2da-80ea-404c-8d87-939c7682dbe8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy4h8EuUIAMFkIQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639107a5-68318f164708882a43fb0f12;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:37:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7RZTh3iQHGp_XffXQQw13UUWqPNZQFJ_e4pIvNPgAaA1aGy_cXMueA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:13:24 GMT
etag: "c36381d6744ae44360b2a37ca7586028e980714b"
content-type: image/jpeg
age: 40836
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 08 Dec 2022 08:41:08 GMT
expires: Thu, 08 Dec 2022 10:41:08 GMT
cache-control: public, max-age=7200
age: 3172
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8129d4d0ebab3efc528f57883dfb30ba
be557eee6cd854421ec872673041867c73369fa2
ed95fb60948c81a74657e5964798a07145fe91fee47cb270006f62294a5670b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:34:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e6c8e9d-aef1-4772-8747-82ef7e4ceeb1.jpeg
200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e6c8e9d-aef1-4772-8747-82ef7e4ceeb1.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fb1ea0161d261518c99909aff49e6f58
c3b915cb579b651db25442fea0bbedd0d292c0fc
d877a21abfd883a368da0136c4e56d7f590fa9e9ea09dec3675823211fe56385
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e6c8e9d-aef1-4772-8747-82ef7e4ceeb1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6110
x-amzn-requestid: ddb5c208-5bfe-4e8c-9fdd-55076fac9eb8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czg9FGl2IAMFxYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63914853-148fec9213f360520ff3c52a;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 02:13:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: l8PbqnzJrf0uHiLE9iy5PSfKl8f4520ddTxkji7GyUyAWuX9Sc4U0w==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 04:20:38 GMT
age: 18802
etag: "c3b915cb579b651db25442fea0bbedd0d292c0fc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 1a4c9caa1f185238a62ae27597aaeb15
5dbe1febb6fa2f17962013b1c5656b0c61626be9
21d53250b5135a5a50628638e5e6f73ef42a370340f9ca99a5b8ef693b9b9f32
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 09:34:00 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 20:28:58 GMT
Expires: Mon, 12 Dec 2022 20:28:57 GMT
Etag: "5dbe1febb6fa2f17962013b1c5656b0c61626be9"
Cache-Control: max-age=384296,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 776480b59d2cb50f-OSL
ocsp.digicert.com/
200 OK 471 B IP
Hash 7d047c6733f9c8d5998cae08d314f084
c23a8dce8a76dd01e22650fc1c19af2bae963008
d13c4f663e010387e21eece93c733faf5f2c3f9ff8ffca7aad99235aa990bea5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4387
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:34:00 GMT
Last-Modified: Thu, 08 Dec 2022 08:20:53 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6ec5f6261a8262e9f94b29627f54cefe
7ac766cf2ac8c2d960ec033388a767ff8a7d45e2
5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:34:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 279 B IP
Hash 67a1b2d7be614f35c45650267a65ea9e
277747c3e204693e166be7a28825191e0dcfd4f9
b345785422d52f2272722477f8bd0cf8ee6fee15957b8c656f04bc33879a2f35
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5423
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:34:00 GMT
Last-Modified: Thu, 08 Dec 2022 08:03:37 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279
sc-static.net/scevent.min.js
200 OK 12 kB URL HTTP/2 sc-static.net/scevent.min.js
IP
File type ASCII text, with very long lines (27646), with no line terminators
Hash 62585b7e4a4eab6ba3984a2cd4de5365
14e3b07044b095c9b8fd7b84bf00adb32233edb0
8e0a43da6d5b986bdf45ccdc4bfc11742086d59e2dbf2ae3a04701602c6b8bb7
GET /scevent.min.js HTTP/1.1
Host: sc-static.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 11972
server: CloudFront
date: Thu, 08 Dec 2022 09:34:00 GMT
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Content-Type
cache-control: private, s-maxage=0, max-age=600
set-cookie: X-AB=0d6e407936704bd380072f5891d28b0e;max-age=86400;expires=Fri, 09 Dec 2022 09:13:11 GMT;Path=/scevent.min.js; Secure; SameSite=None
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: H6G8BtwBU3RUFm0-wXG2j7Eo6z7OcMSIJuMYjyf5OHH4eMdoCavwjQ==
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-94QYBVSJNV&cid=1639009528.1670492040>m=2oebu0&aip=1&z=740837401
200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-94QYBVSJNV&cid=1639009528.1670492040>m=2oebu0&aip=1&z=740837401
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-94QYBVSJNV&cid=1639009528.1670492040>m=2oebu0&aip=1&z=740837401 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 08 Dec 2022 09:34:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.redditstatic.com/ads/pixel.js
200 OK 7.7 kB URL HTTP/2 www.redditstatic.com/ads/pixel.js
IP
File type ASCII text, with very long lines (25224)
Hash 3528fd00b652f61a266eb584d96f4fcc
d89e16aa1323c6c4f1ed3941122020684a599361
77efa9f2ddfdca7a45df37bbcd22fdaeb7b97161a2acd87e21eb78bdeaad1332
GET /ads/pixel.js HTTP/1.1
Host: www.redditstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Mon, 07 Nov 2022 16:45:46 GMT
etag: "3528fd00b652f61a266eb584d96f4fcc"
cache-control: public, max-age=60
content-encoding: gzip
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 08 Dec 2022 09:34:00 GMT
vary: Accept-Encoding,Origin
server: snooserv
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-length: 7722
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: W8qANO02uYPvuTYMsOxFg9F1ZpxDXDw3r0aFxKtL9V/ub/Jd6+w3zFEOsAj/7vNJ0mGZSHjZ7Juleu/MDygPjg==
priority: u=3,i
content-length: 27340
x-fb-trip-id: 2074150462
date: Thu, 08 Dec 2022 09:34:00 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash aa9e9cc4cf21d2f8e869a92e65a45506
32bac4c290787256eb7362fd11b4342d20a6c8ab
b82203e3d34d3cd6c7b013b8887a74af649ef07edccacf3a1874a670951a915b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3554
Cache-Control: max-age=95518
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:34:00 GMT
Etag: "639073c4-139"
Expires: Fri, 09 Dec 2022 12:05:58 GMT
Last-Modified: Wed, 07 Dec 2022 11:06:44 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 313
ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
200 OK 33 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
IP
File type ASCII text, with very long lines (32086)
Hash 430e927c980ad4079de727fa59dd93f2
891aaada9a55a91292999f6d50fd300439905982
e8728df8617340bd8c10bc8d27d3a725a48871a269c850e8598689938ec6e2ed
GET /ajax/libs/jquery/1.11.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33434
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 18:56:26 GMT
expires: Wed, 06 Dec 2023 18:56:26 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 139054
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 727 B IP
Hash ad77e561f35835d6b900b05a711f9bda
407939caf4b8dcd5b0aa011f0681d97dd9a733ff
b069cbc831574621c19ad9855029bb9f54620cfd2dd6cc87db8f7e324cbf9924
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2414
Cache-Control: max-age=125359
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:34:00 GMT
Etag: "6390ecc9-2d7"
Expires: Fri, 09 Dec 2022 20:23:19 GMT
Last-Modified: Wed, 07 Dec 2022 19:43:05 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 727
ocsp.digicert.com/
200 OK 727 B IP
Hash ad77e561f35835d6b900b05a711f9bda
407939caf4b8dcd5b0aa011f0681d97dd9a733ff
b069cbc831574621c19ad9855029bb9f54620cfd2dd6cc87db8f7e324cbf9924
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4313
Cache-Control: max-age=127258
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:34:00 GMT
Etag: "6390ecc9-2d7"
Expires: Fri, 09 Dec 2022 20:54:58 GMT
Last-Modified: Wed, 07 Dec 2022 19:43:05 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 727
d3hb14vkzrxvla.cloudfront.net/v1/00e580f3-b08f-44e2-b7b0-5949db5bfaf3
200 OK 0 B URL HTTP/2 d3hb14vkzrxvla.cloudfront.net/v1/00e580f3-b08f-44e2-b7b0-5949db5bfaf3
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v1/00e580f3-b08f-44e2-b7b0-5949db5bfaf3 HTTP/1.1
Host: d3hb14vkzrxvla.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: beacon-device-id,correlationid,helpscout-origin,helpscout-release
Referer: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
date: Thu, 08 Dec 2022 09:33:57 GMT
access-control-allow-origin: https://flaviar.com
access-control-allow-methods: GET
access-control-allow-headers: beacon-device-id, correlationid, helpscout-origin, helpscout-release
access-control-allow-credentials: true
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
x-ratelimit-limit-identify-hour: 25
x-ratelimit-remaining-identify-hour: 25
x-ratelimit-limit-general-minute: 60
x-ratelimit-remaining-general-minute: 60
x-ratelimit-limit-conversations-hour: 10
x-ratelimit-remaining-conversations-hour: 10
x-ratelimit-limit-attachments-hour: 10
x-ratelimit-remaining-attachments-hour: 10
x-ratelimit-limit-chat-tokens-hour: 25
x-ratelimit-remaining-chat-tokens-hour: 25
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rCjjjDktAtAenijLxF27b7esdQi2BofeHlAluCDX0ee6t09THX6NFw==
age: 3
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 7d047c6733f9c8d5998cae08d314f084
c23a8dce8a76dd01e22650fc1c19af2bae963008
d13c4f663e010387e21eece93c733faf5f2c3f9ff8ffca7aad99235aa990bea5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5672
Cache-Control: max-age=155941
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:34:00 GMT
Etag: "63915785-1d7"
Expires: Sat, 10 Dec 2022 04:53:01 GMT
Last-Modified: Thu, 08 Dec 2022 03:18:29 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8129d4d0ebab3efc528f57883dfb30ba
be557eee6cd854421ec872673041867c73369fa2
ed95fb60948c81a74657e5964798a07145fe91fee47cb270006f62294a5670b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:34:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6ec5f6261a8262e9f94b29627f54cefe
7ac766cf2ac8c2d960ec033388a767ff8a7d45e2
5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:34:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
public.fbot.me/events/06cc9139-6a61-41fc-88db-9ec21e04eecf/profile/xhr
200 OK 514 B URL HTTP/2 public.fbot.me/events/06cc9139-6a61-41fc-88db-9ec21e04eecf/profile/xhr
IP
File type JSON data\012- , ASCII text, with very long lines (514), with no line terminators
Hash bff7176cd6913706a821a7d7dbb962f3
6a6a086bd466592f9154ef9f1c7c6d3a66abd6e9
c8228105a00bf67200016326c1850e861035fe17cad192d92e0fc2b5261669b2
POST /events/06cc9139-6a61-41fc-88db-9ec21e04eecf/profile/xhr HTTP/1.1
Host: public.fbot.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaviar.com/
Authorization:
Content-Type: application/json
Origin: https://flaviar.com
Content-Length: 215
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:34:00 GMT
content-type: application/json
content-length: 514
server: nginx/1.23.2
access-control-allow-origin: https://flaviar.com
set-cookie: globalId=93361dc7-707f-46c0-bdba-33fdbe7d824c; Max-Age=315360000; Domain=.fbot.me; Path=/; HttpOnly; Secure; SameSite=None
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash ef33445fcdc482844e5258994c63ac51
53513592e183978e20120956e968ff7350d7f454
256ace03c34ca196887e6bdb12c08e0ef5da178b5d96d756f367b4cc89dedf8b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1763
Cache-Control: max-age=164669
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:34:00 GMT
Etag: "639188e2-1d7"
Expires: Sat, 10 Dec 2022 07:18:29 GMT
Last-Modified: Thu, 08 Dec 2022 06:49:06 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash ef33445fcdc482844e5258994c63ac51
53513592e183978e20120956e968ff7350d7f454
256ace03c34ca196887e6bdb12c08e0ef5da178b5d96d756f367b4cc89dedf8b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1770
Cache-Control: max-age=164676
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:34:00 GMT
Etag: "639188e2-1d7"
Expires: Sat, 10 Dec 2022 07:18:36 GMT
Last-Modified: Thu, 08 Dec 2022 06:49:06 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
tr.snapchat.com/cm/i?pid=b838e1c8-e5cb-4d99-bda2-d5594b71ff41&u_scsid=9dbd3cf5-a2c5-4309-ae88-ccd4780f99b5&u_sclid=b946094f-1b9c-4024-bd0b-005fb82f862a
200 OK 0 B URL HTTP/2 tr.snapchat.com/cm/i?pid=b838e1c8-e5cb-4d99-bda2-d5594b71ff41&u_scsid=9dbd3cf5-a2c5-4309-ae88-ccd4780f99b5&u_sclid=b946094f-1b9c-4024-bd0b-005fb82f862a
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/i?pid=b838e1c8-e5cb-4d99-bda2-d5594b71ff41&u_scsid=9dbd3cf5-a2c5-4309-ae88-ccd4780f99b5&u_sclid=b946094f-1b9c-4024-bd0b-005fb82f862a HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:34:00 GMT
content-type: text/html
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 0
x-envoy-upstream-service-time: 0
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
shop.pe/widget/widget_async.js
301 Moved Permanently 178 B URL HTTP/2 shop.pe/widget/widget_async.js
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /widget/widget_async.js HTTP/1.1
Host: shop.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 08 Dec 2022 09:34:00 GMT
content-type: text/html
content-length: 178
location: https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
x-frame-options: deny
content-security-policy: frame-ancestors none;
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash c7a5f887bbc7d30b9cfe15163c3d8ddb
21d65790a1d10a06d198b54218365aa474126e1c
2a2e7930f967d947cc5293c95221913e24596773577bbf56ff402db6236bbda1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:34:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 279 B IP
Hash 67a1b2d7be614f35c45650267a65ea9e
277747c3e204693e166be7a28825191e0dcfd4f9
b345785422d52f2272722477f8bd0cf8ee6fee15957b8c656f04bc33879a2f35
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5424
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:34:01 GMT
Last-Modified: Thu, 08 Dec 2022 08:03:37 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 471 B IP
Hash ef33445fcdc482844e5258994c63ac51
53513592e183978e20120956e968ff7350d7f454
256ace03c34ca196887e6bdb12c08e0ef5da178b5d96d756f367b4cc89dedf8b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1771
Cache-Control: max-age=164676
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:34:01 GMT
Etag: "639188e2-1d7"
Expires: Sat, 10 Dec 2022 07:18:37 GMT
Last-Modified: Thu, 08 Dec 2022 06:49:06 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 727 B IP
Hash ad77e561f35835d6b900b05a711f9bda
407939caf4b8dcd5b0aa011f0681d97dd9a733ff
b069cbc831574621c19ad9855029bb9f54620cfd2dd6cc87db8f7e324cbf9924
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4314
Cache-Control: max-age=127258
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:34:01 GMT
Etag: "6390ecc9-2d7"
Expires: Fri, 09 Dec 2022 20:54:59 GMT
Last-Modified: Wed, 07 Dec 2022 19:43:05 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 727
d3hb14vkzrxvla.cloudfront.net/v1/00e580f3-b08f-44e2-b7b0-5949db5bfaf3
200 OK 7.7 kB URL HTTP/2 d3hb14vkzrxvla.cloudfront.net/v1/00e580f3-b08f-44e2-b7b0-5949db5bfaf3
IP
Hash e1e5afe3af2be39524b761e3fdd2d6f4
8eba46b3ea7ee3c2058f0c1a14d7b0dd11b001d2
67157e76a518b3f6c04f3c1e0b0a87a2ff842219df2133153463610af3a517cb
GET /v1/00e580f3-b08f-44e2-b7b0-5949db5bfaf3 HTTP/1.1
Host: d3hb14vkzrxvla.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
correlationId: 36f7f776-abcc-47d4-abed-4e36c32c579a
Helpscout-Origin: Beacon-Embed
Helpscout-Release: 2.2.37
Beacon-Device-ID: 8c13ef97-0cad-48c6-b537-a874ed3a49ee
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Thu, 08 Dec 2022 09:33:20 GMT
access-control-allow-origin: https://flaviar.com
access-control-expose-headers: Resource-ID
access-control-allow-credentials: true
cache-control: max-age=300
x-ratelimit-limit-general-minute: 60
x-ratelimit-remaining-general-minute: 60
x-ratelimit-limit-conversations-hour: 10
x-ratelimit-remaining-conversations-hour: 10
x-ratelimit-limit-attachments-hour: 10
x-ratelimit-remaining-attachments-hour: 10
x-ratelimit-limit-chat-tokens-hour: 25
x-ratelimit-remaining-chat-tokens-hour: 25
x-ratelimit-limit-identify-hour: 25
x-ratelimit-remaining-identify-hour: 25
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Dboan_lrJ4Gov75Dc10fZ3kkAh7LdJ9853tR3KECykXXKVX4vpcVMg==
age: 40
X-Firefox-Spdy: h2
dynamic.criteo.com/js/ld/ld.js?a=95340
200 OK 15 kB URL HTTP/2 dynamic.criteo.com/js/ld/ld.js?a=95340
IP
File type ASCII text, with very long lines (43225)
Hash 330d8bbd8ddbe4609ac1f495c2af3aea
ae6fb91151eb22d81408b7bbbd6e016e55e03d56
f9e71a13681ff5f1f75f6a01097624c87b94b38ce414eba29c3e7396f3c76d48
GET /js/ld/ld.js?a=95340 HTTP/1.1
Host: dynamic.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:33:59 GMT
content-type: application/javascript; charset=utf-8
server: Kestrel
cache-control: public,max-age=10800
content-encoding: br
vary: Origin, Accept-Encoding
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
stats.g.doubleclick.net/g/collect?v=2&tid=G-94QYBVSJNV&cid=1639009528.1670492040>m=2oebu0&aip=1
204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-94QYBVSJNV&cid=1639009528.1670492040>m=2oebu0&aip=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-94QYBVSJNV&cid=1639009528.1670492040>m=2oebu0&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://flaviar.com
date: Thu, 08 Dec 2022 09:34:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
splow.flaviar.com/com.snowplowanalytics.snowplow/tp2
200 OK 0 B URL HTTP/2 splow.flaviar.com/com.snowplowanalytics.snowplow/tp2
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: splow.flaviar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:34:01 GMT
content-length: 0
access-control-allow-origin: https://flaviar.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 5
x-robots-tag: noindex, nofollow, nosnippet, noarchive
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rDewHX418UeLCP4HxkJ1dUU3DP%2FagNuLm4sHHlH9WXdT%2FC1B2%2BboGGNbjyghUj9gF8%2FwrjSVUAsiShR0ppM9LW0wxkelf5b3OT2frme1P2NHTCYMp64gXn%2B2GbQCx2tXWWfx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 776480b78dec1c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash c7a5f887bbc7d30b9cfe15163c3d8ddb
21d65790a1d10a06d198b54218365aa474126e1c
2a2e7930f967d947cc5293c95221913e24596773577bbf56ff402db6236bbda1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:34:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tr.snapchat.com/collector/is_enabled?pids=b838e1c8-e5cb-4d99-bda2-d5594b71ff41&tld=com
200 OK 573 B URL HTTP/2 tr.snapchat.com/collector/is_enabled?pids=b838e1c8-e5cb-4d99-bda2-d5594b71ff41&tld=com
IP
Hash e67bc083e2dd5616c8b36f20877e7f76
9549458fd2b1baeba4ac30dd2e3a4a2c7e1f848e
a99d47121a1690302c9ade921d70935cb346fa38359e493ea1827536702cfa2b
GET /collector/is_enabled?pids=b838e1c8-e5cb-4d99-bda2-d5594b71ff41&tld=com HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:34:00 GMT
access-control-allow-origin: https://flaviar.com
content-type: application/json
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time: 0
content-encoding: gzip
vary: Accept-Encoding
server: API Gateway
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 20f976f1a4421c0fae8ec58b24600703
14efafebd65a59a6f6b29ad778573546df4fca93
6fe0f2d44718761be652135835c003bc41589987d013e3fda3d52e708d42232a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=153430
Date: Thu, 08 Dec 2022 09:34:01 GMT
Etag: "639157ab-1d7"
Expires: Sat, 10 Dec 2022 04:11:11 GMT
Last-Modified: Thu, 08 Dec 2022 03:19:07 GMT
Server: ECS (bsa/EB23)
X-Cache: Miss from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: escBv2vH4qZmGIJmEUFxaTVER0erm2PGlxlFhh6zrf25cmruHPvfBA==
Age: 3125
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 20f976f1a4421c0fae8ec58b24600703
14efafebd65a59a6f6b29ad778573546df4fca93
6fe0f2d44718761be652135835c003bc41589987d013e3fda3d52e708d42232a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 08 Dec 2022 09:34:01 GMT
Last-Modified: Thu, 08 Dec 2022 08:42:30 GMT
Server: ECS (nyb/1D1C)
X-Cache: Miss from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: n_TqPSmeMI2qvQAySfMrdfwmJ0HSfVTSFm7Wi7XlkfQDdk-rhQGp1Q==
Age: 3094
api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0&page=irclickid%3D1Y%3AwNSyDDxyNUnKU6JTwfQQ2UkAxH4yRLTTUV00&page=ir_cid%3D3334&page=ir_affid%3D10813&page=utm_medium%3Daffiliates&page=utm_source%3DMaxBounty.com%20ULC&page=ir_partnerid%3D10813&page=ir_adid%3D1215604&page=ir_campaignid%3D3334
200 OK 18 B URL HTTP/2 api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0&page=irclickid%3D1Y%3AwNSyDDxyNUnKU6JTwfQQ2UkAxH4yRLTTUV00&page=ir_cid%3D3334&page=ir_affid%3D10813&page=utm_medium%3Daffiliates&page=utm_source%3DMaxBounty.com%20ULC&page=ir_partnerid%3D10813&page=ir_adid%3D1215604&page=ir_campaignid%3D3334
IP
File type ASCII text, with no line terminators
Hash cc7fd95a87ea3721ce1853bf3c4dd75e
7f687f7881adf0fc407378d375a61b8f198c0912
0f06a4c8d34690d4e42c81f232a5bdfe9fcbde8a54b5ccd0609a313e90da0879
OPTIONS /v1/personalize/simple?pageviews=1&isMobile=0&page=irclickid%3D1Y%3AwNSyDDxyNUnKU6JTwfQQ2UkAxH4yRLTTUV00&page=ir_cid%3D3334&page=ir_affid%3D10813&page=utm_medium%3Daffiliates&page=utm_source%3DMaxBounty.com%20ULC&page=ir_partnerid%3D10813&page=ir_adid%3D1215604&page=ir_campaignid%3D3334 HTTP/1.1
Host: api.sail-personalize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-lib-version,x-referring-url
Referer: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:34:01 GMT
content-type: text/plain
content-length: 18
access-control-allow-origin: https://flaviar.com
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: OPTIONS,GET,POST,PUT,DELETE
access-control-allow-headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
allow: HEAD,GET,OPTIONS
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8274b291596906eb3779dccb82ec41cb
b2ec554df1fa55e18a4316b76ac617dc626b7598
69129be0a1c2e3d1dfc602aea4ef004ea01b3bfa6c5863bd225843472f1bb7c8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:34:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/landing?gcs=G111&rnd=124088200.1670492040&url=https%3A%2F%2Fflaviar.com%2F>m=2wgbu0K4F6SWQ&auid=1665528604.1670492040
302 Found 42 B URL HTTP/2 www.google.com/pagead/landing?gcs=G111&rnd=124088200.1670492040&url=https%3A%2F%2Fflaviar.com%2F>m=2wgbu0K4F6SWQ&auid=1665528604.1670492040
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
POST /pagead/landing?gcs=G111&rnd=124088200.1670492040&url=https%3A%2F%2Fflaviar.com%2F>m=2wgbu0K4F6SWQ&auid=1665528604.1670492040 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 08 Dec 2022 09:34:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
location: https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&rnd=124088200.1670492040&url=https%3A%2F%2Fflaviar.com%2F>m=2wgbu0K4F6SWQ&auid=1665528604.1670492040
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0&page=irclickid%3D1Y%3AwNSyDDxyNUnKU6JTwfQQ2UkAxH4yRLTTUV00&page=ir_cid%3D3334&page=ir_affid%3D10813&page=utm_medium%3Daffiliates&page=utm_source%3DMaxBounty.com%20ULC&page=ir_partnerid%3D10813&page=ir_adid%3D1215604&page=ir_campaignid%3D3334
200 OK 196 B URL HTTP/2 api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0&page=irclickid%3D1Y%3AwNSyDDxyNUnKU6JTwfQQ2UkAxH4yRLTTUV00&page=ir_cid%3D3334&page=ir_affid%3D10813&page=utm_medium%3Daffiliates&page=utm_source%3DMaxBounty.com%20ULC&page=ir_partnerid%3D10813&page=ir_adid%3D1215604&page=ir_campaignid%3D3334
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash f60c7faf828acc18aab1e36fb3ad645c
941cc2d4e3815f78502286c7508134a1b6dbd4e6
0a6f01fcdaad44cd50491b3b8742a7601209ff76a0a9019c06c6310030954d83
GET /v1/personalize/simple?pageviews=1&isMobile=0&page=irclickid%3D1Y%3AwNSyDDxyNUnKU6JTwfQQ2UkAxH4yRLTTUV00&page=ir_cid%3D3334&page=ir_affid%3D10813&page=utm_medium%3Daffiliates&page=utm_source%3DMaxBounty.com%20ULC&page=ir_partnerid%3D10813&page=ir_adid%3D1215604&page=ir_campaignid%3D3334 HTTP/1.1
Host: api.sail-personalize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaviar.com/
authorization: Bearer 65de79281e7de94b00f804e81e0d65c0
content-type: application/json
x-lib-version: v1.0.1
x-referring-url: https://flaviar.com/?irclickid=1Y:wNSyDDxyNUnKU6JTwfQQ2UkAxH4yRLTTUV00&ir_cid=3334&ir_affid=10813&utm_medium=affiliates&utm_source=MaxBounty.com%20ULC&ir_partnerid=10813&ir_adid=1215604&ir_campaignid=3334
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:34:01 GMT
content-type: application/json
content-length: 196
access-control-allow-origin: *
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-store
expires: -1
allowedheaders: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
allowedorigins: *
allowedmethods: GET,OPTIONS
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 07a86cf9d9c8389ebd9c52303c83b27f
fd3524d701bdf111c541b6fc9e038bffcc3b5d6c
de08c944b2cb2671078e452d870757622e286f7214d736ab2c1b1d1c2ab8dcfb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:34:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash a938af990a97b9856e1174d11c72cbf7
b57716fd0ea9a1e9e0a0595ff593f939560c0abf
6ab769333b231097d077edfbc1c3fc9560de5ae9bfeb5b8360dea8b7fadbcb44
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:34:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 313 B IP
Hash e823649d6e67f7655ae25a69d20159c9
013359814344b7c15da24a2857a3354e16bd4c34
ba9c8fb40060f9f4c381dfb9843f52af35ee7114c6454884edc03bdf6b22683e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3394
Cache-Control: max-age=119148
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:34:01 GMT
Etag: "6390d0b3-139"
Expires: Fri, 09 Dec 2022 18:39:49 GMT
Last-Modified: Wed, 07 Dec 2022 17:43:15 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 313
googleads.g.doubleclick.net/pagead/landing?gcs=G111&rnd=124088200.1670492040&url=https%3A%2F%2Fflaviar.com%2F>m=2wgbu0K4F6SWQ&auid=1665528604.1670492040
200 OK 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/landing?gcs=G111&rnd=124088200.1670492040&url=https%3A%2F%2Fflaviar.com%2F>m=2wgbu0K4F6SWQ&auid=1665528604.1670492040
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/landing?gcs=G111&rnd=124088200.1670492040&url=https%3A%2F%2Fflaviar.com%2F>m=2wgbu0K4F6SWQ&auid=1665528604.1670492040 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaviar.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 08 Dec 2022 09:34:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 08-Dec-2022 09:49:01 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?topUrl=flaviar.com&origin=onetag&us_privacy=1---
200 OK 5.1 kB URL HTTP/2 gum.criteo.com/syncframe?topUrl=flaviar.com&origin=onetag&us_privacy=1---
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (13465)
Hash 59a13186f66c0534c2491142f7e77e3e
6cefc66825cde1c4c35bbb3df5d39daa43f40097
a48bc357202d65e8b48cfc3f7dc563ef7a75b5a5fe10c63c87f9191f3a2edf59
GET /syncframe?topUrl=flaviar.com&origin=onetag&us_privacy=1--- HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:34:00 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=ba59b58b-a408-47f3-a451-d1f71b4153dc; expires=Tue, 02 Jan 2024 09:34:00 GMT; domain=.criteo.com; path=/; secure; samesite=none
optout=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.criteo.com; path=/
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 686785
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 07a86cf9d9c8389ebd9c52303c83b27f
fd3524d701bdf111c541b6fc9e038bffcc3b5d6c
de08c944b2cb2671078e452d870757622e286f7214d736ab2c1b1d1c2ab8dcfb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:34:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 313 B IP
Hash 5814ad3b7f0d449d58b5505e41a3f293
66fe5d7620cc08430e8c06b981dd034307dbbc8d
aac640fcca4acaf55321ba49f1eb08c3a29d771445b35a33213aa627900d2579
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3589
Cache-Control: max-age=91606
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:34:01 GMT
Etag: "6390645a-139"
Expires: Fri, 09 Dec 2022 11:00:47 GMT
Last-Modified: Wed, 07 Dec 2022 10:00:58 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
200 OK 313 B IP
Hash 5814ad3b7f0d449d58b5505e41a3f293
66fe5d7620cc08430e8c06b981dd034307dbbc8d
aac640fcca4acaf55321ba49f1eb08c3a29d771445b35a33213aa627900d2579
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3600
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:34:01 GMT
Last-Modified: Thu, 08 Dec 2022 08:34:02 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 313
d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
200 OK 905 B URL HTTP/2 d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
IP
File type ASCII text, with very long lines (559)
Hash 8f9a4e574f11ca1ea10db98fd6687660
24524c8493f0ca5573f353600dd66ba22406cd9c
f16fda04be22fc56edd4df978a54704d27b942f694ba82fab5a7d3b1c13428b8
GET /widget/widget_async.js HTTP/1.1
Host: d3rr3d0n31t48m.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 905
last-modified: Tue, 15 Nov 2022 21:39:30 GMT
content-encoding: gzip
x-amz-meta-mtime: 1668548367.69
accept-ranges: bytes
server: AmazonS3
date: Thu, 08 Dec 2022 09:28:02 GMT
cache-control: max-age=3600, public
etag: "8f9a4e574f11ca1ea10db98fd6687660"
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: oxtwxk2nXCOIT2JzD0YmC9quFjs2Os9vt8H_Cs3bkSTdN5EZDVzxAw==
age: 360
X-Firefox-Spdy: h2
amplify.outbrain.com/cp/obtp.js
200 OK 5.3 kB URL HTTP/1.1 amplify.outbrain.com/cp/obtp.js
IP
File type ASCII text, with very long lines (16574), with no line terminators
Hash 5cdda5ed80a4ee13f700ae502f7cd4ec
0e6aa932abf3c56561a686aa3e8d069aaa3ca228
d54fc3e1792330cc768902f861f0a79ecffbfd23b8db14f354e8fcefd1c831c1
GET /cp/obtp.js HTTP/1.1
Host: amplify.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "fe80c55f1e1387116ff9765261ed192c:1669645506.686439"
Last-Modified: Mon, 28 Nov 2022 14:22:05 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1200
Expires: Thu, 08 Dec 2022 09:54:01 GMT
Date: Thu, 08 Dec 2022 09:34:01 GMT
Content-Length: 5269
Connection: keep-alive
bat.bing.com/bat.js
200 OK 12 kB IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (39124), with no line terminators
Hash d925a898de26295fdebfc90203ef46fa
77dd3f5893b76530e08058d50e8f9aef017e80c7
8f4a413fec7e48f5ac290f4596fef33b6396e7fb31080ec0203a5ec817d140c8
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11460
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 05 Dec 2022 17:15:50 GMT
accept-ranges: bytes
etag: "027e538cd8d91:0"
vary: Accept-Encoding
set-cookie: MUID=00F567BB1203656F2BAF75CF1354640B; domain=.bing.com; expires=Tue, 02-Jan-2024 09:34:01 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 028A48B9BE4749B286D82E258C2AEDFB Ref B: OSL30EDGE0307 Ref C: 2022-12-08T09:34:01Z
date: Thu, 08 Dec 2022 09:34:00 GMT
X-Firefox-Spdy: h2
static.ads-twitter.com/uwt.js
200 OK 15 kB URL HTTP/2 static.ads-twitter.com/uwt.js
IP
File type ASCII text, with very long lines (57596), with no line terminators
Hash 573e6a7f86f6f3063763360ef0672c01
b12eab3b4ac8872d49ac6e15f9cd17741765c0cf
02445eb022a04139531f0ce8d8980c31083a1c670936f1477f5cfc4d252133f7
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
cache-control: no-cache
content-type: application/javascript; charset=utf-8
content-encoding: gzip
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
accept-ranges: bytes
date: Thu, 08 Dec 2022 09:34:01 GMT
x-served-by: cache-iad-kjyo7100147-IAD, cache-hel1410033-HEL
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15375
X-Firefox-Spdy: h2
gandalf-eu.segmentify.com//get/key/v1.json?count=2
200 32 B URL HTTP/1.1 gandalf-eu.segmentify.com//get/key/v1.json?count=2
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type JSON data\012- , ASCII text, with no line terminators
Hash 0628b5d0e2069dc94ca83bb35656b332
68eca53caa17552450e085bfd965d2438479a1bb
5ff2c12b01863c49267cf6c3f2cc7c3ebea1e0261679c0f9e7f9a04e6496bdc6
GET //get/key/v1.json?count=2 HTTP/1.1
Host: gandalf-eu.segmentify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Encoding: br
Content-Type: application/json;charset=UTF-8
Date: Thu, 08 Dec 2022 09:34:01 GMT
Server: nginx
Transfer-Encoding: chunked
X-Server-Name: 954b0a27b6131b61ce7ca07d0e642523
rb9yp8py.flaviar.com/assets/wxyz.rb.js
200 OK 10 kB URL HTTP/1.1 rb9yp8py.flaviar.com/assets/wxyz.rb.js
IP
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (347)
Hash 46f395d8bdc29802f09a64a95a192e39
bf4266cdba32c81498002bef7c746bb20df0ac6d
b9c74b5f30111282496c5860c76e8e73697c52e94a939898ea2dae9a6a5314e0
GET /assets/wxyz.rb.js HTTP/1.1
Host: rb9yp8py.flaviar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaviar.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Thu, 08 Dec 2022 09:34:01 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
d3rr3d0n31t48m.cloudfront.net/widget/triggerRunner.js?v=c317b78
200 OK 3.8 kB URL HTTP/2 d3rr3d0n31t48m.cloudfront.net/widget/triggerRunner.js?v=c317b78
IP
File type ASCII text, with very long lines (583)
Hash 6f8d2d39d5726872bebba803a41bb024
2b7c6aa4941537ae52e1f32bfe642dfd440f5cbc
1de43985c42cfd2c6d39a3b7b30957bc1dde1208bd5bbbc94695d4c357383a01
GET /widget/triggerRunner.js?v=c317b78 HTTP/1.1
Host: d3rr3d0n31t48m.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 3772
date: Tue, 15 Nov 2022 21:40:34 GMT
last-modified: Tue, 15 Nov 2022 21:39:30 GMT
etag: "6f8d2d39d5726872bebba803a41bb024"
cache-control: max-age=2592000, public
content-encoding: gzip
x-amz-meta-mtime: 1668548367.68
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: PPIMCN6baNzzZasx_XJtTG9_xksiKZ6uvbCZqrcZyZATp9LFhObHlQ==
age: 1943608
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
200 OK 74 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP
Hash 29cae7e6c9ab281d7d72993b874cd899
c8d41ec42ecba77cb131b410acf4e2666663684b
ab11f3a74152308d05d4b703c7a9853fa88c0ce0c5593ee7674bdb9a53c470ad
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:34:01 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 110994
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
dnacdn.net/dna
200 OK 167 B IP
Hash 2af99a08bd6a03e7639571a44bd85796
6a57477b54f52ccdefade8395b22ca15dc0bb612
280ed2e959c018b59efa5e1741b988977821e2742577c4ca10b44a592593c64f
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=awJgc180M0RITmhlJTJCZkMwOUJGQlhaMUN2czdMWnBzNjhkMjFtNUZhVHBCSTlLbnlDeFltWiUyQklqSjhDOURPNjYlMkY1ZVo2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:34:00 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=yoQmFV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czdMWnBzNjhkMjFtNUZhVHBCSTlLbndQMDdQMERQaXZ5ZlcwJTJCcGxkWEg0Uw; expires=Tue, 02 Jan 2024 09:34:01 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 255769
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=5715081&tm=gtm002&Ver=2&mid=4e07ec6b-81c5-4ae7-8cb0-07b36ff7596b&sid=7295f7a076db11edbffce30274f34226&vid=7295dc3076db11ed9ec67dcf61acd66e&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar&p=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1Y%3AwNSyDDxyNUnKU6JTwfQQ2UkAxH4yRLTTUV00%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&r=<=2108&evt=pageLoad&sv=1&rn=100008
204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=5715081&tm=gtm002&Ver=2&mid=4e07ec6b-81c5-4ae7-8cb0-07b36ff7596b&sid=7295f7a076db11edbffce30274f34226&vid=7295dc3076db11ed9ec67dcf61acd66e&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar&p=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1Y%3AwNSyDDxyNUnKU6JTwfQQ2UkAxH4yRLTTUV00%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&r=<=2108&evt=pageLoad&sv=1&rn=100008
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=5715081&tm=gtm002&Ver=2&mid=4e07ec6b-81c5-4ae7-8cb0-07b36ff7596b&sid=7295f7a076db11edbffce30274f34226&vid=7295dc3076db11ed9ec67dcf61acd66e&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar&p=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1Y%3AwNSyDDxyNUnKU6JTwfQQ2UkAxH4yRLTTUV00%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&r=<=2108&evt=pageLoad&sv=1&rn=100008 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=1CA97120E623639D34D76354E7746279; domain=.bing.com; expires=Tue, 02-Jan-2024 09:34:01 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4B9AF7F6F1D643CBA8DA4B3C5F4A4E73 Ref B: OSL30EDGE0307 Ref C: 2022-12-08T09:34:01Z
date: Thu, 08 Dec 2022 09:34:00 GMT
X-Firefox-Spdy: h2
alb.reddit.com/rp.gif?ts=1670492040280&id=t2_h2e6q&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=08ecb402-f4d0-4f01-8474-76e16484dcde&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1280&sw=1024&v=rdt_1967aea8
200 OK 42 B URL HTTP/2 alb.reddit.com/rp.gif?ts=1670492040280&id=t2_h2e6q&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=08ecb402-f4d0-4f01-8474-76e16484dcde&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1280&sw=1024&v=rdt_1967aea8
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /rp.gif?ts=1670492040280&id=t2_h2e6q&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=08ecb402-f4d0-4f01-8474-76e16484dcde&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1280&sw=1024&v=rdt_1967aea8 HTTP/1.1
Host: alb.reddit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
cross-origin-resource-policy: cross-origin
content-type: image/gif
accept-ranges: bytes
date: Thu, 08 Dec 2022 09:34:01 GMT
via: 1.1 varnish
content-length: 42
X-Firefox-Spdy: h2
alb.reddit.com/rp.gif?ts=1670492040279&id=t2_h2e6q&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=08ecb402-f4d0-4f01-8474-76e16484dcde&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1280&sw=1024&v=rdt_1967aea8
200 OK 42 B URL HTTP/2 alb.reddit.com/rp.gif?ts=1670492040279&id=t2_h2e6q&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=08ecb402-f4d0-4f01-8474-76e16484dcde&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1280&sw=1024&v=rdt_1967aea8
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /rp.gif?ts=1670492040279&id=t2_h2e6q&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=08ecb402-f4d0-4f01-8474-76e16484dcde&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1280&sw=1024&v=rdt_1967aea8 HTTP/1.1
Host: alb.reddit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
cross-origin-resource-policy: cross-origin
content-type: image/gif
accept-ranges: bytes
date: Thu, 08 Dec 2022 09:34:01 GMT
via: 1.1 varnish
content-length: 42
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 314 B IP
Hash 2feb06685a118d55ccaeafc7ee017d8d
3d174b55d7ad8354fa4311fd50c00e548b9f58af
f0d8e6761e27796374ca50f8c6c0b46f2027eede275538207e90ad10522072ed
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6000
Cache-Control: max-age=100848
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:34:01 GMT
Etag: "63907f09-13a"
Expires: Fri, 09 Dec 2022 13:34:49 GMT
Last-Modified: Wed, 07 Dec 2022 11:54:49 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 314
getrockerbox.com/customdomain/rb9yp8py.flaviar.com/wxyz.rb.js
301 Moved Permanently 496 B URL HTTP/2 getrockerbox.com/customdomain/rb9yp8py.flaviar.com/wxyz.rb.js
IP
Hash 01e745a24261d1febc6314fa3bb5a41c
1df0840c08322ad09f034589cb6f3752acf1ceab
5b290d9ad37615066bbcce9d9049e466ea5d65e6e385bd4007c5c3b9dda7c230
GET /customdomain/rb9yp8py.flaviar.com/wxyz.rb.js HTTP/1.1
Host: getrockerbox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Thu, 08 Dec 2022 09:34:00 GMT
content-type: text/html
location: https://rb9yp8py.flaviar.com/assets/wxyz.rb.js
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tCqlzh6PNM6Rx6GAm2TfOLBFbSS%2F5CrQj1uHR63VbnrNjVYDssgbsUSNE%2BWFkgEuP4b69GHNF35gOtlTL9vDcGLH2asnT0YaHpsFFcToqfc19F0FuMZVrvc0uu2cMxTxPi7L"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776480b73b60719c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bat.bing.com/p/action/5715081.js
204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/5715081.js
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/5715081.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=27C913E0FF2F6DB114080194FE786CB3; domain=.bing.com; expires=Tue, 02-Jan-2024 09:34:01 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3C238BA111D54F9EB17A68DA060560D7 Ref B: OSL30EDGE0307 Ref C: 2022-12-08T09:34:01Z
date: Thu, 08 Dec 2022 09:34:01 GMT
X-Firefox-Spdy: h2
rb9yp8py.flaviar.com/integrations?source=flaviar
200 OK 59 B URL HTTP/1.1 rb9yp8py.flaviar.com/integrations?source=flaviar
IP
ASN #14061 DIGITALOCEAN-ASN
Hash b13b075ac18d7ecbf705dad11323402e
124e2c4307c6beabfd3e751f14a4f7acb02eb6ce
03db7011ba06ed159ca1b7dee62dc5a01ee2d0a3d6f3b0294004cd455251b7f2
GET /integrations?source=flaviar HTTP/1.1
Host: rb9yp8py.flaviar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Cookie: _ga_94QYBVSJNV=GS1.1.1670492039.1.0.1670492039.60.0.0; _ga=GA1.2.1639009528.1670492040; _gcl_au=1.1.1665528604.1670492040; _gid=GA1.2.1275494817.1670492040; _rdt_uuid=1670492040279.08ecb402-f4d0-4f01-8474-76e16484dcde; _schn=_tbtwjk; _scid=01f3b970-5bbf-4de7-9ddb-5f2b037351b4; _dc_gtm_UA-28959768-20=1; _dc_gtm_UA-28959768-1=1; _uetsid=7295f7a076db11edbffce30274f34226; _uetvid=7295dc3076db11ed9ec67dcf61acd66e; _sgf_user_id=21140933202280449; _sgf_session_id=21140933202280448
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: openresty
Date: Thu, 08 Dec 2022 09:34:01 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
status.thawte.com/
200 OK 471 B IP
Hash 463bcaef421199f7ea4216405d409f3a
51a32bdb4a049502cc7154910c257acc5b748292
66560b89ac85ab969d7e5b602f460b18f44de66574668faed3da61dcbd12858c
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3704
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:34:01 GMT
Last-Modified: Thu, 08 Dec 2022 08:32:17 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
status.thawte.com/
200 OK 471 B IP
Hash 463bcaef421199f7ea4216405d409f3a
51a32bdb4a049502cc7154910c257acc5b748292
66560b89ac85ab969d7e5b602f460b18f44de66574668faed3da61dcbd12858c
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3687
Cache-Control: max-age=132042
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:34:01 GMT
Etag: "639101ec-1d7"
Expires: Fri, 09 Dec 2022 22:14:43 GMT
Last-Modified: Wed, 07 Dec 2022 21:13:16 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
t.co/i/adsct?bci=3&eci=2&event_id=12f5d7e9-5924-4827-b7f6-f2c4b5a1c0f7&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6f007f73-e9f0-48cf-ad09-1ff67bd4f8b5&tw_document_href=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1Y%3AwNSyDDxyNUnKU6JTwfQQ2UkAxH4yRLTTUV00%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv73t&type=javascript&version=2.3.29
200 OK 43 B URL HTTP/2 t.co/i/adsct?bci=3&eci=2&event_id=12f5d7e9-5924-4827-b7f6-f2c4b5a1c0f7&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6f007f73-e9f0-48cf-ad09-1ff67bd4f8b5&tw_document_href=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1Y%3AwNSyDDxyNUnKU6JTwfQQ2UkAxH4yRLTTUV00%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv73t&type=javascript&version=2.3.29
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=12f5d7e9-5924-4827-b7f6-f2c4b5a1c0f7&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6f007f73-e9f0-48cf-ad09-1ff67bd4f8b5&tw_document_href=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1Y%3AwNSyDDxyNUnKU6JTwfQQ2UkAxH4yRLTTUV00%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv73t&type=javascript&version=2.3.29 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:34:01 GMT
perf: 7626143928
server: tsa_o
set-cookie: muc_ads=e6afaa37-83c2-4fe0-aa72-ee961b64570f; Max-Age=63072000; Expires=Sat, 07 Dec 2024 09:34:01 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: fd44174c1cd66c38
strict-transport-security: max-age=0
x-response-time: 108
x-connection-hash: 284c0fbd1c5645c746a91c79b08f315891c5c1227d9f102626a46dab99a2bcdb
X-Firefox-Spdy: h2
t.co/i/adsct?bci=3&eci=2&event_id=ace3a2b7-86d5-405b-a099-b4ca7a420062&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6f007f73-e9f0-48cf-ad09-1ff67bd4f8b5&tw_document_href=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1Y%3AwNSyDDxyNUnKU6JTwfQQ2UkAxH4yRLTTUV00%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv73t&type=javascript&version=2.3.29
200 OK 43 B URL HTTP/2 t.co/i/adsct?bci=3&eci=2&event_id=ace3a2b7-86d5-405b-a099-b4ca7a420062&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6f007f73-e9f0-48cf-ad09-1ff67bd4f8b5&tw_document_href=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1Y%3AwNSyDDxyNUnKU6JTwfQQ2UkAxH4yRLTTUV00%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv73t&type=javascript&version=2.3.29
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=ace3a2b7-86d5-405b-a099-b4ca7a420062&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6f007f73-e9f0-48cf-ad09-1ff67bd4f8b5&tw_document_href=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1Y%3AwNSyDDxyNUnKU6JTwfQQ2UkAxH4yRLTTUV00%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv73t&type=javascript&version=2.3.29 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:34:01 GMT
perf: 7626143928
server: tsa_o
set-cookie: muc_ads=98fc181b-718e-479b-9e87-3179988cb248; Max-Age=63072000; Expires=Sat, 07 Dec 2024 09:34:01 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 5feb1ac34133d2c6
strict-transport-security: max-age=0
x-response-time: 110
x-connection-hash: 284c0fbd1c5645c746a91c79b08f315891c5c1227d9f102626a46dab99a2bcdb
X-Firefox-Spdy: h2
rb9yp8py.flaviar.com/v2/rb?url=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1Y%3AwNSyDDxyNUnKU6JTwfQQ2UkAxH4yRLTTUV00%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&action=view&source=flaviar&rb_source=flaviar&script_version=wxyz.rb.js&sessionId=2b81ded9-b0f0-4d7c-9cb4-75438ce96984&uid=rbos-b7edbf67-463c-4e21-8a84-c4f234b0962d
200 OK 44 B URL HTTP/1.1 rb9yp8py.flaviar.com/v2/rb?url=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1Y%3AwNSyDDxyNUnKU6JTwfQQ2UkAxH4yRLTTUV00%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&action=view&source=flaviar&rb_source=flaviar&script_version=wxyz.rb.js&sessionId=2b81ded9-b0f0-4d7c-9cb4-75438ce96984&uid=rbos-b7edbf67-463c-4e21-8a84-c4f234b0962d
IP
ASN #14061 DIGITALOCEAN-ASN
File type GIF image data, version 89a, 1 x 1\012- data
Hash 75e9566b8523b76993b790444d697848
46bcf0fe72739cd1bc11b7d525d6fdaf4533a845
039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d
GET /v2/rb?url=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1Y%3AwNSyDDxyNUnKU6JTwfQQ2UkAxH4yRLTTUV00%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&action=view&source=flaviar&rb_source=flaviar&script_version=wxyz.rb.js&sessionId=2b81ded9-b0f0-4d7c-9cb4-75438ce96984&uid=rbos-b7edbf67-463c-4e21-8a84-c4f234b0962d HTTP/1.1
Host: rb9yp8py.flaviar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Cookie: _ga_94QYBVSJNV=GS1.1.1670492039.1.0.1670492039.60.0.0; _ga=GA1.2.1639009528.1670492040; _gcl_au=1.1.1665528604.1670492040; _gid=GA1.2.1275494817.1670492040; _rdt_uuid=1670492040279.08ecb402-f4d0-4f01-8474-76e16484dcde; _schn=_tbtwjk; _scid=01f3b970-5bbf-4de7-9ddb-5f2b037351b4; _dc_gtm_UA-28959768-20=1; _dc_gtm_UA-28959768-1=1; _uetsid=7295f7a076db11edbffce30274f34226; _uetvid=7295dc3076db11ed9ec67dcf61acd66e; _sgf_user_id=21140933202280449; _sgf_session_id=21140933202280448; _fbp=fb.1.1670492041142.689255139; cto_bundle=ThgHLV9ucTZJRHQlMkZURGNPM0VWempwNnglMkZ0Q3d2NlVOelRxR2Fjd1dpR3c3Q2xFWXlRNzJQZFdLNUklMkZhd0YyRENNT2RTZiUyRlQ4bGZNNW56T3JvRzY1c0tPS0RnZnNVYWVtbTI5SW45Q2J2ek5ZelFwdkRzUjJidmV6Y1I4Zmhia2JqVkRYRmU2ZEZCMmtEV3l1TDVhU1BWQUxkdyUzRCUzRA; rbuid=rbos-b7edbf67-463c-4e21-8a84-c4f234b0962d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: openresty
Date: Thu, 08 Dec 2022 09:34:01 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: rbuid=rbos-b7edbf67-463c-4e21-8a84-c4f234b0962d; domain=flaviar.com; path=/;Max-Age=2592000; SameSite=None; Secure
d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=90709db
200 OK 48 kB URL HTTP/2 d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=90709db
IP
File type ASCII text, with very long lines (778)
Hash db6577d43efa27de385813e4eb9bf7a8
8a6816a745cf7445b211d08c7a0741e1e3e33e93
e946a88e3447423c1cea32a407f7f060ce07bf2947c2e1c56ee6e3041bced35f
GET /widget/widget.js?v=90709db HTTP/1.1
Host: d3rr3d0n31t48m.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 47685
date: Tue, 15 Nov 2022 21:40:33 GMT
last-modified: Tue, 15 Nov 2022 21:39:31 GMT
etag: "db6577d43efa27de385813e4eb9bf7a8"
cache-control: max-age=2592000, public
content-encoding: gzip
x-amz-meta-mtime: 1668548366.14
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: akcz5Qoim1MBCs5AzPeCbzyVONFWRNwGxx0S2yOvBotYNfFpGrEANw==
age: 1943610
X-Firefox-Spdy: h2
gandalf-eu.segmentify.com//add/events/v1.json?apiKey=06e2e4b6-5e17-4dbf-9574-c462c3d742d7
200 OK 0 B URL HTTP/1.1 gandalf-eu.segmentify.com//add/events/v1.json?apiKey=06e2e4b6-5e17-4dbf-9574-c462c3d742d7
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS //add/events/v1.json?apiKey=06e2e4b6-5e17-4dbf-9574-c462c3d742d7 HTTP/1.1
Host: gandalf-eu.segmentify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-sfy-api-key
Referer: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type, Accept, Authorization, X-Switch-User, X-Switch-Account, X-Switch-Region, X-Sfy-Api-Key
Access-Control-Allow-Methods: GET, POST, PUT, DELETE
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3600
Connection: keep-alive
Content-Length: 0
Content-Type: application/json
Date: Thu, 08 Dec 2022 09:34:02 GMT
Server: nginx
X-Server-Name: 399674c60029ffe99fbcb3b4975d245d
tr.outbrain.com/cachedClickId?marketerId=00cf895e7b627a414bdcc05c54e01b7ae7
200 OK 56 B URL HTTP/1.1 tr.outbrain.com/cachedClickId?marketerId=00cf895e7b627a414bdcc05c54e01b7ae7
IP
File type ASCII text, with no line terminators
Hash 77fbe8ab311fa20557d95906363035ed
5806df80f09a37e070d5f37c49f19797c2763fd0
4fa9f4ca5bfa56b9f8467324e3654f4a717dcd40b70c05b538092d8a101b0599
GET /cachedClickId?marketerId=00cf895e7b627a414bdcc05c54e01b7ae7 HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 09:34:02 GMT
Content-Type: application/javascript
Content-Length: 56
X-TraceId: 0d1c501adfac3497e81baf9521d408e6
content-encoding: gzip
gem.gbc.criteo.com/newidsd
200 OK 99 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP
Hash 62953b7db626aebee16b5b0dee8878ef
32793cfd9a6e72b244a1971fcecffea749568ac4
4639f99385a85c23776c730af723027c022a486126b8a31d4100a4698b6e0d19
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:34:01 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 99125
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=1649789958596951&ev=PageView&dl=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1Y%3AwNSyDDxyNUnKU6JTwfQQ2UkAxH4yRLTTUV00%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&rl=&if=false&ts=1670492041145&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1670492041142.689255139&eid=ob3_plugin-set_9687c8a4e90ca6c5d9ac7b2dcd3553bdc2aae98df6b5bacf528525afb692dd16&it=1670492040606&coo=false&tm=1&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1649789958596951&ev=PageView&dl=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1Y%3AwNSyDDxyNUnKU6JTwfQQ2UkAxH4yRLTTUV00%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&rl=&if=false&ts=1670492041145&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1670492041142.689255139&eid=ob3_plugin-set_9687c8a4e90ca6c5d9ac7b2dcd3553bdc2aae98df6b5bacf528525afb692dd16&it=1670492040606&coo=false&tm=1&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1649789958596951&ev=PageView&dl=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1Y%3AwNSyDDxyNUnKU6JTwfQQ2UkAxH4yRLTTUV00%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&rl=&if=false&ts=1670492041145&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1670492041142.689255139&eid=ob3_plugin-set_9687c8a4e90ca6c5d9ac7b2dcd3553bdc2aae98df6b5bacf528525afb692dd16&it=1670492040606&coo=false&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Thu, 08 Dec 2022 09:34:02 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash ec20b9880a4b5706b3348131a233593b
cb8d0cccf87a4c4299e16a4c46120ec0ac870a26
99bbc3b1bb7d5ff8e29c389ed6c36e4e43ee7b86d0a28e299ff146d5a2981ab7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4538
Cache-Control: max-age=140416
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:34:02 GMT
Etag: "63911f50-139"
Expires: Sat, 10 Dec 2022 00:34:18 GMT
Last-Modified: Wed, 07 Dec 2022 23:18:40 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
200 OK 313 B IP
Hash ec20b9880a4b5706b3348131a233593b
cb8d0cccf87a4c4299e16a4c46120ec0ac870a26
99bbc3b1bb7d5ff8e29c389ed6c36e4e43ee7b86d0a28e299ff146d5a2981ab7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 969
Cache-Control: max-age=136847
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:34:02 GMT
Etag: "63911f50-139"
Expires: Fri, 09 Dec 2022 23:34:49 GMT
Last-Modified: Wed, 07 Dec 2022 23:18:40 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 313
gandalf-eu.segmentify.com//add/events/v1.json?apiKey=06e2e4b6-5e17-4dbf-9574-c462c3d742d7
200 7.9 kB URL HTTP/1.1 gandalf-eu.segmentify.com//add/events/v1.json?apiKey=06e2e4b6-5e17-4dbf-9574-c462c3d742d7
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type JSON data\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (34712), with no line terminators
Hash aa5dc9285f2bb458cce31654a4cbb07a
375eba060238c71e73f6c84ee7f48821238c78cb
85c0454c7604e92e42991c6d83aaadf8ca5f03e084cf00cb67c4ba727a9660d3
POST //add/events/v1.json?apiKey=06e2e4b6-5e17-4dbf-9574-c462c3d742d7 HTTP/1.1
Host: gandalf-eu.segmentify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
X-Sfy-Api-Key: 06e2e4b6-5e17-4dbf-9574-c462c3d742d7
Content-Length: 1511
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Encoding: br
Content-Type: application/json;charset=UTF-8
Date: Thu, 08 Dec 2022 09:34:02 GMT
Server: nginx
Transfer-Encoding: chunked
X-Server-Name: e50eafe57688af3a47ec4fb3140ed864
sslwidget.criteo.com/event?a=95340&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3Dundefined%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.1.0&p3=e%3Ddis&adce=1&bundle=ThgHLV9ucTZJRHQlMkZURGNPM0VWempwNnglMkZ0Q3d2NlVOelRxR2Fjd1dpR3c3Q2xFWXlRNzJQZFdLNUklMkZhd0YyRENNT2RTZiUyRlQ4bGZNNW56T3JvRzY1c0tPS0RnZnNVYWVtbTI5SW45Q2J2ek5ZelFwdkRzUjJidmV6Y1I4Zmhia2JqVkRYRmU2ZEZCMmtEV3l1TDVhU1BWQUxkdyUzRCUzRA&tld=flaviar.com&dy=1&fu=https%253A%252F%252Fflaviar.com%252F%253Firclickid%253D1Y%253AwNSyDDxyNUnKU6JTwfQQ2UkAxH4yRLTTUV00%2526ir_cid%253D3334%2526ir_affid%253D10813%2526utm_medium%253Daffiliates%2526utm_source%253DMaxBounty.com%252520ULC%2526ir_partnerid%253D10813%2526ir_adid%253D1215604%2526ir_campaignid%253D3334&dtycbr=93129&cs=1---&cv=1
302 Found 0 B URL HTTP/2 sslwidget.criteo.com/event?a=95340&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3Dundefined%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.1.0&p3=e%3Ddis&adce=1&bundle=ThgHLV9ucTZJRHQlMkZURGNPM0VWempwNnglMkZ0Q3d2NlVOelRxR2Fjd1dpR3c3Q2xFWXlRNzJQZFdLNUklMkZhd0YyRENNT2RTZiUyRlQ4bGZNNW56T3JvRzY1c0tPS0RnZnNVYWVtbTI5SW45Q2J2ek5ZelFwdkRzUjJidmV6Y1I4Zmhia2JqVkRYRmU2ZEZCMmtEV3l1TDVhU1BWQUxkdyUzRCUzRA&tld=flaviar.com&dy=1&fu=https%253A%252F%252Fflaviar.com%252F%253Firclickid%253D1Y%253AwNSyDDxyNUnKU6JTwfQQ2UkAxH4yRLTTUV00%2526ir_cid%253D3334%2526ir_affid%253D10813%2526utm_medium%253Daffiliates%2526utm_source%253DMaxBounty.com%252520ULC%2526ir_partnerid%253D10813%2526ir_adid%253D1215604%2526ir_campaignid%253D3334&dtycbr=93129&cs=1---&cv=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event?a=95340&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3Dundefined%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.1.0&p3=e%3Ddis&adce=1&bundle=ThgHLV9ucTZJRHQlMkZURGNPM0VWempwNnglMkZ0Q3d2NlVOelRxR2Fjd1dpR3c3Q2xFWXlRNzJQZFdLNUklMkZhd0YyRENNT2RTZiUyRlQ4bGZNNW56T3JvRzY1c0tPS0RnZnNVYWVtbTI5SW45Q2J2ek5ZelFwdkRzUjJidmV6Y1I4Zmhia2JqVkRYRmU2ZEZCMmtEV3l1TDVhU1BWQUxkdyUzRCUzRA&tld=flaviar.com&dy=1&fu=https%253A%252F%252Fflaviar.com%252F%253Firclickid%253D1Y%253AwNSyDDxyNUnKU6JTwfQQ2UkAxH4yRLTTUV00%2526ir_cid%253D3334%2526ir_affid%253D10813%2526utm_medium%253Daffiliates%2526utm_source%253DMaxBounty.com%252520ULC%2526ir_partnerid%253D10813%2526ir_adid%253D1215604%2526ir_campaignid%253D3334&dtycbr=93129&cs=1---&cv=1 HTTP/1.1
Host: sslwidget.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 08 Dec 2022 09:34:02 GMT
server: Kestrel
content-length: 0
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
expires: 0
location: https://widget.us.criteo.com/event?a=95340&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3Dundefined%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.1.0&p3=e%3Ddis&adce=1&bundle=ThgHLV9ucTZJRHQlMkZURGNPM0VWempwNnglMkZ0Q3d2NlVOelRxR2Fjd1dpR3c3Q2xFWXlRNzJQZFdLNUklMkZhd0YyRENNT2RTZiUyRlQ4bGZNNW56T3JvRzY1c0tPS0RnZnNVYWVtbTI5SW45Q2J2ek5ZelFwdkRzUjJidmV6Y1I4Zmhia2JqVkRYRmU2ZEZCMmtEV3l1TDVhU1BWQUxkdyUzRCUzRA&tld=flaviar.com&dy=1&fu=https%253A%252F%252Fflaviar.com%252F%253Firclickid%253D1Y%253AwNSyDDxyNUnKU6JTwfQQ2UkAxH4yRLTTUV00%2526ir_cid%253D3334%2526ir_affid%253D10813%2526utm_medium%253Daffiliates%2526utm_source%253DMaxBounty.com%252520ULC%2526ir_partnerid%253D10813%2526ir_adid%253D1215604%2526ir_campaignid%253D3334&dtycbr=93129&cs=1---&cv=1
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
server-processing-duration-in-ticks: 10796413
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=ace3a2b7-86d5-405b-a099-b4ca7a420062&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6f007f73-e9f0-48cf-ad09-1ff67bd4f8b5&tw_document_href=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1Y%3AwNSyDDxyNUnKU6JTwfQQ2UkAxH4yRLTTUV00%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv73t&type=javascript&version=2.3.29
200 OK 43 B URL HTTP/2 analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=ace3a2b7-86d5-405b-a099-b4ca7a420062&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6f007f73-e9f0-48cf-ad09-1ff67bd4f8b5&tw_document_href=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1Y%3AwNSyDDxyNUnKU6JTwfQQ2UkAxH4yRLTTUV00%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv73t&type=javascript&version=2.3.29
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=ace3a2b7-86d5-405b-a099-b4ca7a420062&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6f007f73-e9f0-48cf-ad09-1ff67bd4f8b5&tw_document_href=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1Y%3AwNSyDDxyNUnKU6JTwfQQ2UkAxH4yRLTTUV00%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv73t&type=javascript&version=2.3.29 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:34:01 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_OJF5X78ve1Up8atqRmRNJQ=="; Max-Age=63072000; Expires=Sat, 07 Dec 2024 09:34:02 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: b97fbae1d50bd7d3
strict-transport-security: max-age=631138519
x-response-time: 110
x-connection-hash: a7f04ae2dbfbec31e0d02e6353c8235268debd2a459c8022c4e76b68f8820adb
X-Firefox-Spdy: h2
analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=12f5d7e9-5924-4827-b7f6-f2c4b5a1c0f7&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6f007f73-e9f0-48cf-ad09-1ff67bd4f8b5&tw_document_href=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1Y%3AwNSyDDxyNUnKU6JTwfQQ2UkAxH4yRLTTUV00%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv73t&type=javascript&version=2.3.29
200 OK 43 B URL HTTP/2 analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=12f5d7e9-5924-4827-b7f6-f2c4b5a1c0f7&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6f007f73-e9f0-48cf-ad09-1ff67bd4f8b5&tw_document_href=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1Y%3AwNSyDDxyNUnKU6JTwfQQ2UkAxH4yRLTTUV00%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv73t&type=javascript&version=2.3.29
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=12f5d7e9-5924-4827-b7f6-f2c4b5a1c0f7&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6f007f73-e9f0-48cf-ad09-1ff67bd4f8b5&tw_document_href=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1Y%3AwNSyDDxyNUnKU6JTwfQQ2UkAxH4yRLTTUV00%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv73t&type=javascript&version=2.3.29 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:34:01 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_2+jTQNQHNErhf9eL7JLt1w=="; Max-Age=63072000; Expires=Sat, 07 Dec 2024 09:34:02 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 5c83baf08b7b745c
strict-transport-security: max-age=631138519
x-response-time: 110
x-connection-hash: a7f04ae2dbfbec31e0d02e6353c8235268debd2a459c8022c4e76b68f8820adb
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f214b15409d770d63fcaa5fb6ada0ce0
3a7d52f77a69e6d8fe437fae6b9ff666c2fe2d70
4d4b24a16efefcb234a5bff3196914b00059f04f463c8a049723dd9087d7e05c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D4B24A16EFEFCB234A5BFF3196914B00059F04F463C8A049723DD9087D7E05C"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10076
Expires: Thu, 08 Dec 2022 12:21:58 GMT
Date: Thu, 08 Dec 2022 09:34:02 GMT
Connection: keep-alive
shopper.shop.pe/input.js
200 OK 8.9 kB IP
File type ASCII text, with very long lines (17023)
Hash 277671bdc75ca43b2c48464d6ab4278f
fa3f6cfe3a34a0586917b256c7d5b8f9b4c1a205
cb280dde0bd7b5868891421254e239ef63551cc351cb246a68e9bc69bd4e0e8e
GET /input.js HTTP/1.1
Host: shopper.shop.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdssEQSYb789Ue0C0_2tA2iOaOQpywX9ytXtm8P0eXLPyQoUsP7ccRSYPTl7Xu2SJiDCpvJFA9uDLSKMR7g4nKj007Dz7LO6
x-goog-generation: 1667301507739079
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 8877
content-encoding: gzip
x-goog-hash: crc32c=d2ag2w==, md5=J3ZxvcdcpDssSEZNarQnjw==
x-goog-storage-class: STANDARD
accept-ranges: bytes
vary: Accept-Encoding
content-length: 8877
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
server: UploadServer
date: Thu, 08 Dec 2022 06:48:18 GMT
expires: Thu, 08 Dec 2022 10:48:18 GMT
cache-control: public, max-age=14400
age: 9944
last-modified: Tue, 01 Nov 2022 11:18:27 GMT
etag: "277671bdc75ca43b2c48464d6ab4278f"
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fbcapi.flaviar.com/events
200 OK 0 B URL HTTP/2 fbcapi.flaviar.com/events
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /events HTTP/1.1
Host: fbcapi.flaviar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 505
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Cookie: _ga_94QYBVSJNV=GS1.1.1670492039.1.0.1670492039.60.0.0; _ga=GA1.2.1639009528.1670492040; _gcl_au=1.1.1665528604.1670492040; _gid=GA1.2.1275494817.1670492040; _rdt_uuid=1670492040279.08ecb402-f4d0-4f01-8474-76e16484dcde; _schn=_tbtwjk; _scid=01f3b970-5bbf-4de7-9ddb-5f2b037351b4; _dc_gtm_UA-28959768-20=1; _dc_gtm_UA-28959768-1=1; _uetsid=7295f7a076db11edbffce30274f34226; _uetvid=7295dc3076db11ed9ec67dcf61acd66e; _sgf_user_id=21140933202280449; _sgf_session_id=21140933202280448; _fbp=fb.1.1670492041142.689255139; cto_bundle=ThgHLV9ucTZJRHQlMkZURGNPM0VWempwNnglMkZ0Q3d2NlVOelRxR2Fjd1dpR3c3Q2xFWXlRNzJQZFdLNUklMkZhd0YyRENNT2RTZiUyRlQ4bGZNNW56T3JvRzY1c0tPS0RnZnNVYWVtbTI5SW45Q2J2ek5ZelFwdkRzUjJidmV6Y1I4Zmhia2JqVkRYRmU2ZEZCMmtEV3l1TDVhU1BWQUxkdyUzRCUzRA; rbuid=rbos-b7edbf67-463c-4e21-8a84-c4f234b0962d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:34:02 GMT
content-length: 0
vary: origin
access-control-allow-credentials: true
access-control-allow-origin: https://flaviar.com
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash ed255ae6b5dc25fcffb6e87fc1fef758
1b4122e009b54d78867a357753a330d4034f86ed
7ad022e9f592187b8e2b4a9e6118f9f5326d8e82736d70eeed22058c7562a831
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=105471
Date: Thu, 08 Dec 2022 09:34:02 GMT
Etag: "639099d2-1d7"
Expires: Fri, 09 Dec 2022 14:51:53 GMT
Last-Modified: Wed, 07 Dec 2022 13:49:06 GMT
Server: ECS (bsa/EB1D)
X-Cache: Miss from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: YMdDpMJRBZhv7BiBiDbTHdTlAAnxm-HLkA0kfis1dr6k5XSWYxJy1A==
Age: 3767
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash df5d720840c8ebe82eb0ef41ef951718
0dac274659373c54d320b78645653a2a48be7030
c3fad3e801baffbf2e7173a35a2c444079ee6c4b6ee59073f63bdda684b444a8
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=161983
Date: Thu, 08 Dec 2022 09:34:02 GMT
Etag: "63917c38-1d7"
Expires: Sat, 10 Dec 2022 06:33:45 GMT
Last-Modified: Thu, 08 Dec 2022 05:55:04 GMT
Server: ECS (dcb/7F17)
X-Cache: Miss from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: FIvRI6vl7z_SLL5jOWO8hLbj0FuBJkTWiXmDIXWe515Ybp-HRi9ZXQ==
Age: 2321
addshoppers.s3.amazonaws.com/customize/632b240c36963004c36631fb/95a70ba5ad45471ab18a70910459026d.js?_t=1670353484
200 OK 1.7 kB URL HTTP/1.1 addshoppers.s3.amazonaws.com/customize/632b240c36963004c36631fb/95a70ba5ad45471ab18a70910459026d.js?_t=1670353484
IP
Hash f7281ec3ac1f37a66fc89dc7e964632f
ca4e3c4db4e3e5a496efa6237ccffd6b5a438796
09b8da75b77eb9bb85366ef59d7bf289de2e2a4cd08388f34c7fe2a7ad0c4bdc
GET /customize/632b240c36963004c36631fb/95a70ba5ad45471ab18a70910459026d.js?_t=1670353484 HTTP/1.1
Host: addshoppers.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 84DqneSBZi6+zqbnKx2CtFyicZ0RIOdFFTp5GFlOnfQbKsyORvw1k7JYZjHibroHGDuyy6Q/rZI=
x-amz-request-id: DEY28HYTJH6VDZZQ
Date: Thu, 08 Dec 2022 09:34:03 GMT
Last-Modified: Tue, 06 Dec 2022 19:04:45 GMT
ETag: "95f2876e39fe955498f724ce1c71af35"
Cache-Control: max-age=2592000, public
Content-Encoding: gzip
x-amz-version-id: Z.WdgiG1pvSrqMR_z0ice8xW0UxXDJeo
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
Server: AmazonS3
Content-Length: 1553
ocsp.digicert.com/
200 OK 312 B IP
Hash 03788170521bc117683072b856845499
f840d687537fe976b2217a1d816be26cc00f93b3
142b14d86af6d9c883c93aa8fe1a1c94d6b3121bd084c5cfd810c5084e15ad4c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3795
Cache-Control: max-age=155520
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:34:03 GMT
Etag: "63915d39-138"
Expires: Sat, 10 Dec 2022 04:46:03 GMT
Last-Modified: Thu, 08 Dec 2022 03:42:49 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 312
nytrng.com/iframe?vcp=4dd5h0np&as_id=65ae2b37dbf04b769d386cb018a21d3c
200 OK 410 B URL HTTP/2 nytrng.com/iframe?vcp=4dd5h0np&as_id=65ae2b37dbf04b769d386cb018a21d3c
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (410), with no line terminators
Hash 66e1f5f9a5cd316c970333ee5268532e
7694089d80314178485bed4762a61664bbdea7c2
52f1d93321273a0474210fa100933fde99494f9606fef72dc2cfe7b97116a34d
GET /iframe?vcp=4dd5h0np&as_id=65ae2b37dbf04b769d386cb018a21d3c HTTP/1.1
Host: nytrng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:34:03 GMT
content-type: text/html; charset=utf-8
content-length: 410
server: gunicorn
X-Firefox-Spdy: h2
cdn.nytrng.com/pl.2.2.min.js
200 OK 0 B URL HTTP/2 cdn.nytrng.com/pl.2.2.min.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pl.2.2.min.js HTTP/1.1
Host: cdn.nytrng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nytrng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/plain
content-length: 0
date: Sat, 12 Nov 2022 07:11:14 GMT
last-modified: Wed, 31 Jul 2019 16:57:19 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: bNLEi8qVHPTrsaHys3NfMkg4Vl_kAwhNYlf8G-sPQ8hyL9cYEetZqA==
age: 2254970
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c3624eec3b06c9ee00d4237a31df0a61
744cf6f591286faba0e2fc6dc53db8797fd9d4e8
4ce67f7cf06a81565fe740fb3e95162004ed5bf9eb70992e28acdb05f671511c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4CE67F7CF06A81565FE740FB3E95162004ED5BF9EB70992E28ACDB05F671511C"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8580
Expires: Thu, 08 Dec 2022 11:57:03 GMT
Date: Thu, 08 Dec 2022 09:34:03 GMT
Connection: keep-alive
matching.ivitrack.com/sync?realm=criteo&uid=k-TC_4enik22uTJMLand3Qc_KmAzOcaIolm7h3HQ
200 OK 42 B URL HTTP/2 matching.ivitrack.com/sync?realm=criteo&uid=k-TC_4enik22uTJMLand3Qc_KmAzOcaIolm7h3HQ
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /sync?realm=criteo&uid=k-TC_4enik22uTJMLand3Qc_KmAzOcaIolm7h3HQ HTTP/1.1
Host: matching.ivitrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: istio-envoy
date: Thu, 08 Dec 2022 09:34:03 GMT
content-type: image/gif
content-length: 42
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c3624eec3b06c9ee00d4237a31df0a61
744cf6f591286faba0e2fc6dc53db8797fd9d4e8
4ce67f7cf06a81565fe740fb3e95162004ed5bf9eb70992e28acdb05f671511c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4CE67F7CF06A81565FE740FB3E95162004ED5BF9EB70992E28ACDB05F671511C"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8580
Expires: Thu, 08 Dec 2022 11:57:03 GMT
Date: Thu, 08 Dec 2022 09:34:03 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 32182af83a271ac7d1db2e0b23999222
25986806629e386b5b5edb285365ce41e099dd8a
df461b61bd809ca282ed0c544f1c1164b07b2f9b8eb9f279b2d4fb60c180cba0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=160810
Date: Thu, 08 Dec 2022 09:34:03 GMT
Etag: "639173a4-1d7"
Expires: Sat, 10 Dec 2022 06:14:13 GMT
Last-Modified: Thu, 08 Dec 2022 05:18:28 GMT
Server: ECS (nyb/1D32)
X-Cache: Miss from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: j2Q4kszUihMSSitH8ZleVV698TeNfsdEsyfOMLafTlDkzSJ_dcd7LQ==
Age: 3345
gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 08 Dec 2022 09:34:02 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=
server-processing-duration-in-ticks: 528446
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-h1QXUXik22uTJMLand3Qc_KmAzPS--E4dR9L6A
302 Found 0 B URL HTTP/2 r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-h1QXUXik22uTJMLand3Qc_KmAzPS--E4dR9L6A
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rum?cm_dsp_id=20&external_user_id=k-h1QXUXik22uTJMLand3Qc_KmAzPS--E4dR9L6A HTTP/1.1
Host: r.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 08 Dec 2022 09:34:03 GMT
content-length: 0
location: /rum?cm_dsp_id=20&external_user_id=k-h1QXUXik22uTJMLand3Qc_KmAzPS--E4dR9L6A&C=1
cf-ray: 776480c7db78b51b-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMID=Y5Gvi8azqbaHvvqBOe10AwAA; Path=/; Domain=casalemedia.com; Expires=Fri, 08 Dec 2023 09:34:03 GMT; Max-Age=31536000; Secure; SameSite=None
CMPS=1851; Path=/; Domain=casalemedia.com; Expires=Wed, 08 Mar 2023 09:34:03 GMT; Max-Age=7776000; Secure; SameSite=None
CMPRO=1851; Path=/; Domain=casalemedia.com; Expires=Wed, 08 Mar 2023 09:34:03 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rx7tOVecx5DGdsczg1wQ1SsqHyAPjnw438MhfQ5neBM%2FWWp%2FLONZrz3BaBFHplzvnvczgxn5JDrGYWYhM9XnIE4JgTVDP%2BVHEX0bO1wkXvWREorvRSNKasZlUoYKt0df8YBY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-HlxfY3ik22uTJMLand3Qc_KmAzNTvTBWEp6LDw
200 OK 45 B URL HTTP/2 contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-HlxfY3ik22uTJMLand3Qc_KmAzNTvTBWEp6LDw
IP
File type GIF image data, version 87a, 1 x 1\012- data
Hash 99cceceaed4d575484b69ddaf9ed66a7
1e3a3b15296b585833a22d987a387aa58aa1642d
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
GET /cksync.php?cs=3&type=crt&ovsid=k-HlxfY3ik22uTJMLand3Qc_KmAzNTvTBWEp6LDw HTTP/1.1
Host: contextual.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
content-length: 45
content-type: image/gif
set-cookie: visitor-id=3134936433580227000V10; Expires=Fri, 08 Dec 2023 09:34:03 GMT; domain=.media.net; Path=/;
data-c-ts=1670492043;Expires=Sat, 07 Jan 2023 09:34:03 GMT;path=/;domain=.media.net;
data-c=k-HlxfY3ik22uTJMLand3Qc_KmAzNTvTBWEp6LDw~~3;Expires=Sat, 07 Jan 2023 09:34:03 GMT;path=/;domain=.media.net;
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=31536000
x-mnet-hl2: E
expires: Thu, 08 Dec 2022 09:34:03 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 08 Dec 2022 09:34:03 GMT
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-ygwptHik22uTJMLand3Qc_KmAzMAjvmijUgv8Q&google_cm&google_hm=ay15Z3dwdEhpazIydVRKTUxhbmQzUWNfS21Bek1BanZtaWpVZ3Y4UQ
302 Found 440 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-ygwptHik22uTJMLand3Qc_KmAzMAjvmijUgv8Q&google_cm&google_hm=ay15Z3dwdEhpazIydVRKTUxhbmQzUWNfS21Bek1BanZtaWpVZ3Y4UQ
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash dcc325fed828dc4b9553171d5c00de0d
74b13c19a13ec19848b344f87a78fa4081850ec3
2ddf0ed3683308b561219f5e8a1ddf0d7d728f3dc50542da52e5c29a6aaa353d
GET /pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-ygwptHik22uTJMLand3Qc_KmAzMAjvmijUgv8Q&google_cm&google_hm=ay15Z3dwdEhpazIydVRKTUxhbmQzUWNfS21Bek1BanZtaWpVZ3Y4UQ HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-ygwptHik22uTJMLand3Qc_KmAzMAjvmijUgv8Q&google_cm=&google_hm=ay15Z3dwdEhpazIydVRKTUxhbmQzUWNfS21Bek1BanZtaWpVZ3Y4UQ&google_tc=
date: Thu, 08 Dec 2022 09:34:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 440
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 08-Dec-2022 09:49:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-h1QXUXik22uTJMLand3Qc_KmAzPS--E4dR9L6A&C=1
200 OK 43 B URL HTTP/2 r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-h1QXUXik22uTJMLand3Qc_KmAzPS--E4dR9L6A&C=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /rum?cm_dsp_id=20&external_user_id=k-h1QXUXik22uTJMLand3Qc_KmAzPS--E4dR9L6A&C=1 HTTP/1.1
Host: r.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:34:03 GMT
content-type: image/gif
content-length: 43
cf-ray: 776480c81bf8b51b-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qKq%2BMdlErYYQQbbXTL%2BYCV72C5fIrEmfvGsQ4%2F%2FBiH03Bi4Mut0GbXWy2K6QoeHbOgvb43LdX30UJe9no8vSMBHxbwCK9x2R5J5%2Fg%2Fa48zANjxvg8WpQhHqz4cIZhixL6NtP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-ygwptHik22uTJMLand3Qc_KmAzMAjvmijUgv8Q&google_cm=&google_hm=ay15Z3dwdEhpazIydVRKTUxhbmQzUWNfS21Bek1BanZtaWpVZ3Y4UQ&google_tc=
302 Found 332 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-ygwptHik22uTJMLand3Qc_KmAzMAjvmijUgv8Q&google_cm=&google_hm=ay15Z3dwdEhpazIydVRKTUxhbmQzUWNfS21Bek1BanZtaWpVZ3Y4UQ&google_tc=
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 131cdd22860df16d1597660ed94c31af
521d7f81b5ae800751fb2e6cbdd27985e99bc4ff
0aa27ceb4239466c6c9dcddfb9abf300aa1998529ed0bd19d41ff69a254a1e66
GET /pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-ygwptHik22uTJMLand3Qc_KmAzMAjvmijUgv8Q&google_cm=&google_hm=ay15Z3dwdEhpazIydVRKTUxhbmQzUWNfS21Bek1BanZtaWpVZ3Y4UQ&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-ygwptHik22uTJMLand3Qc_KmAzMAjvmijUgv8Q&google_error=3
date: Thu, 08 Dec 2022 09:34:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 332
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
criteo-sync.teads.tv/um?eid=80&uid=k-Y3UqbHik22uTJMLand3Qc_KmAzPSsUp1VPaziA
200 OK 23 B URL HTTP/2 criteo-sync.teads.tv/um?eid=80&uid=k-Y3UqbHik22uTJMLand3Qc_KmAzPSsUp1VPaziA
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash da5b449fff36752a93779fa4067cd2eb
71a96eea77f21ab5f1819b96c4cedd5cd34476ca
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
GET /um?eid=80&uid=k-Y3UqbHik22uTJMLand3Qc_KmAzPSsUp1VPaziA HTTP/1.1
Host: criteo-sync.teads.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
server: akka-http/10.2.9
content-length: 23
expires: Thu, 08 Dec 2022 09:34:03 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 08 Dec 2022 09:34:03 GMT
X-Firefox-Spdy: h2
ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Thu, 08 Dec 2022 09:34:03 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
AN-X-Request-Uuid: 5f924eb5-927e-46b6-9067-fc871a7f1fe7
Set-Cookie: uuid2=3407195743850905392; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 08-Mar-2023 09:34:03 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 6b922b43e7799945fcfd26346a3adcac
35e81b1efb6039081248efe4ccfd54aa09a0ef7c
bc22d1a77105d049043995ebd882d774dfbc4b76647b8b27e9c370a2d3e3f523
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=143659
Date: Thu, 08 Dec 2022 09:34:03 GMT
Etag: "639131be-1d7"
Expires: Sat, 10 Dec 2022 01:28:22 GMT
Last-Modified: Thu, 08 Dec 2022 00:37:18 GMT
Server: ECS (bsa/EB17)
X-Cache: Miss from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Jz7dhWlWNXa0IdBTzoFHiHMe8ZlzX3xXjdZXW62XKQVkVSru6r9QDA==
Age: 3064
ocsp.digicert.com/
200 OK 471 B IP
Hash 10ae015a481b29d89da500c7d98243cf
11c12f0aeda31b6da539b9e6022033e29a124307
d654fa17b63be027de9d2554c7dc0c2d83bd57c8b343734e7f5d9d73bd87d8ee
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3452
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:34:03 GMT
Last-Modified: Thu, 08 Dec 2022 08:36:32 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 312 B IP
Hash b42ccbeb034ec7fff08b997734fd1e9a
02a910876f2f78b312b41afdb724e7bf323f97dc
ddb2658d02242ece014057e03325405f08b6909bb9702f0153ee232eeea0aa01
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3352
Cache-Control: max-age=112588
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:34:03 GMT
Etag: "6390b73f-138"
Expires: Fri, 09 Dec 2022 16:50:31 GMT
Last-Modified: Wed, 07 Dec 2022 15:54:39 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 312
pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-ABUeyHik22uTJMLand3Qc_KmAzN_B_6uyKFSmw&expires=30
204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-ABUeyHik22uTJMLand3Qc_KmAzN_B_6uyKFSmw&expires=30
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=6434&nid=2149&put=k-ABUeyHik22uTJMLand3Qc_KmAzN_B_6uyKFSmw&expires=30 HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/gif
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Thu, 08 Dec 2022 09:34:03 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
AN-X-Request-Uuid: 582477e6-2f51-4c86-b0ba-8b7b4377ac67
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.digicert.com/
200 OK 471 B IP
Hash b60308da5db74a4cd12cd968a05bbb77
f09035594d289c6b8035309b75db9af099fbf2b9
86a5dd458438ae74a14bef1727780afeac7e1ab53fbfbe0d493e62634138f9bb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3155
Cache-Control: max-age=109857
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:34:03 GMT
Etag: "6390ad59-1d7"
Expires: Fri, 09 Dec 2022 16:05:00 GMT
Last-Modified: Wed, 07 Dec 2022 15:12:25 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash 51f8feae4038be3c50f308ae97c8fdea
3182909e4b164e3ef590b25c11d44d623223e862
a6f87ed576e452b6b56c8fd5438f352e8741c89afe810edfadbe2e0f751f196a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2407
Cache-Control: max-age=108035
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:34:03 GMT
Etag: "6390a927-1d7"
Expires: Fri, 09 Dec 2022 15:34:38 GMT
Last-Modified: Wed, 07 Dec 2022 14:54:31 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-MIpNKXik22uTJMLand3Qc_KmAzN3K8lsrWDU3A
200 OK 43 B URL HTTP/1.1 rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-MIpNKXik22uTJMLand3Qc_KmAzN3K8lsrWDU3A
IP
ASN #201081 SmartAdServer SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /redir/?partnerid=79&partneruserid=k-MIpNKXik22uTJMLand3Qc_KmAzN3K8lsrWDU3A HTTP/1.1
Host: rtb-csync.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: image/gif
date: Thu, 08 Dec 2022 09:34:03 GMT
cache-control: no-cache,no-store
pragma: no-cache
set-cookie: pid=5903236577979547310; expires=Sun, 07 Jan 2024 09:34:03 GMT; domain=smartadserver.com; path=/
TestIfCookieP=ok; expires=Sun, 07 Jan 2024 09:34:03 GMT; domain=smartadserver.com; path=/
csync=79:k-MIpNKXik22uTJMLand3Qc_KmAzN3K8lsrWDU3A; expires=Fri, 08 Dec 2023 09:34:03 GMT; domain=smartadserver.com; path=/
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 32922f835a72a4939b1a595f942be9dc
84184a058c1e3a2bf3c9105df342e38d91e64411
eacbeb14bd7e0c1ecd83a9c3410e7e89cfd2b5b5cb74a383b9d612eaffc13191
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=160092
Date: Thu, 08 Dec 2022 09:34:03 GMT
Etag: "63916f7b-1d7"
Expires: Sat, 10 Dec 2022 06:02:15 GMT
Last-Modified: Thu, 08 Dec 2022 05:00:43 GMT
Server: ECS (nyb/1D1B)
X-Cache: Miss from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: -hy3ZDwHo3uKh7hw6OuQKuNVr0wDJsqYkkEu1d2AjmYaiLAdQbF7Xw==
Age: 3692
ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-EwZ_0Hik22uTJMLand3Qc_KmAzN41I-cC4SHQg
302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-EwZ_0Hik22uTJMLand3Qc_KmAzN41I-cC4SHQg
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58301/sync?_origin=1&uid=k-EwZ_0Hik22uTJMLand3Qc_KmAzN41I-cC4SHQg HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 08 Dec 2022 09:34:03 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-EwZ_0Hik22uTJMLand3Qc_KmAzN41I-cC4SHQg&verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBIuvkWMCEMCF5NTah3TC54GaJSgxhZkFEgEBAQEBk2ObYwAAAAAA_eMAAA&S=AQAAAgLdFF_kuuVyuX_oYnnEyDQ; Expires=Fri, 8 Dec 2023 15:34:03 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
cm.adform.net/pixel?adform_pid=15&adform_pc=k-TwZhXXik22uTJMLand3Qc_KmAzOQP8CGhQ48Yw
200 OK 43 B URL HTTP/2 cm.adform.net/pixel?adform_pid=15&adform_pc=k-TwZhXXik22uTJMLand3Qc_KmAzOQP8CGhQ48Yw
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /pixel?adform_pid=15&adform_pc=k-TwZhXXik22uTJMLand3Qc_KmAzOQP8CGhQ48Yw HTTP/1.1
Host: cm.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 09:34:03 GMT
content-type: image/gif
content-length: 43
last-modified: Wed, 20 Jul 2016 08:04:05 GMT
etag: "578f3075-2b"
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fb44b614b8381a20ddc7cac6e5228f29
b8c381ae5dea1755066f7d450fdc5b7046e5d441
b4ffb9c2ea3aae0c8d2f1d713c10be2d4c008518a0c30e166da9f1e4ef58ba23
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B4FFB9C2EA3AAE0C8D2F1D713C10BE2D4C008518A0C30E166DA9F1E4EF58BA23"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5273
Expires: Thu, 08 Dec 2022 11:01:56 GMT
Date: Thu, 08 Dec 2022 09:34:03 GMT
Connection: keep-alive
ad.yieldlab.net/m?dt_id=8664&ext_id=k-ENvXwnik22uTJMLand3Qc_KmAzNnN9asdXfxgQ
204 No Content 0 B URL HTTP/1.1 ad.yieldlab.net/m?dt_id=8664&ext_id=k-ENvXwnik22uTJMLand3Qc_KmAzNnN9asdXfxgQ
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /m?dt_id=8664&ext_id=k-ENvXwnik22uTJMLand3Qc_KmAzNnN9asdXfxgQ HTTP/1.1
Host: ad.yieldlab.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
x-application-context: application
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Pragma: no-cache
Expires: Wed, 07 Dec 2022 09:34:03 GMT
Date: Thu, 08 Dec 2022 09:34:03 GMT
Connection: keep-alive
Set-Cookie: id=96ce4835-fd67-46d9-90c6-07261f22ddc6; Path=/; Domain=prod.svc.y6b.de; Expires=Fri, 08-Dec-2023 09:34:03 GMT; Max-Age=31536000; Secure; SameSite=None
match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k--KkBEXik22uTJMLand3Qc_KmAzMgwHcHf_R3aA
204 No Content 0 B URL HTTP/2 match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k--KkBEXik22uTJMLand3Qc_KmAzMgwHcHf_R3aA
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k--KkBEXik22uTJMLand3Qc_KmAzMgwHcHf_R3aA HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 08 Dec 2022 09:34:03 GMT
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-EwZ_0Hik22uTJMLand3Qc_KmAzN41I-cC4SHQg&verify=true
204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-EwZ_0Hik22uTJMLand3Qc_KmAzN41I-cC4SHQg&verify=true
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58301/sync?_origin=1&uid=k-EwZ_0Hik22uTJMLand3Qc_KmAzN41I-cC4SHQg&verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 08 Dec 2022 09:34:03 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBIuvkWMCEG_smpENtQCqbaWwuk8sjxYFEgEBAQEBk2ObYwAAAAAA_eMAAA&S=AQAAAlqaQu58i4J8IYJXJeHNsKc; Expires=Fri, 8 Dec 2023 15:34:03 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 884686fa80413218eeb7acabcbf24672
2318eb5d62ec0ba651eda1fbc3159158e8b7c172
3eca5d88c4990f8a582590eb87f1e3382690a1954e0b1c410c4e5cc5f6702d70
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 08 Dec 2022 09:34:03 GMT
Last-Modified: Thu, 08 Dec 2022 08:32:00 GMT
Server: ECS (nyb/1D34)
X-Cache: Miss from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: GqUs6WDreT--6LCl1Qjv7AqK0E-p0m9idcW_A9e-AhfJ7ODXvdDLKw==
Age: 3723
id5-sync.com/s/966/9.gif?puid=k-qW_iNnik22uTJMLand3Qc_KmAzORrWvqcsxahA
200 43 B URL HTTP/1.1 id5-sync.com/s/966/9.gif?puid=k-qW_iNnik22uTJMLand3Qc_KmAzORrWvqcsxahA
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /s/966/9.gif?puid=k-qW_iNnik22uTJMLand3Qc_KmAzORrWvqcsxahA HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"
set-cookie: cf=; Max-Age=300; Expires=Thu, 08-Dec-2022 09:39:03 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cip=; Max-Age=300; Expires=Thu, 08-Dec-2022 09:39:03 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cnac=; Max-Age=300; Expires=Thu, 08-Dec-2022 09:39:03 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
car=; Max-Age=300; Expires=Thu, 08-Dec-2022 09:39:03 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
gdpr=; Max-Age=300; Expires=Thu, 08-Dec-2022 09:39:03 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
callback=; Max-Age=300; Expires=Thu, 08-Dec-2022 09:39:03 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
content-type: image/gif;charset=UTF-8
transfer-encoding: chunked
date: Thu, 08 Dec 2022 09:34:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ocsp.sectigo.com/
200 OK 471 B IP
Hash eb3ada812f0727a3c3c20655e43c20ab
2766d9dd26318e92c32ec924383ec39a9669b56b
5608fdbb0ddf0610e19db1f02ca3210c89a9bbd530c806c065d0d6e3dd4649d5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 09:34:03 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 07 Dec 2022 03:11:57 GMT
Expires: Wed, 14 Dec 2022 03:11:56 GMT
Etag: "2766d9dd26318e92c32ec924383ec39a9669b56b"
Cache-Control: max-age=494872,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 776480c98b23b4f4-OSL
ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-qPu_HXik22uTJMLand3Qc_KmAzN1F1i_0PfQHg
302 Found 0 B URL HTTP/2 ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-qPu_HXik22uTJMLand3Qc_KmAzN1F1i_0PfQHg
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?publisher_dsp_id=38&external_user_id=k-qPu_HXik22uTJMLand3Qc_KmAzN1F1i_0PfQHg HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 08 Dec 2022 09:34:03 GMT
content-type: text/plain
content-length: 0
location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-qPu_HXik22uTJMLand3Qc_KmAzN1F1i_0PfQHg
set-cookie: tuuid=0597eafe-f870-4478-921a-7de58ac537aa; Expires=Wed, 08 Mar 2023 09:34:03 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
tuuid_lu=1670492043; Expires=Wed, 08 Mar 2023 09:34:03 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 9dfb6f98524703cb28aa777c06f8307d
0259f1b07774b87d9bf5d69228f549946a1dd747
7b5ecd4e9bf216f4c71747b9eab5f135a610972adeb28d4f61118fab6decc065
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 09:34:03 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 13:56:48 GMT
Expires: Tue, 13 Dec 2022 13:56:47 GMT
Etag: "0259f1b07774b87d9bf5d69228f549946a1dd747"
Cache-Control: max-age=447163,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 776480c83b74b50f-OSL
ocsp.digicert.com/
200 OK 471 B IP
Hash 50d44347480ddbf69ff2e269edb5cce5
33dd3dfeab6f79c528cad49c3ce78c82b2d675bc
5a1afe32968aa9a3c3e2240e7766ebe312b3d017505fe8a8596138ce95ab208e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3367
Cache-Control: max-age=89916
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:34:03 GMT
Etag: "63905ea0-1d7"
Expires: Fri, 09 Dec 2022 10:32:39 GMT
Last-Modified: Wed, 07 Dec 2022 09:36:32 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 5ed935cfadef72c8c0ef9ea0fc353f65
247b558ac8d7ca8d913ea41b3a9b2434aa58abd3
01c2a3855094778f40f63849cfaaa2399031a392a339701b012bfc040de7dfd2
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 08 Dec 2022 09:34:03 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 08 Dec 2022 08:46:39 GMT
Expires: Fri, 09 Dec 2022 08:46:39 GMT
ETag: "247b558ac8d7ca8d913ea41b3a9b2434aa58abd3"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
eb2.3lift.com/xuid?mid=2711&xuid=k-lgV96Xik22uTJMLand3Qc_KmAzNeX3zJlGcLig&dongle=013b
200 OK 37 B URL HTTP/2 eb2.3lift.com/xuid?mid=2711&xuid=k-lgV96Xik22uTJMLand3Qc_KmAzNeX3zJlGcLig&dongle=013b
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /xuid?mid=2711&xuid=k-lgV96Xik22uTJMLand3Qc_KmAzNeX3zJlGcLig&dongle=013b HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:34:03 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash f0bc063ee14a287a2f76000075b166ae
01c46ed1f7e7d7bc8b54c9a886d167cd5ceb4033
e3681ed6e457e6ee825bfb0e1fe2b9982e07ed9461abfd78fcb9a1e58f889876
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3268
Cache-Control: max-age=163640
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:34:03 GMT
Etag: "63917eff-1d7"
Expires: Sat, 10 Dec 2022 07:01:23 GMT
Last-Modified: Thu, 08 Dec 2022 06:06:55 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
x.bidswitch.net/sync?dsp_id=46&user_id=k-6QMHLXik22uTJMLand3Qc_KmAzN4phF9_eLJgw&expires=30
302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?dsp_id=46&user_id=k-6QMHLXik22uTJMLand3Qc_KmAzN4phF9_eLJgw&expires=30
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=46&user_id=k-6QMHLXik22uTJMLand3Qc_KmAzN4phF9_eLJgw&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 08 Dec 2022 09:34:03 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-6QMHLXik22uTJMLand3Qc_KmAzN4phF9_eLJgw&expires=30
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=cb51c17d-8125-4da0-8a64-75d65028ec18; path=/; expires=Fri, 08-Dec-2023 09:34:03 GMT; domain=.bidswitch.net; samesite=none; secure
c=1670492043; path=/; expires=Fri, 08-Dec-2023 09:34:03 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1670492043; path=/; expires=Fri, 08-Dec-2023 09:34:03 GMT; domain=.bidswitch.net; samesite=none; secure
c=1670492043; path=/; expires=Fri, 08-Dec-2023 09:34:03 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
e1.emxdgt.com/put?d=d53&uid=k-rC35xnik22uTJMLand3Qc_KmAzM8jIkMq1i2JMOmyOplTCsx
204 No Content 0 B URL HTTP/2 e1.emxdgt.com/put?d=d53&uid=k-rC35xnik22uTJMLand3Qc_KmAzM8jIkMq1i2JMOmyOplTCsx
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /put?d=d53&uid=k-rC35xnik22uTJMLand3Qc_KmAzM8jIkMq1i2JMOmyOplTCsx HTTP/1.1
Host: e1.emxdgt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
content-type: text/html
date: Thu, 08 Dec 2022 09:34:03 GMT
content-length: 0
X-Firefox-Spdy: h2
simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-wOApuHik22uTJMLand3Qc_KmAzMXk0okocpajQ
200 OK 42 B URL HTTP/2 simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-wOApuHik22uTJMLand3Qc_KmAzMXk0okocpajQ
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-wOApuHik22uTJMLand3Qc_KmAzMXk0okocpajQ HTTP/1.1
Host: simage2.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 09:34:02 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_97=3385-uid:k-wOApuHik22uTJMLand3Qc_KmAzMXk0okocpajQ&KRTB&23144-uid:k-wOApuHik22uTJMLand3Qc_KmAzMXk0okocpajQ&KRTB&23286-uid:k-wOApuHik22uTJMLand3Qc_KmAzMXk0okocpajQ&KRTB&23287-uid:k-wOApuHik22uTJMLand3Qc_KmAzMXk0okocpajQ; domain=pubmatic.com; secure; expires=Sat, 07-Jan-2023 09:34:02 GMT; path=/
PugT=1670492042; domain=pubmatic.com; secure; expires=Sat, 07-Jan-2023 09:34:02 GMT; path=/
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
X-Firefox-Spdy: h2
visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-k4F0iXik22uTJMLand3Qc_KmAzPl5emXdSzcjg
200 OK 49 B URL HTTP/2 visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-k4F0iXik22uTJMLand3Qc_KmAzPl5emXdSzcjg
IP
ASN #200271 Iguane Solutions SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 4408efc0174f07ad685c456f1de521ca
e3bc3250f8f32bd98dc7b05fd8940b74617eb8d1
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
GET /visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-k4F0iXik22uTJMLand3Qc_KmAzPl5emXdSzcjg HTTP/1.1
Host: visitor.omnitagjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
expires: 0
p3p: CP="CAO PSA OUR"
pragma: no-cache
set-cookie: ayl_visitor=9299910763ea8de75b3c056973dc317f; Path=/; Domain=omnitagjs.com; Max-Age=2592000; Secure; SameSite=None
vary: Accept-Encoding
x-content-type-options: nosniff
date: Thu, 08 Dec 2022 09:34:03 GMT
content-length: 49
x-envoy-upstream-service-time: 24
server: ayl-lb-fra02
X-Firefox-Spdy: h2
dpm.demdex.net/ibs:dpid=28645&dpuuid=
302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=28645&dpuuid=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=28645&dpuuid= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v045-02fbabcd7.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=40165624648562303721144340606654227439; Max-Age=15552000; Expires=Tue, 06 Jun 2023 09:34:03 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: a6GE/tBeTYQ=
Content-Length: 0
Connection: keep-alive
x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-6QMHLXik22uTJMLand3Qc_KmAzN4phF9_eLJgw&expires=30
200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-6QMHLXik22uTJMLand3Qc_KmAzN4phF9_eLJgw&expires=30
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/sync?dsp_id=46&user_id=k-6QMHLXik22uTJMLand3Qc_KmAzN4phF9_eLJgw&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:34:03 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-qPu_HXik22uTJMLand3Qc_KmAzN1F1i_0PfQHg
200 OK 43 B URL HTTP/2 ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-qPu_HXik22uTJMLand3Qc_KmAzN1F1i_0PfQHg
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/match?publisher_dsp_id=38&external_user_id=k-qPu_HXik22uTJMLand3Qc_KmAzN1F1i_0PfQHg HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:34:03 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash e2a880777201cd52592f5649a4763bfc
c0301503c652721b0b3fae742223f4a873456df8
b6cbe7a377078205eca9cf15e5e929affeca110baedcafd7a4c7694c79812a7b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=98292
Date: Thu, 08 Dec 2022 09:34:03 GMT
Etag: "63908085-1d7"
Expires: Fri, 09 Dec 2022 12:52:15 GMT
Last-Modified: Wed, 07 Dec 2022 12:01:09 GMT
Server: ECS (nyb/1D1D)
X-Cache: Miss from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 5kaxPgzm3dueT_ineph4wDNsUDdw_8j0jQH8EUVSOwhXMEc1ijvnZA==
Age: 3066
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-1-v045-05e780d2b.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: d54mLG2IQo0=
Content-Length: 59
Connection: keep-alive
sync.outbrain.com/cookie-sync?p=criteo&uid=k-unyOA3ik22uTJMLand3Qc_KmAzPjalyTErLl6w
200 OK 0 B URL HTTP/1.1 sync.outbrain.com/cookie-sync?p=criteo&uid=k-unyOA3ik22uTJMLand3Qc_KmAzPjalyTErLl6w
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie-sync?p=criteo&uid=k-unyOA3ik22uTJMLand3Qc_KmAzPjalyTErLl6w HTTP/1.1
Host: sync.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 09:34:03 GMT
Content-Length: 0
Cache-Control: no-cache
X-TraceId: c2622cf1d9927963ed33d1b8e1943044
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 7c2aad8c4cad31317636d014510b3f5c
f347ee7a9ab918abbd722a8fcd5d5a2e2afab0d1
eead3554b391dd84ceed2ac4f07adc61b22a1911f47b3aa5c3df59866aa05c7d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=117646
Date: Thu, 08 Dec 2022 09:34:03 GMT
Etag: "6390c9a9-1d7"
Expires: Fri, 09 Dec 2022 18:14:49 GMT
Last-Modified: Wed, 07 Dec 2022 17:13:13 GMT
Server: ECS (nyb/1D25)
X-Cache: Miss from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 64CGBAbcgc6Y8KSF-SZ9yZa8P03YJXAqEPkjKlau-dHjgBf8iasJMw==
Age: 3696
gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 08 Dec 2022 09:34:03 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
server-processing-duration-in-ticks: 862903
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
sync-criteo.ads.yieldmo.com/sync?id=k--LK_eXik22uTJMLand3Qc_KmAzP7PxvPLch9jg&pn_id=criteo&ext=1
200 OK 43 B URL HTTP/2 sync-criteo.ads.yieldmo.com/sync?id=k--LK_eXik22uTJMLand3Qc_KmAzP7PxvPLch9jg&pn_id=criteo&ext=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /sync?id=k--LK_eXik22uTJMLand3Qc_KmAzP7PxvPLch9jg&pn_id=criteo&ext=1 HTTP/1.1
Host: sync-criteo.ads.yieldmo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:34:03 GMT
content-type: image/gif
content-length: 43
set-cookie: yieldmo_id=gffd1d8fa5989b0ce706%7C1670492043939%7C0%7C; Domain=.yieldmo.com; Expires=Fri, 08-Dec-2023 09:34:03 GMT; Path=/; Secure; SameSite=None; Secure
ptrcriteo=k--LK_eXik22uTJMLand3Qc_KmAzP7PxvPLch9jg; Domain=ads.yieldmo.com; Expires=Fri, 08-Dec-2023 09:34:03 GMT; Path=/; Secure; SameSite=None; Secure
access-control-allow-origin: *
access-control-request-headers: Cache-Control, Pragma
access-control-allow-methods: GET, OPTIONS
pragma: no-cache
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash 936c72c6efb7e9697f1903600e533e9e
4d1bc4f75c58536c049c96f935cbe10328db6d2a
3cc5a862e86aa77c3d71c8f7f32dc084fabe96c0cf2d80c328f8256e6135937b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 09:34:03 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 23:36:16 GMT
Expires: Sun, 11 Dec 2022 23:36:15 GMT
Etag: "4d1bc4f75c58536c049c96f935cbe10328db6d2a"
Cache-Control: max-age=309131,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 776480c9bb280af6-OSL
ocsp.digicert.com/
200 OK 471 B IP
Hash 50596c352614ac34197ef22f2b1751a8
469911ca4a7d9bb4d52cd99b9bb546f1ece549ce
a1f8eab0897f94325f42351c5ab7845d00d045b59710deab89761a2975b9cd81
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1909
Cache-Control: max-age=97131
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:34:04 GMT
Etag: "63908082-1d7"
Expires: Fri, 09 Dec 2022 12:32:55 GMT
Last-Modified: Wed, 07 Dec 2022 12:01:06 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
204 No Content 0 B URL HTTP/2 beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usermatch.gif?partner=criteo&partner_uid= HTTP/1.1
Host: beacon.krxd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 08 Dec 2022 09:34:04 GMT
set-cookie: _kuid_=PPscAuOD; Expires=Tue, 06-Jun-23 09:34:04 GMT; Max-Age=15552000; Domain=.krxd.net; Path=/
cache-control: private, no-cache, no-store
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-served-by: beacon-n021-dub-prod.krxd.net
x-request-time: D=31 t=1670492044
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 08 Dec 2022 09:34:03 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=
server-processing-duration-in-ticks: 334418
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash ea90c0d6c167ece53adaedad7af34228
3881b3be1fe3956e30efda85becd9de2e6928161
33233153d4f00efe02522de4db9668a3ca151c5ac97b3cebfabf9cf207877a5b
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 08 Dec 2022 09:34:03 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 07 Dec 2022 22:27:36 GMT
Expires: Thu, 08 Dec 2022 22:27:36 GMT
ETag: "3881b3be1fe3956e30efda85becd9de2e6928161"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.entrust.net/
200 OK 1.6 kB IP
Hash 8d65d3c2def9eac69f411ecc956d022e
491efc56a49aee84f509d00f134e33994e990b8c
ab5761ecd683feefd87d496717efc7c10477ef7e3d9c92abd4ad6585e2e85c80
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "AB5761ECD683FEEFD87D496717EFC7C10477EF7E3D9C92ABD4AD6585E2E85C80"
Last-Modified: Thu, 08 Dec 2022 08:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3191
Expires: Thu, 08 Dec 2022 10:27:15 GMT
Date: Thu, 08 Dec 2022 09:34:04 GMT
Connection: keep-alive
s.thebrighttag.com/cs?btt=0&tp=cr&uid=
200 OK 35 B URL HTTP/2 s.thebrighttag.com/cs?btt=0&tp=cr&uid=
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /cs?btt=0&tp=cr&uid= HTTP/1.1
Host: s.thebrighttag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:34:04 GMT
content-type: image/gif
content-length: 35
x-bt-requestid: 74a725a0-76db-11ed-a7d3-0000ac1703a9
cache-control: private, must-revalidate
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin:
server: nginx
p3p: CP=NOI DSP COR NID
X-Firefox-Spdy: h2
gs.mountain.com/gs
200 OK 144 B IP
File type ASCII text, with no line terminators
Hash ed424f9946973078460027341a9a973f
c9a07e38c8e6c83064c4184f88d26b7427b55159
bca9c8e5f41444cb092504edbef14564797e1462f06bb2b80ae8465afccb2c3c
GET /gs HTTP/1.1
Host: gs.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Cookie: guid=74bdbb01-76db-11ed-a4a5-270360d8a384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Thu, 08 Dec 2022 09:34:05 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
x-application-context: application:prod:8080
content-type: application/javascript;charset=utf-8
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
cache-control: public, max-age=31536000
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 144
x-envoy-upstream-service-time: 0
server: istio-envoy
connection: close
ocsp.globalsign.com/gsgccr3dvtlsca2020
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
Hash 678e8ad01e942df5e790a7f4b1890758
e10de3f11460a992601fac3d3dcc7c3c30f215dc
160c48844b81c65e3ec937d83be3c4078be50899ef981e3aca8146f9120f7456
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 09:34:06 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Mon, 12 Dec 2022 07:01:11 GMT
ETag: "e10de3f11460a992601fac3d3dcc7c3c30f215dc"
Last-Modified: Thu, 08 Dec 2022 07:01:12 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1184
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776480d9690c0b65-OSL
ocsp.globalsign.com/gsgccr3dvtlsca2020
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
Hash 678e8ad01e942df5e790a7f4b1890758
e10de3f11460a992601fac3d3dcc7c3c30f215dc
160c48844b81c65e3ec937d83be3c4078be50899ef981e3aca8146f9120f7456
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 09:34:06 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Mon, 12 Dec 2022 07:01:11 GMT
ETag: "e10de3f11460a992601fac3d3dcc7c3c30f215dc"
Last-Modified: Thu, 08 Dec 2022 07:01:12 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1184
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776480d96d03b515-OSL
match.adsrvr.org/track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=74bdbb01-76db-11ed-a4a5-270360d8a384&gdpr=&gdpr_consent=
200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=74bdbb01-76db-11ed-a4a5-270360d8a384&gdpr=&gdpr_consent=
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=74bdbb01-76db-11ed-a4a5-270360d8a384&gdpr=&gdpr_consent= HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:34:06 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-xuXIj3ik22uTJMLand3Qc_KmAzMCWueYSsVB6Q
200 OK 0 B URL HTTP/2 sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-xuXIj3ik22uTJMLand3Qc_KmAzMCWueYSsVB6Q
IP
ASN #200478 Taboola.com ltd
GET /sg/criteortb-network/1/rtb-h/?taboola_hm=k-xuXIj3ik22uTJMLand3Qc_KmAzMCWueYSsVB6Q HTTP/1.1
Host: sync-t1.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 09:34:03 GMT
x-fastly-to-nlb-rtt: 22248
access-control-allow-credentials: true
X-Firefox-Spdy: h2
dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
200 OK 0 B URL HTTP/2 dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
IP
GET /dis/rtb/appnexus/cookiematch.aspx?appnxsid=0 HTTP/1.1
Host: dis.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:34:03 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
timing-allow-origin: *
server-processing-duration-in-ticks: 575189
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
aacdn.nagich.com/style/btncolor.css
200 OK 0 B URL HTTP/2 aacdn.nagich.com/style/btncolor.css
IP
GET /style/btncolor.css HTTP/1.1
Host: aacdn.nagich.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:34:00 GMT
content-type: text/css
cache-control: public, max-age=2204800
last-modified: Mon, 11 Feb 2019 11:17:50 GMT
etag: W/"4c2a96cfbc1d41:0"
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: deny
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 297102
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wZJ%2B1ewSwQl0l6TnTz5DBfYGmvB%2FSH0N9KkDodtafMVhHFy%2BUViscu9ZOuVNmgFfDNm%2FFYSK8xn%2BILEWum75D95hLYEPNxyskP2mswYq58cPXZ7gbyoFQa%2BnpIiBiQWhn7s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776480b3eb33b4f3-OSL
content-encoding: br
X-Firefox-Spdy: h2
aacdn.nagich.com/assets/images/11.svg
200 OK 0 B URL HTTP/2 aacdn.nagich.com/assets/images/11.svg
IP
GET /assets/images/11.svg HTTP/1.1
Host: aacdn.nagich.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:34:00 GMT
content-type: image/svg+xml
cache-control: public, max-age=2204800
last-modified: Thu, 01 Aug 2019 12:47:47 GMT
etag: W/"42b27526748d51:0"
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: deny
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 297101
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pnOg6eWKMOWTtTL7EGyjKV%2BwBpxMKklHHFEshw43IJ6zvYGXobHUxJCkMuh00C%2FDCc6NUwTA5OFQFHjXkyHCozTB%2FES4bQFm3sxHOh8TrjWDcGYwnUSoBX0wV4H1cBnUQu8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776480b56d26b4f3-OSL
content-encoding: br
X-Firefox-Spdy: h2
ak.sail-horizon.com/spm/spm.v1.min.js
200 OK 0 B URL HTTP/2 ak.sail-horizon.com/spm/spm.v1.min.js
IP
GET /spm/spm.v1.min.js HTTP/1.1
Host: ak.sail-horizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 15 Sep 2022 23:20:31 GMT
server: AmazonS3
content-encoding: gzip
date: Thu, 08 Dec 2022 09:30:00 GMT
cache-control: max-age=600; must-revalidate
etag: W/"97dd801dd26ae0172c7875245d92f506"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Y-EXLy0n6rx4bsoPIx0AJvGKb-1564j7u-pndSQy5TfeQ51WxK2r4g==
age: 241
X-Firefox-Spdy: h2
widget.us.criteo.com/event?a=95340&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3Dundefined%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.1.0&p3=e%3Ddis&adce=1&bundle=ThgHLV9ucTZJRHQlMkZURGNPM0VWempwNnglMkZ0Q3d2NlVOelRxR2Fjd1dpR3c3Q2xFWXlRNzJQZFdLNUklMkZhd0YyRENNT2RTZiUyRlQ4bGZNNW56T3JvRzY1c0tPS0RnZnNVYWVtbTI5SW45Q2J2ek5ZelFwdkRzUjJidmV6Y1I4Zmhia2JqVkRYRmU2ZEZCMmtEV3l1TDVhU1BWQUxkdyUzRCUzRA&tld=flaviar.com&dy=1&fu=https%253A%252F%252Fflaviar.com%252F%253Firclickid%253D1Y%253AwNSyDDxyNUnKU6JTwfQQ2UkAxH4yRLTTUV00%2526ir_cid%253D3334%2526ir_affid%253D10813%2526utm_medium%253Daffiliates%2526utm_source%253DMaxBounty.com%252520ULC%2526ir_partnerid%253D10813%2526ir_adid%253D1215604%2526ir_campaignid%253D3334&dtycbr=93129&cs=1---&cv=1
200 OK 0 B URL HTTP/2 widget.us.criteo.com/event?a=95340&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3Dundefined%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.1.0&p3=e%3Ddis&adce=1&bundle=ThgHLV9ucTZJRHQlMkZURGNPM0VWempwNnglMkZ0Q3d2NlVOelRxR2Fjd1dpR3c3Q2xFWXlRNzJQZFdLNUklMkZhd0YyRENNT2RTZiUyRlQ4bGZNNW56T3JvRzY1c0tPS0RnZnNVYWVtbTI5SW45Q2J2ek5ZelFwdkRzUjJidmV6Y1I4Zmhia2JqVkRYRmU2ZEZCMmtEV3l1TDVhU1BWQUxkdyUzRCUzRA&tld=flaviar.com&dy=1&fu=https%253A%252F%252Fflaviar.com%252F%253Firclickid%253D1Y%253AwNSyDDxyNUnKU6JTwfQQ2UkAxH4yRLTTUV00%2526ir_cid%253D3334%2526ir_affid%253D10813%2526utm_medium%253Daffiliates%2526utm_source%253DMaxBounty.com%252520ULC%2526ir_partnerid%253D10813%2526ir_adid%253D1215604%2526ir_campaignid%253D3334&dtycbr=93129&cs=1---&cv=1
IP
GET /event?a=95340&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3Dundefined%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.1.0&p3=e%3Ddis&adce=1&bundle=ThgHLV9ucTZJRHQlMkZURGNPM0VWempwNnglMkZ0Q3d2NlVOelRxR2Fjd1dpR3c3Q2xFWXlRNzJQZFdLNUklMkZhd0YyRENNT2RTZiUyRlQ4bGZNNW56T3JvRzY1c0tPS0RnZnNVYWVtbTI5SW45Q2J2ek5ZelFwdkRzUjJidmV6Y1I4Zmhia2JqVkRYRmU2ZEZCMmtEV3l1TDVhU1BWQUxkdyUzRCUzRA&tld=flaviar.com&dy=1&fu=https%253A%252F%252Fflaviar.com%252F%253Firclickid%253D1Y%253AwNSyDDxyNUnKU6JTwfQQ2UkAxH4yRLTTUV00%2526ir_cid%253D3334%2526ir_affid%253D10813%2526utm_medium%253Daffiliates%2526utm_source%253DMaxBounty.com%252520ULC%2526ir_partnerid%253D10813%2526ir_adid%253D1215604%2526ir_campaignid%253D3334&dtycbr=93129&cs=1---&cv=1 HTTP/1.1
Host: widget.us.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaviar.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:34:02 GMT
content-type: application/x-javascript
server: Kestrel
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
expires: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
timing-allow-origin: *
server-processing-duration-in-ticks: 23204891
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-42SGNXik22uTJMLand3Qc_KmAzPYYyRp7RG8s_Dhdpvvln-m
200 OK 0 B URL HTTP/2 exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-42SGNXik22uTJMLand3Qc_KmAzPYYyRp7RG8s_Dhdpvvln-m
IP
GET /usersync/push?partner=criteo&partnerId=k-42SGNXik22uTJMLand3Qc_KmAzPYYyRp7RG8s_Dhdpvvln-m HTTP/1.1
Host: exchange.mediavine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:34:03 GMT
content-type: text/html; charset=utf-8
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
cache-control: private, no-cache
set-cookie: mv_tokens=%7B%22mv_uuid%22%3A%2274031d70-76db-11ed-a884-899fe70824eb%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Thu, 22 Dec 2022 09:34:03 GMT; Secure; SameSite=None
mv_tokens_eu-v1=%7B%22mv_uuid%22%3A%2274031d70-76db-11ed-a884-899fe70824eb%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Thu, 22 Dec 2022 09:34:03 GMT; Secure; SameSite=None
am_tokens=%7B%22mv_uuid%22%3A%2274031d70-76db-11ed-a884-899fe70824eb%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Thu, 22 Dec 2022 09:34:03 GMT; Secure; SameSite=None
am_tokens_eu-v1=%7B%22mv_uuid%22%3A%2274031d70-76db-11ed-a884-899fe70824eb%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Thu, 22 Dec 2022 09:34:03 GMT; Secure; SameSite=None
criteo=%7B%22id%22%3A%22k-42SGNXik22uTJMLand3Qc_KmAzPYYyRp7RG8s_Dhdpvvln-m%22%2C%22version%22%3A%22criteo%22%7D; Path=/; Expires=Thu, 22 Dec 2022 09:34:03 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
aacdn.nagich.com/core/4.3.7/accessibility.js
200 OK 0 B URL HTTP/2 aacdn.nagich.com/core/4.3.7/accessibility.js
IP
GET /core/4.3.7/accessibility.js HTTP/1.1
Host: aacdn.nagich.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flaviar.com
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:34:00 GMT
content-type: application/javascript
cache-control: public, max-age=2204800
last-modified: Wed, 20 Jul 2022 11:28:32 GMT
etag: W/"03079d72b9cd81:0"
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: deny
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 297102
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BGIkiTSDbMa%2F9dj%2BniquByWViHbrPPD%2FopEo5EfTgmAT5CNttwuzHNaZ7iAIZJ77Ly6HmWy%2BaX%2BtEyLPxGmIerjcK8ZOOwJOue8o98E3rCKIn8g6kLjy1MHpOe%2FszQVfwh8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776480b32a52b4f3-OSL
content-encoding: br
X-Firefox-Spdy: h2
px.mountain.com/st?ga_tracking_id=UA-28959768-20&ga_client_id=1639009528.1670492040&shpt=Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-28959768-20%22%2C%22ga_client_id%22%3A%221639009528.1670492040%22%2C%22shpt%22%3A%22Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar%22%2C%22dcm_cid%22%3A%221670492039.1%22%2C%22dcm_gid%22%3A%221275494817.1670492040%22%2C%22ga_utm_source%22%3A%22MaxBounty.com%20ULC%22%2C%22ga_utm_medium%22%3A%22affiliates%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A8%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%2C%22ga_utm_source%22%3A%22OK%22%2C%22ga_utm_medium%22%3A%22OK%22%7D%7D&dcm_cid=1670492039.1&dcm_gid=1275494817.1670492040&dxver=4.0.0&shaid=33038&plh=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1Y%3AwNSyDDxyNUnKU6JTwfQQ2UkAxH4yRLTTUV00%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue%2Ccriteo%3Dtrue&cb=1670492044687452&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1670492045417
200 OK 0 B URL HTTP/1.1 px.mountain.com/st?ga_tracking_id=UA-28959768-20&ga_client_id=1639009528.1670492040&shpt=Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-28959768-20%22%2C%22ga_client_id%22%3A%221639009528.1670492040%22%2C%22shpt%22%3A%22Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar%22%2C%22dcm_cid%22%3A%221670492039.1%22%2C%22dcm_gid%22%3A%221275494817.1670492040%22%2C%22ga_utm_source%22%3A%22MaxBounty.com%20ULC%22%2C%22ga_utm_medium%22%3A%22affiliates%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A8%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%2C%22ga_utm_source%22%3A%22OK%22%2C%22ga_utm_medium%22%3A%22OK%22%7D%7D&dcm_cid=1670492039.1&dcm_gid=1275494817.1670492040&dxver=4.0.0&shaid=33038&plh=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1Y%3AwNSyDDxyNUnKU6JTwfQQ2UkAxH4yRLTTUV00%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue%2Ccriteo%3Dtrue&cb=1670492044687452&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1670492045417
IP
GET /st?ga_tracking_id=UA-28959768-20&ga_client_id=1639009528.1670492040&shpt=Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-28959768-20%22%2C%22ga_client_id%22%3A%221639009528.1670492040%22%2C%22shpt%22%3A%22Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar%22%2C%22dcm_cid%22%3A%221670492039.1%22%2C%22dcm_gid%22%3A%221275494817.1670492040%22%2C%22ga_utm_source%22%3A%22MaxBounty.com%20ULC%22%2C%22ga_utm_medium%22%3A%22affiliates%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A8%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%2C%22ga_utm_source%22%3A%22OK%22%2C%22ga_utm_medium%22%3A%22OK%22%7D%7D&dcm_cid=1670492039.1&dcm_gid=1275494817.1670492040&dxver=4.0.0&shaid=33038&plh=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1Y%3AwNSyDDxyNUnKU6JTwfQQ2UkAxH4yRLTTUV00%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue%2Ccriteo%3Dtrue&cb=1670492044687452&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1670492045417 HTTP/1.1
Host: px.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Cookie: guid=74bdbb01-76db-11ed-a4a5-270360d8a384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Thu, 08 Dec 2022 09:34:06 GMT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
set-cookie: tt=H4sIAAAAAAAAAKtWKlOyMtJR8guKNzY2MLaINzK3NFayMkAWsTC2AIsgcw3NzA1MLI0MTMwMDUxrAWWBkARGAAAA;Domain=px.mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
rt="MzMwMzg6MTY3MDQ5MjA0Ng==";Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
guid=74bdbb01-76db-11ed-a4a5-270360d8a384;Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
content-encoding: gzip
connection: close
aacdn.nagich.com/style/style.css
200 OK 0 B URL HTTP/2 aacdn.nagich.com/style/style.css
IP
GET /style/style.css HTTP/1.1
Host: aacdn.nagich.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:34:00 GMT
content-type: text/css
cache-control: public, max-age=2204800
last-modified: Sun, 02 Oct 2022 09:01:39 GMT
etag: W/"809b15953dd6d81:0"
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: deny
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 297102
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8A6qMxuiB3Uor9EVKcL5G8Q%2BESmcA%2B%2B4Vp0i3iQ5eMP2kIXyOK09DH11gnZEfK7JxylGTKRJ17gV%2F9Q%2BOSCpAcOlmKYsq9WnYGtZtGe8KjWqHf%2BRhDABpKdFDSinByN%2FnKc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776480b3db1ab4f3-OSL
content-encoding: br
X-Firefox-Spdy: h2
aacdn.nagich.com/assets/locale/en.json
200 OK 0 B URL HTTP/2 aacdn.nagich.com/assets/locale/en.json
IP
GET /assets/locale/en.json HTTP/1.1
Host: aacdn.nagich.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaviar.com/
Origin: https://flaviar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:34:00 GMT
content-type: application/json
cache-control: public, max-age=2204800
last-modified: Tue, 15 Jun 2021 15:40:09 GMT
etag: W/"f45920b9fc61d71:0"
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: deny
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NIS8bxhvchu9oZcr0Ok4IBM87KoLn9uAo6ddUOStb1GH2JMB9sbR8PHwXhjsjq90O5Xk2x3l%2BVSVaF5%2B2q810fOJvuUW1hXk26rgyPkowE2XA7Dw04T1x4K0RMrbyBJ7ew4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776480b3eb34b4f3-OSL
content-encoding: br
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=onetag&domain=flaviar.com&sn=FirefoxSyncframe&so=0&topUrl=flaviar.com&info=yoQmFV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czdMWnBzNjhkMjFtNUZhVHBCSTlLbndQMDdQMERQaXZ5ZlcwJTJCcGxkWEg0Uw&idsd=-405907259,1389297974&cw=1&lsw=1
200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=onetag&domain=flaviar.com&sn=FirefoxSyncframe&so=0&topUrl=flaviar.com&info=yoQmFV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czdMWnBzNjhkMjFtNUZhVHBCSTlLbndQMDdQMERQaXZ5ZlcwJTJCcGxkWEg0Uw&idsd=-405907259,1389297974&cw=1&lsw=1
IP
GET /sid/json?origin=onetag&domain=flaviar.com&sn=FirefoxSyncframe&so=0&topUrl=flaviar.com&info=yoQmFV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czdMWnBzNjhkMjFtNUZhVHBCSTlLbndQMDdQMERQaXZ5ZlcwJTJCcGxkWEg0Uw&idsd=-405907259,1389297974&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?topUrl=flaviar.com&origin=onetag&us_privacy=1---
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:34:01 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1051288
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-ygwptHik22uTJMLand3Qc_KmAzMAjvmijUgv8Q&google_error=3
200 OK 0 B URL HTTP/2 dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-ygwptHik22uTJMLand3Qc_KmAzMAjvmijUgv8Q&google_error=3
IP
GET /dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-ygwptHik22uTJMLand3Qc_KmAzMAjvmijUgv8Q&google_error=3 HTTP/1.1
Host: dis.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:34:03 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
timing-allow-origin: *
server-processing-duration-in-ticks: 333678
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
px.mountain.com/st?ga_tracking_id=UA-28959768-20&ga_client_id=1639009528.1670492040&shpt=Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-28959768-20%22%2C%22ga_client_id%22%3A%221639009528.1670492040%22%2C%22shpt%22%3A%22Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar%22%2C%22dcm_cid%22%3A%221670492039.1%22%2C%22dcm_gid%22%3A%221275494817.1670492040%22%2C%22ga_utm_source%22%3A%22MaxBounty.com%20ULC%22%2C%22ga_utm_medium%22%3A%22affiliates%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A8%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%2C%22ga_utm_source%22%3A%22OK%22%2C%22ga_utm_medium%22%3A%22OK%22%7D%7D&dcm_cid=1670492039.1&dcm_gid=1275494817.1670492040&dxver=4.0.0&shaid=33038&plh=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1Y%3AwNSyDDxyNUnKU6JTwfQQ2UkAxH4yRLTTUV00%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&cb=66164805886779176term%3Dvalue&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue%2Ccriteo%3Dtrue
200 OK 0 B URL HTTP/1.1 px.mountain.com/st?ga_tracking_id=UA-28959768-20&ga_client_id=1639009528.1670492040&shpt=Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-28959768-20%22%2C%22ga_client_id%22%3A%221639009528.1670492040%22%2C%22shpt%22%3A%22Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar%22%2C%22dcm_cid%22%3A%221670492039.1%22%2C%22dcm_gid%22%3A%221275494817.1670492040%22%2C%22ga_utm_source%22%3A%22MaxBounty.com%20ULC%22%2C%22ga_utm_medium%22%3A%22affiliates%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A8%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%2C%22ga_utm_source%22%3A%22OK%22%2C%22ga_utm_medium%22%3A%22OK%22%7D%7D&dcm_cid=1670492039.1&dcm_gid=1275494817.1670492040&dxver=4.0.0&shaid=33038&plh=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1Y%3AwNSyDDxyNUnKU6JTwfQQ2UkAxH4yRLTTUV00%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&cb=66164805886779176term%3Dvalue&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue%2Ccriteo%3Dtrue
IP
GET /st?ga_tracking_id=UA-28959768-20&ga_client_id=1639009528.1670492040&shpt=Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-28959768-20%22%2C%22ga_client_id%22%3A%221639009528.1670492040%22%2C%22shpt%22%3A%22Flaviar%20Membership%20%C2%BB%20Fine%20Spirits%20%26%20Whiskey%20Club%20%F0%9F%A5%83%20-%20Flaviar%22%2C%22dcm_cid%22%3A%221670492039.1%22%2C%22dcm_gid%22%3A%221275494817.1670492040%22%2C%22ga_utm_source%22%3A%22MaxBounty.com%20ULC%22%2C%22ga_utm_medium%22%3A%22affiliates%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A8%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%2C%22ga_utm_source%22%3A%22OK%22%2C%22ga_utm_medium%22%3A%22OK%22%7D%7D&dcm_cid=1670492039.1&dcm_gid=1275494817.1670492040&dxver=4.0.0&shaid=33038&plh=https%3A%2F%2Fflaviar.com%2F%3Firclickid%3D1Y%3AwNSyDDxyNUnKU6JTwfQQ2UkAxH4yRLTTUV00%26ir_cid%3D3334%26ir_affid%3D10813%26utm_medium%3Daffiliates%26utm_source%3DMaxBounty.com%2520ULC%26ir_partnerid%3D10813%26ir_adid%3D1215604%26ir_campaignid%3D3334&cb=66164805886779176term%3Dvalue&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue%2Ccriteo%3Dtrue HTTP/1.1
Host: px.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Thu, 08 Dec 2022 09:34:04 GMT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
set-cookie: guid=74bdbb01-76db-11ed-a4a5-270360d8a384;Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
content-encoding: gzip
connection: close
static.fbot.me/friendbuy.js
200 OK 0 B URL HTTP/2 static.fbot.me/friendbuy.js
IP
GET /friendbuy.js HTTP/1.1
Host: static.fbot.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 18:54:50 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: 1TJItsrldzDocUTOk9.t5QWqlV.wmjrZ
server: AmazonS3
content-encoding: gzip
date: Thu, 08 Dec 2022 09:33:56 GMT
cache-control: max-age=300
etag: W/"0b5bcf54c4cdbc59dd5b187265ffc20d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZtQwkrO8t6xYfVN3_imjrrF_gKFLUs0IggfLeNPYlySvpWWQE0tCQQ==
age: 6
X-Firefox-Spdy: h2
campaign.fbot.me/06cc9139-6a61-41fc-88db-9ec21e04eecf/campaigns.js
200 OK 0 B URL HTTP/2 campaign.fbot.me/06cc9139-6a61-41fc-88db-9ec21e04eecf/campaigns.js
IP
GET /06cc9139-6a61-41fc-88db-9ec21e04eecf/campaigns.js HTTP/1.1
Host: campaign.fbot.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flaviar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 09:06:28 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: dEkiO068.JJoOvIRp4TEWm96aq7RJgI1
server: AmazonS3
content-encoding: gzip
date: Thu, 08 Dec 2022 09:33:32 GMT
cache-control: max-age=30
etag: W/"ed1d8967ee1c956c2188672719b3f2e8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4W2KkSLwvwTvc4GKh-Mv3j6s9RKSS7TtULpQAD3nzXuNMUO58V2xqg==
age: 28
X-Firefox-Spdy: h2
criteo-partners.tremorhub.com/sync?UICR=k-OajK1Hik22uTJMLand3Qc_KmAzPAZFiL60t9ew
200 OK 0 B URL HTTP/2 criteo-partners.tremorhub.com/sync?UICR=k-OajK1Hik22uTJMLand3Qc_KmAzPAZFiL60t9ew
IP
GET /sync?UICR=k-OajK1Hik22uTJMLand3Qc_KmAzPAZFiL60t9ew HTTP/1.1
Host: criteo-partners.tremorhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:34:03 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
X-Firefox-Spdy: h2
172.66.40.91
23.13.245.180
178.250.2.146
23.36.77.32
3.248.49.44
35.246.234.8
157.240.200.35
185.64.189.110
104.18.20.226
151.101.244.157
141.226.228.48