www.welcometo.cloud/menu/view/menu_wine.asp?ID=799
31.11.32.78301 Moved Permanently 181 B URL HTTP/1.1 www.welcometo.cloud/menu/view/menu_wine.asp?ID=799
IP 31.11.32.78:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 6533afe7f31d05bcd4168384354e1787
6f15d104ccf2dafbf04b149decbcd44373ab58a4
c23af0120bb1377921c5ad5d07b691832a49ab43c004dd8a7f4a185503c3dd84
NIDS Severity Alert suricata medium ET INFO HTTP Request to Suspicious *.cloud Domain
GET /menu/view/menu_wine.asp?ID=799 HTTP/1.1
Host: www.welcometo.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
Location: https://www.welcometo.cloud/menu/view/menu_wine.asp?ID=799
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 04 Feb 2023 12:12:17 GMT
Content-Length: 181
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18696
Expires: Sat, 04 Feb 2023 17:23:54 GMT
Date: Sat, 04 Feb 2023 12:12:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1cdc095521e9ee2606059be447d1fdd5
02b5d0a5b5823e2338daf7e144700babe2a213af
8bda3aabcf331c2bfcc4c7023cd797c760fd301dc353641bb95048e072f66c66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BDA3AABCF331C2BFCC4C7023CD797C760FD301DC353641BB95048E072F66C66"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15159
Expires: Sat, 04 Feb 2023 16:24:57 GMT
Date: Sat, 04 Feb 2023 12:12:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6911
Expires: Sat, 04 Feb 2023 14:07:29 GMT
Date: Sat, 04 Feb 2023 12:12:18 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 04 Feb 2023 11:43:37 GMT
content-type: application/json
age: 1721
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: N0k39FnQrj4coGQGd/8W82vf4oXIi0gqLs9vue3R6/EzgdYMOf/GBL2sfvMtiMQoi2URYnU8nh0=
x-amz-request-id: 7S7BQAM4MHJXPW1Q
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 04 Feb 2023 11:52:49 GMT
age: 1169
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 12:12:18 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp06.actalis.it/VA/AUTHDV-G3
109.70.240.114200 3.9 kB URL HTTP/1.1 ocsp06.actalis.it/VA/AUTHDV-G3
IP 109.70.240.114:0
Hash c4a55dc62ea907321f7ffbda53b788ca
ec239d7fbe7bfc85756f159b44be7dcb78323f26
36dafb9777e875bb931177fba590f09a2e0890b1055a25cf05a8d43320d314a4
POST /VA/AUTHDV-G3 HTTP/1.1
Host: ocsp06.actalis.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx
Date: Sat, 04 Feb 2023 12:12:18 GMT
Content-Type: application/ocsp-response
Content-Length: 3926
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 08:30:40 GMT
Expires: Sun, 05 Feb 2023 08:30:39 GMT
ETag: "ec239d7fbe7bfc85756f159b44be7dcb78323f26"
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 04 Feb 2023 11:49:07 GMT
age: 1391
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9330
Expires: Sat, 04 Feb 2023 14:47:48 GMT
Date: Sat, 04 Feb 2023 12:12:18 GMT
Connection: keep-alive
push.services.mozilla.com/
52.89.20.60101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.20.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: b6SYTGCMSg2ePw9+xunO2w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: s9MxLOhMhgdgyfDeUIjy93KuGLQ=
www.welcometo.cloud/menu/view/menu_wine.asp?ID=799
31.11.32.78200 OK 97 kB URL HTTP/1.1 www.welcometo.cloud/menu/view/menu_wine.asp?ID=799
IP 31.11.32.78:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (575), with CRLF line terminators
Hash 53fe8259452afaad0d58cf4e88ad0d6c
b396a0187bd88d45b1506a2890ede18b19fa8623
8ae75e07a6d0b8f8c232069b90e8bfe02a0dd9cb83b17dd96d835c86dd1013da
NIDS Severity Alert suricata medium ET INFO HTTP Request to Suspicious *.cloud Domain
GET /menu/view/menu_wine.asp?ID=799 HTTP/1.1
Host: www.welcometo.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html
Server: Microsoft-IIS/8.5
Set-Cookie: ASPSESSIONIDAUTRRACR=GENJPPPCPIIEEDPFEJPIIGGC; secure; path=/
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 04 Feb 2023 12:12:18 GMT
Content-Length: 97230
www.welcometo.cloud/menu/view/assets/css/main.css
31.11.32.78200 OK 10 kB URL HTTP/1.1 www.welcometo.cloud/menu/view/assets/css/main.css
IP 31.11.32.78:0
File type ASCII text, with very long lines (527), with CRLF, LF line terminators
Hash 445720e85917f14abe59b07094187ff6
76c6804c6e5d7fe2526295880fb77115928f3150
56bbff71a6defa3864a93c78e4e8569753b5548edb5820b36bdddce9fd149052
GET /menu/view/assets/css/main.css HTTP/1.1
Host: www.welcometo.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.welcometo.cloud/menu/view/menu_wine.asp?ID=799
Cookie: ASPSESSIONIDAUTRRACR=GENJPPPCPIIEEDPFEJPIIGGC
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Thu, 30 Jul 2020 10:03:40 GMT
Accept-Ranges: bytes
ETag: "0a6fbb25866d61:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 04 Feb 2023 12:12:18 GMT
Content-Length: 10012
www.welcometo.cloud/menu/view/assets/css/preload.css
31.11.32.78200 OK 1.6 kB URL HTTP/1.1 www.welcometo.cloud/menu/view/assets/css/preload.css
IP 31.11.32.78:0
File type ASCII text, with CRLF line terminators
Hash b8cddc7b1e5915200ef6c6d330e1df89
35f0bf8e0891f85df30c2ed8aa2dd77bbf940d65
278d543fbd43df30630a2bfd744b4de21b52d9bd9c3dc42910332fc1b46f2432
GET /menu/view/assets/css/preload.css HTTP/1.1
Host: www.welcometo.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.welcometo.cloud/menu/view/menu_wine.asp?ID=799
Cookie: ASPSESSIONIDAUTRRACR=GENJPPPCPIIEEDPFEJPIIGGC
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Thu, 09 Jul 2020 08:47:19 GMT
Accept-Ranges: bytes
ETag: "329458ecd55d61:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 04 Feb 2023 12:12:18 GMT
Content-Length: 1562
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash c181c51a9326d56e60915a792c306c2c
de1cc0ce1384905e65a9fa9575743091d785e528
b74bc74e2920124b3288a980f9a7b59e3450ba63f2333027440cd6ebbdfdbf8d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 12:12:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.welcometo.cloud/menu/view/assets/js/breakpoints.min.js
31.11.32.78200 OK 2.4 kB URL HTTP/1.1 www.welcometo.cloud/menu/view/assets/js/breakpoints.min.js
IP 31.11.32.78:0
File type ASCII text, with very long lines (2387), with CRLF, LF line terminators
Hash 81a479eb099e3b187613943b085923b8
bab199b97edb25ed1b07410c6188ff52ea95f5a2
309febcd6d6e0cf092201532215f03a6a9f30b30f26203272a4861d704e7cd52
GET /menu/view/assets/js/breakpoints.min.js HTTP/1.1
Host: www.welcometo.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.welcometo.cloud/menu/view/menu_wine.asp?ID=799
Cookie: ASPSESSIONIDAUTRRACR=GENJPPPCPIIEEDPFEJPIIGGC
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Thu, 09 Jul 2020 08:47:25 GMT
Accept-Ranges: bytes
ETag: "d9f4a891cd55d61:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 04 Feb 2023 12:12:18 GMT
Content-Length: 2439
www.welcometo.cloud/menu/view/assets/js/util.js
31.11.32.78200 OK 3.3 kB URL HTTP/1.1 www.welcometo.cloud/menu/view/assets/js/util.js
IP 31.11.32.78:0
File type ASCII text, with CRLF line terminators
Hash 1da9c8b8204dd654bd6cd9b6d82e657e
4a831a5f22f92ef204474feb2435e44e73cee4f7
5e1a5b35457f69a7f731ff132ec2e45e92d8830040d408a2732e2246d7b7923e
GET /menu/view/assets/js/util.js HTTP/1.1
Host: www.welcometo.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.welcometo.cloud/menu/view/menu_wine.asp?ID=799
Cookie: ASPSESSIONIDAUTRRACR=GENJPPPCPIIEEDPFEJPIIGGC
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Thu, 09 Jul 2020 08:47:27 GMT
Accept-Ranges: bytes
ETag: "80799692cd55d61:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 04 Feb 2023 12:12:18 GMT
Content-Length: 3268
www.welcometo.cloud/menu/view/assets/css/w32.css
31.11.32.78200 OK 5.0 kB URL HTTP/1.1 www.welcometo.cloud/menu/view/assets/css/w32.css
IP 31.11.32.78:0
File type ASCII text, with CRLF line terminators
Hash 085e1b43f6dd6d89bf139b1aeefb381a
86ed9c94187844025afe54d2662c433c568d84e3
521302107c387290279144955113dd74a8c725ad082477da4e19b30569730e70
GET /menu/view/assets/css/w32.css HTTP/1.1
Host: www.welcometo.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.welcometo.cloud/menu/view/menu_wine.asp?ID=799
Cookie: ASPSESSIONIDAUTRRACR=GENJPPPCPIIEEDPFEJPIIGGC
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Thu, 29 Apr 2021 10:48:58 GMT
Accept-Ranges: bytes
ETag: "049cf41e53cd71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 04 Feb 2023 12:12:18 GMT
Content-Length: 5004
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash c181c51a9326d56e60915a792c306c2c
de1cc0ce1384905e65a9fa9575743091d785e528
b74bc74e2920124b3288a980f9a7b59e3450ba63f2333027440cd6ebbdfdbf8d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 12:12:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.welcometo.cloud/menu/view/assets/js/jquery.scrolly.min.js
31.11.32.78200 OK 831 B URL HTTP/1.1 www.welcometo.cloud/menu/view/assets/js/jquery.scrolly.min.js
IP 31.11.32.78:0
File type ASCII text, with very long lines (770), with CRLF line terminators
Hash 1ed5a78bde1476875a40f6b9ff44fc14
91ee4deda8189fde4432a8f58cfe3b5f2aed9dcf
8b6571ea2c3631ff50bb4b96e7f9081c6e33ebaadef9cb2ca5955d5e0b625a02
GET /menu/view/assets/js/jquery.scrolly.min.js HTTP/1.1
Host: www.welcometo.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.welcometo.cloud/menu/view/menu_wine.asp?ID=799
Cookie: ASPSESSIONIDAUTRRACR=GENJPPPCPIIEEDPFEJPIIGGC
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Thu, 09 Jul 2020 08:47:27 GMT
Accept-Ranges: bytes
ETag: "7dfbaa92cd55d61:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 04 Feb 2023 12:12:18 GMT
Content-Length: 831
www.welcometo.cloud/menu/view/assets/js/jquery.scrollex.min.js
31.11.32.78200 OK 2.3 kB URL HTTP/1.1 www.welcometo.cloud/menu/view/assets/js/jquery.scrollex.min.js
IP 31.11.32.78:0
File type ASCII text, with very long lines (2164), with CRLF line terminators
Hash f89065e3d988006af9791b44561d7c90
ede14d2a018d6df0ffd13514dc4662724ad8f9c9
fc25b75fb3fc8b42756413be387e0d7a602813125283d2384551961d73ea784e
GET /menu/view/assets/js/jquery.scrollex.min.js HTTP/1.1
Host: www.welcometo.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.welcometo.cloud/menu/view/menu_wine.asp?ID=799
Cookie: ASPSESSIONIDAUTRRACR=GENJPPPCPIIEEDPFEJPIIGGC
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Thu, 09 Jul 2020 08:47:26 GMT
Accept-Ranges: bytes
ETag: "f1513792cd55d61:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 04 Feb 2023 12:12:18 GMT
Content-Length: 2257
www.welcometo.cloud/menu/view/assets/js/browser.min.js
31.11.32.78200 OK 1.9 kB URL HTTP/1.1 www.welcometo.cloud/menu/view/assets/js/browser.min.js
IP 31.11.32.78:0
File type ASCII text, with very long lines (1803), with CRLF, LF line terminators
Hash c07298dd19048a8a69ad97e754dfe8d0
50035478e467fbd9091b217a4672bdaeb508397b
87910d5ed0053d90caf83230a2f1811d8679815da01f7bdec7548e776d7f04c4
GET /menu/view/assets/js/browser.min.js HTTP/1.1
Host: www.welcometo.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.welcometo.cloud/menu/view/menu_wine.asp?ID=799
Cookie: ASPSESSIONIDAUTRRACR=GENJPPPCPIIEEDPFEJPIIGGC
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Thu, 09 Jul 2020 08:47:25 GMT
Accept-Ranges: bytes
ETag: "e299f91cd55d61:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 04 Feb 2023 12:12:18 GMT
Content-Length: 1851
www.welcometo.cloud/menu/view/assets/js/main.js
31.11.32.78200 OK 1.8 kB URL HTTP/1.1 www.welcometo.cloud/menu/view/assets/js/main.js
IP 31.11.32.78:0
File type HTML document, ASCII text, with CRLF line terminators
Hash e3c2717488dbd5b3894c24369ac9bb3c
1118c3b06bcc4195c73d1b8b5e4ab97084be9502
eb08663d8dc12e678712bc59ec08d75122e51bd925d328e2dc2dd615914bf62d
GET /menu/view/assets/js/main.js HTTP/1.1
Host: www.welcometo.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.welcometo.cloud/menu/view/menu_wine.asp?ID=799
Cookie: ASPSESSIONIDAUTRRACR=GENJPPPCPIIEEDPFEJPIIGGC
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Thu, 09 Jul 2020 08:47:27 GMT
Accept-Ranges: bytes
ETag: "b946bf92cd55d61:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 04 Feb 2023 12:12:18 GMT
Content-Length: 1801
www.welcometo.cloud/menu/view/assets/js/preview.js
31.11.32.78200 OK 792 B URL HTTP/1.1 www.welcometo.cloud/menu/view/assets/js/preview.js
IP 31.11.32.78:0
File type ASCII text, with CRLF line terminators
Hash b0c87b6db7ce65043fd655f33ea50203
45609857869471a9e9533553f50fac4328fdcd78
ae0ca84e8075655d448b66a9cb27175c32009fd992f688c57c9ca02ce3d7641d
GET /menu/view/assets/js/preview.js HTTP/1.1
Host: www.welcometo.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.welcometo.cloud/menu/view/menu_wine.asp?ID=799
Cookie: ASPSESSIONIDAUTRRACR=GENJPPPCPIIEEDPFEJPIIGGC
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Thu, 09 Jul 2020 08:47:27 GMT
Accept-Ranges: bytes
ETag: "c556e692cd55d61:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 04 Feb 2023 12:12:18 GMT
Content-Length: 792
www.welcometo.cloud/menu/view/assets/js/custom.js
31.11.32.78200 OK 684 B URL HTTP/1.1 www.welcometo.cloud/menu/view/assets/js/custom.js
IP 31.11.32.78:0
File type ASCII text, with CRLF line terminators
Hash df3a296756e31819c75e6a51084f5727
32442a1517cea71f9326ebd2a114a4f8dfcf8109
cbd2d75080afddd21bbb6bd7b02f9b8f7255f572ce2f9e86b2ffcd813a9e4f47
GET /menu/view/assets/js/custom.js HTTP/1.1
Host: www.welcometo.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.welcometo.cloud/menu/view/menu_wine.asp?ID=799
Cookie: ASPSESSIONIDAUTRRACR=GENJPPPCPIIEEDPFEJPIIGGC
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Thu, 09 Jul 2020 08:47:25 GMT
Accept-Ranges: bytes
ETag: "e86ddf91cd55d61:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 04 Feb 2023 12:12:18 GMT
Content-Length: 684
www.welcometo.cloud/menu/view/assets/css/fontawesome-all.min.css
31.11.32.78200 OK 12 kB URL HTTP/1.1 www.welcometo.cloud/menu/view/assets/css/fontawesome-all.min.css
IP 31.11.32.78:0
File type ASCII text, with very long lines (55782)
Hash 9e70432ddd90e384b9c00642b93a1e30
7145eec285fdba814b4573699fef2d5c9396b4d1
22d46729faf3c1278009705cfaa9ba59d8a17fe66cf44021c6270c4e9f0fde8a
GET /menu/view/assets/css/fontawesome-all.min.css HTTP/1.1
Host: www.welcometo.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.welcometo.cloud/menu/view/assets/css/main.css
Cookie: ASPSESSIONIDAUTRRACR=GENJPPPCPIIEEDPFEJPIIGGC
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Thu, 09 Jul 2020 08:47:20 GMT
Accept-Ranges: bytes
ETag: "05c6a8ecd55d61:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 04 Feb 2023 12:12:18 GMT
Content-Length: 12174
www.welcometo.cloud/menu/view/assets/js/jquery.min.js
31.11.32.78200 OK 31 kB URL HTTP/1.1 www.welcometo.cloud/menu/view/assets/js/jquery.min.js
IP 31.11.32.78:0
File type ASCII text, with very long lines (65451)
Hash 2ac9a337c99592f1a1f8e6f29be19878
ac0a7597fc80f98a1a84cb0e77142c252bbb9bf8
7200188da4990aad3302382bc9fb27a956b4f3ef37c2e2a03953ba49950bfe0d
GET /menu/view/assets/js/jquery.min.js HTTP/1.1
Host: www.welcometo.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.welcometo.cloud/menu/view/menu_wine.asp?ID=799
Cookie: ASPSESSIONIDAUTRRACR=GENJPPPCPIIEEDPFEJPIIGGC
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Thu, 09 Jul 2020 08:47:26 GMT
Accept-Ranges: bytes
ETag: "0e3fd91cd55d61:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 04 Feb 2023 12:12:18 GMT
Content-Length: 30764
ocsp06.actalis.it/VA/AUTHDV-G3
109.70.240.114200 3.9 kB URL HTTP/1.1 ocsp06.actalis.it/VA/AUTHDV-G3
IP 109.70.240.114:0
Hash bd109ae9ba268e3adbe6e5ac275866e5
4582e7d7e7c3fd6fec435d4bc6db3115fa08a457
f2a6b498120c37261978d58c46ba84ea5a77188fa8420a1fa6382491cab258ea
POST /VA/AUTHDV-G3 HTTP/1.1
Host: ocsp06.actalis.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx
Date: Sat, 04 Feb 2023 12:12:19 GMT
Content-Type: application/ocsp-response
Content-Length: 3926
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 08:30:40 GMT
Expires: Sun, 05 Feb 2023 08:30:39 GMT
ETag: "4582e7d7e7c3fd6fec435d4bc6db3115fa08a457"
www.welcometo.cloud/menu/view/assets/css/images/arrow.svg
31.11.32.78200 OK 406 B URL HTTP/1.1 www.welcometo.cloud/menu/view/assets/css/images/arrow.svg
IP 31.11.32.78:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash 977a7a0a31d3e7a8b950de01be55695a
a77654b3298f2b95c5a2101137a96024f66300d2
a79f7ef365a73e45a957d161ca47a4a3a1cc4d09c70882b34d8cfc1530fa0bf4
GET /menu/view/assets/css/images/arrow.svg HTTP/1.1
Host: www.welcometo.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.welcometo.cloud/menu/view/assets/css/main.css
Cookie: ASPSESSIONIDAUTRRACR=GENJPPPCPIIEEDPFEJPIIGGC
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Last-Modified: Thu, 09 Jul 2020 08:49:38 GMT
Accept-Ranges: bytes
ETag: "ab51c9e0cd55d61:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 04 Feb 2023 12:12:18 GMT
Content-Length: 406
www.welcometo.cloud/menu/view/assets/css/images/bars.svg
31.11.32.78200 OK 401 B URL HTTP/1.1 www.welcometo.cloud/menu/view/assets/css/images/bars.svg
IP 31.11.32.78:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash 4c5358d4b5f343d23abc1e327c1d88ac
0a90f18506e1e09c16c43b7d31a13d4b28a3f763
0352242748c066b3fd7959353a2af63b7753b86795376a066a19e8d20df778a2
GET /menu/view/assets/css/images/bars.svg HTTP/1.1
Host: www.welcometo.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.welcometo.cloud/menu/view/assets/css/main.css
Cookie: ASPSESSIONIDAUTRRACR=GENJPPPCPIIEEDPFEJPIIGGC
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Last-Modified: Thu, 09 Jul 2020 08:49:38 GMT
Accept-Ranges: bytes
ETag: "9f74cbe0cd55d61:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 04 Feb 2023 12:12:18 GMT
Content-Length: 401
www.welcometo.cloud/menu/view/assets/webfonts/fa-solid-900.woff2
31.11.32.78404 Not Found 7.1 kB URL HTTP/1.1 www.welcometo.cloud/menu/view/assets/webfonts/fa-solid-900.woff2
IP 31.11.32.78:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Hash bfb2ea82e66a66175b0e72b8d9bbcac2
43c11a96e44f41a2b432f9f47d02a56eff0decce
ee8ec6a66dec1563fcde70f550a071ce69fd567922609150ac52606dd6943029
GET /menu/view/assets/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: www.welcometo.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.welcometo.cloud/menu/view/assets/css/fontawesome-all.min.css
Cookie: ASPSESSIONIDAUTRRACR=GENJPPPCPIIEEDPFEJPIIGGC
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 04 Feb 2023 12:12:18 GMT
Content-Length: 7122
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 12:12:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.welcometo.cloud/menu/view/images/ristoranti/799/Wines/wine.jpg
31.11.32.78200 OK 144 kB URL HTTP/1.1 www.welcometo.cloud/menu/view/images/ristoranti/799/Wines/wine.jpg
IP 31.11.32.78:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1200x675, components 3\012- data
Size 144 kB (144378 bytes)
Hash 3e469ed7ff065e89b03cd7a311c2d65d
26a2d3dc9e0d21f3604c4ab5a83fe8e63537e256
b2035504b07773e454df583669d8ca8536debec95c25a70e6c66da97a1c1f0b9
GET /menu/view/images/ristoranti/799/Wines/wine.jpg HTTP/1.1
Host: www.welcometo.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.welcometo.cloud/menu/view/menu_wine.asp?ID=799
Cookie: ASPSESSIONIDAUTRRACR=GENJPPPCPIIEEDPFEJPIIGGC
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Thu, 09 Jul 2020 08:51:20 GMT
Accept-Ranges: bytes
ETag: "e110d51dce55d61:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 04 Feb 2023 12:12:18 GMT
Content-Length: 144378
www.welcometo.cloud/menu/view/assets/webfonts/fa-regular-400.woff2
31.11.32.78404 Not Found 7.1 kB URL HTTP/1.1 www.welcometo.cloud/menu/view/assets/webfonts/fa-regular-400.woff2
IP 31.11.32.78:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Hash cf0fc89f0eb87936141fd2bb278a39cf
8bbd4953eda02c41d3598aa78de99cd0dea73112
c8ff1185351796708c2c58c0e46e03a70f0512760810695f1608e1e7ac41fe7c
GET /menu/view/assets/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: www.welcometo.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.welcometo.cloud/menu/view/assets/css/fontawesome-all.min.css
Cookie: ASPSESSIONIDAUTRRACR=GENJPPPCPIIEEDPFEJPIIGGC
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 04 Feb 2023 12:12:18 GMT
Content-Length: 7126
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 12:12:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.welcometo.cloud/menu/view/assets/webfonts/fa-brands-400.woff2
31.11.32.78404 Not Found 7.1 kB URL HTTP/1.1 www.welcometo.cloud/menu/view/assets/webfonts/fa-brands-400.woff2
IP 31.11.32.78:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1892)
Hash 09fd4a1c1e2897a28ccf00d6be47d734
0713868272edec7adf52df02b40a16435a4b8521
541f6e34fd425a4863ad6c37d847002506e5aa6d8f35d3d775d61a8822062c1b
GET /menu/view/assets/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: www.welcometo.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.welcometo.cloud/menu/view/assets/css/fontawesome-all.min.css
Cookie: ASPSESSIONIDAUTRRACR=GENJPPPCPIIEEDPFEJPIIGGC
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 04 Feb 2023 12:12:18 GMT
Content-Length: 7124
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.welcometo.cloud
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 18:52:41 GMT
expires: Tue, 30 Jan 2024 18:52:41 GMT
cache-control: public, max-age=31536000
age: 407978
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 12:12:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.a-putia.it/js/core.min.js
31.11.33.180200 OK 43 kB URL HTTP/1.1 www.a-putia.it/js/core.min.js
IP 31.11.33.180:0
File type ASCII text, with very long lines (32093), with CRLF line terminators
Hash 14eed251574ca0b4646636cfbb4b9e7e
d45892be713b59f0c419929d113e72de81be67c8
2b4441d23a262a7867de46b237eb00ab6016b398c627b66263dceb471edaf961
GET /js/core.min.js HTTP/1.1
Host: www.a-putia.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.welcometo.cloud/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 05 Apr 2016 13:04:16 GMT
Accept-Ranges: bytes
ETag: "0484ea83b8fd11:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 04 Feb 2023 12:12:19 GMT
Content-Length: 42868
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 12:12:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.welcometo.cloud/menu/view/assets/webfonts/fa-regular-400.woff
31.11.32.78200 OK 17 kB URL HTTP/1.1 www.welcometo.cloud/menu/view/assets/webfonts/fa-regular-400.woff
IP 31.11.32.78:0
File type Web Open Font Format, TrueType, length 16804, version 329.-1049\012- data
Hash e5770f9863963fb576942e25214a226d
82875b3e31f4a2a8b9ed4e4b383e61ce3737267f
684157e40f7ee2429707a23d5b77d2c71c5d23f26a9d82839275ff984d13053b
GET /menu/view/assets/webfonts/fa-regular-400.woff HTTP/1.1
Host: www.welcometo.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.welcometo.cloud/menu/view/assets/css/fontawesome-all.min.css
Cookie: ASPSESSIONIDAUTRRACR=GENJPPPCPIIEEDPFEJPIIGGC
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: font/x-woff
Last-Modified: Thu, 09 Jul 2020 08:47:43 GMT
Accept-Ranges: bytes
ETag: "df464b9ccd55d61:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 04 Feb 2023 12:12:18 GMT
Content-Length: 16804
www.welcometo.cloud/menu/view/assets/webfonts/fa-brands-400.woff
31.11.32.78200 OK 87 kB URL HTTP/1.1 www.welcometo.cloud/menu/view/assets/webfonts/fa-brands-400.woff
IP 31.11.32.78:0
File type Web Open Font Format, TrueType, length 87352, version 329.-1049\012- data
Hash fe9d62e0d16a333a20e63c3e7595f82e
4cb087035ebd3afa0c588f129d1549e532c06d18
ef7234f1e9d303d2e42a209c547c217b90afa49d60502d04f1b14c906efc02d1
GET /menu/view/assets/webfonts/fa-brands-400.woff HTTP/1.1
Host: www.welcometo.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.welcometo.cloud/menu/view/assets/css/fontawesome-all.min.css
Cookie: ASPSESSIONIDAUTRRACR=GENJPPPCPIIEEDPFEJPIIGGC
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: font/x-woff
Last-Modified: Thu, 09 Jul 2020 08:47:37 GMT
Accept-Ranges: bytes
ETag: "68f3b198cd55d61:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 04 Feb 2023 12:12:18 GMT
Content-Length: 87352
www.welcometo.cloud/menu/view/assets/webfonts/fa-solid-900.woff
31.11.32.78200 OK 98 kB URL HTTP/1.1 www.welcometo.cloud/menu/view/assets/webfonts/fa-solid-900.woff
IP 31.11.32.78:0
File type Web Open Font Format, TrueType, length 98020, version 329.-1049\012- data
Hash 4bced7c4c0d61d4f988629bb8ae80b8b
0f6fcbf47ded1a1c6ace0f67383d512b6a053dad
c1450cddfd98668e6e593e2d26f11b4c43faaccb5f033b0b50ea6f1ce7bf4b58
GET /menu/view/assets/webfonts/fa-solid-900.woff HTTP/1.1
Host: www.welcometo.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.welcometo.cloud/menu/view/assets/css/fontawesome-all.min.css
Cookie: ASPSESSIONIDAUTRRACR=GENJPPPCPIIEEDPFEJPIIGGC
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: font/x-woff
Last-Modified: Thu, 09 Jul 2020 08:47:56 GMT
Accept-Ranges: bytes
ETag: "2575ba4cd55d61:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 04 Feb 2023 12:12:18 GMT
Content-Length: 98020
www.welcometo.cloud/favicon.ico
31.11.32.78404 Not Found 5.0 kB URL HTTP/1.1 www.welcometo.cloud/favicon.ico
IP 31.11.32.78:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (365)
Hash 81344c6fa008c05dc26f1c69a605c247
9be5a9d59c9740dc51b0940f1ce695abadeaffcc
56468e18316e218c90224221f17b43cfa45fb1b8bff203da27848efc30472277
GET /favicon.ico HTTP/1.1
Host: www.welcometo.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.welcometo.cloud/menu/view/menu_wine.asp?ID=799
Cookie: ASPSESSIONIDAUTRRACR=GENJPPPCPIIEEDPFEJPIIGGC
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Aruba2-Cache: NA
X-Aruba-Cache: NA
Date: Sat, 04 Feb 2023 12:12:18 GMT
Content-Length: 4974
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9908
Expires: Sat, 04 Feb 2023 14:57:28 GMT
Date: Sat, 04 Feb 2023 12:12:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9908
Expires: Sat, 04 Feb 2023 14:57:28 GMT
Date: Sat, 04 Feb 2023 12:12:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9908
Expires: Sat, 04 Feb 2023 14:57:28 GMT
Date: Sat, 04 Feb 2023 12:12:20 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lsQxPtozrh2Ty1T-3d-1crDfi8HgVKRafOXb1UFl033bCx3kAzTS7w==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 06:20:04 GMT
age: 21136
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b2d6920-2a79-45a8-b007-d36cc875c52f.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b2d6920-2a79-45a8-b007-d36cc875c52f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3ac51fd6789cbe19c2d484c9022b0e39
bcba22a7b7f5dd1f59fffd1027e5d7002cecb6e9
300b5e50cb910f9f4905ee7313d98763b68f85f5874db499cc94469fb14cabfe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b2d6920-2a79-45a8-b007-d36cc875c52f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9500
x-amzn-requestid: 8fe94388-e8d9-4329-b73a-e9a356df76bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD9QEA1IAMF3Ug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8054-51f954ac4bec16d1055e38f5;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FkTJ6wQ4eFYBPDyS0l5vLeWvHHiQIx-cYyFzT4ggHJ8M5Gg3dozFxQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:59:51 GMT
age: 51149
etag: "bcba22a7b7f5dd1f59fffd1027e5d7002cecb6e9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a517af0-06bb-4ad2-b66e-3627ca6b60a3.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a517af0-06bb-4ad2-b66e-3627ca6b60a3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 518bba9a8770e8ff15229a68be5bddc3
139f944b3f4279e640901f7a6b993f1a49b51a22
0591e73dec2190752677f06525bc993dc8c7a5aa20984a5eda64c323188e2b1d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a517af0-06bb-4ad2-b66e-3627ca6b60a3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9743
x-amzn-requestid: b6c1caa9-72e4-476f-9c3d-4a746c410ba3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7EHLJoAMF_TA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-1289ef383fbad59621eda6d0;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: i7ZNMlYetTGgoM0beS97MTxveM1H7CI4JdAvPhYdqe9pyCCQugjgNg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:58:58 GMT
age: 51202
etag: "139f944b3f4279e640901f7a6b993f1a49b51a22"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e5b4e4f15da3323c73974c3f1cdb5d74
1f14971d0cf979cc34ff191849dc43d86e8ac463
5893d7e5b2fd9de92829b303c42d0c07ff32b3f6b8705b6f5b4a784315c8808e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5174
x-amzn-requestid: 35630c70-3bad-47b4-94bb-09c873632194
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7EFAHIAMFQQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-317b1fbb3bee0f377697bf3d;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OD5cy75AkNMwTIvIool2nKbKgr5Jpo1Plm_X_YPr3rdPbg86_V2fdA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:00:26 GMT
age: 51114
etag: "1f14971d0cf979cc34ff191849dc43d86e8ac463"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f7101f6e43855cb76ce48271a847ffbd
8e674830a97d8ce3818132fda197db4f0289d316
e78a83a4024e238bcdec3b9c4d5c12a99f49aabd57e34952f6a4cc8ed4422f55
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9141
x-amzn-requestid: ed7db574-6bca-4f3e-8879-c3e836549339
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD8zE5lIAMF1HA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8051-4480112f11d4ced0037d1ad8;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: aKr85ooofBPeKkeJIDO5W_X5Rn6xnJlRHmVrs8tgBMYe3HQhobsm3w==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:56:07 GMT
age: 51373
etag: "8e674830a97d8ce3818132fda197db4f0289d316"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: 6a8c6487-6069-47d1-afa1-648626f85439
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyDqqGg5oAMFV-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd7fdd-0a772cde1e6fba6d7da97435;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:42:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: CHWhIpyzhoPtMUplzh1430Q9FfCM1wkTc_hQsgQk6InM9tYBPGYnNg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:05:44 GMT
age: 50796
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c030376-7935-4601-969c-86a91f4f5e85.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c030376-7935-4601-969c-86a91f4f5e85.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d7afd5ce8fb9ec7b62e528bf97705e49
afbf22f5d8f54adcb00e8980a9b22f2c5b6703c3
b2d93ba6c0ed2c858d91afba1c81251afbffa41c779be2e9203994dcfb7bbc9d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c030376-7935-4601-969c-86a91f4f5e85.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7249
x-amzn-requestid: 007ce521-ed5c-4074-a314-684ad0df2e22
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD9GH5goAMF_ag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8053-7060f02b767c90371991a190;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5fTV_e56nzjiXo4Guu67WXDDvp3nrjB0Yfyy6ByjcDSx23J-8r0fmQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:21 GMT
age: 50526
etag: "afbf22f5d8f54adcb00e8980a9b22f2c5b6703c3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:400,400italic,600,600italic,800,800italic
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,400italic,600,600italic,800,800italic
IP 142.250.74.106:0
GET /css?family=Open+Sans:400,400italic,600,600italic,800,800italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.welcometo.cloud/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 Feb 2023 12:12:19 GMT
date: Sat, 04 Feb 2023 12:12:19 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2