Overview

URL ponovish.yotubr.co/
IP192.64.119.178
ASNNAMECHEAP-NET
Location United States
Report completed2022-09-11 19:52:54 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-11 2 ponovish.yotubr.co/ Phishing
2022-09-11 2 cdrvrs.com/5/4970339 Phishing
2022-09-11 2 skayhoo.com/npdirect.html?clickid=4d33c1a7-320b-11ed-b6ae-127dc2ac3a05 Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (37)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-11 15:58:57 UTC 143.204.55.35
mnemonic passive DNS ocsp.sectigo.com (8) 487 2018-12-17 11:31:55 UTC 2022-09-11 17:53:46 UTC 172.64.155.188
mnemonic passive DNS ocsp.pki.goog (9) 175 2017-06-14 07:23:31 UTC 2022-09-11 04:58:08 UTC 142.250.74.3
mnemonic passive DNS tsyndicate.com (1) 13042 2017-03-16 09:04:54 UTC 2022-09-11 14:31:06 UTC 136.243.81.150
mnemonic passive DNS static.trafficjunky.com (1) 13961 2015-03-25 11:36:27 UTC 2022-09-11 14:17:51 UTC 205.185.208.79
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-11 04:57:17 UTC 143.204.55.110
mnemonic passive DNS ponovish.yotubr.co (1) 0 2022-08-11 15:50:33 UTC 2022-09-11 17:06:43 UTC 192.64.119.178 Unknown ranking
mnemonic passive DNS ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2022-09-11 12:16:56 UTC 93.184.220.29
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-11 04:57:20 UTC 34.120.237.76
mnemonic passive DNS lemouwee.com (3) 176393 2021-03-12 13:42:34 UTC 2022-09-11 15:54:24 UTC 139.45.197.251
mnemonic passive DNS static.parastorage.com (10) 5943 2017-10-08 09:28:46 UTC 2022-09-11 17:11:55 UTC 151.101.85.91
mnemonic passive DNS cdn.smrt-assets.com (7) 0 2019-12-30 14:33:21 UTC 2022-09-11 15:56:59 UTC 104.123.68.153 Unknown ranking
mnemonic passive DNS www.gstatic.com (2) 0 2016-07-26 09:37:06 UTC 2022-09-11 16:15:40 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS ctrack.trafficjunky.net (1) 27301 2014-03-23 22:43:38 UTC 2022-09-11 13:29:09 UTC 66.254.114.89
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-11 04:58:07 UTC 34.117.237.239
mnemonic passive DNS kuno-gae.com (1) 32676 2022-01-26 19:52:29 UTC 2022-09-11 08:07:31 UTC 52.45.156.125
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-11 04:57:50 UTC 54.148.190.4
mnemonic passive DNS skayhoo.com (2) 0 2022-04-27 19:14:08 UTC 2022-09-11 17:06:42 UTC 199.85.210.82 Unknown ranking
mnemonic passive DNS code.jquery.com (1) 634 2012-05-21 17:28:02 UTC 2022-09-11 04:58:21 UTC 69.16.175.10
mnemonic passive DNS siteassets.parastorage.com (4) 6331 2018-06-12 13:05:15 UTC 2022-09-11 09:36:30 UTC 151.101.85.91
mnemonic passive DNS guard.cdtbox.rocks (1) 240008 2020-08-11 05:30:44 UTC 2022-09-11 15:57:00 UTC 34.193.131.238
mnemonic passive DNS www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-09-11 13:30:36 UTC 142.250.74.174
mnemonic passive DNS stats.g.doubleclick.net (1) 96 2013-06-02 22:47:44 UTC 2022-09-11 04:59:21 UTC 142.251.1.154
mnemonic passive DNS statisticresearch.com (1) 584767 2019-05-20 16:27:25 UTC 2022-09-11 15:56:59 UTC 34.225.97.2
mnemonic passive DNS ocsp.sca1b.amazontrust.com (3) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 54.230.245.110
mnemonic passive DNS www.nutritio.news (2) 0 2020-07-28 12:08:44 UTC 2022-09-07 22:53:44 UTC 34.149.87.45 Unknown ranking
mnemonic passive DNS my.rtmark.net (1) 9054 2017-08-22 14:11:49 UTC 2022-09-11 08:50:08 UTC 139.45.195.8
mnemonic passive DNS fonts.gstatic.com (2) 0 2014-08-29 13:43:22 UTC 2022-09-11 04:58:03 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS region1.google-analytics.com (1) 0 2022-03-17 11:26:33 UTC 2022-09-11 05:49:51 UTC 216.239.34.36 Domain (google-analytics.com) ranked at: 8401
mnemonic passive DNS r3.o.lencr.org (8) 344 2020-12-02 08:52:13 UTC 2022-09-11 04:57:04 UTC 95.101.11.115
mnemonic passive DNS ocsp.globalsign.com (1) 2075 2012-05-25 06:20:55 UTC 2022-09-11 04:57:36 UTC 104.18.20.226
mnemonic passive DNS www.googletagmanager.com (1) 75 2012-12-25 14:52:06 UTC 2022-09-11 04:57:12 UTC 142.250.74.72
mnemonic passive DNS cdn.smrt-content.com (1) 99856 2019-12-30 14:33:21 UTC 2022-09-11 04:01:47 UTC 2.21.8.227
mnemonic passive DNS fonts.googleapis.com (2) 8877 2014-07-21 13:19:55 UTC 2022-09-11 17:07:01 UTC 142.250.74.10
mnemonic passive DNS cdrvrs.com (1) 69998 2021-06-22 10:56:52 UTC 2022-09-11 19:27:47 UTC 139.45.197.238
mnemonic passive DNS frog.wix.com (7) 5452 2016-04-07 19:33:42 UTC 2022-09-11 11:35:36 UTC 54.156.249.127
mnemonic passive DNS smartdt-secure.com (2) 0 2022-04-04 14:38:44 UTC 2022-09-11 17:06:42 UTC 45.141.159.22 Unknown ranking


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 192.64.119.178

Date UQ / IDS / BL URL IP
2022-11-09 12:17:16 +0000
0 - 0 - 1 tryuse-perfecttips.world/doing.php?a=1nor&c=d (...) 192.64.119.178
2022-11-09 04:17:07 +0000
0 - 0 - 1 tryuse-perfecttips.world/longer.php?a=1nor&c= (...) 192.64.119.178
2022-11-06 18:23:10 +0000
0 - 0 - 3 0co2.info/ 192.64.119.178
2022-10-27 23:34:41 +0000
0 - 0 - 1 androidchrome.yotubr.co/ 192.64.119.178
2022-10-26 14:54:07 +0000
0 - 0 - 1 ponovishc.yotubr.co/ 192.64.119.178

Last 5 reports on ASN: NAMECHEAP-NET

Date UQ / IDS / BL URL IP
2022-11-29 00:35:25 +0000
0 - 0 - 1 metamask.io.merge.atlaspresse.com/ 66.29.146.39
2022-11-29 00:32:53 +0000
10 - 0 - 8 forexborsada.com/BAAAAA/info.html 198.54.126.139
2022-11-29 00:32:32 +0000
13 - 0 - 8 forexborsada.com/BAAAAA/otp2.html 198.54.126.139
2022-11-29 00:32:16 +0000
11 - 0 - 8 forexborsada.com/BAAAAA/personal2.html 198.54.126.139
2022-11-29 00:31:53 +0000
15 - 0 - 8 forexborsada.com/BAAAAA/otp.html 198.54.126.139

Last 5 reports on domain: yotubr.co

Date UQ / IDS / BL URL IP
2022-10-27 23:34:41 +0000
0 - 0 - 1 androidchrome.yotubr.co/ 192.64.119.178
2022-10-26 14:54:07 +0000
0 - 0 - 1 ponovishc.yotubr.co/ 192.64.119.178
2022-10-26 14:10:49 +0000
0 - 0 - 1 androidponovish.yotubr.co/ 192.64.119.178
2022-10-26 06:52:30 +0000
0 - 0 - 1 androidchrome.yotubr.co/ 192.64.119.178
2022-10-26 06:39:40 +0000
0 - 0 - 1 ponovish.yotubr.co/ 192.64.119.178

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-10-24 20:11:43 +0000
0 - 0 - 2 wdnkh.bemobtrk.com/go/687c4b90-ea21-4c98-8107 (...) 3.70.16.242
2022-10-23 17:56:29 +0000
0 - 0 - 2 wdnkh.bemobtrk.com/go/207d4b7a-ccfb-4c84-86b5 (...) 3.70.16.242
2022-10-22 17:05:17 +0000
0 - 0 - 2 wdnkh.bemobtrk.com/go/6627c33f-d060-48e9-b7c6 (...) 3.70.16.242
2022-09-07 00:35:16 +0000
0 - 0 - 2 skayhoo.com/npdirect.html 199.85.210.82
2022-09-04 19:49:07 +0000
0 - 0 - 3 ponovish.yotubr.co/ 192.64.119.178


JavaScript

Executed Scripts (66)


Executed Evals (2)

#1 JavaScript::Eval (size: 80, repeated: 1) - SHA256: 69a41a67a35080deb5297f0a1789aea0f2a5b45c4ba54c3d18fe6409abaf513c

                                        (() => {
    const a = async
    function name() {};
    window['ub5s0c142ne'] = true;
})()
                                    

#2 JavaScript::Eval (size: 90, repeated: 1) - SHA256: 3cd43d86dbeebf58e30163f3ef7c74c46e2fe76a90d971094e18ef0f07de2883

                                        workaround.getRequireFunction = () => typeof require !== 'undefined' ? require : undefined
                                    

Executed Writes (0)



HTTP Transactions (100)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6964
Expires: Sun, 11 Sep 2022 21:48:47 GMT
Date: Sun, 11 Sep 2022 19:52:43 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 11 Sep 2022 19:07:48 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -CSywnJLTFhFmbeIq5arHATsdiY8weQobStjPgmuFJHhXKmJSUefYQ==
Age: 2695


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    99b7d23c1748d0526782b9ff9ea45f09
Sha1:   eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
Sha256: 48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.110
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 11 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZYRVJ93udSJGyBL0Z-OErRZxsPCnaQSHiveZLr-A4L_c3DIG6lp8pg==
age: 45331
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    742edb4038f38bc533514982f3d2e861
Sha1:   cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
                                        
                                            GET / HTTP/1.1 
Host: ponovish.yotubr.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         192.64.119.178
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
                                        
Date: Sun, 11 Sep 2022 19:52:43 GMT
Content-Length: 190
Connection: keep-alive
Location: https://kuno-gae.com/ponovish.com?adTagId=caef4180-105a-11ea-86a1-0a97765f9322&cpm=0.00015&keywords=youtube,movies,videos&fallbackUrl=https://skayhoo.com/npdirect.html
X-Served-By: Namecheap URL Forward
Server: namecheap-nginx


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   190
Md5:    ce33732257cc1204dce45169587733ca
Sha1:   3888a9d215258fed55f38b4dd326f24daf67c9b9
Sha256: d0ae041c0b272cb01d6b79a1a2770c9cb70f3532616a76d8366d7b7af315bebe

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 11 Sep 2022 19:52:43 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sun, 11 Sep 2022 18:56:07 GMT
Cache-Control: max-age=3600
Expires: Sun, 11 Sep 2022 19:19:38 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ExlKfPAWGUhQ5Nayinshi1Q3J1Ra1lSkNztWnlRAL3WJNgz_ipXqDg==
Age: 3396


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.110
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 11 Sep 2022 19:52:43 GMT
Last-Modified: Sun, 11 Sep 2022 18:17:24 GMT
Server: ECS (nyb/1D2B)
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: NbYGVKb3C0MAP5pEfr8mEzpIyvwJZep4k6CBDiGkK56yHfZRhFuMbA==
Age: 5719

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4620
Cache-Control: 'max-age=158059'
Date: Sun, 11 Sep 2022 19:52:44 GMT
Last-Modified: Sun, 11 Sep 2022 18:35:44 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /ponovish.com?adTagId=caef4180-105a-11ea-86a1-0a97765f9322&cpm=0.00015&keywords=youtube,movies,videos&fallbackUrl=https://skayhoo.com/npdirect.html HTTP/1.1 
Host: kuno-gae.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         52.45.156.125
HTTP/2 302 Found
                                        
date: Sun, 11 Sep 2022 19:52:44 GMT
content-length: 0
location: https://skayhoo.com/npdirect.html?clickid=4d33c1a7-320b-11ed-b6ae-127dc2ac3a05
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
server: XuEaeyVb
X-Firefox-Spdy: h2

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 0VQkIecyBPr5/WZ46nJc5Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         54.148.190.4
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: yQjSeaEJcUbOXUkcvEm2ZfUyzsg=

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 19:52:44 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 09 Sep 2022 08:02:52 GMT
Expires: Fri, 16 Sep 2022 08:02:51 GMT
Etag: "0f174c5efe01da12727d6e0714848365941dff9f"
Cache-Control: max-age=388806,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7492f20daf14fab8-OSL

                                        
                                            GET /services/wix-thunderbolt/dist/bootstrap-features.c97e06df.bundle.min.js HTTP/1.1 
Host: static.parastorage.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skayhoo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.91
HTTP/2 200 OK
content-type: application/javascript
                                        
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
last-modified: Wed, 27 Apr 2022 04:04:24 GMT
etag: W/"8489257f1ee30df7782cc7cbbb0c5ff7"
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
x-cache-status: HIT
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchkavE0ZtMXws1mfakihq4B,aVxMblM8KFG3we5NLvyVc5U6nDV0Sthqh2jmVbYx0F4QXT2AyjWfyxKagyd4/pDD
cache-control: public, max-age=7776000, immutable
server: Pepyaka/1.19.0
x-wix-request-id: 1662510904.18213512210202228478
accept-ranges: bytes
date: Sun, 11 Sep 2022 19:52:45 GMT
age: 504410
x-served-by: cache-bma1681-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1662925965.189250,VS0,VE1
vary: Accept-Encoding
content-length: 48497
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (55068)
Size:   48497
Md5:    b3423566901fa5a0df5ae1446c3e55ea
Sha1:   7ad1fe0fdcca91d02ac435b9532c792a3149bc31
Sha256: 8941aa11995b319a09bb0a1b150ea7b575815d3144c9b57b1dbd494ca1f168ef
                                        
                                            GET /unpkg/react@16.13.1/umd/react.production.min.js HTTP/1.1 
Host: static.parastorage.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://skayhoo.com
Connection: keep-alive
Referer: https://skayhoo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.91
HTTP/2 200 OK
content-type: application/javascript
                                        
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
access-control-max-age: 3000
last-modified: Fri, 20 Mar 2020 10:41:05 GMT
etag: W/"edf56a42bca6b565bf7dfcbd8ffc221a"
access-control-allow-methods: GET, GET, OPTIONS, POST
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
x-cache-status: HIT
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgrlbPwrfJgfFY+bZe/zFVAWIHlCalF7YnfvOr2cMPpyw==,aVxMblM8KFG3we5NLvyVc8EDFnkKlVvXae3jojBllJYghGES6Jsix+7j8qfOfk1L
cache-control: public, max-age=7776000, immutable
server: Pepyaka/1.19.10
x-wix-request-id: 1660613175.333632465801416726
accept-ranges: bytes
date: Sun, 11 Sep 2022 19:52:45 GMT
age: 2356578
x-served-by: cache-bma1649-BMA
x-cache: HIT
x-cache-hits: 1553
x-timer: S1662925965.196472,VS0,VE0
vary: Accept-Encoding
content-length: 4703
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (574)
Size:   4703
Md5:    ed2f529cffa07e194bba2e3cf4731328
Sha1:   7d587fe97f25149aa111fc28cdb82acaee6940f8
Sha256: dd424566e80acabfccb597eb919273676695fa10b5421090f3faee3f8b7a5a3b
                                        
                                            GET /unpkg/lodash@4.17.21/lodash.min.js HTTP/1.1 
Host: static.parastorage.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skayhoo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.91
HTTP/2 200 OK
content-type: application/javascript
                                        
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
last-modified: Sun, 21 Feb 2021 02:37:42 GMT
etag: W/"9becc40fb1d85d21d0ca38e2f7069511"
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
x-cache-status: HIT
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjMXxQm1EY0IGoQ+Aul+AXR,aVxMblM8KFG3we5NLvyVc5a79avpR2DZCk9xnuoLql1jPZTuGyYqVhtmEIgJUb4w
cache-control: public, max-age=7776000, immutable
server: Pepyaka/1.19.10
x-wix-request-id: 1661228868.541712333382513129
accept-ranges: bytes
date: Sun, 11 Sep 2022 19:52:45 GMT
age: 1773321
x-served-by: cache-bma1681-BMA
x-cache: HIT
x-cache-hits: 53370
x-timer: S1662925965.213524,VS0,VE0
vary: Accept-Encoding
content-length: 25102
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4143)
Size:   25102
Md5:    9661f391f69ddbf1e8bbf879c1c69660
Sha1:   60e78567cd82d5dec158be4ae4d365f45412fb36
Sha256: 59fe3fa5daacb2b18c734a563d4e8e9df1f51eb24672249ca4962f3132149191
                                        
                                            GET /services/third-party/fonts/user-site-fonts/fonts/c5749443-93da-4592-b794-42f28d62ef72.woff HTTP/1.1 
Host: static.parastorage.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://skayhoo.com
Connection: keep-alive
Referer: https://skayhoo.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.91
HTTP/2 200 OK
content-type: application/x-font-woff
                                        
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
last-modified: Tue, 17 Apr 2018 11:10:53 GMT
etag: "cd58ed01633a9ebed4c99595a6f7812c-1"
x-amz-version-id: EocFJpMOP5DjzbcOPcEobOTdU3ma9iB1
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
timing-allow-origin: *
access-control-allow-origin: *
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
x-cache-status: HIT
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchkavE0ZtMXws1mfakihq4B,aVxMblM8KFG3we5NLvyVcyeTzFUhjLKPB6lD0luXXHcfbJaKSXYQ/lskq2jK6SGP
cache-control: public, max-age=7776000, immutable
server: Pepyaka/1.19.0
x-wix-request-id: 1661861884.63112582765178921249
accept-ranges: bytes
date: Sun, 11 Sep 2022 19:52:45 GMT
age: 1226665
x-served-by: cache-bma1649-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1662925965.206299,VS0,VE1
vary: Accept-Encoding
content-length: 39044
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 39044, version 1.0\012- data
Size:   39044
Md5:    d9f5ca7b1a323ba5c57ffef2f8cc4456
Sha1:   717606aff2136c7c905a5586374c37ed51c72f72
Sha256: 802f590bd0df31bc52792a37728758d1415ec92797e4796eb4e109489e5d3919
                                        
                                            GET /services/wix-perf-measure/1.741.0/wix-perf-measure.bundle.min.js HTTP/1.1 
Host: static.parastorage.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skayhoo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.91
HTTP/2 200 OK
content-type: application/javascript
                                        
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
last-modified: Tue, 12 Apr 2022 12:09:32 GMT
etag: W/"fb54b6c3cae2f88c2dad5be4a483a7ed"
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
x-cache-status: HIT
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciexeHcfy36aNagyZbZBL0eWIHlCalF7YnfvOr2cMPpyw==,aVxMblM8KFG3we5NLvyVc8EDFnkKlVvXae3jojBllJYghGES6Jsix+7j8qfOfk1L
cache-control: public, max-age=7776000, immutable
server: Pepyaka/1.19.10
x-wix-request-id: 1661268651.48572761880191720999
accept-ranges: bytes
date: Sun, 11 Sep 2022 19:52:45 GMT
age: 1661490
x-served-by: cache-bma1681-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1662925965.237608,VS0,VE1
vary: Accept-Encoding
content-length: 10785
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (38643)
Size:   10785
Md5:    123a99d8326720844a69a14fedf35c3c
Sha1:   198116a735607cae980bd8ae8234de932884b31a
Sha256: 28232f02cd904e23b2cf83d4c885d35b409a17b64ac11af321dc35b507e77cbc
                                        
                                            GET /services/tag-manager-client/1.427.0/siteTags.bundle.min.js HTTP/1.1 
Host: static.parastorage.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skayhoo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.91
HTTP/2 200 OK
content-type: application/javascript
                                        
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
last-modified: Tue, 25 May 2021 09:37:42 GMT
etag: W/"74b64900831a2e814a8ff0cdedcf80cb"
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
x-cache-status: HIT
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjBLy8P45DoDO4LnRm+zqsP,aVxMblM8KFG3we5NLvyVcyzve4L4qo9dv8TvlcgmZhMQXT2AyjWfyxKagyd4/pDD
cache-control: public, max-age=7776000, immutable
server: Pepyaka/1.19.10
x-wix-request-id: 1661824722.2696518981706122520
accept-ranges: bytes
date: Sun, 11 Sep 2022 19:52:45 GMT
age: 1234483
x-served-by: cache-bma1681-BMA
x-cache: HIT
x-cache-hits: 39906
x-timer: S1662925965.245825,VS0,VE0
vary: Accept-Encoding
content-length: 3858
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11168)
Size:   3858
Md5:    5d436a29345aa2e8c4a824fa19f4ecc7
Sha1:   2b479a24b7f7bc5d556f93a0599bbe7104acf467
Sha256: 242529af773ec259f51763a104f5d5ef45715558d932b1b91ff39680269a783f
                                        
                                            GET /unpkg/react-dom@16.13.1/umd/react-dom.production.min.js HTTP/1.1 
Host: static.parastorage.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://skayhoo.com
Connection: keep-alive
Referer: https://skayhoo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.91
HTTP/2 200 OK
content-type: application/javascript
                                        
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
access-control-max-age: 3000
last-modified: Fri, 20 Mar 2020 10:41:05 GMT
etag: W/"dcf51763fb4a654e15a4e6e7754ca5d2"
access-control-allow-methods: GET, GET, OPTIONS, POST
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
x-cache-status: HIT
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjEM4kaaS6QH/itsJwI9pla,aVxMblM8KFG3we5NLvyVc0swuQg4e4Ft3RZminzdoKEQXT2AyjWfyxKagyd4/pDD
cache-control: public, max-age=7776000, immutable
server: Pepyaka/1.19.10
x-wix-request-id: 1662432624.9589143978335107693
accept-ranges: bytes
date: Sun, 11 Sep 2022 19:52:45 GMT
age: 569253
x-served-by: cache-bma1649-BMA
x-cache: HIT
x-cache-hits: 774
x-timer: S1662925965.246686,VS0,VE0
vary: Accept-Encoding
content-length: 36048
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (682)
Size:   36048
Md5:    4e89fabee4afed77f6c10c0f2e39f138
Sha1:   15d62a72f63a078ca433418a7bf40ec7b84d0c04
Sha256: 93b329045f55c4c5bd0622a8cd7221a653c8baf6fd77e49e6e6c8bfc51d140bd
                                        
                                            GET /pages/pages/thunderbolt?beckyExperiments=specs.thunderbolt.responsiveAbsoluteChildrenPosition%3Atrue%2Cspecs.thunderbolt.byRefV2%3Atrue%2Cspecs.thunderbolt.DatePickerPortal%3Atrue%2Cspecs.thunderbolt.LinkBarPlaceholderImages%3Atrue%2Cspecs.thunderbolt.final_image_auto_encode%3Atrue%2Cspecs.thunderbolt.prefetchComponentsShapesInBecky%3Atrue%2Cspecs.thunderbolt.inflatePresetsWithNoDefaultItems%3Atrue%2Cspecs.thunderbolt.maskImageCSS%3Atrue&contentType=application%2Fjson&dfCk=6&dfVersion=1.1581.0&excludedSafariOrIOS=false&experiments=bv_remove_add_chat_viewer_fixer%2Cdm_enableDefaultA11ySettings%2Cdm_fixStylableButtonProperties%2Cdm_fixVectorImageProperties%2Cdm_linkRelDefaults%2Cdm_migrateToTextTheme&externalBaseUrl=https%3A%2F%2Fwww.nutritio.news&fileId=a2cceda9.bundle.min&hasTPAWorkerOnSite=false&isHttps=true&isInSeo=false&isPremiumDomain=true&isUrlMigrated=true&isWixCodeOnPage=true&isWixCodeOnSite=true&language=en&metaSiteId=98fc6565-561f-4482-bb53-ca2f9012e431&module=thunderbolt-platform&originalLanguage=en&pageId=f9eda5_0dad3f681914317a89664024632f104c_38.json&quickActionsMenuEnabled=false&registryLibrariesTopology=%5B%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22wixui%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.8325.0%22%7D%2C%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22dsgnsys%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.8325.0%22%7D%5D&remoteWidgetStructureBuilderVersion=1.229.0&siteId=49ddef9d-b635-4acf-a539-7090186f0d5e&siteRevision=38&viewMode=desktop HTTP/1.1 
Host: siteassets.parastorage.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://skayhoo.com
Connection: keep-alive
Referer: https://skayhoo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.91
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
access-control-expose-headers: age,via,x-cache-status,X-cache-status
etag: W/"806-MtQjp4MMgL9ZvdT4jc9FJMxCLUY"
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
x-seen-by: 2iuX5LYwvZa9CoGaG8ZUZjb5j8fWnvnycWNmjdvR375doDcb+JuzLucmWkKUGZxh,/SoSYmefJLK2hiZpy2XaYlN1tYMUtM33SkDcJDaLDqnlAfryXFjWv8m6nrmkcQ5H,ZUT6NeJ/NsDmQ9DMGnwT1DHaxnLjIPaAd00Njsn4g3Ma0sM5c8dDUFHeNaFq0qDu
server: Pepyaka/1.19.0
cache-control: public, max-age=7776000, immutable
x-wix-request-id: 1662242602.38213044726039526661
timing-allow-origin: *
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
accept-ranges: bytes
date: Sun, 11 Sep 2022 19:52:45 GMT
age: 683363
x-served-by: cache-bma1635-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1662925965.246774,VS0,VE1
vary: Accept-Encoding
content-length: 724
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (2054), with no line terminators
Size:   724
Md5:    fe8ced041cd94453da35399274cd90f6
Sha1:   c4e72c9177cb0443d48d9ae309c7298d628163eb
Sha256: 6353637f3a43edb5b79cbf57a769606fe41210ed46caa474c4bf85ecbe6050cb
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 19:52:45 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 08 Sep 2022 00:31:06 GMT
Expires: Thu, 15 Sep 2022 00:31:05 GMT
Etag: "cbdf580612ee9555b07b11e75675554de1aa3b28"
Cache-Control: max-age=275299,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7492f211abaffab8-OSL

                                        
                                            GET /pages/pages/thunderbolt?beckyExperiments=specs.thunderbolt.responsiveAbsoluteChildrenPosition%3Atrue%2Cspecs.thunderbolt.byRefV2%3Atrue%2Cspecs.thunderbolt.DatePickerPortal%3Atrue%2Cspecs.thunderbolt.LinkBarPlaceholderImages%3Atrue%2Cspecs.thunderbolt.final_image_auto_encode%3Atrue%2Cspecs.thunderbolt.prefetchComponentsShapesInBecky%3Atrue%2Cspecs.thunderbolt.inflatePresetsWithNoDefaultItems%3Atrue%2Cspecs.thunderbolt.maskImageCSS%3Atrue&contentType=application%2Fjson&deviceType=Other&dfCk=6&dfVersion=1.1581.0&excludedSafariOrIOS=false&experiments=bv_remove_add_chat_viewer_fixer%2Cdm_enableDefaultA11ySettings%2Cdm_fixStylableButtonProperties%2Cdm_fixVectorImageProperties%2Cdm_linkRelDefaults%2Cdm_migrateToTextTheme&externalBaseUrl=https%3A%2F%2Fwww.nutritio.news&fileId=ebfc5460.bundle.min&hasTPAWorkerOnSite=false&isHttps=true&isInSeo=false&isMultilingualEnabled=false&isPremiumDomain=true&isUrlMigrated=true&isWixCodeOnPage=true&isWixCodeOnSite=true&language=en&languageResolutionMethod=QueryParam&metaSiteId=98fc6565-561f-4482-bb53-ca2f9012e431&module=thunderbolt-features&originalLanguage=en&pageId=f9eda5_0dad3f681914317a89664024632f104c_38.json&quickActionsMenuEnabled=false&registryLibrariesTopology=%5B%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22wixui%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.8325.0%22%7D%2C%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22dsgnsys%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.8325.0%22%7D%5D&remoteWidgetStructureBuilderVersion=1.229.0&siteId=49ddef9d-b635-4acf-a539-7090186f0d5e&siteRevision=38&staticHTMLComponentUrl=https%3A%2F%2Fwww-nutritio-news.filesusr.com%2F&useSandboxInHTMLComp=false&viewMode=desktop HTTP/1.1 
Host: siteassets.parastorage.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://skayhoo.com
Connection: keep-alive
Referer: https://skayhoo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.91
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
access-control-expose-headers: age,via,x-cache-status,X-cache-status
etag: W/"faa9-0CoTYmUC2bEykjA0jGO67xthx0g"
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
x-seen-by: 2iuX5LYwvZa9CoGaG8ZUZjb5j8fWnvnycWNmjdvR375doDcb+JuzLucmWkKUGZxh,/SoSYmefJLK2hiZpy2XaYlN1tYMUtM33SkDcJDaLDqk9ohduqgp+CiYH1GQw2S9S,ZUT6NeJ/NsDmQ9DMGnwT1Nx61v0XQ9VxU5xVU8/H7tYQXT2AyjWfyxKagyd4/pDD
server: Pepyaka/1.19.0
cache-control: public, max-age=7776000, immutable
x-wix-request-id: 1662242602.382130444955761626662
timing-allow-origin: *
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
accept-ranges: bytes
date: Sun, 11 Sep 2022 19:52:45 GMT
age: 683363
x-served-by: cache-bma1635-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1662925965.246923,VS0,VE1
vary: Accept-Encoding
content-length: 8618
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , Unicode text, UTF-8 text, with very long lines (64059), with no line terminators
Size:   8618
Md5:    d5c0adb5e5ab375294b00c04973a451b
Sha1:   5d529b8f11e4c6c0978b8e9c7403655b482b33d9
Sha256: 3c60ac191761c7af4985f20291e1f5f23607054e3e41dd65b090316f0b14eabc
                                        
                                            GET /pages/pages/thunderbolt?beckyExperiments=specs.thunderbolt.responsiveAbsoluteChildrenPosition%3Atrue%2Cspecs.thunderbolt.byRefV2%3Atrue%2Cspecs.thunderbolt.DatePickerPortal%3Atrue%2Cspecs.thunderbolt.LinkBarPlaceholderImages%3Atrue%2Cspecs.thunderbolt.final_image_auto_encode%3Atrue%2Cspecs.thunderbolt.prefetchComponentsShapesInBecky%3Atrue%2Cspecs.thunderbolt.inflatePresetsWithNoDefaultItems%3Atrue%2Cspecs.thunderbolt.maskImageCSS%3Atrue&contentType=application%2Fjson&dfCk=6&dfVersion=1.1581.0&excludedSafariOrIOS=false&experiments=bv_remove_add_chat_viewer_fixer%2Cdm_enableDefaultA11ySettings%2Cdm_fixStylableButtonProperties%2Cdm_fixVectorImageProperties%2Cdm_linkRelDefaults%2Cdm_migrateToTextTheme&externalBaseUrl=https%3A%2F%2Fwww.nutritio.news&fileId=a2cceda9.bundle.min&hasTPAWorkerOnSite=false&isHttps=true&isInSeo=false&isPremiumDomain=true&isUrlMigrated=true&isWixCodeOnPage=false&isWixCodeOnSite=true&language=en&metaSiteId=98fc6565-561f-4482-bb53-ca2f9012e431&module=thunderbolt-platform&originalLanguage=en&pageId=f9eda5_dc6ae4f0d39048519606026513a0f0e8_38.json&quickActionsMenuEnabled=false&registryLibrariesTopology=%5B%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22wixui%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.8325.0%22%7D%2C%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22dsgnsys%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.8325.0%22%7D%5D&remoteWidgetStructureBuilderVersion=1.229.0&siteId=49ddef9d-b635-4acf-a539-7090186f0d5e&siteRevision=38&viewMode=desktop HTTP/1.1 
Host: siteassets.parastorage.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://skayhoo.com
Connection: keep-alive
Referer: https://skayhoo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.91
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
access-control-expose-headers: age,via,x-cache-status,X-cache-status
etag: W/"46f-2cGUIv43SrdboW79ou4a6K0f3Jk"
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
x-seen-by: 2iuX5LYwvZa9CoGaG8ZUZjb5j8fWnvnycWNmjdvR377Ji1Fj75RrqDfb1RLKWox8,/SoSYmefJLK2hiZpy2XaYlN1tYMUtM33SkDcJDaLDqlk8wpCZTi5fJ6xlwcitpUE,ZUT6NeJ/NsDmQ9DMGnwT1JykeQlITIoZ3hptvCphI/0a0sM5c8dDUFHeNaFq0qDu
server: Pepyaka/1.19.10
cache-control: public, max-age=7776000, immutable
x-wix-request-id: 1662420106.7127384113352162470
timing-allow-origin: *
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
accept-ranges: bytes
date: Sun, 11 Sep 2022 19:52:45 GMT
age: 505858
x-served-by: cache-bma1635-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1662925965.247065,VS0,VE1
vary: Accept-Encoding
content-length: 484
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (1135), with no line terminators
Size:   484
Md5:    fdd7435472f2fa000dcafcef03fa0786
Sha1:   ef84cb0326bfe11ea2dcb366e8c60ab4cbeed949
Sha256: 3d11ee9c688287515fff5ff4cc5094aeae5cb5c3a7f8aa90e57e226b405153e4
                                        
                                            GET /pages/pages/thunderbolt?beckyExperiments=specs.thunderbolt.responsiveAbsoluteChildrenPosition%3Atrue%2Cspecs.thunderbolt.byRefV2%3Atrue%2Cspecs.thunderbolt.DatePickerPortal%3Atrue%2Cspecs.thunderbolt.LinkBarPlaceholderImages%3Atrue%2Cspecs.thunderbolt.final_image_auto_encode%3Atrue%2Cspecs.thunderbolt.prefetchComponentsShapesInBecky%3Atrue%2Cspecs.thunderbolt.inflatePresetsWithNoDefaultItems%3Atrue%2Cspecs.thunderbolt.maskImageCSS%3Atrue&contentType=application%2Fjson&deviceType=Other&dfCk=6&dfVersion=1.1581.0&excludedSafariOrIOS=false&experiments=bv_remove_add_chat_viewer_fixer%2Cdm_enableDefaultA11ySettings%2Cdm_fixStylableButtonProperties%2Cdm_fixVectorImageProperties%2Cdm_linkRelDefaults%2Cdm_migrateToTextTheme&externalBaseUrl=https%3A%2F%2Fwww.nutritio.news&fileId=ebfc5460.bundle.min&hasTPAWorkerOnSite=false&isHttps=true&isInSeo=false&isMultilingualEnabled=false&isPremiumDomain=true&isUrlMigrated=true&isWixCodeOnPage=false&isWixCodeOnSite=true&language=en&languageResolutionMethod=QueryParam&metaSiteId=98fc6565-561f-4482-bb53-ca2f9012e431&module=thunderbolt-features&originalLanguage=en&pageId=f9eda5_dc6ae4f0d39048519606026513a0f0e8_38.json&quickActionsMenuEnabled=false&registryLibrariesTopology=%5B%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22wixui%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.8325.0%22%7D%2C%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22dsgnsys%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.8325.0%22%7D%5D&remoteWidgetStructureBuilderVersion=1.229.0&siteId=49ddef9d-b635-4acf-a539-7090186f0d5e&siteRevision=38&staticHTMLComponentUrl=https%3A%2F%2Fwww-nutritio-news.filesusr.com%2F&useSandboxInHTMLComp=false&viewMode=desktop HTTP/1.1 
Host: siteassets.parastorage.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://skayhoo.com
Connection: keep-alive
Referer: https://skayhoo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.91
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
access-control-expose-headers: age,via,x-cache-status,X-cache-status
etag: W/"ae5-VB3WbXFpTEV84LpXatoUKHuUiy0"
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
x-seen-by: 2iuX5LYwvZa9CoGaG8ZUZjb5j8fWnvnycWNmjdvR375xW9Ms9IQL2HG9X48emqdN,/SoSYmefJLK2hiZpy2XaYlN1tYMUtM33SkDcJDaLDqlPVq6j5UDaVA1cI6B3zPKF,ZUT6NeJ/NsDmQ9DMGnwT1LLDCxvM4S0vekmLfKGMs5Ya0sM5c8dDUFHeNaFq0qDu
server: Pepyaka/1.19.10
cache-control: public, max-age=7776000, immutable
x-wix-request-id: 1662242602.3818870116595217693
timing-allow-origin: *
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
accept-ranges: bytes
date: Sun, 11 Sep 2022 19:52:45 GMT
age: 683363
x-served-by: cache-bma1635-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1662925965.247278,VS0,VE15
vary: Accept-Encoding
content-length: 1213
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (2789), with no line terminators
Size:   1213
Md5:    b1d83791d313fb6a1073b35631a19e87
Sha1:   d7d6d297200a8a220d26bbc6df2d57493c849791
Sha256: 453075d9871b8b65d7710c4a12d05c9af53631edff49c203e2287675331533ff
                                        
                                            POST /ca/gsatlasr3dvtlscah22021 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 19:52:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "8184EAE55B34CBC35F7FB5A3A2DCF3BFCF8CA219"
Expires: Mon, 12 Sep 2022 06:00:00 GMT
Last-Modified: Sun, 11 Sep 2022 18:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1349
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7492f212fee6b515-OSL


--- Additional Info ---
Magic:  data
Size:   1462
Md5:    db57330e8dbe2f4fbbdf2281c90a0198
Sha1:   010c7d1eff711a3825de60555bc8c2022b96c760
Sha256: 37c26adc09be96764c5c341d7f63e4089aa527bf024ea5dce1ecb8bf4b59282d
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "78954D5E0EF68E972715BDDB978BD419D48CB0685E08BE2B178EE4A4125FCB05"
Last-Modified: Sun, 11 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12890
Expires: Sun, 11 Sep 2022 23:27:35 GMT
Date: Sun, 11 Sep 2022 19:52:45 GMT
Connection: keep-alive

                                        
                                            GET /5/4970339 HTTP/1.1 
Host: cdrvrs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skayhoo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.238
HTTP/2 403 Forbidden
content-type: application/javascript
                                        
server: nginx
date: Sun, 11 Sep 2022 19:52:45 GMT
content-length: 968
x-trace-id: b6d335578d41996b659bbbd1227eb15e
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (801)
Size:   968
Md5:    4db7f8ef7836fd90be4f28b354ff63a3
Sha1:   7d2d3bcc25a0396e3d16660aae24e08cd5fad1ae
Sha256: e2d267fb93094bb8d272675b247f3de34178db55e31def176f5211fbc43fb303

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /bolt-performance?src=72&evid=28&appName=thunderbolt&is_rollout=1&is_sav_rollout=0&is_dac_rollout=0&dc=84&is_cached=false&msid=98fc6565-561f-4482-bb53-ca2f9012e431&session_id=71f007e0-e8b2-4471-a268-77154f7f2cea&ish=false&isb=false&vsi=80fa4623-3673-4a2f-bd38-a0955ffde842&caching=none&pv=visible&pn=1&v=1.9860.0&url=https%3A%2F%2Fwww.nutritio.news%2F&st=2&ts=50&tsn=1629&name=partially_visible&duration=1662925953935&pageId=tuckg HTTP/1.1 
Host: frog.wix.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://skayhoo.com
Connection: keep-alive
Referer: https://skayhoo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

                                         
                                         54.156.249.127
HTTP/2 204 No Content
                                        
date: Sun, 11 Sep 2022 19:52:45 GMT
server: nginx
access-control-allow-origin: https://skayhoo.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
X-Firefox-Spdy: h2

                                        
                                            POST /bolt-performance?src=72&evid=21&appName=thunderbolt&is_rollout=1&is_sav_rollout=0&is_dac_rollout=0&dc=84&is_cached=false&msid=98fc6565-561f-4482-bb53-ca2f9012e431&session_id=71f007e0-e8b2-4471-a268-77154f7f2cea&ish=false&isb=false&vsi=80fa4623-3673-4a2f-bd38-a0955ffde842&caching=none&pv=visible&pn=1&v=1.9860.0&url=https%3A%2F%2Fwww.nutritio.news%2F&st=2&ts=50&tsn=1629 HTTP/1.1 
Host: frog.wix.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://skayhoo.com
Connection: keep-alive
Referer: https://skayhoo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

                                         
                                         54.156.249.127
HTTP/2 204 No Content
                                        
date: Sun, 11 Sep 2022 19:52:45 GMT
server: nginx
access-control-allow-origin: https://skayhoo.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
X-Firefox-Spdy: h2

                                        
                                            POST /bt?src=29&evid=3&viewer_name=thunderbolt&caching=none&dc=84&et=1&event_name=Init&is_cached=false&is_platform_loaded=0&is_rollout=1&ism=1&isp=0&isjp=false&iss=0&ita=1&msid=98fc6565-561f-4482-bb53-ca2f9012e431&pn=1&sessionId=71f007e0-e8b2-4471-a268-77154f7f2cea&siterev=38-__siteCacheRevision__&st=2&ts=306&tts=1885&url=https%3A%2F%2Fwww.nutritio.news%2F%3F&v=1.9860.0&vsi=80fa4623-3673-4a2f-bd38-a0955ffde842&_brandId=wix HTTP/1.1 
Host: frog.wix.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://skayhoo.com
Connection: keep-alive
Referer: https://skayhoo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

                                         
                                         54.156.249.127
HTTP/2 204 No Content
                                        
date: Sun, 11 Sep 2022 19:52:45 GMT
server: nginx
access-control-allow-origin: https://skayhoo.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
X-Firefox-Spdy: h2

                                        
                                            POST /bt?src=29&evid=3&viewer_name=thunderbolt&caching=none&dc=84&et=12&event_name=Partially%20visible&is_cached=false&is_platform_loaded=0&is_rollout=1&ism=1&isp=0&isjp=false&iss=0&ita=1&msid=98fc6565-561f-4482-bb53-ca2f9012e431&pid=tuckg&pn=1&sessionId=71f007e0-e8b2-4471-a268-77154f7f2cea&siterev=38-__siteCacheRevision__&st=2&ts=329&tts=1908&url=https%3A%2F%2Fwww.nutritio.news%2F%3F&v=1.9860.0&vsi=80fa4623-3673-4a2f-bd38-a0955ffde842&_brandId=wix HTTP/1.1 
Host: frog.wix.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://skayhoo.com
Connection: keep-alive
Referer: https://skayhoo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

                                         
                                         54.156.249.127
HTTP/2 204 No Content
                                        
date: Sun, 11 Sep 2022 19:52:45 GMT
server: nginx
access-control-allow-origin: https://skayhoo.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
X-Firefox-Spdy: h2

                                        
                                            GET /services/wix-thunderbolt/dist/page-features.4d03d7d5.chunk.min.js HTTP/1.1 
Host: static.parastorage.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://skayhoo.com
Connection: keep-alive
Referer: https://skayhoo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.91
HTTP/2 200 OK
content-type: application/javascript
                                        
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
last-modified: Sun, 01 May 2022 13:34:26 GMT
etag: W/"9248706f957a67864b3ed6d127d5e838"
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
x-cache-status: HIT
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjMXxQm1EY0IGoQ+Aul+AXR,aVxMblM8KFG3we5NLvyVcz/fYSfKbw6+xesuKQMt4UgghGES6Jsix+7j8qfOfk1L
cache-control: public, max-age=7776000, immutable
server: Pepyaka/1.19.10
x-wix-request-id: 1661257582.6357209635433143130
accept-ranges: bytes
date: Sun, 11 Sep 2022 19:52:45 GMT
age: 1738436
x-served-by: cache-bma1649-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1662925965.406064,VS0,VE0
vary: Accept-Encoding
content-length: 5870
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (16796)
Size:   5870
Md5:    2b358c734fa06502026f235d1b9f4bdf
Sha1:   160294257303c5219106369b1a1109e3a4e5a913
Sha256: 1380adcae1820266532ddc525dc8fa15bacdbdcde4a2f42fae45d08bf30fe4fe
                                        
                                            GET /services/wix-thunderbolt/dist/ooi.abdee6a1.chunk.min.css HTTP/1.1 
Host: static.parastorage.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://skayhoo.com
Connection: keep-alive
Referer: https://skayhoo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.91
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
last-modified: Sun, 07 Aug 2022 12:11:32 GMT
etag: "432b9077e3ff1d767b54c5c53ae9f36d"
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
timing-allow-origin: *
access-control-allow-origin: *
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
x-cache-status: HIT
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjEM4kaaS6QH/itsJwI9pla,aVxMblM8KFG3we5NLvyVcyzve4L4qo9dv8TvlcgmZhMQXT2AyjWfyxKagyd4/pDD
cache-control: public, max-age=7776000, immutable
server: Pepyaka/1.19.10
x-wix-request-id: 1660016248.9985928042152130443
accept-ranges: bytes
date: Sun, 11 Sep 2022 19:52:45 GMT
age: 3051346
x-served-by: cache-bma1649-BMA
x-cache: HIT
x-cache-hits: 14377
x-timer: S1662925965.407749,VS0,VE0
vary: Accept-Encoding
content-length: 30
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   30
Md5:    432b9077e3ff1d767b54c5c53ae9f36d
Sha1:   e133337ffd7d46cc308fe473348f2284b9f8e454
Sha256: 3e9f8fb461eb0eeb330ac7e96d53391b0d37e0e02f16541c32c5a31d5aec7185
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "3205B5052CADF80DAA1A4CEC10A72277B2534EBE730E86A023D68F3086B270F1"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8282
Expires: Sun, 11 Sep 2022 22:10:47 GMT
Date: Sun, 11 Sep 2022 19:52:45 GMT
Connection: keep-alive

                                        
                                            GET /services/wix-thunderbolt/dist/ooi.10ae0805.chunk.min.js HTTP/1.1 
Host: static.parastorage.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://skayhoo.com
Connection: keep-alive
Referer: https://skayhoo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.91
HTTP/2 200 OK
content-type: application/javascript
                                        
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
last-modified: Mon, 25 Jul 2022 10:58:40 GMT
etag: W/"76fd6b4a617ec8e7842d7ccb4d2af9f7"
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
x-cache-status: HIT
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjV0TBmJ+uLPQ4OZPC1VSMH,aVxMblM8KFG3we5NLvyVc1XEV11U4uj6EySGMcOeW2gfbJaKSXYQ/lskq2jK6SGP
cache-control: public, max-age=7776000, immutable
server: Pepyaka/1.19.0
x-wix-request-id: 1661867231.1061251414981894580
accept-ranges: bytes
date: Sun, 11 Sep 2022 19:52:45 GMT
age: 1140246
x-served-by: cache-bma1649-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1662925965.408950,VS0,VE0
vary: Accept-Encoding
content-length: 3588
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (9526)
Size:   3588
Md5:    f3c7f24e3dc652760295b2478c11ead8
Sha1:   0541eb5b15e1cd5806e7d24378847071e6488d71
Sha256: 1283a26c3f00a51eb8c1406a7c7c374009ed0198b5c238714f6ec0a5cbca9dc7
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 19:52:45 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 10 Sep 2022 22:33:45 GMT
Expires: Sat, 17 Sep 2022 22:33:44 GMT
Etag: "82d3a4e4e95265ac56e5a18043c1095024790d3b"
Cache-Control: max-age=527458,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7492f2138ceb0b65-OSL

                                        
                                            GET /npdirect.html?clickid=4d33c1a7-320b-11ed-b6ae-127dc2ac3a05 HTTP/1.1 
Host: skayhoo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         199.85.210.82
HTTP/2 200 OK
content-type: text/html
                                        
server: nginx
date: Sun, 11 Sep 2022 19:52:44 GMT
last-modified: Sun, 04 Sep 2022 12:23:27 GMT
vary: Accept-Encoding, Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   75917
Md5:    c2741d419ed774b0286c262e59d6cc1b
Sha1:   f42ce37671c6af19b68565e896180f2fd44e5ca0
Sha256: 9739034ea5a7dbf904b28f4561e7e7398b16e25fc6f24acca2f1c9f2de1c1aed

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 19:52:45 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 10 Sep 2022 22:33:45 GMT
Expires: Sat, 17 Sep 2022 22:33:44 GMT
Etag: "82d3a4e4e95265ac56e5a18043c1095024790d3b"
Cache-Control: max-age=527458,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7492f212fcaefab8-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 19:52:45 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 08 Sep 2022 16:58:29 GMT
Expires: Thu, 15 Sep 2022 16:58:28 GMT
Etag: "e6572991abe9f4617d83441751f2074d28588e44"
Cache-Control: max-age=334542,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7492f2130acdb4ee-OSL

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4269
Expires: Sun, 11 Sep 2022 21:03:54 GMT
Date: Sun, 11 Sep 2022 19:52:45 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4269
Expires: Sun, 11 Sep 2022 21:03:54 GMT
Date: Sun, 11 Sep 2022 19:52:45 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4269
Expires: Sun, 11 Sep 2022 21:03:54 GMT
Date: Sun, 11 Sep 2022 19:52:45 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc91b46a1-040b-46aa-a7a1-af67f0058b83.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7519
x-amzn-requestid: 8d8a8df6-abf5-45dd-8d78-de5ae715a9d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YE_UNEoWoAMFRLw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631845b4-0101ca7a09e432f305aa7066;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 07:18:12 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: Z0Z4IozbbythqWA7mNaqtO4NWbLi1zL2G6HmMGP0c9VqIzMugvVh_Q==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 00:00:49 GMT
age: 71516
etag: "b3491a6f12c97c8e1848a206a185fae29213c1e5"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7519
Md5:    bb1a86dcf94db0a29a6ebe21866766d4
Sha1:   b3491a6f12c97c8e1848a206a185fae29213c1e5
Sha256: d05619e519fed6c0b6c0616cf540908006a68f127b25e38fb9d041dfe2546df4
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F481e7fcb-66df-4e59-8130-9579a79eca9c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7635
x-amzn-requestid: dbd07cc7-d0f6-4500-83c6-b19fa9fa2e3d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xt5xDEfUIAMFYXQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630f09a0-3771b23118f3711e5caca699;Sampled=0
x-amzn-remapped-date: Wed, 31 Aug 2022 07:11:28 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ILut4hEDJbs6jNr3wpPST1HgAYMabIT7cdZebRFETn8lL_QfS92KBA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:40:34 GMT
age: 79931
etag: "ad1d9eee90556a359547dc7cbb6758aee2c804cd"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7635
Md5:    4ec2646c56c4c522f0744768ad20342b
Sha1:   ad1d9eee90556a359547dc7cbb6758aee2c804cd
Sha256: 0bf9eaa4420bf6290535fd23895c6c723c7de6b849995ba83774532862cfe8b4
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66c0f84d-aba2-4ce6-9e03-ee51e1c347be.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6889
x-amzn-requestid: c82ac543-90cd-4aeb-a65b-7e1bbbacc407
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ2UEE-3IAMFYBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d0419-427a29067c9c92ec0db6567f;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:39:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: mNvNO0HJjZ1zwPKcjfqiVOnCL0CYXc8BPDSFbV6MXVW71IVt-2K3mQ==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:46:54 GMT
age: 79551
etag: "7aa14fcd982a5cee38d58fc3c89edc4a8daf4c97"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6889
Md5:    57d797a1c3f6589746a1135bdb19f54f
Sha1:   7aa14fcd982a5cee38d58fc3c89edc4a8daf4c97
Sha256: ff8855ca951f53ed5f3886cc81a7f28384d41288edeca4fdc621250e4d01c6fe
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d72ce1b-951e-4f1f-97b1-db99c399d5f9.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8171
x-amzn-requestid: a3eb931f-cd71-4738-acb1-4398fc09f453
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YOa7QGqoIAMFwlw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631c0b7b-2a6ed8ca00a0a0640110cf5d;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 03:58:51 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: QuUPVSWCQk9z9xI03trHifaWzOi5TqBZHLena93lrxhjlAG1PICKKA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 12:19:15 GMT
age: 27210
etag: "6c728c56797ba921e8001919df4d36e56dd37e54"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8171
Md5:    eee5b4d617dab6f10d7053f5c4f4e98e
Sha1:   6c728c56797ba921e8001919df4d36e56dd37e54
Sha256: 76a53e2c81ec8da2bc469760b2c57098d587c6a36fa70e5b7c743a224a47d362
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e82f3ab-3fe6-43bc-932c-936ec582e5cf.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7017
x-amzn-requestid: df5e57d7-e54c-4b5a-aa1b-a9aee889842e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ1k_Et0oAMFSjQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d02ec-50d15bba03579a935342e22f;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:34:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LsqH-LbjMGWrhYB93Qkvq2qVhqNs-3MWgrrOFzC8qPcY3fF5ujSD_g==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:54:44 GMT
age: 79081
etag: "c893d7475856809a59486e0bcebd6d662d1fc56f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7017
Md5:    fea5dfc4a6a5093fd81899ee4a79d446
Sha1:   c893d7475856809a59486e0bcebd6d662d1fc56f
Sha256: 915fb97690be97d97cb298fc60ceb4cf7c3ed8fb437836beb2d590a8e238363c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8485
x-amzn-requestid: a56c9282-2786-4ae7-9fc2-0468bcc820a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ1k_FM1oAMFZ2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d02ec-753cc4f121c9b77d22bb82b5;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:34:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Mfmj40aUc8l5RPk56M-pbqTwhde_HzYcmN5MDrfv-WFPhbpoShWYNw==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 22:14:30 GMT
age: 77895
etag: "166741631fb93d109b18dde6d316b3fa3276aa8f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8485
Md5:    e407da4d97d497925b1ab523fd416787
Sha1:   166741631fb93d109b18dde6d316b3fa3276aa8f
Sha256: 707460c02438da6114e35e0b6569d42c0f3fb747f8cb51002f4d52bedbcffa61
                                        
                                            POST /zone?&pub=0&zone_id=5045591&is_mobile=false&domain=skayhoo.com&var=&ymid=&var_3=&dsig=&action=prerequest HTTP/1.1 
Host: lemouwee.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://skayhoo.com
Connection: keep-alive
Referer: https://skayhoo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

                                         
                                         139.45.197.251
HTTP/2 200 OK
                                        
server: nginx
date: Sun, 11 Sep 2022 19:52:45 GMT
content-length: 0
x-trace-id: 38866d72f271397f62ee9b69d266708f
access-control-allow-origin: https://skayhoo.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

                                        
                                            GET /_partials/wix-thunderbolt/dist/clientWorker.4fcb7331.bundle.min.js HTTP/1.1 
Host: skayhoo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skayhoo.com/npdirect.html
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         199.85.210.82
HTTP/2 404 Not Found
content-type: text/html; charset=iso-8859-1
                                        
server: nginx
date: Sun, 11 Sep 2022 19:52:45 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   6436
Md5:    668f80a3c12b321ac092a19f804d805f
Sha1:   86fec35a287bb165f5aab86da7b2040ce03a2a68
Sha256: 17fa59930edc1cef424f792fc14e5b3b7aa4f472e149c7b3d0f98a75b4a573b9
                                        
                                            GET /zone?&pub=0&zone_id=5045591&is_mobile=false&domain=skayhoo.com&var=&ymid=&var_3=&dsig=&action=settings HTTP/1.1 
Host: lemouwee.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://skayhoo.com/
Origin: https://skayhoo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.251
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Sun, 11 Sep 2022 19:52:45 GMT
content-length: 693
x-trace-id: 62911a47e554e44c841bcce0f65412cb
access-control-allow-origin: https://skayhoo.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (692)
Size:   693
Md5:    239d770c628e9beaf36121e205053c45
Sha1:   5f1c6938511b8913f11bcc0e5f0deb1f58e18556
Sha256: 6c81c897500fb402dfc4064d0dbe3d867abfcdaa80d4bc3824116203d69689cd
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 19:52:45 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 10 Sep 2022 22:33:45 GMT
Expires: Sat, 17 Sep 2022 22:33:44 GMT
Etag: "82d3a4e4e95265ac56e5a18043c1095024790d3b"
Cache-Control: max-age=527458,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7492f2151e99fab8-OSL

                                        
                                            POST /site-members?_msid=98fc6565-561f-4482-bb53-ca2f9012e431&vsi=80fa4623-3673-4a2f-bd38-a0955ffde842&rid=1650793503.044181440479118034&_av=thunderbolt-1.9860.0&isb=false&_brandId=wix&_siteBranchId=undefined&_ms=2394&_lv=2.0.985%7CC&_visitorId=e9d8fdbf-99e8-43b6-a35e-c0e5dc2fa3ed&_siteMemberId=undefined&bsi=5c812c67-ec8a-4ac2-90e4-ad9f62c7cd79%7C1&src=5&evid=698&biToken=98fc6565-561f-4482-bb53-ca2f9012e431&context=undefined&ts=815&viewmode=undefined&visitor_id=e9d8fdbf-99e8-43b6-a35e-c0e5dc2fa3ed&site_member_id=undefined&site_settings_lng=en&browser_lng=en&lng_mismatch=false&layout=undefined&_=16629259544740 HTTP/1.1 
Host: frog.wix.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://skayhoo.com
Connection: keep-alive
Referer: https://skayhoo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

                                         
                                         54.156.249.127
HTTP/2 204 No Content
                                        
date: Sun, 11 Sep 2022 19:52:45 GMT
server: nginx
access-control-allow-origin: https://skayhoo.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
X-Firefox-Spdy: h2

                                        
                                            OPTIONS /_api/tag-manager/api/v1/tags/sites/98fc6565-561f-4482-bb53-ca2f9012e431?wixSite=false&htmlsiteId=49ddef9d-b635-4acf-a539-7090186f0d5e&language=en HTTP/1.1 
Host: www.nutritio.news
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type
Referer: https://skayhoo.com/
Origin: https://skayhoo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.149.87.45
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
content-length: 8
set-cookie: fedops.logger.defaultOverrides=%7B%22paramsOverridesForApp%22%3A%7B%22bookings-calendar-sync-pages%22%3A%7B%22is_rollout%22%3Atrue%7D%7D%7D; Max-Age=60; Path=/; Expires=Sun, 11 Sep 2022 19:53:45 GMT XSRF-TOKEN=1662925965|O04PBqXybJVL; Path=/; Domain=www.nutritio.news; Secure; SameSite=None
allow: GET,HEAD
etag: W/"8-ZRAf8oNBS3Bjb/SU2GYZCmbtmXg"
pragma: no-cache
cache-control: no-store, no-cache
x-wix-request-id: 1662925965.65719620908333692
x-content-type-options: nosniff
server: Pepyaka/1.19.10
accept-ranges: bytes
date: Sun, 11 Sep 2022 19:52:45 GMT
x-served-by: cache-hel1410025-HEL
x-cache: MISS
strict-transport-security: max-age=300
x-seen-by: yvSunuo/8ld62ehjr5B7kA==,GXNXSWFXisshliUcwO20NYMupe6WQf6MVMrzEUOojIJQ/VY6sYZiTJ8HSot5ITf4,qquldgcFrj2n046g4RNSVBKUaXHrucSLmP/C0nqrtU9YgeUJqUXtid+86vZww+nL,rXUceJIlvIg2Ftogbhjv0BIzxqt7L8DsDS1BgzIvJUSdYPE6FDqd2a20jRw7WZbDFGzNShjd08Oox8UNc5DgvQ==,7npGRUZHWOtWoP0Si3wDp8vsv9SnWSa7zqpIWP63qbU=,xTu8fpDe3EKPsMR1jrheEF4jj+p9gD9qHrfMAu51RUI=,MDFDoTqjWxpWhAuWfTm+PEHayOSEgkkqm8bzC1nMAzAtGM5wjWLVcFXMNHE4axMRGipkZmah48hqH84AsDD1HQ==
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   8
Md5:    f30c3a40e9a3e65c868c754a5de95919
Sha1:   65101ff283414b70636ff494d866190a66ed9978
Sha256: 875befe7cefc0715a17dc737f9514dda981f79a3c9f174badcae5bd1cc2425fe
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 19:52:45 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 08 Sep 2022 16:58:29 GMT
Expires: Thu, 15 Sep 2022 16:58:28 GMT
Etag: "e6572991abe9f4617d83441751f2074d28588e44"
Cache-Control: max-age=334542,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7492f214fe960b65-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 19:52:45 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 08 Sep 2022 18:25:21 GMT
Expires: Thu, 15 Sep 2022 18:25:20 GMT
Etag: "a653f55ef7e337bd259cd76d14fe2adc91c11603"
Cache-Control: max-age=339754,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7492f2155e3bb4ee-OSL

                                        
                                            GET /gid.js?pub=0&userId=&zoneId=5045591&checkDuplicate=true&ymid=&var= HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://skayhoo.com/
Origin: https://skayhoo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.195.8
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Sun, 11 Sep 2022 19:52:45 GMT
content-length: 65
access-control-allow-origin: https://skayhoo.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=31e89b5b0dc04fa4a1bec9d20df6274b; expires=Mon, 11 Sep 2023 19:52:45 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   65
Md5:    1c0768012c940db74af4ac9c743dbf82
Sha1:   b25a80fd57298614b8399dedfede8dacc01fde2c
Sha256: 91a640413493e912905e716dce32062c2b29c06afac17035d63405fa7d0c842d
                                        
                                            POST /bpm HTTP/1.1 
Host: frog.wix.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 10925
Origin: https://skayhoo.com
Connection: keep-alive
Referer: https://skayhoo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.156.249.127
HTTP/2 204 No Content
                                        
date: Sun, 11 Sep 2022 19:52:45 GMT
server: nginx
access-control-allow-origin: https://skayhoo.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "77B6B43CF9199089041659794624C1AE2C55435D4EA9D71264EE264A56BAB827"
Last-Modified: Sat, 10 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 12 Sep 2022 01:52:46 GMT
Date: Sun, 11 Sep 2022 19:52:46 GMT
Connection: keep-alive

                                        
                                            POST /bpm HTTP/1.1 
Host: frog.wix.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1021
Origin: https://skayhoo.com
Connection: keep-alive
Referer: https://skayhoo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.156.249.127
HTTP/2 204 No Content
                                        
date: Sun, 11 Sep 2022 19:52:47 GMT
server: nginx
access-control-allow-origin: https://skayhoo.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1A6ABCCF3C4F89F78102A2C73EC374E01F92727EB910AD499F754BF4440B0D5A"
Last-Modified: Sat, 10 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9233
Expires: Sun, 11 Sep 2022 22:26:40 GMT
Date: Sun, 11 Sep 2022 19:52:47 GMT
Connection: keep-alive

                                        
                                            GET /jquery-3.6.0.min.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://smartdt-secure.com
Connection: keep-alive
Referer: https://smartdt-secure.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         69.16.175.10
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Sun, 11 Sep 2022 19:52:47 GMT
content-encoding: gzip
content-length: 30875
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d9d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1662925967.dop226.sk1.t,1662925967.cds236.sk1.hn,1662925967.cds210.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   30875
Md5:    899f0189aaf034bbba5340f724d91dfa
Sha1:   210ea9de03968edb9d839ba4a0ce2d48666a8ab8
Sha256: 949b6597c5ea907a7ef3c8ca6d5ffc73be2352f9df485b78704e5c4dabac5d0f
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 19:52:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /assets/1387/js/backoffer.js HTTP/1.1 
Host: cdn.smrt-assets.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://smartdt-secure.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.123.68.153
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Content-Length: 660
Last-Modified: Thu, 06 May 2021 12:38:04 GMT
ETag: "e7e1dc07852a36f89e4be03aa3787316"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: EWR52-C1
X-Amz-Cf-Id: GxdYHxH58n15LwxNJ3wkpLtzxIYsvjzbLWn4jut_ifmxmRZ1p92r8g==
Date: Sun, 11 Sep 2022 19:52:47 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   660
Md5:    e7e1dc07852a36f89e4be03aa3787316
Sha1:   0dc3f8e7eb943af093cf8f4600fcf0e421891025
Sha256: 33b8a5c4f883a3a775162d3c5287fe94bc4b22a86fe8b52fcb5aa615d2ffe388
                                        
                                            GET /prod/push-lang-config.js HTTP/1.1 
Host: cdn.smrt-assets.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://smartdt-secure.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.123.68.153
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Last-Modified: Tue, 15 Feb 2022 10:45:43 GMT
ETag: "7152525f63649929a736f6efb78b58a5"
x-amz-meta-s3cmd-attrs: atime:1644921890/ctime:1644921887/gid:20/gname:staff/md5:7152525f63649929a736f6efb78b58a5/mode:33188/mtime:1644921887/uid:501/uname:nimspy
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: EWR53-C1
X-Amz-Cf-Id: PlzHg_kpLQKC63Gp9E61K1OBX5ibTIl975NYZyc2dmovD1t05XIN0Q==
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sun, 11 Sep 2022 19:52:47 GMT
Content-Length: 2366
Connection: keep-alive


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (7658), with no line terminators
Size:   2366
Md5:    86caa25373c28e4a962df5e15f4c160f
Sha1:   7a992cdd21a4074c155ccc7016e7cf836a66dd85
Sha256: fed4670767cf365c92e940800655239d096bd34d8bf6d2bad114b734fa754c11
                                        
                                            GET /prod/push-subscriber.js HTTP/1.1 
Host: cdn.smrt-assets.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://smartdt-secure.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.123.68.153
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Last-Modified: Tue, 29 Mar 2022 15:19:51 GMT
ETag: "6b5bccad39f7057909ad0660f33cc2fa"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: JFK51-C1
X-Amz-Cf-Id: 35kqMJuJ1u5RjAKtxbnFwd5U4zZZCXGXjyOLiAvqNh6C3w79fp8VLA==
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sun, 11 Sep 2022 19:52:47 GMT
Content-Length: 4395
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text
Size:   4395
Md5:    d87a44d0aa0b54e75b2eb54c76bcf152
Sha1:   f765110fd22c73d181d9a2ea1b20de424b3d9e35
Sha256: 6ec5fc6e201f4cf0ba2754f2510363cad0ea29076f9775cc25a06ff71763c0f7
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 19:52:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 19:52:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 19:52:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /assets/2262/js/multilang_mainstream.js HTTP/1.1 
Host: cdn.smrt-assets.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://smartdt-secure.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.123.68.153
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Last-Modified: Thu, 17 Mar 2022 15:47:03 GMT
ETag: "f1fb789c5c071c9966d3cb8bf1baac0d"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: EWR52-C3
X-Amz-Cf-Id: 0ilmBYUAYNUpjnpYsWFt7P41eJLJGKkWGU1_4zV_dsncpBb72XzW2Q==
Unused62: 8096267
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sun, 11 Sep 2022 19:52:47 GMT
Content-Length: 7123
Connection: keep-alive


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with CRLF line terminators
Size:   7123
Md5:    f0c55af7d197e26dabfcca6af2f42b30
Sha1:   c5a51d34eba901def44a1c1cb0c9d7e01741e017
Sha256: cd2dcd1087571759f1d08a2b8a91d1a1be407660b8118af719b2267d452da968
                                        
                                            GET /firebasejs/5.0.2/firebase-messaging.js HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://smartdt-secure.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Sep 2022 18:29:50 GMT
expires: Tue, 05 Sep 2023 18:29:50 GMT
cache-control: public, max-age=31536000
age: 523377
last-modified: Thu, 10 May 2018 20:35:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (35547)
Size:   10017
Md5:    fa9987a23f5a9d865766e952511baa30
Sha1:   f2e620b99ee61a01671ba6a9e22ca75d58a1b52d
Sha256: 655daa1e20bf3aff16bc8462339dfea48c7ea5d3dd3505937015af3586d15fb7
                                        
                                            GET /firebasejs/5.0.2/firebase-app.js HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://smartdt-secure.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 8604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Sep 2022 20:25:09 GMT
expires: Sat, 09 Sep 2023 20:25:09 GMT
cache-control: public, max-age=31536000
age: 170858
last-modified: Thu, 10 May 2018 20:35:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (25088)
Size:   8604
Md5:    73069e532b7039778d3a7128c997c61a
Sha1:   c523bbf1ac7f4e612c8ade75434c42fbca885adc
Sha256: b6d7aec09aad2bb78dfbad4c9530fd03c0f33aed8385c3ee57c10b1fe959c4d5
                                        
                                            GET /_api/v2/dynamicmodel HTTP/1.1 
Host: www.nutritio.news
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://skayhoo.com/
Origin: https://skayhoo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.149.87.45
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
access-control-allow-origin: *
strict-transport-security: max-age=3600
age: 79979
x-wix-request-id: 1662925965.53119766942712762
set-cookie: hs=1647483784; Path=/; Domain=www.nutritio.news; HTTPOnly svSession=8b84cca43093e610f2cc546881a41683b947a9013ff123552d51de80b122fdab3df0a104aa9139a4ab9bbb57c04c80b41e60994d53964e647acf431e4f798bcd136004351d2670df1f19296d8bd855747ee58cb1a8ea42dc2179de9cedb8e81a8231815238cfd45c25737c0428e6fa1e4ac7d09a437d433dc71b28ba08288c15537f131f71ceadc32b5dd02db6e3015e; Max-Age=63158400; Expires=Wed, 11 Sep 2024 19:52:45 GMT; Path=/; Domain=www.nutritio.news; Secure; HTTPOnly; SameSite=None XSRF-TOKEN=1662925965|T_4RWfzbvzwz; Path=/; Domain=www.nutritio.news; Secure; SameSite=None
cache-control: private,no-cache,no-store
x-content-type-options: nosniff
content-encoding: br
server: Pepyaka/1.19.10
accept-ranges: bytes
date: Sun, 11 Sep 2022 19:52:45 GMT
x-served-by: cache-hel1410031-HEL
x-cache: MISS
vary: Accept-Encoding
server-timing: cache;desc=hit, varnish;desc=hit_miss, dc;desc=fastly_g
x-seen-by: yvSunuo/8ld62ehjr5B7kA==,GXNXSWFXisshliUcwO20NYMupe6WQf6MVMrzEUOojIKJa2mGRLQO0OBkxAD68MQG,qquldgcFrj2n046g4RNSVOEcKTWnPkUHK4qOWpouMik=,2d58ifebGbosy5xc+FRals/yOI+ZqYgpQ3cHxhV6a+ko9xoSxUPKLzlPE3Dzb0PuXjasSmn6KEfJMcGqErZkCLPNBAHOKgKknbCLS/aC2TQ=,2UNV7KOq4oGjA5+PKsX47IVh8rwr1kfSZp8MOIif7faa46R9xNIlpQ4eUPYpBuqs
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (17587), with no line terminators
Size:   6440
Md5:    bc000cb44d6097111906be50e05acd05
Sha1:   3d0d462363b857c2e0fb4e43891c4313696be05c
Sha256: 1e69bd4cd68d8c92bb8285c5bd6a07672ec821472a0f38f995f1bb58c8a3aec5
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 19:52:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 19:52:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://smartdt-secure.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12708
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Sep 2022 06:06:20 GMT
expires: Fri, 08 Sep 2023 06:06:20 GMT
cache-control: public, max-age=31536000
age: 308787
last-modified: Mon, 11 Jul 2022 18:55:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 12708, version 1.0\012- data
Size:   12708
Md5:    b4a68b1e743ee317eaaf0bbadd131571
Sha1:   f24f7823d4e3830c7cfa5bcb33733d2897c00f13
Sha256: ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
                                        
                                            GET /s/leaguespartan/v6/kJEnBuEW6A0lliaV_m88ja5Twtx8BWhtkDVmjZvMfoPZA81d.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://smartdt-secure.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10968
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 11 Sep 2022 17:12:27 GMT
expires: Mon, 11 Sep 2023 17:12:27 GMT
cache-control: public, max-age=31536000
age: 9620
last-modified: Mon, 11 Jul 2022 19:01:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 10968, version 1.0\012- data
Size:   10968
Md5:    2e24a3c06fc008882ad2956b7a8da6d1
Sha1:   3edc684d08a02a5fcc4f31a5bd1024deb44274e5
Sha256: b0e0e5cd0e4198bb921cd9f48c586ce91db4ab5f609a90de051f071be3f16e90
                                        
                                            GET /gtm.js?id=GTM-TR8VQRX HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://smartdt-secure.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.72
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 11 Sep 2022 19:52:47 GMT
expires: Sun, 11 Sep 2022 19:52:47 GMT
cache-control: private, max-age=900
last-modified: Sun, 11 Sep 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45473
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1615)
Size:   45473
Md5:    f874c798ca506355042e3c54e9e3608c
Sha1:   71e430c4798d56efcaea22a1eaeebdeb9ed8e40c
Sha256: 19ad95464d057408a31394688e05d64e23c88130735cf6288dc3c72a5f73cf66
                                        
                                            GET /api/v1/retargeting/set/3f949dfe-3372-4caa-baf0-047f88323cfa?pageviewe={pageviewe}&lead={lead} HTTP/1.1 
Host: tsyndicate.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://smartdt-secure.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         136.243.81.150
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
server: nginx
date: Sun, 11 Sep 2022 19:52:47 GMT
content-length: 35
pragma: no-cache
expires: 0
vary: *
x-api-version: 1
x-request-id: 4430a3a4376fb0c7
set-cookie: ts_rt_3f949dfe-3372-4caa-baf0-047f88323cfa=ANmUCUOmR4kbQgQSPEjEBJwwZ8rYSVPmThmDCB9GnFixDMOA; expires=Mon, 11 Sep 2023 19:52:47 GMT; path=/; HttpOnly; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   35
Md5:    c2196de8ba412c60c22ab491af7b1409
Sha1:   5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
Sha256: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 19:52:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.110
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 11 Sep 2022 19:52:47 GMT
Last-Modified: Sun, 11 Sep 2022 18:50:42 GMT
Server: ECS (nyb/1D23)
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: JEjvCuEdM7SPW68xN1SsV9e3HsP_znxmY308O9YyJviy6WXHNnj9_g==
Age: 3725

                                        
                                            GET /prod/push-utils.js HTTP/1.1 
Host: cdn.smrt-content.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://smartdt-secure.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         2.21.8.227
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Last-Modified: Tue, 15 Feb 2022 10:45:43 GMT
ETag: "a288177a606a9686132970835b3e572c"
x-amz-meta-s3cmd-attrs: atime:1644921893/ctime:1644921893/gid:20/gname:staff/md5:a288177a606a9686132970835b3e572c/mode:33188/mtime:1644921893/uid:501/uname:nimspy
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: EWR53-C1
X-Amz-Cf-Id: TmcfYbpq_e2BMUO-lKBbDZjl7EL4esTxnvZXoiV60ZaJrHN5wRZ8ig==
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sun, 11 Sep 2022 19:52:47 GMT
Content-Length: 3647
Connection: keep-alive


--- Additional Info ---
Magic:  C source, ASCII text, with very long lines (1971)
Size:   3647
Md5:    66b8348a97eaecf14cc35f1326f1cf1a
Sha1:   0c0c17bebbd46240c30a6b1ed85ccfd3b6053bba
Sha256: 7b5ba9e8001cd959f85c8c76eccaf60588909154bac817afb232d7d4a98d2696
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.110
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 11 Sep 2022 19:52:47 GMT
Last-Modified: Sun, 11 Sep 2022 19:35:38 GMT
Server: ECS (dcb/7EED)
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: BgzA3bO0Pz0bgYk3Q9f_pcXYhEgYua9cpX0JqFiNitxGE4KpOq1gpw==
Age: 1029

                                        
                                            GET /assets/1373/other/favicon.ico HTTP/1.1 
Host: cdn.smrt-assets.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://smartdt-secure.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.123.68.153
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Content-Length: 1150
Last-Modified: Wed, 28 Apr 2021 11:28:55 GMT
ETag: "38722a803b73dd1871a3d8a19db44d2f"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: EWR52-C3
X-Amz-Cf-Id: cJQ8J9yk0bJSZyzE3VqZSmlTXkVeqSONRSUcMJjVjnToWSysMtC_7w==
Date: Sun, 11 Sep 2022 19:52:47 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size:   1150
Md5:    38722a803b73dd1871a3d8a19db44d2f
Sha1:   3379960a2c6611bfefcb39e662198d6df322e12d
Sha256: 314dc8584b1a7c7d66a5882b6d153c53ceae37d7137df7b67ddd9735187f2c97
                                        
                                            GET /color?x=1&forScheme=aHR0cHM6Ly9zbWFydGR0LXNlY3VyZS5jb20vc21hcnRsaW5rLz9hPTY4MjI0JnNtPTI3MzA5JmNvPTk3OTc0Jm1lZGlhVHlwZT0xOCZzMT1mYWxsYQ== HTTP/1.1 
Host: guard.cdtbox.rocks
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://smartdt-secure.com
Connection: keep-alive
Referer: https://smartdt-secure.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.193.131.238
HTTP/2 204 No Content
                                        
date: Sun, 11 Sep 2022 19:52:47 GMT
server: nginx
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            GET /js/mp.min.js HTTP/1.1 
Host: static.trafficjunky.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://smartdt-secure.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         205.185.208.79
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 11 Sep 2022 19:52:47 GMT
etag: "1652721327"
cache-control: max-age=31536000
content-encoding: gzip
content-length: 3628
last-modified: Mon, 16 May 2022 17:15:27 GMT
accept-ranges: bytes
x-hw: 1662925967.dop222.sk1.t,1662925967.cds210.sk1.hn,1662925967.cds003.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (10690), with no line terminators
Size:   3628
Md5:    044c370813dc1ea880f32a5be81384e7
Sha1:   53b0733cfc26f2bc7e83d1da0c087d5513fcf548
Sha256: 2acb7fa7d04e9c94971b02b9f67140f2bcc9fb51ee361096c735e7f81518c94c
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://smartdt-secure.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Sun, 11 Sep 2022 18:41:12 GMT
expires: Sun, 11 Sep 2022 20:41:12 GMT
cache-control: public, max-age=7200
age: 4295
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20006
Md5:    56f5d7f608e25d64207135f045f988cb
Sha1:   901eb59372ae330ae85e1384da93479b21ae1082
Sha256: 1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4717
Cache-Control: 'max-age=158059'
Date: Sun, 11 Sep 2022 19:52:48 GMT
Last-Modified: Sun, 11 Sep 2022 18:34:11 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 312

                                        
                                            GET /ctrack?action=list&type=add&id=0&context=dating&cookiename=date1&maxcookiecount=52000 HTTP/1.1 
Host: ctrack.trafficjunky.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://smartdt-secure.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         66.254.114.89
HTTP/1.1 200 OK
content-type: image/gif
                                        
server: openresty
date: Sun, 11 Sep 2022 19:52:48 GMT
content-length: 35
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Sun, 22 Jan 1984 03:00:00 GMT
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
pragma: no-cache
set-cookie: tj_UUID=03e5610b977c4b8ba2f44366780e17bc; Path=/; Domain=trafficjunky.net; Expires=Tue, 11 Oct 2022 19:52:48 GMT; Secure; SameSite=None tj_UUID_v2=03e5610b-977c-4b8b-a2f4-4366780e17bc; Path=/; Domain=trafficjunky.net; Expires=Tue, 11 Oct 2022 19:52:48 GMT; Secure; SameSite=None 82d79cf1ec688fdab74622b4b7a369a7=0; Path=/; Domain=trafficjunky.net; Expires=Tue, 20 Jul 2032 19:52:48 GMT; Secure; SameSite=None
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type
access-control-max-age: 86400
x-request-id: 631E3C90-42FE725901BB3499-A1C25851


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 19:52:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-179148962-2&cid=1655404944.1662925956&jid=1815323599&gjid=1679412558&_gid=1899086000.1662925957&_u=YADAAEAAAAAAAC~&z=1332688697 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://smartdt-secure.com
Connection: keep-alive
Referer: https://smartdt-secure.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.251.1.154
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: https://smartdt-secure.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 11 Sep 2022 19:52:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    c4ca4238a0b923820dcc509a6f75849b
Sha1:   356a192b7913b04c54574d18c28d46e6395428ab
Sha256: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 19:52:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /g/collect?v=2&tid=G-C3EPRPS8FB&gtm=2oe970&_p=2111947571&cid=1655404944.1662925956&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1662925956&sct=1&seg=0&dl=https%3A%2F%2Fsmartdt-secure.com%2Fsmartlink%2F%3Fa%3D68224%26sm%3D27309%26co%3D97974%26mediaType%3D18%26s1%3Dfalla&dt=Best%20dating%20worldwide%20%3C3&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1 
Host: region1.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://smartdt-secure.com
Connection: keep-alive
Referer: https://smartdt-secure.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

                                         
                                         216.239.34.36
HTTP/2 204 No Content
content-type: text/plain
                                        
access-control-allow-origin: https://smartdt-secure.com
date: Sun, 11 Sep 2022 19:52:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /pfe/current/micro.tag.min.js?z=5045591&sw=/sw-check-permissions-4e938.js HTTP/1.1 
Host: lemouwee.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skayhoo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.251
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 11 Sep 2022 19:52:45 GMT
last-modified: Mon, 05 Sep 2022 12:32:41 GMT
etag: W/"6315ec69-1a29e"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /user-segments/?pid=TH HTTP/1.1 
Host: statisticresearch.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://smartdt-secure.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.225.97.2
HTTP/2 200 OK
                                        
date: Sun, 11 Sep 2022 19:52:47 GMT
server: nginx
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css2?family=League+Spartan:wght@800&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://smartdt-secure.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 11 Sep 2022 19:52:47 GMT
date: Sun, 11 Sep 2022 19:52:47 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /service-worker.js HTTP/1.1 
Host: smartdt-secure.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: v_seg_freq_v2_1_001=tWBdMuRvMGdTwy3DvawSPhSQK+OS22nW6SIJij3UMPs=; gdm_visit_freq_v2_1_001=dh+HQpXPsUibYs1Cy+CKX1o75y1DBES8bLm+6XUrn9UnCEzvt0cU6PVesoke4F4l; gdm_uid_v1_1_001=julZBrtB2TAO02v2DY2qVnt9OTP5FWyBbJfKvu3980cj0/7NSrQID0FPlvRInevh; gdm_suid_v1_1_001=HPfHs3OFxkaNOwO68jCjbQ==; v_seg_freq_v1_1_001=tWBdMuRvMGdTwy3DvawSPhSQK+OS22nW6SIJij3UMPs=; gdm_visit_freq_v1_1_001=dh+HQpXPsUibYs1Cy+CKX1o75y1DBES8bLm+6XUrn9UnCEzvt0cU6PVesoke4F4l; gdm_suid_v2_1_001=HPfHs3OFxkaNOwO68jCjbQ==; gdm_uid_v2_1_001=julZBrtB2TAO02v2DY2qVnt9OTP5FWyBbJfKvu3980cj0/7NSrQID0FPlvRInevh; _ga_C3EPRPS8FB=GS1.1.1662925956.1.0.1662925956.0.0.0; _ga=GA1.1.1655404944.1662925956
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                         
                                         45.141.159.22
HTTP/2 200 OK
content-type: text/javascript;charset=utf-8
                                        
server: nginx
date: Sun, 11 Sep 2022 19:52:47 GMT
vary: Accept-Encoding, Accept-Encoding
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Sat, 1 May 2020 12:00:00 GMT
access-control-allow-origin: *, *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /assets/2262/video/21.mp4 HTTP/1.1 
Host: cdn.smrt-assets.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://smartdt-secure.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.123.68.153
HTTP/1.1 206 Partial Content
Content-Type: video/mp4
                                        
Last-Modified: Thu, 17 Mar 2022 16:38:52 GMT
ETag: "e4a81de6fcf6986dcbb783aee38ad574"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: JFK51-C1
X-Amz-Cf-Id: eIbOE0ijmlVrFbxCxPsnhPncUVCM7dEvxMHs6LxGCi35CeqCSGuaIQ==
Unused62: 8096267
Date: Sun, 11 Sep 2022 19:52:47 GMT
Content-Range: bytes 0-368924/368925
Content-Length: 368925
Connection: keep-alive


--- Additional Info ---
                                        
                                            GET /smartlink/?a=68224&sm=27309&co=97974&mediaType=18&s1=falla HTTP/1.1 
Host: smartdt-secure.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         45.141.159.22
HTTP/2 200 OK
content-type: text/html;charset=utf-8
                                        
server: nginx
date: Sun, 11 Sep 2022 19:52:47 GMT
vary: Accept-Encoding, Accept-Encoding
set-cookie: v_seg_freq_v2_1_001=tWBdMuRvMGdTwy3DvawSPhSQK+OS22nW6SIJij3UMPs=; Domain=.smartdt-secure.com; Expires=Sat, 10-Dec-2022 19:52:47 GMT; Path=/; Secure; SameSite=None gdm_visit_freq_v2_1_001=dh+HQpXPsUibYs1Cy+CKX1o75y1DBES8bLm+6XUrn9UnCEzvt0cU6PVesoke4F4l; Domain=.smartdt-secure.com; Expires=Sat, 10-Dec-2022 19:52:47 GMT; Path=/; Secure; SameSite=None gdm_uid_v1_1_001=julZBrtB2TAO02v2DY2qVnt9OTP5FWyBbJfKvu3980cj0/7NSrQID0FPlvRInevh; Domain=.smartdt-secure.com; Expires=Sat, 10-Dec-2022 19:52:47 GMT; Path=/ gdm_suid_v1_1_001=HPfHs3OFxkaNOwO68jCjbQ==; Domain=.smartdt-secure.com; Expires=Sat, 10-Dec-2022 19:52:47 GMT; Path=/ v_seg_freq_v1_1_001=tWBdMuRvMGdTwy3DvawSPhSQK+OS22nW6SIJij3UMPs=; Domain=.smartdt-secure.com; Expires=Sat, 10-Dec-2022 19:52:47 GMT; Path=/ gdm_visit_freq_v1_1_001=dh+HQpXPsUibYs1Cy+CKX1o75y1DBES8bLm+6XUrn9UnCEzvt0cU6PVesoke4F4l; Domain=.smartdt-secure.com; Expires=Sat, 10-Dec-2022 19:52:47 GMT; Path=/ gdm_suid_v2_1_001=HPfHs3OFxkaNOwO68jCjbQ==; Domain=.smartdt-secure.com; Expires=Sat, 10-Dec-2022 19:52:47 GMT; Path=/; Secure; SameSite=None gdm_uid_v2_1_001=julZBrtB2TAO02v2DY2qVnt9OTP5FWyBbJfKvu3980cj0/7NSrQID0FPlvRInevh; Domain=.smartdt-secure.com; Expires=Sat, 10-Dec-2022 19:52:47 GMT; Path=/; Secure; SameSite=None
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Sat, 1 May 2020 12:00:00 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css?family=Montserrat&subset=latin-ext HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://smartdt-secure.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 11 Sep 2022 19:52:47 GMT
date: Sun, 11 Sep 2022 19:52:47 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /assets/2262/video/21.mp4 HTTP/1.1 
Host: cdn.smrt-assets.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://smartdt-secure.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.123.68.153
HTTP/1.1 206 Partial Content
Content-Type: video/mp4
                                        
Last-Modified: Thu, 17 Mar 2022 16:38:52 GMT
ETag: "e4a81de6fcf6986dcbb783aee38ad574"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: JFK51-C1
X-Amz-Cf-Id: eIbOE0ijmlVrFbxCxPsnhPncUVCM7dEvxMHs6LxGCi35CeqCSGuaIQ==
Date: Sun, 11 Sep 2022 19:52:47 GMT
Content-Range: bytes 0-368924/368925
Content-Length: 368925
Connection: keep-alive


--- Additional Info ---