hfjlaw.com/
104.21.25.60302 Moved Temporarily 0 B IP 104.21.25.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: hfjlaw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Date: Sun, 25 Sep 2022 07:59:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: https://votels.wixsite.com/jiffyname
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gKykUVC0JoLdJCThShdGaI803W%2Btm1RidVxmpzet0tD1bYDSsLtLmNGOxZOcw5fA7OxZfSrTJLISAXgn%2BZDTCnTrZlWlJ7a6Rc28BfeBBNwoqY3ODUQOIdIA4fl0"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 750238e4bb23b4eb-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 25 Sep 2022 07:14:52 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: bI9SbcsBM8ES5bjaUKYhXbRsmTVVWobmKZpFqp3S9aEwuReBlwqMKQ==
Age: 2693
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13575
Expires: Sun, 25 Sep 2022 11:46:00 GMT
Date: Sun, 25 Sep 2022 07:59:45 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 25 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _bCuzRv6ebxg80RRE2Bd3FvlGjjdMkTdw33XZ8PszG5tvH8SOBlxlA==
age: 12271
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 07:59:45 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 8f73dbadb0913ea7709c645d83b0333a
a2365c9b7ada7c05cd07dac6d62139059bf2f5af
2d2ca5d435f57ff5dcff0a849db6e8e3a39be54d3245247e8c54f3e35f9fd8f7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 07:59:45 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 25 Sep 2022 07:25:46 GMT
Expires: Sun, 02 Oct 2022 07:25:45 GMT
Etag: "a2365c9b7ada7c05cd07dac6d62139059bf2f5af"
Cache-Control: max-age=602159,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 750238e71869b51d-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 140a602a59ca269aeae0ed5e7d874b52
10fb03500d75170536343086030060567a7c6f5c
2e00c15d0ffe14e9c2cf8f6400fb069b6f9fdd69f00388650a041b7f3d582292
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 07:59:46 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 22:33:44 GMT
Expires: Sat, 01 Oct 2022 22:33:43 GMT
Etag: "10fb03500d75170536343086030060567a7c6f5c"
Cache-Control: max-age=570236,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 750238e9bb0ab51d-OSL
static.parastorage.com/unpkg/lodash@4.17.21/lodash.min.js
151.101.85.91200 OK 25 kB URL HTTP/2 static.parastorage.com/unpkg/lodash@4.17.21/lodash.min.js
IP 151.101.85.91:0
File type ASCII text, with very long lines (4143)
Hash 9661f391f69ddbf1e8bbf879c1c69660
60e78567cd82d5dec158be4ae4d365f45412fb36
59fe3fa5daacb2b18c734a563d4e8e9df1f51eb24672249ca4962f3132149191
GET /unpkg/lodash@4.17.21/lodash.min.js HTTP/1.1
Host: static.parastorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://votels.wixsite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Sun, 21 Feb 2021 02:37:42 GMT
etag: W/"9becc40fb1d85d21d0ca38e2f7069511"
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
x-cache-status: HIT
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjMXxQm1EY0IGoQ+Aul+AXR,aVxMblM8KFG3we5NLvyVc5a79avpR2DZCk9xnuoLql1jPZTuGyYqVhtmEIgJUb4w
cache-control: public, max-age=7776000, immutable
server: Pepyaka/1.19.10
x-wix-request-id: 1661228868.541712333382513129
accept-ranges: bytes
date: Sun, 25 Sep 2022 07:59:46 GMT
age: 2940142
x-served-by: cache-bma1669-BMA
x-cache: HIT
x-cache-hits: 49111
x-timer: S1664092786.249475,VS0,VE0
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25102
X-Firefox-Spdy: h2
static.parastorage.com/services/wix-thunderbolt/dist/main.c5638ec5.bundle.min.js
151.101.85.91200 OK 47 kB URL HTTP/2 static.parastorage.com/services/wix-thunderbolt/dist/main.c5638ec5.bundle.min.js
IP 151.101.85.91:0
File type ASCII text, with very long lines (47703)
Hash f615a48c63f72ced1ffaa88c693949a3
48ba587ee3598ef2e6f3f1fbe6d277a8b069b93e
ef37ba0b0cda23655a8befab2c3fb237c1782970dd96f79a32337545b1ded10e
GET /services/wix-thunderbolt/dist/main.c5638ec5.bundle.min.js HTTP/1.1
Host: static.parastorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://votels.wixsite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 21 Sep 2022 17:27:36 GMT
etag: W/"df358bd040d73452ae279d3653cdeafc"
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
x-cache-status: HIT
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjMXxQm1EY0IGoQ+Aul+AXR,aVxMblM8KFG3we5NLvyVcz/fYSfKbw6+xesuKQMt4UgghGES6Jsix+7j8qfOfk1L
cache-control: public, max-age=7776000, immutable
server: Pepyaka/1.19.10
x-wix-request-id: 1663824217.16495813882154021883
accept-ranges: bytes
date: Sun, 25 Sep 2022 07:59:46 GMT
age: 308137
x-served-by: cache-bma1669-BMA
x-cache: HIT
x-cache-hits: 7095
x-timer: S1664092786.251764,VS0,VE0
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 46872
X-Firefox-Spdy: h2
static.parastorage.com/services/wix-perf-measure/1.1042.0/wix-perf-measure.bundle.min.js
151.101.85.91200 OK 12 kB URL HTTP/2 static.parastorage.com/services/wix-perf-measure/1.1042.0/wix-perf-measure.bundle.min.js
IP 151.101.85.91:0
File type ASCII text, with very long lines (41116)
Hash eff084a5748e8e0f2a7ec583b470a688
ebbf9733448bb4ce7f5666a8ab387776e721d8f0
bc5d488a06103bf405f79c3f7915e4bfd713b27c9cd9406c98e6885e4238b037
GET /services/wix-perf-measure/1.1042.0/wix-perf-measure.bundle.min.js HTTP/1.1
Host: static.parastorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://votels.wixsite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 15 Sep 2022 10:21:30 GMT
etag: W/"72cd3e3e90088aa5acd84acd0d7346c6"
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
x-cache-status: HIT
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciexeHcfy36aNagyZbZBL0eWIHlCalF7YnfvOr2cMPpyw==,aVxMblM8KFG3we5NLvyVc5a79avpR2DZCk9xnuoLql1jPZTuGyYqVhtmEIgJUb4w
cache-control: public, max-age=7776000, immutable
server: Pepyaka/1.19.10
x-wix-request-id: 1663237935.0068719354608228454
accept-ranges: bytes
date: Sun, 25 Sep 2022 07:59:46 GMT
age: 855405
x-served-by: cache-bma1669-BMA
x-cache: HIT
x-cache-hits: 15250
x-timer: S1664092786.275523,VS0,VE0
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 11956
X-Firefox-Spdy: h2
static.parastorage.com/services/wix-thunderbolt/dist/bootstrap-features.08dd9a91.bundle.min.js
151.101.85.91200 OK 52 kB URL HTTP/2 static.parastorage.com/services/wix-thunderbolt/dist/bootstrap-features.08dd9a91.bundle.min.js
IP 151.101.85.91:0
File type ASCII text, with very long lines (54966)
Hash 633ab5c39504649e98dc487aa45f41f8
e5823ee0471a951b6432cb5734c4470f92f4e88e
f03ab56ead925eb9e72b2f88c287c97f9efc0eecc76a0e19ce03988e1aef7ae1
GET /services/wix-thunderbolt/dist/bootstrap-features.08dd9a91.bundle.min.js HTTP/1.1
Host: static.parastorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://votels.wixsite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 21 Sep 2022 15:04:50 GMT
etag: W/"6ff7546eb780280c5f1068f841157ae0"
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
x-cache-status: HIT
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciexeHcfy36aNagyZbZBL0eWIHlCalF7YnfvOr2cMPpyw==,aVxMblM8KFG3we5NLvyVc/5LLToOojZxL2HBjY1XAnAghGES6Jsix+7j8qfOfk1L
cache-control: public, max-age=7776000, immutable
server: Pepyaka/1.19.10
x-wix-request-id: 1663824217.15795825335872428454
accept-ranges: bytes
date: Sun, 25 Sep 2022 07:59:46 GMT
age: 319778
x-served-by: cache-bma1669-BMA
x-cache: HIT
x-cache-hits: 5355
x-timer: S1664092786.276393,VS0,VE0
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 52169
X-Firefox-Spdy: h2
static.parastorage.com/services/third-party/fonts/user-site-fonts/fonts/0078f486-8e52-42c0-ad81-3c8d3d43f48e.woff2
151.101.85.91200 OK 17 kB URL HTTP/2 static.parastorage.com/services/third-party/fonts/user-site-fonts/fonts/0078f486-8e52-42c0-ad81-3c8d3d43f48e.woff2
IP 151.101.85.91:0
File type Web Open Font Format (Version 2), TrueType, length 17216, version 1.0\012- data
Hash fc02a3c78cac0f6ab99c6c19f004d02d
7bcc73042c63c86637084549daad26aed3621d64
0ddce0e617794fd30b60e5c829fe12b9d7eeba14e561e7d89da5fcaf2fe900c3
GET /services/third-party/fonts/user-site-fonts/fonts/0078f486-8e52-42c0-ad81-3c8d3d43f48e.woff2 HTTP/1.1
Host: static.parastorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://votels.wixsite.com
Connection: keep-alive
Referer: https://votels.wixsite.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
access-control-max-age: 3000
last-modified: Tue, 17 Apr 2018 11:11:01 GMT
etag: "ef4257ccfa0fce4d914b23a28aa6fdf4-1"
x-amz-version-id: ZJhEgw5338rDGW18OcyggGHIv4bi5qCO
access-control-allow-methods: GET, GET, OPTIONS, POST
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
timing-allow-origin: *
access-control-allow-origin: *
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
x-cache-status: HIT
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjMXxQm1EY0IGoQ+Aul+AXR,aVxMblM8KFG3we5NLvyVc/5LLToOojZxL2HBjY1XAnAghGES6Jsix+7j8qfOfk1L
cache-control: public, max-age=7776000, immutable
server: Pepyaka/1.19.10
x-wix-request-id: 1661314701.163749006954913129
accept-ranges: bytes
date: Sun, 25 Sep 2022 07:59:46 GMT
age: 2945077
x-served-by: cache-bma1643-BMA
x-cache: HIT
x-cache-hits: 5178
x-timer: S1664092786.286056,VS0,VE0
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 17216
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 140a602a59ca269aeae0ed5e7d874b52
10fb03500d75170536343086030060567a7c6f5c
2e00c15d0ffe14e9c2cf8f6400fb069b6f9fdd69f00388650a041b7f3d582292
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 07:59:46 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 22:33:44 GMT
Expires: Sat, 01 Oct 2022 22:33:43 GMT
Etag: "10fb03500d75170536343086030060567a7c6f5c"
Cache-Control: max-age=570236,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 750238ea1b71b51d-OSL
static.parastorage.com/services/santa-resources/dist/viewer/user-site-fonts/fonts/Basic/v9/xfu_0WLxV2_XKTNw6FH3yg7C.woff2
151.101.85.91200 OK 14 kB URL HTTP/2 static.parastorage.com/services/santa-resources/dist/viewer/user-site-fonts/fonts/Basic/v9/xfu_0WLxV2_XKTNw6FH3yg7C.woff2
IP 151.101.85.91:0
File type Web Open Font Format (Version 2), TrueType, length 13496, version 1.0\012- data
Hash 46dd96bb50bbb062fa952085b1a0e3ec
c4f7d1fd2a6ef716e53cedfc9dd784842dd49eda
daf6c9f1f0192f365e6840e793c02e2a377bfa4a1202fda1550726081c302114
GET /services/santa-resources/dist/viewer/user-site-fonts/fonts/Basic/v9/xfu_0WLxV2_XKTNw6FH3yg7C.woff2 HTTP/1.1
Host: static.parastorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://votels.wixsite.com
Connection: keep-alive
Referer: https://votels.wixsite.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
last-modified: Fri, 09 Sep 2022 14:45:38 GMT
etag: "46dd96bb50bbb062fa952085b1a0e3ec"
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
timing-allow-origin: *
access-control-allow-origin: *
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
x-cache-status: HIT
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciDgmy1x1bk0T2mMblm59aj,aVxMblM8KFG3we5NLvyVc7eNHvhCRAbD7EPjVZvQO20fbJaKSXYQ/lskq2jK6SGP
cache-control: public, max-age=7776000, immutable
server: Pepyaka/1.19.10
x-wix-request-id: 1662895870.06794819965052523312
accept-ranges: bytes
date: Sun, 25 Sep 2022 07:59:46 GMT
age: 1197068
x-served-by: cache-bma1643-BMA
x-cache: HIT
x-cache-hits: 6
x-timer: S1664092786.286339,VS0,VE0
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 13496
X-Firefox-Spdy: h2
static.parastorage.com/services/tag-manager-client/1.427.0/siteTags.bundle.min.js
151.101.85.91200 OK 3.9 kB URL HTTP/2 static.parastorage.com/services/tag-manager-client/1.427.0/siteTags.bundle.min.js
IP 151.101.85.91:0
File type ASCII text, with very long lines (11168)
Hash 5d436a29345aa2e8c4a824fa19f4ecc7
2b479a24b7f7bc5d556f93a0599bbe7104acf467
242529af773ec259f51763a104f5d5ef45715558d932b1b91ff39680269a783f
GET /services/tag-manager-client/1.427.0/siteTags.bundle.min.js HTTP/1.1
Host: static.parastorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://votels.wixsite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 25 May 2021 09:37:42 GMT
etag: W/"74b64900831a2e814a8ff0cdedcf80cb"
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
x-cache-status: HIT
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjBLy8P45DoDO4LnRm+zqsP,aVxMblM8KFG3we5NLvyVcyzve4L4qo9dv8TvlcgmZhMQXT2AyjWfyxKagyd4/pDD
cache-control: public, max-age=7776000, immutable
server: Pepyaka/1.19.10
x-wix-request-id: 1661824722.2696518981706122520
accept-ranges: bytes
date: Sun, 25 Sep 2022 07:59:46 GMT
age: 2401304
x-served-by: cache-bma1669-BMA
x-cache: HIT
x-cache-hits: 35632
x-timer: S1664092786.351835,VS0,VE0
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3858
X-Firefox-Spdy: h2
static.parastorage.com/services/third-party/fonts/Helvetica/Fonts/60be5c39-863e-40cb-9434-6ebafb62ab2b.woff
151.101.85.91200 OK 42 kB URL HTTP/2 static.parastorage.com/services/third-party/fonts/Helvetica/Fonts/60be5c39-863e-40cb-9434-6ebafb62ab2b.woff
IP 151.101.85.91:0
File type Web Open Font Format, TrueType, length 41912, version 1.0\012- data
Hash d8c0392b3457463203e1b2626d6afcb8
2920e91b1e6ad09a5e10cd3ac4505dd51632acba
50ad4a31758eb64034f919ee807237c096849b68ad59a02b7c8c2d0b5b9e3ab3
GET /services/third-party/fonts/Helvetica/Fonts/60be5c39-863e-40cb-9434-6ebafb62ab2b.woff HTTP/1.1
Host: static.parastorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://votels.wixsite.com
Connection: keep-alive
Referer: https://votels.wixsite.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/x-font-woff
last-modified: Tue, 17 Apr 2018 11:11:07 GMT
etag: "30bfa073c86da82d47b52b7a0b6ad7cd-1"
x-amz-version-id: W5svUYdYeE8Wa5N08G9xYp0mppomYy9N
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
timing-allow-origin: *
access-control-allow-origin: *
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
x-cache-status: HIT
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchkavE0ZtMXws1mfakihq4B,aVxMblM8KFG3we5NLvyVc0Sqk9+MZwtm2RdjD28LmUcQXT2AyjWfyxKagyd4/pDD
cache-control: public, max-age=7776000, immutable
server: Pepyaka/1.19.0
x-wix-request-id: 1663722627.84715108382391628478
accept-ranges: bytes
date: Sun, 25 Sep 2022 07:59:46 GMT
age: 533234
x-served-by: cache-bma1643-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1664092786.286332,VS0,VE1
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 41912
X-Firefox-Spdy: h2
static.parastorage.com/unpkg/react@16.14.0/umd/react.production.min.js
151.101.85.91200 OK 4.7 kB URL HTTP/2 static.parastorage.com/unpkg/react@16.14.0/umd/react.production.min.js
IP 151.101.85.91:0
File type ASCII text, with very long lines (574)
Hash 98af04861581703b8f33819f777e19f5
68333056e788b1276646537149661537143ddc8a
9b4dce05c51788fcb566e1b8bbfc8f9df48249035b9d2cb8633011b7bd26c5dc
GET /unpkg/react@16.14.0/umd/react.production.min.js HTTP/1.1
Host: static.parastorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://votels.wixsite.com
Connection: keep-alive
Referer: https://votels.wixsite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
access-control-max-age: 3000
last-modified: Thu, 15 Oct 2020 02:11:22 GMT
etag: W/"63d498e143f421cc44dfb64f22fef270"
access-control-allow-methods: GET, GET, OPTIONS, POST
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
x-cache-status: HIT
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciexeHcfy36aNagyZbZBL0eWIHlCalF7YnfvOr2cMPpyw==,aVxMblM8KFG3we5NLvyVc0g5Kz7nWLaChx0hkFXPsQ8ghGES6Jsix+7j8qfOfk1L
cache-control: public, max-age=7776000, immutable
server: Pepyaka/1.19.10
x-wix-request-id: 1660710573.6746456715006120999
accept-ranges: bytes
date: Sun, 25 Sep 2022 07:59:46 GMT
age: 3393748
x-served-by: cache-bma1643-BMA
x-cache: HIT
x-cache-hits: 12170
x-timer: S1664092786.375304,VS0,VE0
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4703
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Sun, 25 Sep 2022 07:04:17 GMT
Expires: Sun, 25 Sep 2022 08:00:56 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: mzilo7o-UCJz28jC971oamlPNVzVFCOIBp8QH3T8nxjpsQkSwbBRdw==
Age: 3329
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a7809de115ea73f8b61f3d20a9978493
01fc65a2b694d7aadd5204d21801e87b2b55b73e
72692486033feeb149424c59576c6c75b17228dfc89b4c369d2e17cc4bff3d52
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6459
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 07:59:46 GMT
Last-Modified: Sun, 25 Sep 2022 06:12:07 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
ocsp.globalsign.com/ca/gsatlasr3dvtlscah22021
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlscah22021
IP 104.18.21.226:0
Hash 4d7f0608cc1d94c9fc23fc231db98042
0285f7c40d1a7a3b5517aa068b8c779c46e2f0d5
7992fd99d11b2ef1810a883aecae2acf52a44f0bb81fe370400c116602d30991
POST /ca/gsatlasr3dvtlscah22021 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 07:59:46 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "C7ECC55A8EBF01938F4D8C8EB0F0FC0D8FB41729"
Expires: Sun, 25 Sep 2022 18:00:00 GMT
Last-Modified: Sun, 25 Sep 2022 06:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2259
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 750238eafcf70b31-OSL
static.parastorage.com/services/wix-thunderbolt/dist/page-features.508fbd14.chunk.min.js
151.101.85.91200 OK 5.9 kB URL HTTP/2 static.parastorage.com/services/wix-thunderbolt/dist/page-features.508fbd14.chunk.min.js
IP 151.101.85.91:0
File type ASCII text, with very long lines (16956)
Hash bc10431974f8c445fbc8ec4a840a7b63
ed387485844f3b04be263838f99d96307017bdd9
a260d49d5b6e1e8616e19c075439685a059ffabdf9fedd966019de755394e5b3
GET /services/wix-thunderbolt/dist/page-features.508fbd14.chunk.min.js HTTP/1.1
Host: static.parastorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://votels.wixsite.com
Connection: keep-alive
Referer: https://votels.wixsite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 13 Sep 2022 14:20:04 GMT
etag: W/"0e18676c6372b30da54f0174b8bc0a96"
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
x-cache-status: HIT
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjEM4kaaS6QH/itsJwI9pla,aVxMblM8KFG3we5NLvyVc0Sqk9+MZwtm2RdjD28LmUcQXT2AyjWfyxKagyd4/pDD
cache-control: public, max-age=7776000, immutable
server: Pepyaka/1.19.10
x-wix-request-id: 1663136564.7391023752586317693
accept-ranges: bytes
date: Sun, 25 Sep 2022 07:59:46 GMT
age: 1013370
x-served-by: cache-bma1643-BMA
x-cache: HIT
x-cache-hits: 5565
x-timer: S1664092786.480583,VS0,VE0
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 5921
X-Firefox-Spdy: h2
votels.wixsite.com/jiffyname/_api/v2/dynamicmodel
35.228.150.132200 OK 13 kB URL HTTP/2 votels.wixsite.com/jiffyname/_api/v2/dynamicmodel
IP 35.228.150.132:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type JSON data\012- , ASCII text, with very long lines (29371), with no line terminators
Hash fcb83497a102112092511dd1438e19ab
792255f97b2b0052adfcb481e3ec82e96c47327d
5f156314b29c28a431e1d7393df23b39072613deb15aa197e1c7f5581ff34706
Analyzer Verdict Alert fortinet Phishing
GET /jiffyname/_api/v2/dynamicmodel HTTP/1.1
Host: votels.wixsite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://votels.wixsite.com/jiffyname
Connection: keep-alive
Cookie: ssr-caching=cache#desc=hit#varnish=hit#dc#desc=eun1; XSRF-TOKEN=1664092785|HB7Zw2PxwHAQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 07:59:46 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
strict-transport-security: max-age=3600
x-wix-request-id: 1664092786.141102162570221242
age: 0
server-timing: cache;desc=miss, varnish;desc=miss, dc;desc=eun1
x-seen-by: sHU62EDOGnH2FBkJkG/Wx8EeXWsWdHrhlvbxtlynkVg3eJm1dmeYth65h9Bw8kV9,qquldgcFrj2n046g4RNSVKgcQ1THjb6B0pY8+X3A5SZYgeUJqUXtid+86vZww+nL,2d58ifebGbosy5xc+FRallBBUnM3NwQfBhaW5SRCb6jazPdwiE8SezcPZPUGzRuH3QpI/ucnHvfrUjeESIoVeiZ7LGc6hZoi5mRFcdFgLsw=,2UNV7KOq4oGjA5+PKsX47IVh8rwr1kfSZp8MOIif7faa46R9xNIlpQ4eUPYpBuqs,7npGRUZHWOtWoP0Si3wDp94MfOHtAIkmxdX9Nr5vS+w=,xTu8fpDe3EKPsMR1jrheEDMDOGEgQoSB6uwd8gIxW5c=,UCXqFoU+MbsWXjA74cRbHZcDbx8LZyQZvq2ASU4lisoioqWVC5LoMhDvbQZCBwfSH2yWikl2EP5bJKtoyukhjw==
cache-control: no-cache, no-store
vary: Accept-Encoding
set-cookie: hs=520844389; Path=/; Domain=votels.wixsite.com; HTTPOnly
svSession=19aa01f9bf6ce684b88f1a3185528f89bd389574b91c33b460a5f5b9da14720522aff4df7aa1dd9cf416cfcf8a05e3b41e60994d53964e647acf431e4f798bcdc8c763a3507ed04cd01834e43ea8c49d46cfedee293ef99d47d28c1443bb9401203468cb20f4355e5b3b5a9707b30816915d5c7bfa6a5b0ec0ac9752156ec89e1a39f8a19b79e86e1add99fe8c82fd27; Max-Age=63158399; Expires=Wed, 25 Sep 2024 07:59:45 GMT; Path=/jiffyname; Domain=votels.wixsite.com; Secure; HTTPOnly; SameSite=None
x-content-type-options: nosniff
content-encoding: br
server: Pepyaka/1.19.10
X-Firefox-Spdy: h2
static.parastorage.com/services/wix-thunderbolt/dist/captcha.ff763fa8.chunk.min.js
151.101.85.91200 OK 470 B URL HTTP/2 static.parastorage.com/services/wix-thunderbolt/dist/captcha.ff763fa8.chunk.min.js
IP 151.101.85.91:0
File type ASCII text, with very long lines (673)
Hash 6672f362cdd184e3733068c5cd5fed9e
a07b6a11570c2a975956d9410ea2decb0d655920
b6279a590406470a2bdb6c37152baa7e68dc7dcdf96be20a307ed030b342e720
GET /services/wix-thunderbolt/dist/captcha.ff763fa8.chunk.min.js HTTP/1.1
Host: static.parastorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://votels.wixsite.com
Connection: keep-alive
Referer: https://votels.wixsite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Sun, 28 Aug 2022 14:09:04 GMT
etag: W/"5ac55c590717fa11374288c903cd71c9"
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
x-cache-status: HIT
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjBLy8P45DoDO4LnRm+zqsP,aVxMblM8KFG3we5NLvyVcyeTzFUhjLKPB6lD0luXXHcfbJaKSXYQ/lskq2jK6SGP
cache-control: public, max-age=7776000, immutable
server: Pepyaka/1.19.10
x-wix-request-id: 1661846323.0476548133087122521
accept-ranges: bytes
date: Sun, 25 Sep 2022 07:59:46 GMT
age: 2397031
x-served-by: cache-bma1643-BMA
x-cache: HIT
x-cache-hits: 11345
x-timer: S1664092786.488824,VS0,VE0
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 470
X-Firefox-Spdy: h2
static.parastorage.com/services/wix-thunderbolt/dist/dashboardWixCodeSdk.f18da2da.chunk.min.js
151.101.85.91200 OK 4.6 kB URL HTTP/2 static.parastorage.com/services/wix-thunderbolt/dist/dashboardWixCodeSdk.f18da2da.chunk.min.js
IP 151.101.85.91:0
File type ASCII text, with very long lines (14237)
Hash b5070edf340abe80072043db2dfba8b5
e1fe4b824809e43673f7d7a41255484dbbe075d1
1b5adca3c9ec4cf9de45506a9cbf9b1dd87e0f8c59f404772ee802d001cce56b
GET /services/wix-thunderbolt/dist/dashboardWixCodeSdk.f18da2da.chunk.min.js HTTP/1.1
Host: static.parastorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://votels.wixsite.com
Connection: keep-alive
Referer: https://votels.wixsite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
last-modified: Tue, 20 Sep 2022 07:59:56 GMT
etag: W/"816569845db6f44e7a50cecbc3e7c13b"
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
x-cache-status: HIT
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchkavE0ZtMXws1mfakihq4B,aVxMblM8KFG3we5NLvyVc7eNHvhCRAbD7EPjVZvQO20fbJaKSXYQ/lskq2jK6SGP
cache-control: public, max-age=7776000, immutable
server: Pepyaka/1.19.0
x-wix-request-id: 1663680911.39115044438315728478
accept-ranges: bytes
date: Sun, 25 Sep 2022 07:59:46 GMT
age: 431010
x-served-by: cache-bma1643-BMA
x-cache: HIT
x-cache-hits: 10663
x-timer: S1664092786.490274,VS0,VE0
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4613
X-Firefox-Spdy: h2
static.wixstatic.com/media/43befd_c5878e234d7248ea9a39e500b6cf3197~mv2.png/v1/fill/w_428,h_131,al_c,q_85,usm_0.66_1.00_0.01,enc_auto/BREAKERBOXES.png
34.102.176.152200 OK 58 kB URL HTTP/2 static.wixstatic.com/media/43befd_c5878e234d7248ea9a39e500b6cf3197~mv2.png/v1/fill/w_428,h_131,al_c,q_85,usm_0.66_1.00_0.01,enc_auto/BREAKERBOXES.png
IP 34.102.176.152:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 89dd9e8a0b95d8df2ce7bded6c279e5c
d03ffea42170716d8f22a22c72524a3fdee6ddc2
d59c7513da5d6d68aef8d5193ae6e85469ac981d999735152f473e9d97f40b58
GET /media/43befd_c5878e234d7248ea9a39e500b6cf3197~mv2.png/v1/fill/w_428,h_131,al_c,q_85,usm_0.66_1.00_0.01,enc_auto/BREAKERBOXES.png HTTP/1.1
Host: static.wixstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://votels.wixsite.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty/1.21.4.1
date: Sun, 25 Sep 2022 07:59:46 GMT
content-type: image/webp
content-length: 57664
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
vary: Accept
wix-tracer: 2FFfWraUb9WNAUD3DKQ2lvsJSeM
x-seen-by: image-manipulator-5cdc794f79-x5jwz
timing-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
siteassets.parastorage.com/pages/pages/thunderbolt?appDefinitionIdToSiteRevision=%7B%2213d21c63-b5ec-5912-8397-c3a5ddb27a97%22%3A%22440%22%2C%2214bcded7-0066-7c35-14d7-466cb3f09103%22%3A%22222%22%7D&beckyExperiments=specs.thunderbolt.DatePickerPortal%3Atrue%2Cspecs.thunderbolt.new_responsive_layout_render_all_breakpoints%3Atrue%2Cspecs.thunderbolt.loadHighQualityImagesAboveFold%3Atrue%2Cspecs.thunderbolt.carmi_simple_mode%3Atrue%2Cspecs.thunderbolt.new_responsive_layout%3Atrue%2Cspecs.thunderbolt.maskImageCSS%3Atrue%2Cspecs.thunderbolt.chat_landing_page%3Atrue&contentType=application%2Fjson&deviceType=Desktop&dfCk=6&dfVersion=1.1824.0&excludedSafariOrIOS=false&experiments=bv_remove_add_chat_viewer_fixer%2Cdm_migrateToTextTheme&externalBaseUrl=https%3A%2F%2Fvotels.wixsite.com%2Fjiffyname&fileId=5bb698cf.bundle.min&freemiumBanner=true&hasTPAWorkerOnSite=false&isHttps=true&isInSeo=false&isMultilingualEnabled=false&isUrlMigrated=true&isWixCodeOnPage=false&isWixCodeOnSite=false&language=en&languageResolutionMethod=QueryParam&metaSiteId=5e5036b1-e9be-460f-8bb0-8a7ce1b22585&module=thunderbolt-features&originalLanguage=en&pageId=43befd_631444d2d3244a2d5c417525014a8e26_877.json&quickActionsMenuEnabled=false®istryLibrariesTopology=%5B%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22wixui%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.9660.0%22%7D%2C%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22dsgnsys%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.9660.0%22%7D%5D&remoteWidgetStructureBuilderVersion=1.233.0&siteId=2c8dd25f-c898-424c-bc4e-e052de8740e4&siteRevision=877&staticHTMLComponentUrl=https%3A%2F%2Fvotels-wixsite-com.filesusr.com%2F&useSandboxInHTMLComp=true&viewMode=desktop
151.101.85.91200 OK 15 kB URL HTTP/2 siteassets.parastorage.com/pages/pages/thunderbolt?appDefinitionIdToSiteRevision=%7B%2213d21c63-b5ec-5912-8397-c3a5ddb27a97%22%3A%22440%22%2C%2214bcded7-0066-7c35-14d7-466cb3f09103%22%3A%22222%22%7D&beckyExperiments=specs.thunderbolt.DatePickerPortal%3Atrue%2Cspecs.thunderbolt.new_responsive_layout_render_all_breakpoints%3Atrue%2Cspecs.thunderbolt.loadHighQualityImagesAboveFold%3Atrue%2Cspecs.thunderbolt.carmi_simple_mode%3Atrue%2Cspecs.thunderbolt.new_responsive_layout%3Atrue%2Cspecs.thunderbolt.maskImageCSS%3Atrue%2Cspecs.thunderbolt.chat_landing_page%3Atrue&contentType=application%2Fjson&deviceType=Desktop&dfCk=6&dfVersion=1.1824.0&excludedSafariOrIOS=false&experiments=bv_remove_add_chat_viewer_fixer%2Cdm_migrateToTextTheme&externalBaseUrl=https%3A%2F%2Fvotels.wixsite.com%2Fjiffyname&fileId=5bb698cf.bundle.min&freemiumBanner=true&hasTPAWorkerOnSite=false&isHttps=true&isInSeo=false&isMultilingualEnabled=false&isUrlMigrated=true&isWixCodeOnPage=false&isWixCodeOnSite=false&language=en&languageResolutionMethod=QueryParam&metaSiteId=5e5036b1-e9be-460f-8bb0-8a7ce1b22585&module=thunderbolt-features&originalLanguage=en&pageId=43befd_631444d2d3244a2d5c417525014a8e26_877.json&quickActionsMenuEnabled=false®istryLibrariesTopology=%5B%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22wixui%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.9660.0%22%7D%2C%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22dsgnsys%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.9660.0%22%7D%5D&remoteWidgetStructureBuilderVersion=1.233.0&siteId=2c8dd25f-c898-424c-bc4e-e052de8740e4&siteRevision=877&staticHTMLComponentUrl=https%3A%2F%2Fvotels-wixsite-com.filesusr.com%2F&useSandboxInHTMLComp=true&viewMode=desktop
IP 151.101.85.91:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (65462), with no line terminators
Hash 4bc80198b38638d619be1422c6de4353
edddc9e7c19d3fd769b30f58a8953a162de6a1af
89f1b5536ed9ef439f6ad437b72fa854e465ff54a21bb230e212d573e7deb14c
GET /pages/pages/thunderbolt?appDefinitionIdToSiteRevision=%7B%2213d21c63-b5ec-5912-8397-c3a5ddb27a97%22%3A%22440%22%2C%2214bcded7-0066-7c35-14d7-466cb3f09103%22%3A%22222%22%7D&beckyExperiments=specs.thunderbolt.DatePickerPortal%3Atrue%2Cspecs.thunderbolt.new_responsive_layout_render_all_breakpoints%3Atrue%2Cspecs.thunderbolt.loadHighQualityImagesAboveFold%3Atrue%2Cspecs.thunderbolt.carmi_simple_mode%3Atrue%2Cspecs.thunderbolt.new_responsive_layout%3Atrue%2Cspecs.thunderbolt.maskImageCSS%3Atrue%2Cspecs.thunderbolt.chat_landing_page%3Atrue&contentType=application%2Fjson&deviceType=Desktop&dfCk=6&dfVersion=1.1824.0&excludedSafariOrIOS=false&experiments=bv_remove_add_chat_viewer_fixer%2Cdm_migrateToTextTheme&externalBaseUrl=https%3A%2F%2Fvotels.wixsite.com%2Fjiffyname&fileId=5bb698cf.bundle.min&freemiumBanner=true&hasTPAWorkerOnSite=false&isHttps=true&isInSeo=false&isMultilingualEnabled=false&isUrlMigrated=true&isWixCodeOnPage=false&isWixCodeOnSite=false&language=en&languageResolutionMethod=QueryParam&metaSiteId=5e5036b1-e9be-460f-8bb0-8a7ce1b22585&module=thunderbolt-features&originalLanguage=en&pageId=43befd_631444d2d3244a2d5c417525014a8e26_877.json&quickActionsMenuEnabled=false®istryLibrariesTopology=%5B%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22wixui%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.9660.0%22%7D%2C%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22dsgnsys%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.9660.0%22%7D%5D&remoteWidgetStructureBuilderVersion=1.233.0&siteId=2c8dd25f-c898-424c-bc4e-e052de8740e4&siteRevision=877&staticHTMLComponentUrl=https%3A%2F%2Fvotels-wixsite-com.filesusr.com%2F&useSandboxInHTMLComp=true&viewMode=desktop HTTP/1.1
Host: siteassets.parastorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://votels.wixsite.com
Connection: keep-alive
Referer: https://votels.wixsite.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=utf-8
access-control-expose-headers: age,via,x-cache-status,X-cache-status
etag: W/"14d34-ykaTF1WJbCEww4sSnoFHjfBLcE0"
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
x-seen-by: 2iuX5LYwvZa9CoGaG8ZUZjb5j8fWnvnycWNmjdvR3762Lfe2/h7EeN7+amziKINp8LbYimkcQbtDdfQeTz034Q==,/SoSYmefJLK2hiZpy2XaYlN1tYMUtM33SkDcJDaLDqkFlJ9MVK/Wcy1k4Hjr0RmREdq8Qk4Gie/ytisfY4QHwg==,ZUT6NeJ/NsDmQ9DMGnwT1PBe4RdRDfHHarNMngSpe4om++C2XkuTvnlRFg2XiSDL
server: Pepyaka/1.19.10
cache-control: public, max-age=7776000, immutable
x-wix-request-id: 1664092786.439108043512761528457
timing-allow-origin: *
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
accept-ranges: bytes
date: Sun, 25 Sep 2022 07:59:46 GMT
age: 0
x-served-by: cache-bma1658-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664092786.351817,VS0,VE166
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 14779
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.21.226:0
Hash 7fd8c9d1cc8368f39de3ff8e37061fa5
5291de7d9c305c0833a2d145cd6eeccb86299636
e40a7606e9f3481262072421e6edffacbbfaa3564e31290897a66fcb9604d81a
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 07:59:46 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "9E0952080A24784B15154FA6E7359454157CC6A2"
Expires: Sun, 25 Sep 2022 18:00:00 GMT
Last-Modified: Sun, 25 Sep 2022 06:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2726
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 750238ebfe150b31-OSL
static.wixstatic.com/media/43befd_058c311b29ec4d37ad80d242f4528002~mv2.png/v1/crop/x_0,y_0,w_420,h_593/fill/w_203,h_284,al_c,q_85,usm_0.66_1.00_0.01,enc_auto/woman3.png
34.102.176.152200 OK 49 kB URL HTTP/2 static.wixstatic.com/media/43befd_058c311b29ec4d37ad80d242f4528002~mv2.png/v1/crop/x_0,y_0,w_420,h_593/fill/w_203,h_284,al_c,q_85,usm_0.66_1.00_0.01,enc_auto/woman3.png
IP 34.102.176.152:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 314bc146ae557d3a038aca8f6ba7dc9a
e69ab76b2a5985c241cf1c6c20892f2e9848de60
9acf1526c2ba26241a11c1806bf0f199b906ccdac4cacb0c3392c415f0af1031
GET /media/43befd_058c311b29ec4d37ad80d242f4528002~mv2.png/v1/crop/x_0,y_0,w_420,h_593/fill/w_203,h_284,al_c,q_85,usm_0.66_1.00_0.01,enc_auto/woman3.png HTTP/1.1
Host: static.wixstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://votels.wixsite.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty/1.21.4.1
date: Sun, 25 Sep 2022 07:59:46 GMT
content-type: image/webp
content-length: 49136
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
vary: Accept
wix-tracer: 2FFfWmjzM5i1lq9vf7ZsBg1d1mJ
x-seen-by: image-manipulator-5cdc794f79-96kzp
timing-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 59f397dddc873dfbc3306f2d63a9f12e
e92571b93380bebd7bd7c73063b0750865e3ad0e
313ac27ef02e60362b9e22daa5bee45cfeb36775cc0fdd037d1bdefc6643f0e7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 07:59:46 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 00:31:06 GMT
Expires: Thu, 29 Sep 2022 00:31:05 GMT
Etag: "e92571b93380bebd7bd7c73063b0750865e3ad0e"
Cache-Control: max-age=318078,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 750238eafc96b51d-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 59f397dddc873dfbc3306f2d63a9f12e
e92571b93380bebd7bd7c73063b0750865e3ad0e
313ac27ef02e60362b9e22daa5bee45cfeb36775cc0fdd037d1bdefc6643f0e7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 07:59:46 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 00:31:06 GMT
Expires: Thu, 29 Sep 2022 00:31:05 GMT
Etag: "e92571b93380bebd7bd7c73063b0750865e3ad0e"
Cache-Control: max-age=318078,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 750238eb0eae0b02-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 140a602a59ca269aeae0ed5e7d874b52
10fb03500d75170536343086030060567a7c6f5c
2e00c15d0ffe14e9c2cf8f6400fb069b6f9fdd69f00388650a041b7f3d582292
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 07:59:46 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 22:33:44 GMT
Expires: Sat, 01 Oct 2022 22:33:43 GMT
Etag: "10fb03500d75170536343086030060567a7c6f5c"
Cache-Control: max-age=570236,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 750238ec0fdfb50c-OSL
push.services.mozilla.com/
35.164.146.235101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.164.146.235:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: g4WKP1eJmvwn4iP7NSIvdg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Zkq0yR1WItxoe7VkGXZS6GUHHUc=
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 59f397dddc873dfbc3306f2d63a9f12e
e92571b93380bebd7bd7c73063b0750865e3ad0e
313ac27ef02e60362b9e22daa5bee45cfeb36775cc0fdd037d1bdefc6643f0e7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 07:59:46 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 00:31:06 GMT
Expires: Thu, 29 Sep 2022 00:31:05 GMT
Etag: "e92571b93380bebd7bd7c73063b0750865e3ad0e"
Cache-Control: max-age=318078,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 750238eb7f380b69-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 59f397dddc873dfbc3306f2d63a9f12e
e92571b93380bebd7bd7c73063b0750865e3ad0e
313ac27ef02e60362b9e22daa5bee45cfeb36775cc0fdd037d1bdefc6643f0e7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 07:59:46 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 00:31:06 GMT
Expires: Thu, 29 Sep 2022 00:31:05 GMT
Etag: "e92571b93380bebd7bd7c73063b0750865e3ad0e"
Cache-Control: max-age=318078,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 750238eb79751c02-OSL
frog.wix.com/bolt-performance?src=72&evid=28&appName=thunderbolt&is_rollout=0&is_sav_rollout=0&is_dac_rollout=0&dc=84µPop=eun1&is_cached=true&msid=5e5036b1-e9be-460f-8bb0-8a7ce1b22585&session_id=499a0838-9b9b-4f17-83ce-f2e8767ab6f1&ish=false&isb=false&vsi=c94868ea-a1d8-4232-b769-681895d8ac61&caching=hit,hit&pv=visible&pn=1&v=1.11033.0&url=https%3A%2F%2Fvotels.wixsite.com%2Fjiffyname&st=2&ts=39&tsn=770&name=partially_visible&duration=1664092784738&pageId=xp24i
100.25.100.84204 No Content 0 B URL HTTP/2 frog.wix.com/bolt-performance?src=72&evid=28&appName=thunderbolt&is_rollout=0&is_sav_rollout=0&is_dac_rollout=0&dc=84µPop=eun1&is_cached=true&msid=5e5036b1-e9be-460f-8bb0-8a7ce1b22585&session_id=499a0838-9b9b-4f17-83ce-f2e8767ab6f1&ish=false&isb=false&vsi=c94868ea-a1d8-4232-b769-681895d8ac61&caching=hit,hit&pv=visible&pn=1&v=1.11033.0&url=https%3A%2F%2Fvotels.wixsite.com%2Fjiffyname&st=2&ts=39&tsn=770&name=partially_visible&duration=1664092784738&pageId=xp24i
IP 100.25.100.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bolt-performance?src=72&evid=28&appName=thunderbolt&is_rollout=0&is_sav_rollout=0&is_dac_rollout=0&dc=84µPop=eun1&is_cached=true&msid=5e5036b1-e9be-460f-8bb0-8a7ce1b22585&session_id=499a0838-9b9b-4f17-83ce-f2e8767ab6f1&ish=false&isb=false&vsi=c94868ea-a1d8-4232-b769-681895d8ac61&caching=hit,hit&pv=visible&pn=1&v=1.11033.0&url=https%3A%2F%2Fvotels.wixsite.com%2Fjiffyname&st=2&ts=39&tsn=770&name=partially_visible&duration=1664092784738&pageId=xp24i HTTP/1.1
Host: frog.wix.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://votels.wixsite.com
Connection: keep-alive
Referer: https://votels.wixsite.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
date: Sun, 25 Sep 2022 07:59:46 GMT
server: nginx
access-control-allow-origin: https://votels.wixsite.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
X-Firefox-Spdy: h2
votels.wixsite.com/jiffyname/_partials/wix-thunderbolt/dist/clientWorker.5e69808f.bundle.min.js
35.228.150.132200 OK 1.2 kB URL HTTP/2 votels.wixsite.com/jiffyname/_partials/wix-thunderbolt/dist/clientWorker.5e69808f.bundle.min.js
IP 35.228.150.132:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (2717)
Hash 4ea9919809d57f8315ca93f2a33a7ab8
731760dde66558c43a4cc559f59974fb0bb59d67
18c97e267e3d960ea62fd7f06b6c9120f983eaa8c462fe1e1ba9e47c1125ce09
Analyzer Verdict Alert fortinet Phishing
GET /jiffyname/_partials/wix-thunderbolt/dist/clientWorker.5e69808f.bundle.min.js HTTP/1.1
Host: votels.wixsite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://votels.wixsite.com/jiffyname
Cookie: svSession=19aa01f9bf6ce684b88f1a3185528f89bd389574b91c33b460a5f5b9da14720522aff4df7aa1dd9cf416cfcf8a05e3b41e60994d53964e647acf431e4f798bcdc8c763a3507ed04cd01834e43ea8c49d46cfedee293ef99d47d28c1443bb9401203468cb20f4355e5b3b5a9707b30816915d5c7bfa6a5b0ec0ac9752156ec89e1a39f8a19b79e86e1add99fe8c82fd27; ssr-caching=cache#desc=hit#varnish=hit#dc#desc=eun1; XSRF-TOKEN=1664092785|HB7Zw2PxwHAQ; hs=520844389
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 07:59:46 GMT
content-type: application/javascript
content-length: 146200
last-modified: Thu, 22 Sep 2022 08:54:07 GMT
etag: W/"d14a88bc3301d94b1a59ac45bd94b063"
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
x-cache-status: MISS
x-seen-by: sHU62EDOGnH2FBkJkG/Wx8EeXWsWdHrhlvbxtlynkVg3eJm1dmeYth65h9Bw8kV9,qquldgcFrj2n046g4RNSVKgcQ1THjb6B0pY8+X3A5SZYgeUJqUXtid+86vZww+nL,zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchsyoANA5L58iE/4UOTdE0x,aVxMblM8KFG3we5NLvyVc1jYNdX5iXQWX+OiINkuR/e8ZDY613cHYLbuhNMgAom1,2iuX5LYwvZa9CoGaG8ZUZgqsM72LknxyIGq7MjJjVJMe3/j5AamzIi0oSHQsz9b+
cache-control: public, max-age=7776000, immutable
x-wix-request-id: 1664092786.303102162570321242
accept-ranges: bytes
age: 255734
x-served-by: cache-dub4327-DUB
x-cache: HIT
x-cache-hits: 9058
x-timer: S1664092786.387120,VS0,VE0
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-content-type-options: nosniff
server: Pepyaka/1.19.10
X-Firefox-Spdy: h2
frog.wix.com/bt?src=29&evid=3&viewer_name=thunderbolt&caching=hit,hit&dc=84µPop=eun1&et=1&event_name=Init&is_cached=true&is_platform_loaded=0&is_rollout=0&ism=1&isp=0&isjp=false&ita=1&msid=5e5036b1-e9be-460f-8bb0-8a7ce1b22585&pn=1&sessionId=499a0838-9b9b-4f17-83ce-f2e8767ab6f1&siterev=877-__siteCacheRevision__&st=2&ts=58&tts=789&url=https%3A%2F%2Fvotels.wixsite.com%2Fjiffyname%3F&v=1.11033.0&vsi=c94868ea-a1d8-4232-b769-681895d8ac61&_brandId=wix
100.25.100.84204 No Content 0 B URL HTTP/2 frog.wix.com/bt?src=29&evid=3&viewer_name=thunderbolt&caching=hit,hit&dc=84µPop=eun1&et=1&event_name=Init&is_cached=true&is_platform_loaded=0&is_rollout=0&ism=1&isp=0&isjp=false&ita=1&msid=5e5036b1-e9be-460f-8bb0-8a7ce1b22585&pn=1&sessionId=499a0838-9b9b-4f17-83ce-f2e8767ab6f1&siterev=877-__siteCacheRevision__&st=2&ts=58&tts=789&url=https%3A%2F%2Fvotels.wixsite.com%2Fjiffyname%3F&v=1.11033.0&vsi=c94868ea-a1d8-4232-b769-681895d8ac61&_brandId=wix
IP 100.25.100.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bt?src=29&evid=3&viewer_name=thunderbolt&caching=hit,hit&dc=84µPop=eun1&et=1&event_name=Init&is_cached=true&is_platform_loaded=0&is_rollout=0&ism=1&isp=0&isjp=false&ita=1&msid=5e5036b1-e9be-460f-8bb0-8a7ce1b22585&pn=1&sessionId=499a0838-9b9b-4f17-83ce-f2e8767ab6f1&siterev=877-__siteCacheRevision__&st=2&ts=58&tts=789&url=https%3A%2F%2Fvotels.wixsite.com%2Fjiffyname%3F&v=1.11033.0&vsi=c94868ea-a1d8-4232-b769-681895d8ac61&_brandId=wix HTTP/1.1
Host: frog.wix.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://votels.wixsite.com
Connection: keep-alive
Referer: https://votels.wixsite.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
date: Sun, 25 Sep 2022 07:59:46 GMT
server: nginx
access-control-allow-origin: https://votels.wixsite.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
X-Firefox-Spdy: h2
siteassets.parastorage.com/pages/pages/thunderbolt?appDefinitionIdToSiteRevision=%7B%2213d21c63-b5ec-5912-8397-c3a5ddb27a97%22%3A%22440%22%2C%2214bcded7-0066-7c35-14d7-466cb3f09103%22%3A%22222%22%7D&beckyExperiments=specs.thunderbolt.DatePickerPortal%3Atrue%2Cspecs.thunderbolt.new_responsive_layout_render_all_breakpoints%3Atrue%2Cspecs.thunderbolt.loadHighQualityImagesAboveFold%3Atrue%2Cspecs.thunderbolt.carmi_simple_mode%3Atrue%2Cspecs.thunderbolt.new_responsive_layout%3Atrue%2Cspecs.thunderbolt.maskImageCSS%3Atrue%2Cspecs.thunderbolt.chat_landing_page%3Atrue&contentType=application%2Fjson&deviceType=Desktop&dfCk=6&dfVersion=1.1824.0&excludedSafariOrIOS=false&experiments=bv_remove_add_chat_viewer_fixer%2Cdm_migrateToTextTheme&externalBaseUrl=https%3A%2F%2Fvotels.wixsite.com%2Fjiffyname&fileId=5bb698cf.bundle.min&freemiumBanner=true&hasTPAWorkerOnSite=false&isHttps=true&isInSeo=false&isMultilingualEnabled=false&isUrlMigrated=true&isWixCodeOnPage=false&isWixCodeOnSite=false&language=en&languageResolutionMethod=QueryParam&metaSiteId=5e5036b1-e9be-460f-8bb0-8a7ce1b22585&module=thunderbolt-features&originalLanguage=en&pageId=43befd_aa2562a6d2eef3226ec44b9a8758e181_876.json&quickActionsMenuEnabled=false®istryLibrariesTopology=%5B%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22wixui%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.9660.0%22%7D%2C%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22dsgnsys%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.9660.0%22%7D%5D&remoteWidgetStructureBuilderVersion=1.233.0&siteId=2c8dd25f-c898-424c-bc4e-e052de8740e4&siteRevision=877&staticHTMLComponentUrl=https%3A%2F%2Fvotels-wixsite-com.filesusr.com%2F&useSandboxInHTMLComp=true&viewMode=desktop
151.101.85.91200 OK 3.6 kB URL HTTP/2 siteassets.parastorage.com/pages/pages/thunderbolt?appDefinitionIdToSiteRevision=%7B%2213d21c63-b5ec-5912-8397-c3a5ddb27a97%22%3A%22440%22%2C%2214bcded7-0066-7c35-14d7-466cb3f09103%22%3A%22222%22%7D&beckyExperiments=specs.thunderbolt.DatePickerPortal%3Atrue%2Cspecs.thunderbolt.new_responsive_layout_render_all_breakpoints%3Atrue%2Cspecs.thunderbolt.loadHighQualityImagesAboveFold%3Atrue%2Cspecs.thunderbolt.carmi_simple_mode%3Atrue%2Cspecs.thunderbolt.new_responsive_layout%3Atrue%2Cspecs.thunderbolt.maskImageCSS%3Atrue%2Cspecs.thunderbolt.chat_landing_page%3Atrue&contentType=application%2Fjson&deviceType=Desktop&dfCk=6&dfVersion=1.1824.0&excludedSafariOrIOS=false&experiments=bv_remove_add_chat_viewer_fixer%2Cdm_migrateToTextTheme&externalBaseUrl=https%3A%2F%2Fvotels.wixsite.com%2Fjiffyname&fileId=5bb698cf.bundle.min&freemiumBanner=true&hasTPAWorkerOnSite=false&isHttps=true&isInSeo=false&isMultilingualEnabled=false&isUrlMigrated=true&isWixCodeOnPage=false&isWixCodeOnSite=false&language=en&languageResolutionMethod=QueryParam&metaSiteId=5e5036b1-e9be-460f-8bb0-8a7ce1b22585&module=thunderbolt-features&originalLanguage=en&pageId=43befd_aa2562a6d2eef3226ec44b9a8758e181_876.json&quickActionsMenuEnabled=false®istryLibrariesTopology=%5B%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22wixui%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.9660.0%22%7D%2C%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22dsgnsys%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.9660.0%22%7D%5D&remoteWidgetStructureBuilderVersion=1.233.0&siteId=2c8dd25f-c898-424c-bc4e-e052de8740e4&siteRevision=877&staticHTMLComponentUrl=https%3A%2F%2Fvotels-wixsite-com.filesusr.com%2F&useSandboxInHTMLComp=true&viewMode=desktop
IP 151.101.85.91:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (15218), with no line terminators
Hash d876f65925f523844143210f9866bcff
cff2c1d519c9a55f753bf9024879b95c644f1bcd
468338261261657a405a0871225c8e87dd47e0ee2bcc82c6b25913ec42aa6277
GET /pages/pages/thunderbolt?appDefinitionIdToSiteRevision=%7B%2213d21c63-b5ec-5912-8397-c3a5ddb27a97%22%3A%22440%22%2C%2214bcded7-0066-7c35-14d7-466cb3f09103%22%3A%22222%22%7D&beckyExperiments=specs.thunderbolt.DatePickerPortal%3Atrue%2Cspecs.thunderbolt.new_responsive_layout_render_all_breakpoints%3Atrue%2Cspecs.thunderbolt.loadHighQualityImagesAboveFold%3Atrue%2Cspecs.thunderbolt.carmi_simple_mode%3Atrue%2Cspecs.thunderbolt.new_responsive_layout%3Atrue%2Cspecs.thunderbolt.maskImageCSS%3Atrue%2Cspecs.thunderbolt.chat_landing_page%3Atrue&contentType=application%2Fjson&deviceType=Desktop&dfCk=6&dfVersion=1.1824.0&excludedSafariOrIOS=false&experiments=bv_remove_add_chat_viewer_fixer%2Cdm_migrateToTextTheme&externalBaseUrl=https%3A%2F%2Fvotels.wixsite.com%2Fjiffyname&fileId=5bb698cf.bundle.min&freemiumBanner=true&hasTPAWorkerOnSite=false&isHttps=true&isInSeo=false&isMultilingualEnabled=false&isUrlMigrated=true&isWixCodeOnPage=false&isWixCodeOnSite=false&language=en&languageResolutionMethod=QueryParam&metaSiteId=5e5036b1-e9be-460f-8bb0-8a7ce1b22585&module=thunderbolt-features&originalLanguage=en&pageId=43befd_aa2562a6d2eef3226ec44b9a8758e181_876.json&quickActionsMenuEnabled=false®istryLibrariesTopology=%5B%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22wixui%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.9660.0%22%7D%2C%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22dsgnsys%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.9660.0%22%7D%5D&remoteWidgetStructureBuilderVersion=1.233.0&siteId=2c8dd25f-c898-424c-bc4e-e052de8740e4&siteRevision=877&staticHTMLComponentUrl=https%3A%2F%2Fvotels-wixsite-com.filesusr.com%2F&useSandboxInHTMLComp=true&viewMode=desktop HTTP/1.1
Host: siteassets.parastorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://votels.wixsite.com
Connection: keep-alive
Referer: https://votels.wixsite.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=utf-8
access-control-expose-headers: age,via,x-cache-status,X-cache-status
etag: W/"3b74-NqR4Vgb5cxieNfrZOGaE2HJCr3o"
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
x-seen-by: 2iuX5LYwvZa9CoGaG8ZUZjb5j8fWnvnycWNmjdvR376hT+QteYzYm4s5eD5cvt7zmuOkfcTSJaUOHlD2KQbqrA==,/SoSYmefJLK2hiZpy2XaYlN1tYMUtM33SkDcJDaLDqkFlJ9MVK/Wcy1k4Hjr0RmREdq8Qk4Gie/ytisfY4QHwg==,ZUT6NeJ/NsDmQ9DMGnwT1PBe4RdRDfHHarNMngSpe4om++C2XkuTvnlRFg2XiSDL,Awf+EL8DXagxrUUrGnf8jMm3fKoN0U5zvyB/tj0hH+TIbrujdS7FwpcSiViKjesq,R8nVwPJv9QJL1m78OROO+HOAnpTwMH6Cv4X+tlSb0Gs=,g1tEHL6KXqacD6ojcO5kMhaUX3+FHDn5Thcyl7BhDd9YgeUJqUXtid+86vZww+nL,wBtvfTNNrafvoGt3i2U7UOMMCEBa4gr0kX23o6XzVwC1gykLQGGRtUShiWMN1JqsYw4sFKX4RHFA7IgQ0Sbgxw==,g1tEHL6KXqacD6ojcO5kMhaUX3+FHDn5Thcyl7BhDd9YgeUJqUXtid+86vZww+nL,g1tEHL6KXqacD6ojcO5kMox+lOmYqZd3SnQVgHLreStYgeUJqUXtid+86vZww+nL,X0+kt7XXQOUL1jfJ/HiBIoCmSEhm47aLex8L19749Y5baby9pk9rQKSEraUYiMfo0tWwg8sdcKk+8l2lUB/5mfgPY8VGELkcDjOuW3OfgtNGFi+4ddo5KGG/RF0A723u,g1tEHL6KXqacD6ojcO5kMslfsdN+kyvvma4L7SQQyvhYgeUJqUXtid+86vZww+nL,tznMqpp3e1oucszW+OT1FDCjTsoR4vCFTf0Iy8S4mAIVtsej6FxFKqRYQqcFpZrltYMpC0BhkbVEoYljDdSarBzYiqRXoaNkhEsWNVIBJPw=
server: Pepyaka/1.19.10
cache-control: public, max-age=7776000, immutable
x-wix-request-id: 1664092786.374108018033422721883
timing-allow-origin: *
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
accept-ranges: bytes
date: Sun, 25 Sep 2022 07:59:46 GMT
age: 0
x-served-by: cache-bma1658-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664092786.285475,VS0,VE470
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3591
X-Firefox-Spdy: h2
siteassets.parastorage.com/pages/pages/thunderbolt?appDefinitionIdToSiteRevision=%7B%2213d21c63-b5ec-5912-8397-c3a5ddb27a97%22%3A%22440%22%2C%2214bcded7-0066-7c35-14d7-466cb3f09103%22%3A%22222%22%7D&beckyExperiments=specs.thunderbolt.DatePickerPortal%3Atrue%2Cspecs.thunderbolt.new_responsive_layout_render_all_breakpoints%3Atrue%2Cspecs.thunderbolt.loadHighQualityImagesAboveFold%3Atrue%2Cspecs.thunderbolt.carmi_simple_mode%3Atrue%2Cspecs.thunderbolt.new_responsive_layout%3Atrue%2Cspecs.thunderbolt.maskImageCSS%3Atrue%2Cspecs.thunderbolt.chat_landing_page%3Atrue&contentType=application%2Fjson&dfCk=6&dfVersion=1.1824.0&excludedSafariOrIOS=false&experiments=bv_remove_add_chat_viewer_fixer%2Cdm_migrateToTextTheme&externalBaseUrl=https%3A%2F%2Fvotels.wixsite.com%2Fjiffyname&fileId=d5d48058.bundle.min&freemiumBanner=true&hasTPAWorkerOnSite=false&isHttps=true&isInSeo=false&isUrlMigrated=true&isWixCodeOnPage=false&isWixCodeOnSite=false&language=en&metaSiteId=5e5036b1-e9be-460f-8bb0-8a7ce1b22585&module=thunderbolt-platform-simple&originalLanguage=en&pageId=43befd_631444d2d3244a2d5c417525014a8e26_877.json&quickActionsMenuEnabled=false®istryLibrariesTopology=%5B%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22wixui%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.9660.0%22%7D%2C%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22dsgnsys%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.9660.0%22%7D%5D&remoteWidgetStructureBuilderVersion=1.233.0&siteId=2c8dd25f-c898-424c-bc4e-e052de8740e4&siteRevision=877&viewMode=desktop
151.101.85.91200 OK 2.2 kB URL HTTP/2 siteassets.parastorage.com/pages/pages/thunderbolt?appDefinitionIdToSiteRevision=%7B%2213d21c63-b5ec-5912-8397-c3a5ddb27a97%22%3A%22440%22%2C%2214bcded7-0066-7c35-14d7-466cb3f09103%22%3A%22222%22%7D&beckyExperiments=specs.thunderbolt.DatePickerPortal%3Atrue%2Cspecs.thunderbolt.new_responsive_layout_render_all_breakpoints%3Atrue%2Cspecs.thunderbolt.loadHighQualityImagesAboveFold%3Atrue%2Cspecs.thunderbolt.carmi_simple_mode%3Atrue%2Cspecs.thunderbolt.new_responsive_layout%3Atrue%2Cspecs.thunderbolt.maskImageCSS%3Atrue%2Cspecs.thunderbolt.chat_landing_page%3Atrue&contentType=application%2Fjson&dfCk=6&dfVersion=1.1824.0&excludedSafariOrIOS=false&experiments=bv_remove_add_chat_viewer_fixer%2Cdm_migrateToTextTheme&externalBaseUrl=https%3A%2F%2Fvotels.wixsite.com%2Fjiffyname&fileId=d5d48058.bundle.min&freemiumBanner=true&hasTPAWorkerOnSite=false&isHttps=true&isInSeo=false&isUrlMigrated=true&isWixCodeOnPage=false&isWixCodeOnSite=false&language=en&metaSiteId=5e5036b1-e9be-460f-8bb0-8a7ce1b22585&module=thunderbolt-platform-simple&originalLanguage=en&pageId=43befd_631444d2d3244a2d5c417525014a8e26_877.json&quickActionsMenuEnabled=false®istryLibrariesTopology=%5B%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22wixui%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.9660.0%22%7D%2C%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22dsgnsys%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.9660.0%22%7D%5D&remoteWidgetStructureBuilderVersion=1.233.0&siteId=2c8dd25f-c898-424c-bc4e-e052de8740e4&siteRevision=877&viewMode=desktop
IP 151.101.85.91:0
File type JSON data\012- , ASCII text, with very long lines (9137), with no line terminators
Hash c3e7af6278b2f71b16862ce5aa16beed
4987531f327f123ba671679753c1409a0ca14a6a
ea7866e3c3eb7f050596769e1cf526d0566289af36cdf4ce791e644d64e057f0
GET /pages/pages/thunderbolt?appDefinitionIdToSiteRevision=%7B%2213d21c63-b5ec-5912-8397-c3a5ddb27a97%22%3A%22440%22%2C%2214bcded7-0066-7c35-14d7-466cb3f09103%22%3A%22222%22%7D&beckyExperiments=specs.thunderbolt.DatePickerPortal%3Atrue%2Cspecs.thunderbolt.new_responsive_layout_render_all_breakpoints%3Atrue%2Cspecs.thunderbolt.loadHighQualityImagesAboveFold%3Atrue%2Cspecs.thunderbolt.carmi_simple_mode%3Atrue%2Cspecs.thunderbolt.new_responsive_layout%3Atrue%2Cspecs.thunderbolt.maskImageCSS%3Atrue%2Cspecs.thunderbolt.chat_landing_page%3Atrue&contentType=application%2Fjson&dfCk=6&dfVersion=1.1824.0&excludedSafariOrIOS=false&experiments=bv_remove_add_chat_viewer_fixer%2Cdm_migrateToTextTheme&externalBaseUrl=https%3A%2F%2Fvotels.wixsite.com%2Fjiffyname&fileId=d5d48058.bundle.min&freemiumBanner=true&hasTPAWorkerOnSite=false&isHttps=true&isInSeo=false&isUrlMigrated=true&isWixCodeOnPage=false&isWixCodeOnSite=false&language=en&metaSiteId=5e5036b1-e9be-460f-8bb0-8a7ce1b22585&module=thunderbolt-platform-simple&originalLanguage=en&pageId=43befd_631444d2d3244a2d5c417525014a8e26_877.json&quickActionsMenuEnabled=false®istryLibrariesTopology=%5B%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22wixui%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.9660.0%22%7D%2C%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22dsgnsys%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.9660.0%22%7D%5D&remoteWidgetStructureBuilderVersion=1.233.0&siteId=2c8dd25f-c898-424c-bc4e-e052de8740e4&siteRevision=877&viewMode=desktop HTTP/1.1
Host: siteassets.parastorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Origin: https://votels.wixsite.com
Connection: keep-alive
Referer: https://votels.wixsite.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
access-control-expose-headers: age,via,x-cache-status,X-cache-status
etag: W/"23b1-B9H1Ff1cjUTA3fK1HA946eAtfdA"
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
x-seen-by: 2iuX5LYwvZa9CoGaG8ZUZjb5j8fWnvnycWNmjdvR3762Lfe2/h7EeN7+amziKINp8LbYimkcQbtDdfQeTz034Q==,/SoSYmefJLK2hiZpy2XaYlN1tYMUtM33SkDcJDaLDqneUg/9B2UNc42fcRMM40PuYz2U7hsmKlYbZhCICVG+MA==,ZUT6NeJ/NsDmQ9DMGnwT1AkXXqn6tFrkWQXECMN3vJ8m++C2XkuTvnlRFg2XiSDL
server: Pepyaka/1.19.10
cache-control: public, max-age=7776000, immutable
x-wix-request-id: 1664092786.690108012822527828455
timing-allow-origin: *
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
accept-ranges: bytes
date: Sun, 25 Sep 2022 07:59:46 GMT
age: 0
x-served-by: cache-bma1658-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664092787.602338,VS0,VE165
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2187
X-Firefox-Spdy: h2
frog.wix.com/bt?src=29&evid=3&viewer_name=thunderbolt&caching=hit,hit&dc=84µPop=eun1&et=12&event_name=Partially%20visible&is_cached=true&is_platform_loaded=0&is_rollout=0&ism=1&isp=0&isjp=false&iss=1&ita=1&msid=5e5036b1-e9be-460f-8bb0-8a7ce1b22585&pid=xp24i&pn=1&sessionId=499a0838-9b9b-4f17-83ce-f2e8767ab6f1&siterev=877-__siteCacheRevision__&st=2&ts=101&tts=832&url=https%3A%2F%2Fvotels.wixsite.com%2Fjiffyname%3F&v=1.11033.0&vsi=c94868ea-a1d8-4232-b769-681895d8ac61&_brandId=wix
100.25.100.84204 No Content 0 B URL HTTP/2 frog.wix.com/bt?src=29&evid=3&viewer_name=thunderbolt&caching=hit,hit&dc=84µPop=eun1&et=12&event_name=Partially%20visible&is_cached=true&is_platform_loaded=0&is_rollout=0&ism=1&isp=0&isjp=false&iss=1&ita=1&msid=5e5036b1-e9be-460f-8bb0-8a7ce1b22585&pid=xp24i&pn=1&sessionId=499a0838-9b9b-4f17-83ce-f2e8767ab6f1&siterev=877-__siteCacheRevision__&st=2&ts=101&tts=832&url=https%3A%2F%2Fvotels.wixsite.com%2Fjiffyname%3F&v=1.11033.0&vsi=c94868ea-a1d8-4232-b769-681895d8ac61&_brandId=wix
IP 100.25.100.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bt?src=29&evid=3&viewer_name=thunderbolt&caching=hit,hit&dc=84µPop=eun1&et=12&event_name=Partially%20visible&is_cached=true&is_platform_loaded=0&is_rollout=0&ism=1&isp=0&isjp=false&iss=1&ita=1&msid=5e5036b1-e9be-460f-8bb0-8a7ce1b22585&pid=xp24i&pn=1&sessionId=499a0838-9b9b-4f17-83ce-f2e8767ab6f1&siterev=877-__siteCacheRevision__&st=2&ts=101&tts=832&url=https%3A%2F%2Fvotels.wixsite.com%2Fjiffyname%3F&v=1.11033.0&vsi=c94868ea-a1d8-4232-b769-681895d8ac61&_brandId=wix HTTP/1.1
Host: frog.wix.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://votels.wixsite.com
Connection: keep-alive
Referer: https://votels.wixsite.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
date: Sun, 25 Sep 2022 07:59:46 GMT
server: nginx
access-control-allow-origin: https://votels.wixsite.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
X-Firefox-Spdy: h2
frog.wix.com/bolt-performance?src=72&evid=21&appName=thunderbolt&is_rollout=0&is_sav_rollout=0&is_dac_rollout=0&dc=84µPop=eun1&is_cached=true&msid=5e5036b1-e9be-460f-8bb0-8a7ce1b22585&session_id=499a0838-9b9b-4f17-83ce-f2e8767ab6f1&ish=false&isb=false&vsi=c94868ea-a1d8-4232-b769-681895d8ac61&caching=hit,hit&pv=visible&pn=1&v=1.11033.0&url=https%3A%2F%2Fvotels.wixsite.com%2Fjiffyname&st=2&ts=39&tsn=770
100.25.100.84204 No Content 0 B URL HTTP/2 frog.wix.com/bolt-performance?src=72&evid=21&appName=thunderbolt&is_rollout=0&is_sav_rollout=0&is_dac_rollout=0&dc=84µPop=eun1&is_cached=true&msid=5e5036b1-e9be-460f-8bb0-8a7ce1b22585&session_id=499a0838-9b9b-4f17-83ce-f2e8767ab6f1&ish=false&isb=false&vsi=c94868ea-a1d8-4232-b769-681895d8ac61&caching=hit,hit&pv=visible&pn=1&v=1.11033.0&url=https%3A%2F%2Fvotels.wixsite.com%2Fjiffyname&st=2&ts=39&tsn=770
IP 100.25.100.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bolt-performance?src=72&evid=21&appName=thunderbolt&is_rollout=0&is_sav_rollout=0&is_dac_rollout=0&dc=84µPop=eun1&is_cached=true&msid=5e5036b1-e9be-460f-8bb0-8a7ce1b22585&session_id=499a0838-9b9b-4f17-83ce-f2e8767ab6f1&ish=false&isb=false&vsi=c94868ea-a1d8-4232-b769-681895d8ac61&caching=hit,hit&pv=visible&pn=1&v=1.11033.0&url=https%3A%2F%2Fvotels.wixsite.com%2Fjiffyname&st=2&ts=39&tsn=770 HTTP/1.1
Host: frog.wix.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://votels.wixsite.com
Connection: keep-alive
Referer: https://votels.wixsite.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
date: Sun, 25 Sep 2022 07:59:46 GMT
server: nginx
access-control-allow-origin: https://votels.wixsite.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
X-Firefox-Spdy: h2
frog.wix.com/bpm
100.25.100.84204 No Content 0 B IP 100.25.100.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bpm HTTP/1.1
Host: frog.wix.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1788
Origin: https://votels.wixsite.com
Connection: keep-alive
Referer: https://votels.wixsite.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 25 Sep 2022 07:59:46 GMT
server: nginx
access-control-allow-origin: https://votels.wixsite.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
X-Firefox-Spdy: h2
siteassets.parastorage.com/pages/pages/thunderbolt?appDefinitionIdToSiteRevision=%7B%2213d21c63-b5ec-5912-8397-c3a5ddb27a97%22%3A%22440%22%2C%2214bcded7-0066-7c35-14d7-466cb3f09103%22%3A%22222%22%7D&beckyExperiments=specs.thunderbolt.DatePickerPortal%3Atrue%2Cspecs.thunderbolt.new_responsive_layout_render_all_breakpoints%3Atrue%2Cspecs.thunderbolt.loadHighQualityImagesAboveFold%3Atrue%2Cspecs.thunderbolt.carmi_simple_mode%3Atrue%2Cspecs.thunderbolt.new_responsive_layout%3Atrue%2Cspecs.thunderbolt.maskImageCSS%3Atrue%2Cspecs.thunderbolt.chat_landing_page%3Atrue&contentType=application%2Fjson&dfCk=6&dfVersion=1.1824.0&excludedSafariOrIOS=false&experiments=bv_remove_add_chat_viewer_fixer%2Cdm_migrateToTextTheme&externalBaseUrl=https%3A%2F%2Fvotels.wixsite.com%2Fjiffyname&fileId=d5d48058.bundle.min&freemiumBanner=true&hasTPAWorkerOnSite=false&isHttps=true&isInSeo=false&isUrlMigrated=true&isWixCodeOnPage=false&isWixCodeOnSite=false&language=en&metaSiteId=5e5036b1-e9be-460f-8bb0-8a7ce1b22585&module=thunderbolt-platform-simple&originalLanguage=en&pageId=43befd_aa2562a6d2eef3226ec44b9a8758e181_876.json&quickActionsMenuEnabled=false®istryLibrariesTopology=%5B%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22wixui%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.9660.0%22%7D%2C%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22dsgnsys%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.9660.0%22%7D%5D&remoteWidgetStructureBuilderVersion=1.233.0&siteId=2c8dd25f-c898-424c-bc4e-e052de8740e4&siteRevision=877&viewMode=desktop
151.101.85.91200 OK 1.6 kB URL HTTP/2 siteassets.parastorage.com/pages/pages/thunderbolt?appDefinitionIdToSiteRevision=%7B%2213d21c63-b5ec-5912-8397-c3a5ddb27a97%22%3A%22440%22%2C%2214bcded7-0066-7c35-14d7-466cb3f09103%22%3A%22222%22%7D&beckyExperiments=specs.thunderbolt.DatePickerPortal%3Atrue%2Cspecs.thunderbolt.new_responsive_layout_render_all_breakpoints%3Atrue%2Cspecs.thunderbolt.loadHighQualityImagesAboveFold%3Atrue%2Cspecs.thunderbolt.carmi_simple_mode%3Atrue%2Cspecs.thunderbolt.new_responsive_layout%3Atrue%2Cspecs.thunderbolt.maskImageCSS%3Atrue%2Cspecs.thunderbolt.chat_landing_page%3Atrue&contentType=application%2Fjson&dfCk=6&dfVersion=1.1824.0&excludedSafariOrIOS=false&experiments=bv_remove_add_chat_viewer_fixer%2Cdm_migrateToTextTheme&externalBaseUrl=https%3A%2F%2Fvotels.wixsite.com%2Fjiffyname&fileId=d5d48058.bundle.min&freemiumBanner=true&hasTPAWorkerOnSite=false&isHttps=true&isInSeo=false&isUrlMigrated=true&isWixCodeOnPage=false&isWixCodeOnSite=false&language=en&metaSiteId=5e5036b1-e9be-460f-8bb0-8a7ce1b22585&module=thunderbolt-platform-simple&originalLanguage=en&pageId=43befd_aa2562a6d2eef3226ec44b9a8758e181_876.json&quickActionsMenuEnabled=false®istryLibrariesTopology=%5B%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22wixui%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.9660.0%22%7D%2C%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22dsgnsys%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.9660.0%22%7D%5D&remoteWidgetStructureBuilderVersion=1.233.0&siteId=2c8dd25f-c898-424c-bc4e-e052de8740e4&siteRevision=877&viewMode=desktop
IP 151.101.85.91:0
File type JSON data\012- , ASCII text, with very long lines (6563), with no line terminators
Hash e71f1f397b08ba9e403551659b60a55b
00be15be28152e76a59f2dc71439007a3f53dbc4
fbc9b29604fbd6acbecdf8f9e415e4f49c94c45f260fb28fa55b808fc70a3a40
GET /pages/pages/thunderbolt?appDefinitionIdToSiteRevision=%7B%2213d21c63-b5ec-5912-8397-c3a5ddb27a97%22%3A%22440%22%2C%2214bcded7-0066-7c35-14d7-466cb3f09103%22%3A%22222%22%7D&beckyExperiments=specs.thunderbolt.DatePickerPortal%3Atrue%2Cspecs.thunderbolt.new_responsive_layout_render_all_breakpoints%3Atrue%2Cspecs.thunderbolt.loadHighQualityImagesAboveFold%3Atrue%2Cspecs.thunderbolt.carmi_simple_mode%3Atrue%2Cspecs.thunderbolt.new_responsive_layout%3Atrue%2Cspecs.thunderbolt.maskImageCSS%3Atrue%2Cspecs.thunderbolt.chat_landing_page%3Atrue&contentType=application%2Fjson&dfCk=6&dfVersion=1.1824.0&excludedSafariOrIOS=false&experiments=bv_remove_add_chat_viewer_fixer%2Cdm_migrateToTextTheme&externalBaseUrl=https%3A%2F%2Fvotels.wixsite.com%2Fjiffyname&fileId=d5d48058.bundle.min&freemiumBanner=true&hasTPAWorkerOnSite=false&isHttps=true&isInSeo=false&isUrlMigrated=true&isWixCodeOnPage=false&isWixCodeOnSite=false&language=en&metaSiteId=5e5036b1-e9be-460f-8bb0-8a7ce1b22585&module=thunderbolt-platform-simple&originalLanguage=en&pageId=43befd_aa2562a6d2eef3226ec44b9a8758e181_876.json&quickActionsMenuEnabled=false®istryLibrariesTopology=%5B%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22wixui%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.9660.0%22%7D%2C%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22dsgnsys%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.9660.0%22%7D%5D&remoteWidgetStructureBuilderVersion=1.233.0&siteId=2c8dd25f-c898-424c-bc4e-e052de8740e4&siteRevision=877&viewMode=desktop HTTP/1.1
Host: siteassets.parastorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Origin: https://votels.wixsite.com
Connection: keep-alive
Referer: https://votels.wixsite.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
access-control-expose-headers: age,via,x-cache-status,X-cache-status
etag: W/"19a3-xe9I2EN/DfhPRrIyiiSdiV965aU"
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
x-seen-by: 2iuX5LYwvZa9CoGaG8ZUZjb5j8fWnvnycWNmjdvR3762Lfe2/h7EeN7+amziKINp8LbYimkcQbtDdfQeTz034Q==,/SoSYmefJLK2hiZpy2XaYlN1tYMUtM33SkDcJDaLDqnGvN0ZnmU/6/rpk7yve7RVYz2U7hsmKlYbZhCICVG+MA==,ZUT6NeJ/NsDmQ9DMGnwT1MwYaTXX7zUi2LWSMMlcHm4m++C2XkuTvnlRFg2XiSDL,Awf+EL8DXagxrUUrGnf8jMm3fKoN0U5zvyB/tj0hH+T0eUYNu8LbS7o9ke4yPUvk,R8nVwPJv9QJL1m78OROO+Dj3iNB9kPmceSCpfTjC2Mo=,g1tEHL6KXqacD6ojcO5kMp+stPS1WUNeqZRwriNtTitYgeUJqUXtid+86vZww+nL,wBtvfTNNrafvoGt3i2U7ULTh2DDWDay6uVGLrOepL+e1gykLQGGRtUShiWMN1JqssEiH7PFNkO0evpB4C4xTlg==,g1tEHL6KXqacD6ojcO5kMp+stPS1WUNeqZRwriNtTitYgeUJqUXtid+86vZww+nL,X0+kt7XXQOUL1jfJ/HiBIurB7R1R00/W2gA7gbuI2sECjarlY8Z7FtW2LsI8mKuYLaLt0gVoTQbK+C7HXUuHAA4i/zWyJkUWDxmDT62LXuOxdo3iSz4q6QK18ngkhMoS,g1tEHL6KXqacD6ojcO5kMu/EIhDhvl0Qdhzd6oVbarZWd3xniMsr1HjrszKGvMzr,g1tEHL6KXqacD6ojcO5kMnix3Qn3nV5CLRC3WgFUduQ=,tznMqpp3e1oucszW+OT1FDCjTsoR4vCFTf0Iy8S4mAJWRTbP0k1hl8bpxBKfvPZutYMpC0BhkbVEoYljDdSarEW2Lbz3MN9+XJ9lST/S+F8=
server: Pepyaka/1.19.10
cache-control: public, max-age=7776000, immutable
x-wix-request-id: 1664092786.690108037858413128455
timing-allow-origin: *
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
accept-ranges: bytes
date: Sun, 25 Sep 2022 07:59:46 GMT
age: 0
x-served-by: cache-bma1658-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664092787.603051,VS0,VE277
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1619
X-Firefox-Spdy: h2
votels.wixsite.com/jiffyname/_api/tag-manager/api/v1/tags/sites/5e5036b1-e9be-460f-8bb0-8a7ce1b22585?wixSite=false&htmlsiteId=2c8dd25f-c898-424c-bc4e-e052de8740e4&language=en
35.228.150.132200 OK 842 B URL HTTP/2 votels.wixsite.com/jiffyname/_api/tag-manager/api/v1/tags/sites/5e5036b1-e9be-460f-8bb0-8a7ce1b22585?wixSite=false&htmlsiteId=2c8dd25f-c898-424c-bc4e-e052de8740e4&language=en
IP 35.228.150.132:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type JSON data\012- HTML document, ASCII text, with very long lines (842), with no line terminators
Hash 17da3fcd4e33413db895cadeda857b8d
702ab3f89bc4d3c006fd6ee2719204febe5ac0f0
5d06c2009ed540db3646e264975cb9ede935c188663cb15454cec31efde93037
GET /jiffyname/_api/tag-manager/api/v1/tags/sites/5e5036b1-e9be-460f-8bb0-8a7ce1b22585?wixSite=false&htmlsiteId=2c8dd25f-c898-424c-bc4e-e052de8740e4&language=en HTTP/1.1
Host: votels.wixsite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
consent-policy: %7B%22func%22%3A0%2C%22anl%22%3A0%2C%22adv%22%3A0%2C%22dt3%22%3A1%2C%22ess%22%3A1%7D
authorization: wq-n1Vps_Qrf3iHdEyzkOcnynCxPH9FFU2PotMpU3jQ.eyJpbnN0YW5jZUlkIjoiNWU1MDM2YjEtZTliZS00NjBmLThiYjAtOGE3Y2UxYjIyNTg1IiwiYXBwRGVmSWQiOiIyMmJlZjM0NS0zYzViLTRjMTgtYjc4Mi03NGQ0MDg1MTEyZmYiLCJtZXRhU2l0ZUlkIjoiNWU1MDM2YjEtZTliZS00NjBmLThiYjAtOGE3Y2UxYjIyNTg1Iiwic2lnbkRhdGUiOiIyMDIyLTA5LTI1VDA3OjU5OjQ2LjIyNFoiLCJkZW1vTW9kZSI6ZmFsc2UsImFpZCI6ImViZjgyMTcxLTdmMDgtNDhlMi1iMjgzLWE4ZjlkMDFkOGM3YSIsInNpdGVPd25lcklkIjoiNDNiZWZkNzMtMWVmYS00ZGFhLWI0MmYtOWYyNTNiNWM3ZGRjIn0
content-type: application/json
Connection: keep-alive
Referer: https://votels.wixsite.com/jiffyname
Cookie: svSession=19aa01f9bf6ce684b88f1a3185528f89bd389574b91c33b460a5f5b9da14720522aff4df7aa1dd9cf416cfcf8a05e3b41e60994d53964e647acf431e4f798bcdc8c763a3507ed04cd01834e43ea8c49d46cfedee293ef99d47d28c1443bb9401203468cb20f4355e5b3b5a9707b30816915d5c7bfa6a5b0ec0ac9752156ec89e1a39f8a19b79e86e1add99fe8c82fd27; ssr-caching=cache#desc=hit#varnish=hit#dc#desc=eun1; XSRF-TOKEN=1664092785|HB7Zw2PxwHAQ; hs=520844389
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 07:59:46 GMT
content-type: application/json; charset=utf-8
content-length: 842
set-cookie: fedops.logger.defaultOverrides=%7B%22paramsOverridesForApp%22%3A%7B%22music-manager-my-albums%22%3A%7B%22is_rollout%22%3Atrue%7D%7D%7D; Max-Age=60; Path=/; Expires=Sun, 25 Sep 2022 08:00:46 GMT
etag: W/"34a-cCqz+JvE08AG/W7icZIE/r5awPA"
pragma: no-cache
cache-control: no-store, no-cache
x-seen-by: sHU62EDOGnH2FBkJkG/Wx8EeXWsWdHrhlvbxtlynkVg3eJm1dmeYth65h9Bw8kV9,qquldgcFrj2n046g4RNSVFU+wIjSmTlxqMUV00MvxJE=,rXUceJIlvIg2Ftogbhjv0NbZ571YqD/PILQ7clAEL8YwgZ3+IkCz7ymwfQ+ToJz+CONUzZLbexpS3PEZaUF96g==,7npGRUZHWOtWoP0Si3wDp94MfOHtAIkmxdX9Nr5vS+w=,MDFDoTqjWxpWhAuWfTm+PMrYnjSNvCTk79Tc8vwKp7JQBTlkOMebXZkE719hPl9wQdkLlHeMtn56NYsSnmg6jg==,xTu8fpDe3EKPsMR1jrheECUBxqYSxq4YAJ5U3hkgUzI=,xTu8fpDe3EKPsMR1jrheEELwwAgI9hD5Q0R9QqzLIck=,mvxQ9qSAmY38asKjFCcmG7L4WpncDueqertg/XgBXbI3gmuYobHwuoIv7CRl7CALM3K91XfHvvJq7fZFTUhAAA==
x-wix-request-id: 1664092786.734102162570421242
x-content-type-options: nosniff
server: Pepyaka/1.19.10
X-Firefox-Spdy: h2
www.wix.com/favicon.ico
35.228.150.132200 OK 1.1 kB IP 35.228.150.132:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type PNG image data, 67 x 67, 8-bit colormap, non-interlaced\012- data
Hash b4969a03721c2ebaadc1e542b3461b8f
37ab2c35ea395cc8aefb4059021f31dcae10de4e
cab6a0e77f4caebf5c69408dc4218f6c69d24eb65ca6c20ad8b798a68649bc20
GET /favicon.ico HTTP/1.1
Host: www.wix.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://votels.wixsite.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 07:59:46 GMT
content-type: image/x-icon
content-length: 1061
last-modified: Mon, 19 Sep 2022 07:57:55 GMT
etag: "63282103-425"
strict-transport-security: max-age=31536000
x-seen-by: sHU62EDOGnH2FBkJkG/Wx8EeXWsWdHrhlvbxtlynkVg3eJm1dmeYth65h9Bw8kV9,qquldgcFrj2n046g4RNSVFU+wIjSmTlxqMUV00MvxJE=
x-wix-request-id: 1664092786.994102162582121242
x-content-type-options: nosniff
expires: Sun, 02 Oct 2022 07:59:46 GMT
cache-control: max-age=604800
accept-ranges: bytes
server: Pepyaka/1.19.10
X-Firefox-Spdy: h2
votels.wixsite.com/_serverless/cookie-consent-settings-serverless/v1/cookie-banner-settings?languageCode=en
35.228.150.132200 OK 5.7 kB URL HTTP/2 votels.wixsite.com/_serverless/cookie-consent-settings-serverless/v1/cookie-banner-settings?languageCode=en
IP 35.228.150.132:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash 85db574b0a68ccdd65795dfec467c6f3
5fc394ce4e05b2d75b5fcbb6bbe80a03541523f5
1180ce26bf7fc45c86e5967090d1bfbc18311895d4e25cfc369e9acd96f5f107
Analyzer Verdict Alert fortinet Phishing
GET /_serverless/cookie-consent-settings-serverless/v1/cookie-banner-settings?languageCode=en HTTP/1.1
Host: votels.wixsite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://votels.wixsite.com/jiffyname
authorization: jQrKB_NL0LmxOuSgCOrw43CaInaEN7TohAzLsLFdhNY.eyJpbnN0YW5jZUlkIjoiYWQ5NTUwMzAtYmY5Mi00NzkxLTg5OGYtN2NkMTIzYWFjOTdkIiwiYXBwRGVmSWQiOiJmMTA1YmExNi02YjdhLTRiNTItYTJlNS03MTJiZGM3NDlmNzYiLCJtZXRhU2l0ZUlkIjoiNWU1MDM2YjEtZTliZS00NjBmLThiYjAtOGE3Y2UxYjIyNTg1Iiwic2lnbkRhdGUiOiIyMDIyLTA5LTI1VDA3OjU5OjQ2LjIyNFoiLCJkZW1vTW9kZSI6ZmFsc2UsImFpZCI6ImViZjgyMTcxLTdmMDgtNDhlMi1iMjgzLWE4ZjlkMDFkOGM3YSIsImJpVG9rZW4iOiJmM2M1NjY4MS01NjJjLTAxOWUtMDIzZi1mNmFkYzIxOGVjZjgiLCJzaXRlT3duZXJJZCI6IjQzYmVmZDczLTFlZmEtNGRhYS1iNDJmLTlmMjUzYjVjN2RkYyJ9
x-wix-client-artifact-id: cookie-consent-banner-for-uou
Connection: keep-alive
Cookie: ssr-caching=cache#desc=hit#varnish=hit#dc#desc=eun1; XSRF-TOKEN=1664092785|HB7Zw2PxwHAQ; hs=520844389; fedops.logger.defaultOverrides=%7B%22paramsOverridesForApp%22%3A%7B%22music-manager-my-albums%22%3A%7B%22is_rollout%22%3Atrue%7D%7D%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 07:59:47 GMT
content-type: application/json; charset=utf-8
set-cookie: XSRF-TOKEN=1664092785|HB7Zw2PxwHAQ; Domain=.wixsite.com; Path=/; Secure; SameSite=None
etag: W/"5d4-F0fCQUEwyvDkb7DZ47rgpfKphYY"
pragma: no-cache
cache-control: no-store, no-cache
content-encoding: gzip
vary: Accept-Encoding
x-seen-by: sHU62EDOGnH2FBkJkG/Wx8EeXWsWdHrhlvbxtlynkVg3eJm1dmeYth65h9Bw8kV9,qquldgcFrj2n046g4RNSVBKUaXHrucSLmP/C0nqrtU9YgeUJqUXtid+86vZww+nL,rXUceJIlvIg2Ftogbhjv0NbZ571YqD/PILQ7clAEL8YwgZ3+IkCz7ymwfQ+ToJz+CONUzZLbexpS3PEZaUF96g==,7npGRUZHWOtWoP0Si3wDp94MfOHtAIkmxdX9Nr5vS+w=,xTu8fpDe3EKPsMR1jrheEPM+dpQjgOqTzxpSpUlqOGQ=,FBaxuPVZy1/bJc9TgdsVwjrkEVe+dNCqUQMdRa6RWFUe5IxuaQQRrpra/nCN2USuBy/jArzrCjl1QGpAddOTXIQZRCFx5KKH8X6KKi8OoaM=
x-wix-request-id: 1664092786.976102162570521242
x-content-type-options: nosniff
server: Pepyaka/1.19.10
X-Firefox-Spdy: h2
frog.wix.com/bt?src=29&evid=3&viewer_name=thunderbolt&caching=hit,hit&dc=84µPop=eun1&et=33&event_name=page%20interactive&is_cached=true&is_platform_loaded=0&is_rollout=0&ism=1&isp=0&isjp=false&iss=1&ita=1&msid=5e5036b1-e9be-460f-8bb0-8a7ce1b22585&pid=xp24i&pn=1&siterev=877-__siteCacheRevision__&st=2&ts=1225&tts=1956&url=https%3A%2F%2Fvotels.wixsite.com%2Fjiffyname%3F&v=1.11033.0&vsi=c94868ea-a1d8-4232-b769-681895d8ac61&_brandId=wix
100.25.100.84204 No Content 0 B URL HTTP/2 frog.wix.com/bt?src=29&evid=3&viewer_name=thunderbolt&caching=hit,hit&dc=84µPop=eun1&et=33&event_name=page%20interactive&is_cached=true&is_platform_loaded=0&is_rollout=0&ism=1&isp=0&isjp=false&iss=1&ita=1&msid=5e5036b1-e9be-460f-8bb0-8a7ce1b22585&pid=xp24i&pn=1&siterev=877-__siteCacheRevision__&st=2&ts=1225&tts=1956&url=https%3A%2F%2Fvotels.wixsite.com%2Fjiffyname%3F&v=1.11033.0&vsi=c94868ea-a1d8-4232-b769-681895d8ac61&_brandId=wix
IP 100.25.100.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bt?src=29&evid=3&viewer_name=thunderbolt&caching=hit,hit&dc=84µPop=eun1&et=33&event_name=page%20interactive&is_cached=true&is_platform_loaded=0&is_rollout=0&ism=1&isp=0&isjp=false&iss=1&ita=1&msid=5e5036b1-e9be-460f-8bb0-8a7ce1b22585&pid=xp24i&pn=1&siterev=877-__siteCacheRevision__&st=2&ts=1225&tts=1956&url=https%3A%2F%2Fvotels.wixsite.com%2Fjiffyname%3F&v=1.11033.0&vsi=c94868ea-a1d8-4232-b769-681895d8ac61&_brandId=wix HTTP/1.1
Host: frog.wix.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://votels.wixsite.com
Connection: keep-alive
Referer: https://votels.wixsite.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
date: Sun, 25 Sep 2022 07:59:47 GMT
server: nginx
access-control-allow-origin: https://votels.wixsite.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
X-Firefox-Spdy: h2
frog.wix.com/bolt-performance
100.25.100.84204 No Content 0 B URL HTTP/2 frog.wix.com/bolt-performance
IP 100.25.100.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bolt-performance HTTP/1.1
Host: frog.wix.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://votels.wixsite.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://votels.wixsite.com
Content-Length: 1454
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 25 Sep 2022 07:59:47 GMT
server: nginx
access-control-allow-origin: https://votels.wixsite.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 6d5537adcfc20f57e3c136d4fedfd394
922c37641c6af39f61d0aa46020436cca4659669
5a539c7096544b626013071f94cf6c8c35625495e5f6e0076a6f34893c24f2d0
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 07:59:47 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 01:10:07 GMT
Expires: Sat, 01 Oct 2022 01:10:06 GMT
Etag: "922c37641c6af39f61d0aa46020436cca4659669"
Cache-Control: max-age=493218,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 750238f0ab0bb51d-OSL
iplogger.org/1Tja6.png
148.251.234.83200 OK 116 B IP 148.251.234.83:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash ec6aae2bb7d8781226ea61adca8f0586
d82b3bad240f263c1b887c7c0cc4c2ff0e86dfe3
b02fffaba9e664ff7840c82b102d6851ec0bb148cec462cef40999545309e599
GET /1Tja6.png HTTP/1.1
Host: iplogger.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://votels.wixsite.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 07:59:47 GMT
content-type: image/png
set-cookie: clhf03028ja=91.90.42.154; expires=Mon, 25-Sep-2023 07:59:47 GMT; Max-Age=31536000; path=/; secure; HttpOnly; SameSite=Strict
30523671532635802=2; expires=Mon, 25-Sep-2023 07:59:47 GMT; Max-Age=31536000; path=/; secure; HttpOnly; SameSite=Strict
expires: Sun, 25 Sep 2022 07:59:47 +0000
cache-control: no-store, no-cache, must-revalidate
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
sentry.wixpress.com/api/715/store/?sentry_version=7&sentry_client=raven-js%2F3.27.2&sentry_key=e0ad700df5e446b5bfe61965b613e52d
52.2.188.208429 TOO MANY REQUESTS 92 B URL HTTP/1.1 sentry.wixpress.com/api/715/store/?sentry_version=7&sentry_client=raven-js%2F3.27.2&sentry_key=e0ad700df5e446b5bfe61965b613e52d
IP 52.2.188.208:0
File type JSON data\012- , ASCII text, with no line terminators
Hash bef3bc446f02da4b93bafff85a47d976
986af819990a74f24979430a7758a5fdf616748c
02ae25df9c2d65d24d97fbbda04c33d251c27fd05397f8cc694fafde0748dfce
POST /api/715/store/?sentry_version=7&sentry_client=raven-js%2F3.27.2&sentry_key=e0ad700df5e446b5bfe61965b613e52d HTTP/1.1
Host: sentry.wixpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://votels.wixsite.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://votels.wixsite.com
Content-Length: 16580
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 429 TOO MANY REQUESTS
Server: nginx/1.17.2
Date: Sun, 25 Sep 2022 07:59:47 GMT
Content-Type: application/json
Content-Length: 92
Connection: close
Access-Control-Allow-Methods: GET, POST, HEAD, OPTIONS
X-Content-Type-Options: nosniff
Content-Language: en
Access-Control-Expose-Headers: X-Sentry-Error, Retry-After
X-Sentry-Error: Creation of this event was denied due to rate limiting
Vary: Accept-Language, Cookie
Expires: Sun, 25 Sep 2022 07:59:47 GMT
Retry-After: 14
Last-Modified: Sun, 25 Sep 2022 07:59:47 GMT
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Sentry-Auth, X-Requested-With, Origin, Accept, Content-Type, Authentication
X-Frame-Options: deny
iplogger.org/1Tja6.png
148.251.234.83200 OK 116 B IP 148.251.234.83:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash ec6aae2bb7d8781226ea61adca8f0586
d82b3bad240f263c1b887c7c0cc4c2ff0e86dfe3
b02fffaba9e664ff7840c82b102d6851ec0bb148cec462cef40999545309e599
GET /1Tja6.png HTTP/1.1
Host: iplogger.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://votels.wixsite.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 07:59:47 GMT
content-type: image/png
set-cookie: clhf03028ja=91.90.42.154; expires=Mon, 25-Sep-2023 07:59:47 GMT; Max-Age=31536000; path=/; secure; HttpOnly; SameSite=Strict
30523671532635802=1; expires=Mon, 25-Sep-2023 07:59:47 GMT; Max-Age=31536000; path=/; secure; HttpOnly; SameSite=Strict
expires: Sun, 25 Sep 2022 07:59:47 +0000
cache-control: no-store, no-cache, must-revalidate
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
frog.wix.com/bpm
100.25.100.84204 No Content 0 B IP 100.25.100.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bpm HTTP/1.1
Host: frog.wix.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1685
Origin: https://votels.wixsite.com
Connection: keep-alive
Referer: https://votels.wixsite.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 25 Sep 2022 07:59:47 GMT
server: nginx
access-control-allow-origin: https://votels.wixsite.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6003
Expires: Sun, 25 Sep 2022 09:39:50 GMT
Date: Sun, 25 Sep 2022 07:59:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6003
Expires: Sun, 25 Sep 2022 09:39:50 GMT
Date: Sun, 25 Sep 2022 07:59:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6003
Expires: Sun, 25 Sep 2022 09:39:50 GMT
Date: Sun, 25 Sep 2022 07:59:47 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff440191a-84ee-43b5-bafa-0bb36c962f39.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff440191a-84ee-43b5-bafa-0bb36c962f39.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b156552f4d76fd964b279ebcf8cd1f8e
6a02487368bbe41b87feeef1f70f7320392d72a3
ceddf1a515c64d0071a4d90c26de60a27ee2bf2af341bf1572fb05743d2cc644
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff440191a-84ee-43b5-bafa-0bb36c962f39.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5293
x-amzn-requestid: a35423bc-9112-48da-85e0-93ac41794d29
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y--PkGehoAMF1pw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7730-450fad077885fae416572443;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:31:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: IAon_ZYxu87A9OB775Q1unI4sdLHdE-Ij9QNYaB2mqftP0IoAsgnvQ==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:39:22 GMT
age: 37225
etag: "6a02487368bbe41b87feeef1f70f7320392d72a3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F254286e1-1c63-4609-9dfb-0eb4b9096238.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F254286e1-1c63-4609-9dfb-0eb4b9096238.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 714af732a9aa1db2b13ffb62810fd532
358e74de395352a9529ff1c17856daf8900888c5
1d2035cfcd283560ebe8494f9438e52f8d96cd092dd41cb0eb899a3f905c1e05
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F254286e1-1c63-4609-9dfb-0eb4b9096238.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6199
x-amzn-requestid: d26f22d9-4e9b-4764-8c96-2e1c7ce36340
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y--OKHowoAMFbQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7727-7adb7c4925e6e50e13889544;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:31:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LryqVGSkKbiNOwcqXMULY9FXbOuZBBenjgGPDME3NZLZOdp5divXmw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 22:02:29 GMT
age: 35838
etag: "358e74de395352a9529ff1c17856daf8900888c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa43fecfd-7ebd-4a19-85fe-29bd0f3c5033.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa43fecfd-7ebd-4a19-85fe-29bd0f3c5033.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ca8f8393365641de380e9443b37a8581
2fde9899cf74129d7df8868008b323a527dc1170
dbcc05dcbbbf4b89bf0f10999c0f5679e822cce6f9e3437f2cafb913606bd8c3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa43fecfd-7ebd-4a19-85fe-29bd0f3c5033.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9042
x-amzn-requestid: 8c2e6356-2b43-4162-94b9-efd45249047c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y--PmHRtIAMFwaQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7730-034b1944694141f04debec31;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:31:28 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k1hcUfebiQMb8IRsmeAOkyI02F1vUvh7J9GxgU4qO8Ebp3TQUC2fQQ==
via: 1.1 60b744e5b364d04abea9fa6686121242.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 22:24:40 GMT
age: 34507
etag: "2fde9899cf74129d7df8868008b323a527dc1170"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b4f012b-e562-4fc6-aab8-ec2ffc328b6d.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b4f012b-e562-4fc6-aab8-ec2ffc328b6d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9d59e1bbd58ff8c5fe5faecb58149601
ad7f5ed3a5f6923a0b1bb093bbc0f31a44fd0bcd
c16a2adaeaabbe45801ab5d12ceaeab587b525b4959933f53a9c8dcdb12aec68
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b4f012b-e562-4fc6-aab8-ec2ffc328b6d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7757
x-amzn-requestid: 3092c81c-f703-403a-b718-e18f035f9464
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YpOJQFUWIAMF7Pw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6326c3d4-565f665c7e34294079703141;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 07:08:04 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hc0cpj1kMbAQqcM0ooSgEdS8nPP0m4FJD1bHdY7jN2OENNsJF_gluA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 08:16:28 GMT
age: 85399
etag: "ad7f5ed3a5f6923a0b1bb093bbc0f31a44fd0bcd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb442b904-290c-4a62-b7de-aadc1622cac4.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb442b904-290c-4a62-b7de-aadc1622cac4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4ecc2a02c5bf02ae98849085d835b2dd
5fc6f043ab0929c95b84b78c9d03befbe0fadea0
ac308de6a557df495017c8cd16d431711daee7107686c1b74cd4e6f0e63de961
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb442b904-290c-4a62-b7de-aadc1622cac4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8883
x-amzn-requestid: 684fdd05-960b-42cb-8544-3347a4bf9b36
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y--PmEaqIAMFz4w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7730-2642e1df108d0f7a5d98b126;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:31:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Ww7Y221O3YKYU2YLj-uLBxsJoTTCvV4nZd1Vlh2DK1TAFv2BINUJ4w==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:05 GMT
age: 37362
etag: "5fc6f043ab0929c95b84b78c9d03befbe0fadea0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 3-257, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 241253891388563521536.000000\012- data
Hash b3a72e81317074689a71dac7059e4b6a
b6d56333d7f1ea7ddc8838d84de498ff913c5464
e665a8821b5e7b2e78787647a08d629bf70cbf4cbfee2057c8601cf0565154a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12826
x-amzn-requestid: f075cf62-acfc-4bc1-be14-7c3dafb7aaed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRNFP-oAMFgrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf3a-184b678042d64ac9266b1128;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rN_8rm10Pxb0AUKW6ECfNulcYxBaS7FgGD15gT14dX-FlsGJfqahxA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:19 GMT
age: 37348
etag: "b6d56333d7f1ea7ddc8838d84de498ff913c5464"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
frog.wix.com/bolt-performance
100.25.100.84204 No Content 0 B URL HTTP/2 frog.wix.com/bolt-performance
IP 100.25.100.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bolt-performance HTTP/1.1
Host: frog.wix.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://votels.wixsite.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://votels.wixsite.com
Content-Length: 1907
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 25 Sep 2022 07:59:48 GMT
server: nginx
access-control-allow-origin: https://votels.wixsite.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
X-Firefox-Spdy: h2
frog.wix.com/bpm
100.25.100.84204 No Content 0 B IP 100.25.100.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bpm HTTP/1.1
Host: frog.wix.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1827
Origin: https://votels.wixsite.com
Connection: keep-alive
Referer: https://votels.wixsite.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 25 Sep 2022 07:59:48 GMT
server: nginx
access-control-allow-origin: https://votels.wixsite.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
X-Firefox-Spdy: h2
frog.wix.com/bpm?_msid=5e5036b1-e9be-460f-8bb0-8a7ce1b22585&vsi=c94868ea-a1d8-4232-b769-681895d8ac61&_av=thunderbolt-1.11033.0&isb=false&ts=3067&tsn=3798&dc=84µPop=eun1&caching=hit%2Chit&session_id=499a0838-9b9b-4f17-83ce-f2e8767ab6f1&st=2&url=https%3A%2F%2Fvotels.wixsite.com%2Fjiffyname&ish=false&pn=1&isFirstNavigation=true&pv=true&pageId=xp24i&isServerSide=false&is_lightbox=false&is_cached=true&is_sav_rollout=0&is_dac_rollout=0&v=1.11033.0&_brandId=wix&_siteBranchId=undefined&_ms=3797&_lv=2.0.985%7CC&_mt_instance=wq-n1Vps_Qrf3iHdEyzkOcnynCxPH9FFU2PotMpU3jQ.eyJpbnN0YW5jZUlkIjoiNWU1MDM2YjEtZTliZS00NjBmLThiYjAtOGE3Y2UxYjIyNTg1IiwiYXBwRGVmSWQiOiIyMmJlZjM0NS0zYzViLTRjMTgtYjc4Mi03NGQ0MDg1MTEyZmYiLCJtZXRhU2l0ZUlkIjoiNWU1MDM2YjEtZTliZS00NjBmLThiYjAtOGE3Y2UxYjIyNTg1Iiwic2lnbkRhdGUiOiIyMDIyLTA5LTI1VDA3OjU5OjQ2LjIyNFoiLCJkZW1vTW9kZSI6ZmFsc2UsImFpZCI6ImViZjgyMTcxLTdmMDgtNDhlMi1iMjgzLWE4ZjlkMDFkOGM3YSIsInNpdGVPd25lcklkIjoiNDNiZWZkNzMtMWVmYS00ZGFhLWI0MmYtOWYyNTNiNWM3ZGRjIn0&src=72&evid=502&_=16640927877440&tti=1243&tbt=69&entryType=loaded&duration=1264&ttlb=750&dcl=1120&transferSize=110990&decodedBodySize=581626&pageCaching=maybe%20CDN&isSsr=true&ssrDuration=271&ssrTimestamp=1664088059608&maybeBot=false&clientType=ugc&analytics=false&_isca=0&_iscf=0&_ispd=0&_ise=1
100.25.100.84204 No Content 0 B URL HTTP/2 frog.wix.com/bpm?_msid=5e5036b1-e9be-460f-8bb0-8a7ce1b22585&vsi=c94868ea-a1d8-4232-b769-681895d8ac61&_av=thunderbolt-1.11033.0&isb=false&ts=3067&tsn=3798&dc=84µPop=eun1&caching=hit%2Chit&session_id=499a0838-9b9b-4f17-83ce-f2e8767ab6f1&st=2&url=https%3A%2F%2Fvotels.wixsite.com%2Fjiffyname&ish=false&pn=1&isFirstNavigation=true&pv=true&pageId=xp24i&isServerSide=false&is_lightbox=false&is_cached=true&is_sav_rollout=0&is_dac_rollout=0&v=1.11033.0&_brandId=wix&_siteBranchId=undefined&_ms=3797&_lv=2.0.985%7CC&_mt_instance=wq-n1Vps_Qrf3iHdEyzkOcnynCxPH9FFU2PotMpU3jQ.eyJpbnN0YW5jZUlkIjoiNWU1MDM2YjEtZTliZS00NjBmLThiYjAtOGE3Y2UxYjIyNTg1IiwiYXBwRGVmSWQiOiIyMmJlZjM0NS0zYzViLTRjMTgtYjc4Mi03NGQ0MDg1MTEyZmYiLCJtZXRhU2l0ZUlkIjoiNWU1MDM2YjEtZTliZS00NjBmLThiYjAtOGE3Y2UxYjIyNTg1Iiwic2lnbkRhdGUiOiIyMDIyLTA5LTI1VDA3OjU5OjQ2LjIyNFoiLCJkZW1vTW9kZSI6ZmFsc2UsImFpZCI6ImViZjgyMTcxLTdmMDgtNDhlMi1iMjgzLWE4ZjlkMDFkOGM3YSIsInNpdGVPd25lcklkIjoiNDNiZWZkNzMtMWVmYS00ZGFhLWI0MmYtOWYyNTNiNWM3ZGRjIn0&src=72&evid=502&_=16640927877440&tti=1243&tbt=69&entryType=loaded&duration=1264&ttlb=750&dcl=1120&transferSize=110990&decodedBodySize=581626&pageCaching=maybe%20CDN&isSsr=true&ssrDuration=271&ssrTimestamp=1664088059608&maybeBot=false&clientType=ugc&analytics=false&_isca=0&_iscf=0&_ispd=0&_ise=1
IP 100.25.100.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bpm?_msid=5e5036b1-e9be-460f-8bb0-8a7ce1b22585&vsi=c94868ea-a1d8-4232-b769-681895d8ac61&_av=thunderbolt-1.11033.0&isb=false&ts=3067&tsn=3798&dc=84µPop=eun1&caching=hit%2Chit&session_id=499a0838-9b9b-4f17-83ce-f2e8767ab6f1&st=2&url=https%3A%2F%2Fvotels.wixsite.com%2Fjiffyname&ish=false&pn=1&isFirstNavigation=true&pv=true&pageId=xp24i&isServerSide=false&is_lightbox=false&is_cached=true&is_sav_rollout=0&is_dac_rollout=0&v=1.11033.0&_brandId=wix&_siteBranchId=undefined&_ms=3797&_lv=2.0.985%7CC&_mt_instance=wq-n1Vps_Qrf3iHdEyzkOcnynCxPH9FFU2PotMpU3jQ.eyJpbnN0YW5jZUlkIjoiNWU1MDM2YjEtZTliZS00NjBmLThiYjAtOGE3Y2UxYjIyNTg1IiwiYXBwRGVmSWQiOiIyMmJlZjM0NS0zYzViLTRjMTgtYjc4Mi03NGQ0MDg1MTEyZmYiLCJtZXRhU2l0ZUlkIjoiNWU1MDM2YjEtZTliZS00NjBmLThiYjAtOGE3Y2UxYjIyNTg1Iiwic2lnbkRhdGUiOiIyMDIyLTA5LTI1VDA3OjU5OjQ2LjIyNFoiLCJkZW1vTW9kZSI6ZmFsc2UsImFpZCI6ImViZjgyMTcxLTdmMDgtNDhlMi1iMjgzLWE4ZjlkMDFkOGM3YSIsInNpdGVPd25lcklkIjoiNDNiZWZkNzMtMWVmYS00ZGFhLWI0MmYtOWYyNTNiNWM3ZGRjIn0&src=72&evid=502&_=16640927877440&tti=1243&tbt=69&entryType=loaded&duration=1264&ttlb=750&dcl=1120&transferSize=110990&decodedBodySize=581626&pageCaching=maybe%20CDN&isSsr=true&ssrDuration=271&ssrTimestamp=1664088059608&maybeBot=false&clientType=ugc&analytics=false&_isca=0&_iscf=0&_ispd=0&_ise=1 HTTP/1.1
Host: frog.wix.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://votels.wixsite.com
Connection: keep-alive
Referer: https://votels.wixsite.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
date: Sun, 25 Sep 2022 07:59:49 GMT
server: nginx
access-control-allow-origin: https://votels.wixsite.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
X-Firefox-Spdy: h2
frog.wix.com/bpm
100.25.100.84204 No Content 0 B IP 100.25.100.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bpm HTTP/1.1
Host: frog.wix.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2345
Origin: https://votels.wixsite.com
Connection: keep-alive
Referer: https://votels.wixsite.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 25 Sep 2022 07:59:49 GMT
server: nginx
access-control-allow-origin: https://votels.wixsite.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
X-Firefox-Spdy: h2
votels.wixsite.com/jiffyname
35.228.150.132200 OK 0 B URL HTTP/2 votels.wixsite.com/jiffyname
IP 35.228.150.132:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Analyzer Verdict Alert fortinet Phishing
GET /jiffyname HTTP/1.1
Host: votels.wixsite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 25 Sep 2022 07:59:46 GMT
content-type: text/html; charset=UTF-8
link: <https://static.parastorage.com/>; rel=preconnect; crossorigin;,<https://static.parastorage.com/>; rel=preconnect;,<https://static.wixstatic.com/>; rel=preconnect; crossorigin;,<https://static.wixstatic.com/>; rel=preconnect;,<https://siteassets.parastorage.com>; rel=preconnect; crossorigin;,
etag: W/"fd2a99e48861717fe2c9424e0a6d37c3"
content-language: en
strict-transport-security: max-age=3600
age: 4726
server-timing: cache;desc=hit, varnish;desc=hit, dc;desc=eun1
x-seen-by: sHU62EDOGnH2FBkJkG/Wx8EeXWsWdHrhlvbxtlynkVg3eJm1dmeYth65h9Bw8kV9,qquldgcFrj2n046g4RNSVBKUaXHrucSLmP/C0nqrtU9YgeUJqUXtid+86vZww+nL,2d58ifebGbosy5xc+FRalm1i8EzHnpZMbCvS1Eq+071nhj0OzwbTMKhgJJdjxPhm3QpI/ucnHvfrUjeESIoVelHNPWwEk+2hn6j+1JmTs5M=,2UNV7KOq4oGjA5+PKsX47IVh8rwr1kfSZp8MOIif7faa46R9xNIlpQ4eUPYpBuqs
vary: Accept-Encoding
x-wix-request-id: 1664092785.990102162570121242
set-cookie: ssr-caching=cache#desc=hit#varnish=hit#dc#desc=eun1; Max-Age=20; Expires=Sun, 25 Sep 2022 06:41:19 GMT
XSRF-TOKEN=1664092785|HB7Zw2PxwHAQ; Path=/; Domain=votels.wixsite.com; Secure; SameSite=None
cache-control: private,max-age=0,must-revalidate
x-content-type-options: nosniff
content-encoding: br
server: Pepyaka/1.19.10
X-Firefox-Spdy: h2