royalfoodservice.elementor.cloud/wp-login.php
162.159.138.9301 Moved Permanently 0 B URL HTTP/1.1 royalfoodservice.elementor.cloud/wp-login.php
IP 162.159.138.9:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS Severity Alert suricata medium ET INFO HTTP Request to Suspicious *.cloud Domain
GET /wp-login.php HTTP/1.1
Host: royalfoodservice.elementor.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 16 Jan 2023 21:57:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 16 Jan 2023 22:57:07 GMT
Location: https://royalfoodservice.elementor.cloud/wp-login.php
Server-Timing: cf-q-config;dur=7.9999999798019e-06
Vary: Accept-Encoding
x-powered-by: Elementor Cloud
Server: cloudflare
CF-RAY: 78aa1adfec80b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2258cd6b877a3aca8f4c84074e65ac4b
4e46c70941f8e497e8afc8d078644e7f81761a1c
faac4e0d123f2112b58953c104ea746cd53047fc1ada0ef5d669feecf78ddfff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAAC4E0D123F2112B58953C104EA746CD53047FC1ADA0EF5D669FEECF78DDFFF"
Last-Modified: Sat, 14 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5604
Expires: Mon, 16 Jan 2023 23:30:31 GMT
Date: Mon, 16 Jan 2023 21:57:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d6e2abd68203014e8e24d4a9e20e980a
5edbbb1a36083d5077b90b82e7aa10049e90c5d6
88cf8dae194a5e92a8c36a4c54ae71a609eaaed6e99d3986b3834c40d2fceeaa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88CF8DAE194A5E92A8C36A4C54AE71A609EAAED6E99D3986B3834C40D2FCEEAA"
Last-Modified: Sun, 15 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8092
Expires: Tue, 17 Jan 2023 00:11:59 GMT
Date: Mon, 16 Jan 2023 21:57:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3063227f59d1935298b0620fa7919145
478e1d8bef04b1f95381cac01829c03b6779d420
619281d3b9753bc6d2845786da75e8566687362769517aacf90f953ffbb8407c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "619281D3B9753BC6D2845786DA75E8566687362769517AACF90F953FFBB8407C"
Last-Modified: Sat, 14 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8676
Expires: Tue, 17 Jan 2023 00:21:43 GMT
Date: Mon, 16 Jan 2023 21:57:07 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 0FxlFz1WSW8DAJQnFb7BciyyhkcV0U3oU2722o8OO+h9rzo2r2PbaDYQkcMm/dh7fj46/SgtRU0=
x-amz-request-id: 46Y28H1DXT7YAMFX
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 16 Jan 2023 21:44:44 GMT
age: 743
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 16 Jan 2023 21:49:11 GMT
content-type: application/json
age: 476
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 21:57:07 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 16 Jan 2023 21:17:25 GMT
age: 2382
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d03545e1fc5a8876441094039811aac5
99fcc840f3516298625c528e9b408132f7fcbb9c
166fa7c7bb716b2cd02a47884ee00df31030dfb4b2a6fdae7b59b19f87739123
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5558
Cache-Control: max-age=132142
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 21:57:08 GMT
Etag: "63c513ad-1d7"
Expires: Wed, 18 Jan 2023 10:39:30 GMT
Last-Modified: Mon, 16 Jan 2023 09:06:53 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.213.114.144101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.213.114.144:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9l84GBSwmqvlrrKNAlVR9w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ObbJ4r7GMRBOfBmJFjmRkXOstDk=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6b6a65d2536cc8f99e68793ae265b595
f65e75f8419bd83e26f49def7fa2604db5f77b4d
94b31f7663e4917e8e97079202ef9fa340766f1ebfc2601360618d947f7dabc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94B31F7663E4917E8E97079202EF9FA340766F1EBFC2601360618D947F7DABC9"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12695
Expires: Tue, 17 Jan 2023 01:28:44 GMT
Date: Mon, 16 Jan 2023 21:57:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6b6a65d2536cc8f99e68793ae265b595
f65e75f8419bd83e26f49def7fa2604db5f77b4d
94b31f7663e4917e8e97079202ef9fa340766f1ebfc2601360618d947f7dabc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94B31F7663E4917E8E97079202EF9FA340766F1EBFC2601360618D947F7DABC9"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12695
Expires: Tue, 17 Jan 2023 01:28:44 GMT
Date: Mon, 16 Jan 2023 21:57:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6b6a65d2536cc8f99e68793ae265b595
f65e75f8419bd83e26f49def7fa2604db5f77b4d
94b31f7663e4917e8e97079202ef9fa340766f1ebfc2601360618d947f7dabc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94B31F7663E4917E8E97079202EF9FA340766F1EBFC2601360618D947F7DABC9"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12695
Expires: Tue, 17 Jan 2023 01:28:44 GMT
Date: Mon, 16 Jan 2023 21:57:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6b6a65d2536cc8f99e68793ae265b595
f65e75f8419bd83e26f49def7fa2604db5f77b4d
94b31f7663e4917e8e97079202ef9fa340766f1ebfc2601360618d947f7dabc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94B31F7663E4917E8E97079202EF9FA340766F1EBFC2601360618D947F7DABC9"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12695
Expires: Tue, 17 Jan 2023 01:28:44 GMT
Date: Mon, 16 Jan 2023 21:57:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6b6a65d2536cc8f99e68793ae265b595
f65e75f8419bd83e26f49def7fa2604db5f77b4d
94b31f7663e4917e8e97079202ef9fa340766f1ebfc2601360618d947f7dabc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94B31F7663E4917E8E97079202EF9FA340766F1EBFC2601360618D947F7DABC9"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12695
Expires: Tue, 17 Jan 2023 01:28:44 GMT
Date: Mon, 16 Jan 2023 21:57:09 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1490db-aa8a-4724-a608-8c0c03f98b35.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1490db-aa8a-4724-a608-8c0c03f98b35.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 805a998e9a6fc452c152ab9542b6d0cd
0bd57ea7809abfa4136506f565ac8ba45c936406
b24e0b322cacda63e43582e713cb38d80914f6b82c735307188a2ddd9829338f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1490db-aa8a-4724-a608-8c0c03f98b35.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10736
x-amzn-requestid: 78c83dbb-f641-4ece-bd8d-ce9d524f100d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e2tm5FLvoAMFn1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c5c2f8-73b261b87d3eb7b709161fdf;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 21:34:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hUS-ajMYSYKXI2jsZJApvgUgr0lnbrm02BXZ6rsPS5h0daBcIRtgEw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Mon, 16 Jan 2023 21:46:15 GMT
age: 654
etag: "0bd57ea7809abfa4136506f565ac8ba45c936406"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F385b83d3-24b4-4a2f-b857-c5ad36c6c6f1.jpeg
34.120.237.76200 OK 3.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F385b83d3-24b4-4a2f-b857-c5ad36c6c6f1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dcaf94e244d0b492c26d4964836f4913
fde259440056930606a16b88e6d87e2edc420bd6
6cc207b89ceda6a27a0c9905a3284044984af07cdf5eb91a84b93bc56e414806
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F385b83d3-24b4-4a2f-b857-c5ad36c6c6f1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3027
x-amzn-requestid: 9599f603-0ef7-40c7-aa0e-699a82057dc8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e2tr0GvUoAMFfmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c5c318-3d11e6404c85fcb737852aaf;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 21:35:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: w9U7jKrDbganO37QtU-I_g8A9G3XEHtsj-z6s0UF419IdEj_Zw1-uw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 16 Jan 2023 21:46:15 GMT
age: 654
etag: "fde259440056930606a16b88e6d87e2edc420bd6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04b94725-ff4a-4bda-82a9-4efa8d9c4276.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04b94725-ff4a-4bda-82a9-4efa8d9c4276.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fefb1f12a78ad92ed309da2c54984a3c
caf58bf6276e226a20a0d0cf6fc3d422f922eb28
baf6596c635254885f32e423cbc5667694754243f01109cbdbeb54c337b16bc2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04b94725-ff4a-4bda-82a9-4efa8d9c4276.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14703
x-amzn-requestid: bdc14ffc-297a-4046-9a4f-26d454f6f9be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e2trpGZkoAMFhZA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c5c317-58908dd71980be98200e8f6c;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 21:35:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: oqw0_4rVitBtqGh0oigqr5VmH0oVghH9SQiW1bRvMGsIX6fb8iRR0Q==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Mon, 16 Jan 2023 21:46:15 GMT
age: 654
etag: "caf58bf6276e226a20a0d0cf6fc3d422f922eb28"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20129690-ba2c-4d31-9d15-963cf6e4f66e.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20129690-ba2c-4d31-9d15-963cf6e4f66e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fbadbf308733e10efcf26a97bd5f86c7
a51e7e889bfdab10c59624a0fb1c301054e2d3d8
e87c014b465f1deed4316d7e7581ab63329523e68f9ca3e47c180cf14f43d9aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20129690-ba2c-4d31-9d15-963cf6e4f66e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8610
x-amzn-requestid: 14c3776b-05ba-4367-93f1-b887b7e1bd10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e2tm7FlGoAMFuKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c5c2f8-125017a12c4b83130a70b836;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 21:34:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mqgt51FSXFokAtn5znzBQsaXsbqHbLHuJQvqhFlRxFFDFy36peimeg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 16 Jan 2023 21:46:15 GMT
age: 654
etag: "a51e7e889bfdab10c59624a0fb1c301054e2d3d8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87b645d1-9bdf-4fcb-990e-f3dfb01d71d5.jpeg
34.120.237.76200 OK 2.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87b645d1-9bdf-4fcb-990e-f3dfb01d71d5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 57f4bddae2488cc36924ba39e6cb5b75
84c4e591d4ec54c3f9b6749044029145103f2fb8
30f39db37bf4f4089a2c180cf3415dbcd2e73e4ad6088eb1ecf31c9f6f00d521
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87b645d1-9bdf-4fcb-990e-f3dfb01d71d5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2711
x-amzn-requestid: d7f0fb1e-8a6e-4fae-99a9-7e0497a250c8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ekP_UE9HoAMFuyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63be6061-389b5ce60f1febdc3e3d48d0;Sampled=0
x-amzn-remapped-date: Wed, 11 Jan 2023 07:08:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: r5J4wPWxEkUaI7C2rCwCVIZ-KvGCLNIS95-_7L2Pj3M5CSkS7Em3xg==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Mon, 16 Jan 2023 06:53:17 GMT
age: 54232
etag: "84c4e591d4ec54c3f9b6749044029145103f2fb8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad391a3-52d8-4a92-ab46-4ad076c43cf8.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad391a3-52d8-4a92-ab46-4ad076c43cf8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ad210f0ba6ce6930724549cbba76e83d
e4badc3fbca9913bc11d968dac5cad1f900ff492
ad5f754d5dbe870feabfe090a46838614e96d72e78b9a2a8010ab339c67130be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad391a3-52d8-4a92-ab46-4ad076c43cf8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9529
x-amzn-requestid: 56f2b9a5-91c6-421a-ad84-165376e23dcf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e2tm6Fm-oAMFrDQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c5c2f8-67a0c1fe6aad6e6b71e50463;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 21:34:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mzmFGVDfMuZte5CJUmchEQIVAuDUKdGfUpm7PRTUqnsP44IcDmbl8A==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 16 Jan 2023 21:46:15 GMT
age: 654
etag: "e4badc3fbca9913bc11d968dac5cad1f900ff492"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 1.9 kB IP 142.250.74.3:0
Hash 8aa75da15ff6f28dbcfb2fa1d8ae8010
b075a174cd207e429f566a09df3301a828f508c3
940f97444800dba64977dd65cf00583cffa5bb925b2e78aa34062b1b98c85b75
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 21:57:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-TT3ZXBS
142.250.74.168200 OK 113 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-TT3ZXBS
IP 142.250.74.168:0
File type ASCII text, with very long lines (58981)
Size 113 kB (112887 bytes)
Hash a78f02849f5b109eb8b662d2f59b3f59
7b1a816c4f02ec567df39ff05c107fd83af506b8
547fdbc463389fcf758f4270b16074ac0a9bbbd705cc9bddeaba549faec20db0
GET /gtm.js?id=GTM-TT3ZXBS HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://royalfoodservice.elementor.cloud/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 16 Jan 2023 21:57:10 GMT
expires: Mon, 16 Jan 2023 21:57:10 GMT
cache-control: private, max-age=900
last-modified: Mon, 16 Jan 2023 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77688
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6f4934ef37f04950c15313f2cdc6902d
3ed5b8439867115a06edaf046472ee8d271c33ea
3fb58a81be10df91f59e3f6ceed7d607f77409087515cf675ff0d098c482c574
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 21:57:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/MXcD3ciCoSk
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/MXcD3ciCoSk
IP 142.250.74.3:0
Hash 78f7b8f46364cac1c7eebffa7c82c1ec
1b938fd44cadf5d731bb1d279fc09faa5149fa56
17dc91e7b442bc6bd7f99ec23247dd462bdacf3ae079be9656c6e03222e126f6
POST /s/gts1d4/MXcD3ciCoSk HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 21:57:10 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.eu.pendo.io/agent/static/74a60915-6da8-431a-57ec-738d1cae324d/pendo.js
35.244.244.136200 OK 133 kB URL HTTP/2 cdn.eu.pendo.io/agent/static/74a60915-6da8-431a-57ec-738d1cae324d/pendo.js
IP 35.244.244.136:0
File type ASCII text, with very long lines (47583)
Size 133 kB (132625 bytes)
Hash a188edf7ae3fe41fa55e98bdf0f34d02
f22ad308a78c506cc81602419d3312bd2b615253
4f31888837617b911c1090a965ab657acc24dbd3d11027f394525753c8e4f1c8
GET /agent/static/74a60915-6da8-431a-57ec-738d1cae324d/pendo.js HTTP/1.1
Host: cdn.eu.pendo.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://royalfoodservice.elementor.cloud/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycduw_TDcKNrPHPggWUD1B6n9gFSpgeSOvGwwBFDGzgh-cUDcJN6E2fQKYXBE1FdC5qoqGm5xPGW-YZW2cikFN7KFsXSVKfMR
x-goog-generation: 1673553981867157
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 132625
content-encoding: gzip
x-goog-hash: crc32c=Ogvx9A==, md5=oYjt964/5B+lXpi98PNNAg==
x-goog-storage-class: STANDARD
accept-ranges: bytes
vary: Accept-Encoding
content-length: 132625
access-control-allow-origin: *
access-control-expose-headers: *
server: UploadServer
date: Mon, 16 Jan 2023 21:53:56 GMT
age: 194
last-modified: Thu, 12 Jan 2023 20:06:21 GMT
etag: "a188edf7ae3fe41fa55e98bdf0f34d02"
content-type: application/javascript
cache-control: max-age=450,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/MXcD3ciCoSk
142.250.74.3200 OK 667 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/MXcD3ciCoSk
IP 142.250.74.3:0
Hash 2830afa56fafe6dfd9b14297ade5ff79
7090fb448fc00d039df9885d172b1a8daee943d1
57e3ae641a732609d52ff9b4589db135f3602700927757d42b53cb3bd084ef03
POST /s/gts1d4/MXcD3ciCoSk HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 21:57:11 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.78200 OK 22 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.78:0
Hash a51684f6a99b42f56df0f08cec1b3d07
ae1c1c1abbcfd3a2edfce96a749c6e241ee09db1
08b909cd8597735a72672919a422f89f476f778f43730cb6740c5e93c8a7baee
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://royalfoodservice.elementor.cloud/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Mon, 16 Jan 2023 20:21:54 GMT
expires: Mon, 16 Jan 2023 22:21:54 GMT
cache-control: public, max-age=7200
age: 5717
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9c27cc551532f9424a9c944b490c3c45
1da7d84941c2ac6ffe4dfdf044d96c5b07d38b11
ae4dcb0d9d7fd53177cefc7d6c4c4101af88a85a2970a4693b33217d8dfdcf48
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 21:57:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
script.hotjar.com/modules.2258f2bad9aa53d2a0c2.js
143.204.55.40200 OK 69 kB URL HTTP/2 script.hotjar.com/modules.2258f2bad9aa53d2a0c2.js
IP 143.204.55.40:0
File type Unicode text, UTF-8 text, with very long lines (47958)
Hash 8b2164bedd368c1837c7e4740cf4a11d
c6c175da5a097facb732f957317109d6d543027c
ca0c50638ea183d9dd38b303682f1e2ca6307e1b8a7a5dbdae919d8ef4793f61
GET /modules.2258f2bad9aa53d2a0c2.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://royalfoodservice.elementor.cloud/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 69014
date: Mon, 16 Jan 2023 11:14:05 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "8b2164bedd368c1837c7e4740cf4a11d"
last-modified: Mon, 16 Jan 2023 11:14:05 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 0KgDyaL2O5lH0jo4fKhiA_QnDF4YUfu5LV2W-Hn-rxMqoVNtvCW5dw==
age: 38585
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9c27cc551532f9424a9c944b490c3c45
1da7d84941c2ac6ffe4dfdf044d96c5b07d38b11
ae4dcb0d9d7fd53177cefc7d6c4c4101af88a85a2970a4693b33217d8dfdcf48
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 21:57:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
143.204.55.105200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
IP 143.204.55.105:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash e0652b84b7b3b650769c759fc520c3f8
0b55d6e28613350c7f41b88f19e726e6751ad03b
94b4c240f83065223dcacdd3f8b69cb229d0616edc3e2041eef3e270d859fc3d
GET /box-5e66f98b4ee957db209dc6f63e3d59dd.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://royalfoodservice.elementor.cloud/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Sat, 03 Dec 2022 04:42:02 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Thu, 01 Dec 2022 13:36:28 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: J240BivFkErBcrblx_Yn1F7qmgBUZoLp9tRtzp4VuPi_OZtm3GWNrw==
age: 3863709
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 46016837fa657816c9759b877cfd0a84
a2d7e97f1f2e86c2889af087fbd569177eca7958
4ff15623841a08fe9936578c1d95aeb2a1c5c9942cae7a4881f35f79430a1735
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 21:57:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-78483756-3&cid=1216593092.1673906231&jid=824623512&uid=4521994&gjid=779988838&_gid=1267260516.1673906231&_u=YADAAUAAAAAAACAEK~&z=1371046888
64.233.165.155200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-78483756-3&cid=1216593092.1673906231&jid=824623512&uid=4521994&gjid=779988838&_gid=1267260516.1673906231&_u=YADAAUAAAAAAACAEK~&z=1371046888
IP 64.233.165.155:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-78483756-3&cid=1216593092.1673906231&jid=824623512&uid=4521994&gjid=779988838&_gid=1267260516.1673906231&_u=YADAAUAAAAAAACAEK~&z=1371046888 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://royalfoodservice.elementor.cloud/
Content-Type: text/plain
Content-Length: 0
Origin: https://royalfoodservice.elementor.cloud
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://royalfoodservice.elementor.cloud
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 16 Jan 2023 21:57:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/6xki31KZnJg
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/6xki31KZnJg
IP 142.250.74.3:0
Hash 75f2c7704be474f39d9b50083a6640d0
7432b89d16b9f6f83b853ab68977c7e0f4086126
d266e90a96fcc80f4173cc01f2d32020969878654ea5176fdd8921d972175820
POST /s/gts1d4/6xki31KZnJg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 21:57:11 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/6xki31KZnJg
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/6xki31KZnJg
IP 142.250.74.3:0
Hash 75f2c7704be474f39d9b50083a6640d0
7432b89d16b9f6f83b853ab68977c7e0f4086126
d266e90a96fcc80f4173cc01f2d32020969878654ea5176fdd8921d972175820
POST /s/gts1d4/6xki31KZnJg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 21:57:11 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/6xki31KZnJg
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/6xki31KZnJg
IP 142.250.74.3:0
Hash 75f2c7704be474f39d9b50083a6640d0
7432b89d16b9f6f83b853ab68977c7e0f4086126
d266e90a96fcc80f4173cc01f2d32020969878654ea5176fdd8921d972175820
POST /s/gts1d4/6xki31KZnJg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 21:57:11 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 46016837fa657816c9759b877cfd0a84
a2d7e97f1f2e86c2889af087fbd569177eca7958
4ff15623841a08fe9936578c1d95aeb2a1c5c9942cae7a4881f35f79430a1735
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 21:57:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
data.eu.pendo.io/data/guide.gif/74a60915-6da8-431a-57ec-738d1cae324d?jzb=eJwFwIEIAAAAwDDQd3-N1QABFQC5&ct=1673906231266&v=2.167.0_prod-eu
34.110.214.126200 OK 42 B URL HTTP/2 data.eu.pendo.io/data/guide.gif/74a60915-6da8-431a-57ec-738d1cae324d?jzb=eJwFwIEIAAAAwDDQd3-N1QABFQC5&ct=1673906231266&v=2.167.0_prod-eu
IP 34.110.214.126:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /data/guide.gif/74a60915-6da8-431a-57ec-738d1cae324d?jzb=eJwFwIEIAAAAwDDQd3-N1QABFQC5&ct=1673906231266&v=2.167.0_prod-eu HTTP/1.1
Host: data.eu.pendo.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://royalfoodservice.elementor.cloud/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 21:57:11 GMT
content-type: image/gif
content-length: 42
access-control-allow-credentials: false
access-control-allow-headers: Origin,Accept,Content-Type,Authorization
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-max-age: 600
x-content-type-options: nosniff
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
data.eu.pendo.io/data/ptm.gif/74a60915-6da8-431a-57ec-738d1cae324d?v=2.167.0_prod-eu&ct=1673906231259&jzb=eJzFkcFvwiAYxf8XzrWlaLvobYluMXFWo162LAQLKoYCo9TGGf93v87Z3dxp2a08-t7343tvJ-SPVqABKoRnKEBrZ-pSOOplAWqcPnT7OCXdmCQ4QAdZSm8clRwMdDaaDjO6pJPFWKyeFyZ_mkEAy3NTaX_9p0f6SQpi5RScdt7bchBFzhyZ2hjDYdBB5iIUShRCQ3KYK1PxqLYdZbZSh3ZnwW2dsSUanG7zm897CIrpbcW2zauEpqsFOrdYrfVGplnzTvQbUhNhmQPlsQ0CiTPfuOM0wnFEMOlC4kG4UhoNMglhfyGmwM87ovrJWLL1GCB0pVSA_PWAss9RgfdVvq95MvR4B1EbB3Rfl9M6W37M5sXrRM_NSzZqmjp6AVvp9eJz0LaoDON3W4z_v8WG8ZsMsJI_2QpJk_P7BRKi7tY
34.110.214.126200 OK 42 B URL HTTP/2 data.eu.pendo.io/data/ptm.gif/74a60915-6da8-431a-57ec-738d1cae324d?v=2.167.0_prod-eu&ct=1673906231259&jzb=eJzFkcFvwiAYxf8XzrWlaLvobYluMXFWo162LAQLKoYCo9TGGf93v87Z3dxp2a08-t7343tvJ-SPVqABKoRnKEBrZ-pSOOplAWqcPnT7OCXdmCQ4QAdZSm8clRwMdDaaDjO6pJPFWKyeFyZ_mkEAy3NTaX_9p0f6SQpi5RScdt7bchBFzhyZ2hjDYdBB5iIUShRCQ3KYK1PxqLYdZbZSh3ZnwW2dsSUanG7zm897CIrpbcW2zauEpqsFOrdYrfVGplnzTvQbUhNhmQPlsQ0CiTPfuOM0wnFEMOlC4kG4UhoNMglhfyGmwM87ovrJWLL1GCB0pVSA_PWAss9RgfdVvq95MvR4B1EbB3Rfl9M6W37M5sXrRM_NSzZqmjp6AVvp9eJz0LaoDON3W4z_v8WG8ZsMsJI_2QpJk_P7BRKi7tY
IP 34.110.214.126:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /data/ptm.gif/74a60915-6da8-431a-57ec-738d1cae324d?v=2.167.0_prod-eu&ct=1673906231259&jzb=eJzFkcFvwiAYxf8XzrWlaLvobYluMXFWo162LAQLKoYCo9TGGf93v87Z3dxp2a08-t7343tvJ-SPVqABKoRnKEBrZ-pSOOplAWqcPnT7OCXdmCQ4QAdZSm8clRwMdDaaDjO6pJPFWKyeFyZ_mkEAy3NTaX_9p0f6SQpi5RScdt7bchBFzhyZ2hjDYdBB5iIUShRCQ3KYK1PxqLYdZbZSh3ZnwW2dsSUanG7zm897CIrpbcW2zauEpqsFOrdYrfVGplnzTvQbUhNhmQPlsQ0CiTPfuOM0wnFEMOlC4kG4UhoNMglhfyGmwM87ovrJWLL1GCB0pVSA_PWAss9RgfdVvq95MvR4B1EbB3Rfl9M6W37M5sXrRM_NSzZqmjp6AVvp9eJz0LaoDON3W4z_v8WG8ZsMsJI_2QpJk_P7BRKi7tY HTTP/1.1
Host: data.eu.pendo.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://royalfoodservice.elementor.cloud/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: false
access-control-allow-headers: Origin,Accept,Content-Type,Authorization
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-max-age: 600
content-type: image/gif
x-content-type-options: nosniff
date: Mon, 16 Jan 2023 21:57:11 GMT
content-length: 42
x-envoy-upstream-service-time: 10
server: istio-envoy
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
data.eu.pendo.io/data/guide.js/74a60915-6da8-431a-57ec-738d1cae324d?id=4&jzb=eJyFjk9LxDAQxb9Lzm7SVq3Ym-AfFsRdqHsOQzJ2A2kmpElFpN99p4I96m3m8d6P37eY3eQypb0VndDHp7fHg37Xr_0eTy89meejuBJgDJWQfyo3zf1ty1lJnr9zznHqlEr0Bf6DyE6YZmdQoscRA3Ol8VSs-ow7T4MLMp4jr0fMYCGD6DaB9XR_SHgIQ4EBuYFBn3qxbGLb9FcuwLj2_rNaERESJw8biCMWW9d1q6paNVVzzcQZ0-QocNzIur2TlY6J7A6LWJYLkB9qkg&v=2.167.0_prod-eu&ct=1673906231265
34.110.214.126200 OK 938 B URL HTTP/2 data.eu.pendo.io/data/guide.js/74a60915-6da8-431a-57ec-738d1cae324d?id=4&jzb=eJyFjk9LxDAQxb9Lzm7SVq3Ym-AfFsRdqHsOQzJ2A2kmpElFpN99p4I96m3m8d6P37eY3eQypb0VndDHp7fHg37Xr_0eTy89meejuBJgDJWQfyo3zf1ty1lJnr9zznHqlEr0Bf6DyE6YZmdQoscRA3Ol8VSs-ow7T4MLMp4jr0fMYCGD6DaB9XR_SHgIQ4EBuYFBn3qxbGLb9FcuwLj2_rNaERESJw8biCMWW9d1q6paNVVzzcQZ0-QocNzIur2TlY6J7A6LWJYLkB9qkg&v=2.167.0_prod-eu&ct=1673906231265
IP 34.110.214.126:0
Hash b1431854db52528c794751c6e0a73e27
f994585a8c57bb0b875dce51f105306d78b35497
899e794c69d85cc3081544788647c6f61be40107335f6a148d303fb8c190b879
GET /data/guide.js/74a60915-6da8-431a-57ec-738d1cae324d?id=4&jzb=eJyFjk9LxDAQxb9Lzm7SVq3Ym-AfFsRdqHsOQzJ2A2kmpElFpN99p4I96m3m8d6P37eY3eQypb0VndDHp7fHg37Xr_0eTy89meejuBJgDJWQfyo3zf1ty1lJnr9zznHqlEr0Bf6DyE6YZmdQoscRA3Ol8VSs-ow7T4MLMp4jr0fMYCGD6DaB9XR_SHgIQ4EBuYFBn3qxbGLb9FcuwLj2_rNaERESJw8biCMWW9d1q6paNVVzzcQZ0-QocNzIur2TlY6J7A6LWJYLkB9qkg&v=2.167.0_prod-eu&ct=1673906231265 HTTP/1.1
Host: data.eu.pendo.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://royalfoodservice.elementor.cloud/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 21:57:11 GMT
content-type: application/javascript
vary: Accept-Encoding
access-control-allow-credentials: false
access-control-allow-headers: Origin,Accept,Content-Type,Authorization
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-max-age: 600
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6b70b334388cc7c3c2afbf53572e9dca
c4c5b6f3cf3dc8b3cbadcb45fd578ecfcb406eb1
d231560628e5028fb74b132e6de1562cecbc1fc4ab4fc96c8fce638beb8ddbc0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 21:57:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-78483756-3&cid=1216593092.1673906231&jid=824623512&_u=YADAAUAAAAAAACAEK~&z=79197051
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-78483756-3&cid=1216593092.1673906231&jid=824623512&_u=YADAAUAAAAAAACAEK~&z=79197051
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-78483756-3&cid=1216593092.1673906231&jid=824623512&_u=YADAAUAAAAAAACAEK~&z=79197051 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://royalfoodservice.elementor.cloud/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 16 Jan 2023 21:57:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-K8MMBLLLJD>m=2oe1a1&_p=2101733466&_gaz=1&cid=1216593092.1673906231&ul=en-us&sr=1280x1024&_s=1&dl=https%3A%2F%2Froyalfoodservice.elementor.cloud%2Fwp-login.php&sid=1673906230&sct=1&seg=0&dt=Log%20In%20%E2%80%B9%20Royal%20Food%20Service%20%E2%80%94%20WordPress&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_html_language=en-US&ep.page_current_sidebar_sub_menu=top%20menu%20not%20detected&ep.page_current_sidebar_top_menu=top%20menu%20not%20detected&ep.elementor_owner_id=4521994&ep.elementor_site_id=42956&up.elementor_owner_id=4521994&up.elementor_site_id=42956
216.239.32.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-K8MMBLLLJD>m=2oe1a1&_p=2101733466&_gaz=1&cid=1216593092.1673906231&ul=en-us&sr=1280x1024&_s=1&dl=https%3A%2F%2Froyalfoodservice.elementor.cloud%2Fwp-login.php&sid=1673906230&sct=1&seg=0&dt=Log%20In%20%E2%80%B9%20Royal%20Food%20Service%20%E2%80%94%20WordPress&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_html_language=en-US&ep.page_current_sidebar_sub_menu=top%20menu%20not%20detected&ep.page_current_sidebar_top_menu=top%20menu%20not%20detected&ep.elementor_owner_id=4521994&ep.elementor_site_id=42956&up.elementor_owner_id=4521994&up.elementor_site_id=42956
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-K8MMBLLLJD>m=2oe1a1&_p=2101733466&_gaz=1&cid=1216593092.1673906231&ul=en-us&sr=1280x1024&_s=1&dl=https%3A%2F%2Froyalfoodservice.elementor.cloud%2Fwp-login.php&sid=1673906230&sct=1&seg=0&dt=Log%20In%20%E2%80%B9%20Royal%20Food%20Service%20%E2%80%94%20WordPress&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_html_language=en-US&ep.page_current_sidebar_sub_menu=top%20menu%20not%20detected&ep.page_current_sidebar_top_menu=top%20menu%20not%20detected&ep.elementor_owner_id=4521994&ep.elementor_site_id=42956&up.elementor_owner_id=4521994&up.elementor_site_id=42956 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://royalfoodservice.elementor.cloud/
Origin: https://royalfoodservice.elementor.cloud
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://royalfoodservice.elementor.cloud
date: Mon, 16 Jan 2023 21:57:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6a0c99efce2ba7294ef4b88e9810c411
90e325963c1355d4c2ab6500689850a2df4c419f
957f138460650b9cecf197fb62ec2b92fae42eb5d9d431a348f8f518470612c8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 21:57:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
royalfoodservice.elementor.cloud/wp-login.php
162.159.138.9200 OK 0 B URL HTTP/2 royalfoodservice.elementor.cloud/wp-login.php
IP 162.159.138.9:0
NIDS Severity Alert suricata medium ET INFO HTTP Request to Suspicious *.cloud Domain
GET /wp-login.php HTTP/1.1
Host: royalfoodservice.elementor.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 16 Jan 2023 21:57:10 GMT
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/; secure
x-frame-options: SAMEORIGIN
ec-source: dynamic
cf-cache-status: DYNAMIC
x-powered-by: Elementor Cloud
server: cloudflare
cf-ray: 78aa1ae10cfc0b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
104.16.56.101200 OK 0 B URL HTTP/2 static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
IP 104.16.56.101:0
GET /beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://royalfoodservice.elementor.cloud/
Origin: https://royalfoodservice.elementor.cloud
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 21:57:10 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2022.10.1
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 78aa1af34972b4f1-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-1958074.js?sv=7
54.230.111.113200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-1958074.js?sv=7
IP 54.230.111.113:0
GET /c/hotjar-1958074.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://royalfoodservice.elementor.cloud/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Mon, 16 Jan 2023 21:57:09 GMT
cache-control: max-age=60
etag: W/6d12720aa00e361146825a46d80dbb2a
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Yx8-Sbr701tS3zouxv_LJaquRHO4yzNdLvrV45dKq3wRuxT1uIzPEA==
age: 49
X-Firefox-Spdy: h2