r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10531
Expires: Mon, 05 Dec 2022 23:21:24 GMT
Date: Mon, 05 Dec 2022 20:25:53 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ee088fab9b287e174cfd1f2c735a909f
25c3335b514a36ad1a24d00413d60c3d394f5161
494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1435
Cache-Control: max-age=138561
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:25:53 GMT
Etag: "638dc877-1d7"
Expires: Wed, 07 Dec 2022 10:55:14 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 20:20:19 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 334
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6886
Expires: Mon, 05 Dec 2022 22:20:39 GMT
Date: Mon, 05 Dec 2022 20:25:53 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: xr+JALK+yy7zwu1xRDxhCUr76y20PMUavGdOTL2S7qWdfPBND2HOcph9R3kPerxvdmjxR9xpitB7ZdI2aZPZDQ==
x-amz-request-id: C55EFEKQ201FSAHS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 19:48:38 GMT
age: 2236
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:54 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 20:08:58 GMT
cache-control: public,max-age=3600
age: 1016
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2b9d6a686aa3c4ea24568425e43a5221
d53bb4c9579bd1db78a0520619e888aec79f750f
c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1421
Cache-Control: max-age=133479
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:25:54 GMT
Etag: "638db4ac-1d7"
Expires: Wed, 07 Dec 2022 09:30:33 GMT
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
aroma-modena.com/
162.43.117.39301 Moved Permanently 0 B IP 162.43.117.39:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 05 Dec 2022 20:25:54 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
X-Redirect-By: WordPress
Location: https://aroma-modena.com/
push.services.mozilla.com/
52.38.198.114101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.38.198.114:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: aOhBLNCGjEaHlOzm8P00yA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: PZ3UpteKRDyRen5/nz4EZPXauWw=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ca2f17981bd11bd35cde8053b133e68e
a8b24a0a926ef84fbcedc8965715e52c9ea09f31
7816f623947e5457961814b557a7db834ced0fb4c35fddeec74ad33c3ab03d32
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7816F623947E5457961814B557A7DB834CED0FB4C35FDDEEC74AD33C3AB03D32"
Last-Modified: Sun, 04 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21593
Expires: Tue, 06 Dec 2022 02:25:48 GMT
Date: Mon, 05 Dec 2022 20:25:55 GMT
Connection: keep-alive
code.jquery.com/ui/1.12.1/themes/smoothness/jquery-ui.css?ver=6.1.1
69.16.175.42200 OK 8.4 kB URL HTTP/2 code.jquery.com/ui/1.12.1/themes/smoothness/jquery-ui.css?ver=6.1.1
IP 69.16.175.42:0
File type ASCII text, with very long lines (2363)
Hash f9aa929af7d9403021ab57d14f30a014
2d636c15b71f290ec43c2a5c444e74865bda6895
a86cccedd1fd80990f344381c406169579fbeccb29b61e8d73dbe6c56fbd6e8a
GET /ui/1.12.1/themes/smoothness/jquery-ui.css?ver=6.1.1 HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:25:56 GMT
content-encoding: gzip
content-length: 8422
content-type: text/css
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
accept-ranges: bytes
server: nginx
etag: W/"28feccc0-8eb8"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1670271956.dop232.sk1.t,1670271956.cds255.sk1.hn,1670271956.cds259.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5f16a534222e5749ef240d413826c2f6
11683d84d420dd6f919425094edb8961278f7fed
691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:25:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10397
Expires: Mon, 05 Dec 2022 23:19:13 GMT
Date: Mon, 05 Dec 2022 20:25:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10397
Expires: Mon, 05 Dec 2022 23:19:13 GMT
Date: Mon, 05 Dec 2022 20:25:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10397
Expires: Mon, 05 Dec 2022 23:19:13 GMT
Date: Mon, 05 Dec 2022 20:25:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10397
Expires: Mon, 05 Dec 2022 23:19:13 GMT
Date: Mon, 05 Dec 2022 20:25:56 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 027480c06cd67621f373c6765dafee4d
9f80bb7ca6f699d88eaec2248dec508c589fe994
f69a0d6bd6e79d8fa7f2f15df11237c0a8b04d45af3cd5870eeef86d18f553bf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7728
x-amzn-requestid: 9f37e7a6-1f00-4a81-9b14-962fd0b6cdf4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMEJxoAMFchQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-4a4cce217327b44525ea1e98;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PGz98Kv7xrcdfvzwMFbA9V206DdlXitB-Xk8dllnaLlk1QMhZZEs9Q==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 22:03:04 GMT
age: 80572
etag: "9f80bb7ca6f699d88eaec2248dec508c589fe994"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24c69d7ef356b352956d6dcbc9f5df1d
2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9
94d068620c34652cb2d24ca8b3cf962febe9606e6d3a33d937fc9d99f176edef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10396
x-amzn-requestid: b879fd2e-b6cf-4373-b780-2d97481c45f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cioNbH5KoAMFUsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a8722-6add7f8e225878473b20c015;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 23:15:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ir97GJKaFoW6BNXCcmMqp0JSUd5JhCACyUvLh5G-0BWCDVJsqs7XhQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 22:03:01 GMT
age: 80575
etag: "2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash db1701b7b9d161a0c935bb6e10b17893
22a8c4bd58c729c1abcf794466e8f3231dfb034b
b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8315
x-amzn-requestid: f1bcc33b-aad9-4d3b-b1f9-49282f2d4fb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMGVboAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-13472a097177d4751c8f7a8c;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8ugcixaNsXG-AIHYCfoyOWa5zowv2lb4qwWc8o5_7SQc_0w5HW4mBw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:52:48 GMT
age: 81188
etag: "22a8c4bd58c729c1abcf794466e8f3231dfb034b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-NPC8QXL79X
142.250.74.168200 OK 76 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-NPC8QXL79X
IP 142.250.74.168:0
File type ASCII text, with very long lines (20080)
Hash 8f589ea2a7e7c188499539ef89c00dd4
62f4eccb8ed3f8686886036bad30fdde77706571
37cfc408a7f019c831fdd120212283509d2e4ab774098699e97e51762193269c
GET /gtag/js?id=G-NPC8QXL79X HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 05 Dec 2022 20:25:56 GMT
expires: Mon, 05 Dec 2022 20:25:56 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76335
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43309032a892c486f9985ef520df696e
36f4682ca6a33ff80ee02129c77e6f27e996ede0
24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Uz-wJTZjej3sjP-O68BQ4hB_kkAecG0o7GkeZUan90ZgV87g0Cg_ZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:52:41 GMT
age: 81195
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2f60a6490f38a772dcd50a1132e98e1b
ff254a1df087d2c157d88a6ef04e395dc49efe5e
653e40becd103cd76cc2f194a87e933e8c548d346f87520fefca3b16430fc4ab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8469
x-amzn-requestid: c17eff92-da62-4f0f-9e75-2741012ec43a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_sqFSjoAMFQ6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-61d61d2f0bb01ecb21b809ea;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Og6pnDOmEW5oc9EtvKD8BtBojepI-ZSde8xxYGThfF6QNl-ZTQWqQQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:45:46 GMT
age: 81610
etag: "ff254a1df087d2c157d88a6ef04e395dc49efe5e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c01fe1cccdb3b672bbade6d98217ffe9
a9a529dc9894827f6243a1bf57f81caa4fe88fc2
c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kmki-SBINSx1kbiIkaSGebdCLrnDeHVhYeotAWzE__CevkNDdfzRGg==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:44:01 GMT
age: 81715
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5f16a534222e5749ef240d413826c2f6
11683d84d420dd6f919425094edb8961278f7fed
691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:25:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
aroma-modena.com/wp-includes/css/classic-themes.min.css?ver=1
162.43.117.39200 OK 217 B URL HTTP/2 aroma-modena.com/wp-includes/css/classic-themes.min.css?ver=1
IP 162.43.117.39:0
Hash 95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:56 GMT
content-type: text/css
content-length: 217
last-modified: Wed, 02 Nov 2022 06:05:43 GMT
etag: "d9-5ec76a1893af9"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.21.226:0
Hash 9b44d5edad96d7c6fc217bd556ba84fe
721e1bbd36f6a19eb062843e683bad82c7369d9d
ed1f3af51810b56117f866024a8b3ba63c2391ad0c4da6417af9262a32c94670
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:25:56 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Fri, 09 Dec 2022 18:15:09 GMT
ETag: "721e1bbd36f6a19eb062843e683bad82c7369d9d"
Last-Modified: Mon, 05 Dec 2022 18:15:10 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2964
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 774f838feea3b523-OSL
img.fujoho.jp/public/bn/fujoho468x60.gif
143.204.45.59200 OK 465 kB URL HTTP/2 img.fujoho.jp/public/bn/fujoho468x60.gif
IP 143.204.45.59:0
File type GIF image data, version 89a, 468 x 60\012- data
Size 465 kB (464571 bytes)
Hash 241294fad9d20ebd079edc06920045b2
6b2e301c17f2b6534c26b422d9759b41bd37d070
6878dffaaa1da51b53de146e6dde795ac744d1658e0386cdda2d3e3009e8b780
GET /public/bn/fujoho468x60.gif HTTP/1.1
Host: img.fujoho.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 464571
last-modified: Mon, 29 Aug 2022 07:50:47 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Mon, 05 Dec 2022 02:08:14 GMT
etag: "241294fad9d20ebd079edc06920045b2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 4CsfyzIyeOOAKuw2DvM5vesDyh7VFR9ft3Wb4FDqmcOTfVB9-k_EOw==
age: 65863
X-Firefox-Spdy: h2
aroma-modena.com/wp-content/themes/heal_tcd077/js/header_fix.js?ver=1.3.2
162.43.117.39200 OK 299 B URL HTTP/2 aroma-modena.com/wp-content/themes/heal_tcd077/js/header_fix.js?ver=1.3.2
IP 162.43.117.39:0
Hash cd523cd5b02d6c0d34823eca4525b972
7efeeda2c184f7a04c1a02775d1d83db27a8516f
0a6bb44919c1a7b81ecb50e9e5c8773fdd884cabab81bf4cd56776d1abd32297
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/heal_tcd077/js/header_fix.js?ver=1.3.2 HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:56 GMT
content-type: application/javascript
content-length: 299
last-modified: Tue, 18 Jan 2022 17:43:17 GMT
etag: "12b-5d5decdec0724"
accept-ranges: bytes
X-Firefox-Spdy: h2
aroma-modena.com/wp-content/uploads/2021/04/logo_s-2.png?1670271955
162.43.117.39200 OK 8.2 kB URL HTTP/2 aroma-modena.com/wp-content/uploads/2021/04/logo_s-2.png?1670271955
IP 162.43.117.39:0
File type PNG image data, 139 x 81, 8-bit/color RGBA, non-interlaced\012- data
Hash 83e0317ec19dfb14e93ef2b75d6cf828
86452f407746f0ed0faffe39688e4155ef61e573
05abc040a85877212e8336c54f58beae05521457862674a0ddc1b63c75058842
GET /wp-content/uploads/2021/04/logo_s-2.png?1670271955 HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:56 GMT
content-type: image/png
content-length: 8202
last-modified: Tue, 18 Jan 2022 17:43:48 GMT
etag: "200a-5d5decfbfcdb1"
accept-ranges: bytes
X-Firefox-Spdy: h2
aroma-modena.com/wp-content/uploads/2022/06/pc_mens_banner1_1_468_60-300x38.gif
162.43.117.39200 OK 2.5 kB URL HTTP/2 aroma-modena.com/wp-content/uploads/2022/06/pc_mens_banner1_1_468_60-300x38.gif
IP 162.43.117.39:0
File type GIF image data, version 89a, 300 x 38\012- data
Hash 18fe92b2df571475503cb2cc3d269a97
427c9188ebcdb112f0abba3ecfba477c8d1fb02e
23c6a64040837d5f558c5b700718e837a1052857890ffb7808bfdeb512bda837
GET /wp-content/uploads/2022/06/pc_mens_banner1_1_468_60-300x38.gif HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:56 GMT
content-type: image/gif
content-length: 2490
last-modified: Sun, 19 Jun 2022 23:50:15 GMT
etag: "9ba-5e1d5a627cda4"
accept-ranges: bytes
X-Firefox-Spdy: h2
aroma-modena.com/wp-content/uploads/2022/06/fues200.gif
162.43.117.39200 OK 1.6 kB URL HTTP/2 aroma-modena.com/wp-content/uploads/2022/06/fues200.gif
IP 162.43.117.39:0
File type GIF image data, version 89a, 200 x 40\012- data
Hash fddec7753c2ccf3d7e69704ebda8cb4b
72d0829ae5ad8b9c36a266fbe4e3d41d5afc407c
4d7e4591c59c75366f20bbede64bcb39d47972b1fd27bbe96e869b9c5ea7ac98
GET /wp-content/uploads/2022/06/fues200.gif HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:56 GMT
content-type: image/gif
content-length: 1602
last-modified: Tue, 21 Jun 2022 06:11:49 GMT
etag: "642-5e1ef18925a3f"
accept-ranges: bytes
X-Firefox-Spdy: h2
aroma-modena.com/wp-content/uploads/2022/10/B2C1003C-DAED-4620-94CA-3B4ED8BDFD03.jpeg
162.43.117.39200 OK 13 kB URL HTTP/2 aroma-modena.com/wp-content/uploads/2022/10/B2C1003C-DAED-4620-94CA-3B4ED8BDFD03.jpeg
IP 162.43.117.39:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, xresolution=74, yresolution=82, resolutionunit=2], baseline, precision 8, 200x40, components 3\012- data
Hash ec8a3fa277626d774809b7ae0f2f7476
de9352702ed9449753869b7a58709c28f8e94934
9d3d372155a94502910074b755ceed1566a57f2a2e984cd6ad40e3e24e96c726
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/B2C1003C-DAED-4620-94CA-3B4ED8BDFD03.jpeg HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:56 GMT
content-type: image/jpeg
content-length: 12560
last-modified: Tue, 04 Oct 2022 05:31:26 GMT
etag: "3110-5ea2ec57de2e3"
accept-ranges: bytes
X-Firefox-Spdy: h2
aroma-modena.com/wp-content/themes/heal_tcd077/js/header_fix_mobile.js?ver=1.3.2
162.43.117.39200 OK 376 B URL HTTP/2 aroma-modena.com/wp-content/themes/heal_tcd077/js/header_fix_mobile.js?ver=1.3.2
IP 162.43.117.39:0
Hash 0abe38cd3b0c49390f7ac2597feef976
c3cdf8373acd8360f4077536e5a6d7f918cdfcb7
251ae9d805e211586f23c22eba8ed2c5e0d1bec5b0cef285854296ea567e79dd
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/heal_tcd077/js/header_fix_mobile.js?ver=1.3.2 HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:56 GMT
content-type: application/javascript
content-length: 376
last-modified: Tue, 18 Jan 2022 17:43:18 GMT
etag: "178-5d5decdf33ae6"
accept-ranges: bytes
X-Firefox-Spdy: h2
aroma-modena.com/wp-content/uploads/2021/12/banner_468x60.jpg
162.43.117.39200 OK 30 kB URL HTTP/2 aroma-modena.com/wp-content/uploads/2021/12/banner_468x60.jpg
IP 162.43.117.39:0
File type JPEG image data, baseline, precision 8, 468x60, components 3\012- data
Hash 7724e1531f3e57cad0509f8a4476dbbc
057ef1c50bd1c52a3393eb2fc36364c775cb649b
b904297a6cd99799923a855bf9065c23c376b2d0e3ac7ec96760a2517bfa23c9
GET /wp-content/uploads/2021/12/banner_468x60.jpg HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:56 GMT
content-type: image/jpeg
content-length: 30338
last-modified: Tue, 18 Jan 2022 17:47:31 GMT
etag: "7682-5d5dedd10442f"
accept-ranges: bytes
X-Firefox-Spdy: h2
aroma-modena.com/wp-content/uploads/2022/10/banner200x40.png
162.43.117.39200 OK 2.1 kB URL HTTP/2 aroma-modena.com/wp-content/uploads/2022/10/banner200x40.png
IP 162.43.117.39:0
File type PNG image data, 200 x 40, 8-bit colormap, non-interlaced\012- data
Hash 751a1cb78913e81bedee24fa527e3438
e30d5eb38620ea80d9cf0d4fe8cc203367557316
e636c27023d967542dae698e48b3b554b5a19135e09f86d0b450c3725fcad73e
GET /wp-content/uploads/2022/10/banner200x40.png HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:56 GMT
content-type: image/png
content-length: 2120
last-modified: Mon, 17 Oct 2022 08:42:14 GMT
etag: "848-5eb36f3d0af23"
accept-ranges: bytes
X-Firefox-Spdy: h2
aroma-modena.com/wp-content/uploads/2021/06/7E25462E-85DB-4D40-8855-6B3C43BF09B9.jpeg
162.43.117.39200 OK 22 kB URL HTTP/2 aroma-modena.com/wp-content/uploads/2021/06/7E25462E-85DB-4D40-8855-6B3C43BF09B9.jpeg
IP 162.43.117.39:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=5, xresolution=74, yresolution=82, resolutionunit=2], baseline, precision 8, 300x50, components 3\012- data
Hash 419af3dd9f1ef2b0e1be92f01fb4233d
58fdcc40ddbad63dd1971f25b08b73a37a187e6a
f43350e4cd99bf0ce7cde53a66a284733cb60020ac6074640052a869f2b5642d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2021/06/7E25462E-85DB-4D40-8855-6B3C43BF09B9.jpeg HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:56 GMT
content-type: image/jpeg
content-length: 21936
last-modified: Tue, 18 Jan 2022 17:45:42 GMT
etag: "55b0-5d5ded6844b59"
accept-ranges: bytes
X-Firefox-Spdy: h2
aroma-modena.com/wp-content/uploads/2022/10/ore_20040.jpg
162.43.117.39200 OK 3.5 kB URL HTTP/2 aroma-modena.com/wp-content/uploads/2022/10/ore_20040.jpg
IP 162.43.117.39:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 71x71, segment length 16, baseline, precision 8, 200x40, components 3\012- data
Hash b63c64a91b538b46eda42afd64e426f9
2b921db677172cea0531f345a36eea3e91106291
aa01e05ff3fd8d554eb1f13e26f7ba13b9d96ae5a3a47c4835fd3e74ec5e6698
GET /wp-content/uploads/2022/10/ore_20040.jpg HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:56 GMT
content-type: image/jpeg
content-length: 3546
last-modified: Tue, 18 Oct 2022 07:14:40 GMT
etag: "dda-5eb49d877498e"
accept-ranges: bytes
X-Firefox-Spdy: h2
aroma-modena.com/wp-content/uploads/2022/02/5-300x300.jpg
162.43.117.39200 OK 21 kB URL HTTP/2 aroma-modena.com/wp-content/uploads/2022/02/5-300x300.jpg
IP 162.43.117.39:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 7cf1c3725957fe89d478e5e86406720a
e3f31126644ad0b998c3018b1c7deaef7d9ffeeb
5d23c2b11ba8dfb203191183df32063fb12a75187a42ef9a84d77182c9997f0a
GET /wp-content/uploads/2022/02/5-300x300.jpg HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:56 GMT
content-type: image/jpeg
content-length: 21395
last-modified: Sat, 05 Feb 2022 05:10:42 GMT
etag: "5393-5d73e639bcbd6"
accept-ranges: bytes
X-Firefox-Spdy: h2
aroma-modena.com/wp-content/uploads/2021/12/banner_200x40.jpg
162.43.117.39200 OK 9.4 kB URL HTTP/2 aroma-modena.com/wp-content/uploads/2021/12/banner_200x40.jpg
IP 162.43.117.39:0
File type JPEG image data, baseline, precision 8, 200x40, components 3\012- data
Hash dd65c1713494f3223fcfd925a5d7919a
8aff77fa35b8612ff36e4993fc628f0dab4e0315
e3c6b06d395df280f99e75d810901d94af941884119d9be04e3e866a7633ab8a
GET /wp-content/uploads/2021/12/banner_200x40.jpg HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:56 GMT
content-type: image/jpeg
content-length: 9371
last-modified: Tue, 18 Jan 2022 17:47:31 GMT
etag: "249b-5d5dedd05092c"
accept-ranges: bytes
X-Firefox-Spdy: h2
aroma-modena.com/wp-content/uploads/2021/05/add-bt02.png
162.43.117.39200 OK 14 kB URL HTTP/2 aroma-modena.com/wp-content/uploads/2021/05/add-bt02.png
IP 162.43.117.39:0
File type PNG image data, 360 x 160, 8-bit/color RGBA, non-interlaced\012- data
Hash 361456f4aec428f8d9707c9ac3d8e479
f3db6cf43574a5da5bfa963702458425880288a3
3e948bef04fbd5a1b33a20b2611322e29e68f42201af9891d66d67b6de065afb
GET /wp-content/uploads/2021/05/add-bt02.png HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:56 GMT
content-type: image/png
content-length: 13889
last-modified: Tue, 18 Jan 2022 17:44:40 GMT
etag: "3641-5d5ded2dea2a1"
accept-ranges: bytes
X-Firefox-Spdy: h2
aroma-modena.com/wp-content/uploads/2021/06/2020bnr01-300x38.jpg
162.43.117.39200 OK 8.3 kB URL HTTP/2 aroma-modena.com/wp-content/uploads/2021/06/2020bnr01-300x38.jpg
IP 162.43.117.39:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x38, components 3\012- data
Hash a41ec93c53b36b97924caf6ffb6949d8
5345e2da8ca2f3607b9bb0cba8c63f1fb62f5979
1dddd8b1417386a4663aa7b02ba2de9b0904be71d5626ebd7c616fe2994b06d4
GET /wp-content/uploads/2021/06/2020bnr01-300x38.jpg HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:56 GMT
content-type: image/jpeg
content-length: 8349
last-modified: Tue, 18 Jan 2022 17:45:36 GMT
etag: "209d-5d5ded63158e0"
accept-ranges: bytes
X-Firefox-Spdy: h2
aroma-modena.com/wp-content/uploads/2021/06/DD65F431-8FF4-4765-A5CC-15B0FF1D021D.jpeg
162.43.117.39200 OK 52 kB URL HTTP/2 aroma-modena.com/wp-content/uploads/2021/06/DD65F431-8FF4-4765-A5CC-15B0FF1D021D.jpeg
IP 162.43.117.39:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, xresolution=86, yresolution=94, resolutionunit=2, software=Adobe Photoshop CC (Macintosh)], baseline, precision 8, 320x100, components 3\012- data
Hash f877b820f164d0661210decba47821c1
a46ad48a90ed0316c962d29dbf80971c2d3abacc
5a163fd7cb624ebb236247c4fcc33ed726d72ffa80cd6b0e7a225c934a213a42
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2021/06/DD65F431-8FF4-4765-A5CC-15B0FF1D021D.jpeg HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:56 GMT
content-type: image/jpeg
content-length: 51571
last-modified: Tue, 18 Jan 2022 17:45:45 GMT
etag: "c973-5d5ded6c03b2b"
accept-ranges: bytes
X-Firefox-Spdy: h2
webfonts.xserver.jp/js/xserver.js?ver=1.2.1
202.226.37.225200 OK 8.2 kB URL HTTP/1.1 webfonts.xserver.jp/js/xserver.js?ver=1.2.1
IP 202.226.37.225:0
File type Unicode text, UTF-8 text, with very long lines (17166)
Hash 2aa2869f633f951ae056115d944cdb9a
2a6c9acc265dc62995007a51590dd5fa144a52c7
07f34f7e400ae44e91e55fdb0535b78209e87343a86eeba9643d206b9b7233b2
GET /js/xserver.js?ver=1.2.1 HTTP/1.1
Host: webfonts.xserver.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 20:25:57 GMT
Content-Type: application/javascript
Last-Modified: Tue, 13 Aug 2019 03:18:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5d522c18-4e15"
Content-Encoding: gzip
aroma-modena.com/wp-content/themes/heal_tcd077/css/font-awesome.min.css?ver=1.3.2
162.43.117.39200 OK 7.6 kB URL HTTP/2 aroma-modena.com/wp-content/themes/heal_tcd077/css/font-awesome.min.css?ver=1.3.2
IP 162.43.117.39:0
File type ASCII text, with very long lines (30837)
Hash 60b6376c8a3b2ffa5cbedfb5fe2bb0dc
6cb75bbe8b52c78cce4937a64c61e0df444832a7
50f75c0b2cd1447c7d797ad001b2e5052fccfb5d7fd15eb67f65e09dbb89476c
GET /wp-content/themes/heal_tcd077/css/font-awesome.min.css?ver=1.3.2 HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:56 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 18 Jan 2022 17:43:08 GMT
etag: W/"7917-5d5decd57f4b8"
content-encoding: br
X-Firefox-Spdy: h2
www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d6647.330724581989!2d130.41140972592348!3d33.58803682293887!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x354191becdb0540f%3A0x744cc3289d50b2cc!2z44CSODEyLTAwMTEg56aP5bKh55yM56aP5bKh5biC5Y2a5aSa5Yy65Y2a5aSa6aeF5YmN77yT5LiB55uu!5e0!3m2!1sja!2sjp!4v1617686963583!5m2!1sja!2sjp
216.58.207.228200 OK 970 B URL HTTP/2 www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d6647.330724581989!2d130.41140972592348!3d33.58803682293887!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x354191becdb0540f%3A0x744cc3289d50b2cc!2z44CSODEyLTAwMTEg56aP5bKh55yM56aP5bKh5biC5Y2a5aSa5Yy65Y2a5aSa6aeF5YmN77yT5LiB55uu!5e0!3m2!1sja!2sjp!4v1617686963583!5m2!1sja!2sjp
IP 216.58.207.228:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1486)
Hash 2573190303f0f958de70ffe49dac49ff
2a46563c7fdb00ca630280c2d6b99b637bc075d7
6a612b52224adecfd71127fad7db129db41e750bc3c229ea39eaf189247a0fab
GET /maps/embed?pb=!1m18!1m12!1m3!1d6647.330724581989!2d130.41140972592348!3d33.58803682293887!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x354191becdb0540f%3A0x744cc3289d50b2cc!2z44CSODEyLTAwMTEg56aP5bKh55yM56aP5bKh5biC5Y2a5aSa5Yy65Y2a5aSa6aeF5YmN77yT5LiB55uu!5e0!3m2!1sja!2sjp!4v1617686963583!5m2!1sja!2sjp HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Mon, 05 Dec 2022 20:25:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
vary: Accept-Language
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-DliERS0Lz7hETiQwwc3sTA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-encoding: gzip
server: mafe
content-length: 970
x-xss-protection: 0
server-timing: gfet4t7; dur=313
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
aroma-modena.com/wp-content/uploads/2022/02/system08-scaled.jpg
162.43.117.39200 OK 369 kB URL HTTP/2 aroma-modena.com/wp-content/uploads/2022/02/system08-scaled.jpg
IP 162.43.117.39:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 Macintosh, datetime=2022:02:03 17:51:32], baseline, precision 8, 1810x2560, components 3\012- data
Size 369 kB (369079 bytes)
Hash 93ac17387dd781596142b6f23d2224d6
3a4ab121f4b6c6307c3b5177170e7ba286cdd5d5
08e2b5c1a6b9dd1836db89ca264ff69c6a7e5a9de2c4b2a3636c9db2efe8eaa8
GET /wp-content/uploads/2022/02/system08-scaled.jpg HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:56 GMT
content-type: image/jpeg
content-length: 369079
last-modified: Sat, 05 Feb 2022 05:13:26 GMT
etag: "5a1b7-5d73e6d6319e6"
accept-ranges: bytes
X-Firefox-Spdy: h2
aroma-modena.com/wp-content/uploads/2022/06/recruit1.jpg
162.43.117.39200 OK 441 kB URL HTTP/2 aroma-modena.com/wp-content/uploads/2022/06/recruit1.jpg
IP 162.43.117.39:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 22.3 (Macintosh), datetime=2022:06:24 17:34:04], baseline, precision 8, 1587x2245, components 3\012- data
Size 441 kB (441390 bytes)
Hash f5d711182b4e73c5908ef1dd92f405f4
2f7d17461e3cc9d020e326909eb3b9bffe9ea52d
b6dafc37cee884000b053d5005a8c85a231ef4700d9fe992aaefbead1a0dea8b
GET /wp-content/uploads/2022/06/recruit1.jpg HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:56 GMT
content-type: image/jpeg
content-length: 441390
last-modified: Fri, 24 Jun 2022 08:37:45 GMT
etag: "6bc2e-5e22d7c032e63"
accept-ranges: bytes
X-Firefox-Spdy: h2
aroma-modena.com/wp-content/uploads/2022/06/recruit4.jpg
162.43.117.39200 OK 467 kB URL HTTP/2 aroma-modena.com/wp-content/uploads/2022/06/recruit4.jpg
IP 162.43.117.39:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 22.3 (Macintosh), datetime=2022:06:24 17:35:55], baseline, precision 8, 1587x2245, components 3\012- data
Size 467 kB (466766 bytes)
Hash d19cbc120c36133ada8deac135e6aed1
c77623c2e7e3eb851069ffbee9a83bf5f4f7bb49
d63a03957fc4ad9d767e6f43eb7f40f756d5219ac7cb50e7e6323c568d388e1e
GET /wp-content/uploads/2022/06/recruit4.jpg HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:56 GMT
content-type: image/jpeg
content-length: 466766
last-modified: Fri, 24 Jun 2022 09:01:02 GMT
etag: "71f4e-5e22dcf47bb30"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8ead0ac4ce19cef2471bae0458759d89
af02fd3fcd2e10cfa2458407c0c2e59a43e18517
507b93c64bab73e393cf8d8131415ef4d4b01e65e0f2ab73597715197845e75e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:25:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
aroma-modena.com/wp-content/themes/heal_tcd077/css/swiper-bundle.min.css?ver=1.3.2
162.43.117.39200 OK 4.8 kB URL HTTP/2 aroma-modena.com/wp-content/themes/heal_tcd077/css/swiper-bundle.min.css?ver=1.3.2
IP 162.43.117.39:0
File type ASCII text, with very long lines (13620)
Hash 9dd3455fccc74684ad0bd91afe6862da
b6963d5c2c92fd9340adb18b26e32f93c59cd18b
b6a4a428ede51efde4068d39727a383189547f433651ef8456895abf8e4eb74e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/heal_tcd077/css/swiper-bundle.min.css?ver=1.3.2 HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:57 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 18 Jan 2022 17:43:09 GMT
etag: W/"3632-5d5decd6ad0dd"
content-encoding: br
X-Firefox-Spdy: h2
maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=ja®ion=jp&callback=onApiLoad
216.58.207.202200 OK 57 kB URL HTTP/2 maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=ja®ion=jp&callback=onApiLoad
IP 216.58.207.202:0
File type ASCII text, with very long lines (2557)
Hash 73ff383e09fede057f6b26f7e24f71fe
f3f06b4896ddb3c5aa4f2d3ecbc458cec32b1091
8d5b511bed871ed5b8d1d5de68e8fb4930e15e803571c4488992e973d9724174
GET /maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=ja®ion=jp&callback=onApiLoad HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 57327
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=13
date: Mon, 05 Dec 2022 20:10:41 GMT
expires: Mon, 05 Dec 2022 20:40:41 GMT
cache-control: public, max-age=1800
content-type: text/javascript; charset=UTF-8
age: 917
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
aroma-modena.com/wp-content/uploads/2022/06/recruit3.jpg
162.43.117.39200 OK 472 B URL HTTP/2 aroma-modena.com/wp-content/uploads/2022/06/recruit3.jpg
IP 162.43.117.39:0
Hash 7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
GET /wp-content/uploads/2022/06/recruit3.jpg HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:56 GMT
content-type: image/jpeg
content-length: 439035
last-modified: Fri, 24 Jun 2022 08:59:33 GMT
etag: "6b2fb-5e22dc9f57b18"
accept-ranges: bytes
X-Firefox-Spdy: h2
aroma-modena.com/wp-content/uploads/2021/09/about2.jpg
162.43.117.39200 OK 48 kB URL HTTP/2 aroma-modena.com/wp-content/uploads/2021/09/about2.jpg
IP 162.43.117.39:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1300, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=2000], progressive, precision 8, 480x300, components 3\012- data
Hash 473175356524bdb6af8a1daa3b3c371c
7e45bc0b306e0fe02e1fefd4dc0960938a570dab
0d00ffceca78385c8aaa28a1c717d04050793cd678699ba175bdf2ed8d6d6cee
GET /wp-content/uploads/2021/09/about2.jpg HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:57 GMT
content-type: image/jpeg
content-length: 48230
last-modified: Tue, 18 Jan 2022 17:46:29 GMT
etag: "bc66-5d5ded958d892"
accept-ranges: bytes
X-Firefox-Spdy: h2
aroma-modena.com/wp-content/uploads/2021/04/bg_2cullum.jpg
162.43.117.39200 OK 68 kB URL HTTP/2 aroma-modena.com/wp-content/uploads/2021/04/bg_2cullum.jpg
IP 162.43.117.39:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2000x1300, components 3\012- data
Hash 2c3b695c96e2e0905f9da805f4cc28ef
36e6d83932af576a877f4ccd40ce71236c52cc86
f52e539ce86011e0a166a3bbc296c10115c1d2d8aa49a6f76a1efd1b24c97dc6
GET /wp-content/uploads/2021/04/bg_2cullum.jpg HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:57 GMT
content-type: image/jpeg
content-length: 68115
last-modified: Tue, 18 Jan 2022 17:43:39 GMT
etag: "10a13-5d5decf372528"
accept-ranges: bytes
X-Firefox-Spdy: h2
aroma-modena.com/wp-content/uploads/2021/09/about1.jpg
162.43.117.39200 OK 98 kB URL HTTP/2 aroma-modena.com/wp-content/uploads/2021/09/about1.jpg
IP 162.43.117.39:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1300, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=2000], progressive, precision 8, 480x300, components 3\012- data
Hash 5b5c5fc6f8d820d3be9909cca80b396f
000ee251024863ab8fc76e414cf656d6e815ef3e
791af6618c4e4089d52f20dd46344e69cefc3991774c8ee3a0a78cf4790f30bf
GET /wp-content/uploads/2021/09/about1.jpg HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:57 GMT
content-type: image/jpeg
content-length: 98043
last-modified: Tue, 18 Jan 2022 17:46:28 GMT
etag: "17efb-5d5ded94ffeef"
accept-ranges: bytes
X-Firefox-Spdy: h2
aroma-modena.com/wp-content/uploads/2021/09/about3.jpg
162.43.117.39200 OK 167 kB URL HTTP/2 aroma-modena.com/wp-content/uploads/2021/09/about3.jpg
IP 162.43.117.39:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1300, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=2000], progressive, precision 8, 480x300, components 3\012- data
Size 167 kB (166993 bytes)
Hash 81e75256827829716d8167f149cdbf5b
bf938d155a6d3a44d2f35ae59084b25767f46358
c4422da1c03b174cf4aeb1bf2ccfd3a14e3ca2e457cb894416c67b37604db919
GET /wp-content/uploads/2021/09/about3.jpg HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:57 GMT
content-type: image/jpeg
content-length: 166993
last-modified: Tue, 18 Jan 2022 17:46:30 GMT
etag: "28c51-5d5ded964bf76"
accept-ranges: bytes
X-Firefox-Spdy: h2
aroma-modena.com/wp-content/themes/heal_tcd077/fonts/design_plus.woff?v=1.5
162.43.117.39200 OK 31 kB URL HTTP/2 aroma-modena.com/wp-content/themes/heal_tcd077/fonts/design_plus.woff?v=1.5
IP 162.43.117.39:0
File type Web Open Font Format, TrueType, length 31376, version 1.0\012- data
Hash 3f9824fc1321b1fb5326cc2ad68918cc
b3f6a889c5d261434ce500131de1d691eeb6ce17
716a4a4b0253302660403b8dc68f6e5918bc49b202bb1c900b12022e9a803002
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/heal_tcd077/fonts/design_plus.woff?v=1.5 HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://aroma-modena.com/wp-content/themes/heal_tcd077/css/sns-botton.css?ver=1.3.2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:57 GMT
content-type: application/font-woff
content-length: 31376
vary: Accept-Encoding
last-modified: Tue, 18 Jan 2022 17:43:10 GMT
etag: "7a90-5d5decd81e324"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:25:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
aroma-modena.com/wp-content/themes/heal_tcd077/js/jscript.js?ver=6.1.1
162.43.117.39200 OK 54 kB URL HTTP/2 aroma-modena.com/wp-content/themes/heal_tcd077/js/jscript.js?ver=6.1.1
IP 162.43.117.39:0
Hash 2ebe946567c940938905d9ddf7a28c57
ad9fd975debce303937fed8197b250848707de14
6673a93145aa1d795066ff3d7d4cb3e2afbcff22b095d92b07e883ec9bacb74c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/heal_tcd077/js/jscript.js?ver=6.1.1 HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:56 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 18 Jan 2022 17:43:18 GMT
etag: W/"39fc-5d5decdf95568"
content-encoding: br
X-Firefox-Spdy: h2
aroma-modena.com/wp-content/themes/heal_tcd077/js/jscript.js?ver=1.3.2
162.43.117.39200 OK 23 kB URL HTTP/2 aroma-modena.com/wp-content/themes/heal_tcd077/js/jscript.js?ver=1.3.2
IP 162.43.117.39:0
Hash 69949ac113e786adb16b41a6373a9522
4c00fc2f14c8f3027c53092c21cdfe6deb4ec8e3
e31e097fe5ac3083a1c82ace45040e503a24809d0c84cd7f06531991b58069d1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/heal_tcd077/js/jscript.js?ver=1.3.2 HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:56 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 18 Jan 2022 17:43:18 GMT
etag: W/"39fc-5d5decdf95568"
content-encoding: br
X-Firefox-Spdy: h2
aroma-modena.com/wp-content/themes/heal_tcd077/js/simplebar.css?ver=1.3.2
162.43.117.39200 OK 22 kB URL HTTP/2 aroma-modena.com/wp-content/themes/heal_tcd077/js/simplebar.css?ver=1.3.2
IP 162.43.117.39:0
Hash a1f96ecafa49944f93818b88c86258a9
b169463905a57be1a32eb0f12b6f976764452ef1
7d2523a9e08a4cc2fcabee067c4c7b45bff3fed0a423e21eb6bf616a5e3a3c08
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/heal_tcd077/js/simplebar.css?ver=1.3.2 HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:56 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 18 Jan 2022 17:43:19 GMT
etag: W/"def-5d5dece09a14d"
content-encoding: br
X-Firefox-Spdy: h2
aroma-modena.com/wp-content/themes/heal_tcd077/js/comment.js?ver=1.3.2
162.43.117.39200 OK 58 kB URL HTTP/2 aroma-modena.com/wp-content/themes/heal_tcd077/js/comment.js?ver=1.3.2
IP 162.43.117.39:0
File type HTML document, ASCII text
Hash 5b3283a6ec00bf8c93a28bff6fcb861a
ec7041ee3c9cc90b8cb16e7973336f9d1b026c35
ea3902f9c9c75dce84320dba615bf442825a2aa21364e97f3f3de2975d90f778
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/heal_tcd077/js/comment.js?ver=1.3.2 HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:56 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 18 Jan 2022 17:43:17 GMT
etag: W/"8e6-5d5decde957a3"
content-encoding: br
X-Firefox-Spdy: h2
aroma-modena.com/wp-content/uploads/2022/06/haruka3.jpg
162.43.117.39200 OK 27 kB URL HTTP/2 aroma-modena.com/wp-content/uploads/2022/06/haruka3.jpg
IP 162.43.117.39:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", progressive, precision 8, 480x640, components 3\012- data
Hash eabc0ef0a6b8eb7c7393a74025ee0990
5dbd0d5a263fbee57d95e6fc236673c39897db41
19e168d05f5097c3310e36a59222cffb953ad971a0612aee3f02146ff424cbc6
GET /wp-content/uploads/2022/06/haruka3.jpg HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:58 GMT
content-type: image/jpeg
content-length: 27145
last-modified: Sun, 19 Jun 2022 11:23:56 GMT
etag: "6a09-5e1cb392326ad"
accept-ranges: bytes
X-Firefox-Spdy: h2
aroma-modena.com/wp-content/uploads/2022/08/7.png
162.43.117.39200 OK 814 kB URL HTTP/2 aroma-modena.com/wp-content/uploads/2022/08/7.png
IP 162.43.117.39:0
File type PNG image data, 1587 x 2245, 8-bit/color RGBA, non-interlaced\012- data
Size 814 kB (814425 bytes)
Hash 1b958cf5f78c795f843ab87484a8da16
7b034dc63413c9eea6e44913a35b960808ef2849
d1f791b9cbe1dc06ade19a19655c1eeae992891932c079ae3482033ab2a7b39f
GET /wp-content/uploads/2022/08/7.png HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:56 GMT
content-type: image/png
content-length: 814425
last-modified: Wed, 03 Aug 2022 04:49:09 GMT
etag: "c6d59-5e54ef41b86dc"
accept-ranges: bytes
X-Firefox-Spdy: h2
aroma-modena.com/wp-content/uploads/2022/08/8.png
162.43.117.39200 OK 777 kB URL HTTP/2 aroma-modena.com/wp-content/uploads/2022/08/8.png
IP 162.43.117.39:0
File type PNG image data, 1587 x 2245, 8-bit/color RGBA, non-interlaced\012- data
Size 777 kB (776922 bytes)
Hash d81775d400466a683f23857128216631
3cb3cc045b2c2870584fd5d2ba804e54b3890153
bb2a7c48cd414d43bb30df93410c8c2b83f349eae419a1ed395006e36345f6ab
GET /wp-content/uploads/2022/08/8.png HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:56 GMT
content-type: image/png
content-length: 776922
last-modified: Wed, 03 Aug 2022 04:49:41 GMT
etag: "bdada-5e54ef60b0370"
accept-ranges: bytes
X-Firefox-Spdy: h2
aroma-modena.com/wp-content/themes/heal_tcd077/fonts/fontawesome-webfont.woff2?v=4.7.0
162.43.117.39200 OK 77 kB URL HTTP/2 aroma-modena.com/wp-content/themes/heal_tcd077/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 162.43.117.39:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/heal_tcd077/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://aroma-modena.com/wp-content/themes/heal_tcd077/css/font-awesome.min.css?ver=1.3.2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:57 GMT
content-length: 77160
last-modified: Tue, 18 Jan 2022 17:43:10 GMT
etag: "12d68-5d5decd827f65"
accept-ranges: bytes
X-Firefox-Spdy: h2
aroma-modena.com/wp-content/uploads/2022/04/itika.jpg
162.43.117.39200 OK 81 kB URL HTTP/2 aroma-modena.com/wp-content/uploads/2022/04/itika.jpg
IP 162.43.117.39:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", progressive, precision 8, 1001x1334, components 3\012- data
Hash 224d36a47034e2fbd93cfb288cb3aa44
9203c09a0677964f64169906a65c25fe678f720c
b449d231746574df2ea0d67caaad0ba62802f030dc7d4f61455681e229f5a7bd
GET /wp-content/uploads/2022/04/itika.jpg HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:57 GMT
content-type: image/jpeg
content-length: 81009
last-modified: Thu, 21 Apr 2022 01:46:50 GMT
etag: "13c71-5dd20489e1a50"
accept-ranges: bytes
X-Firefox-Spdy: h2
aroma-modena.com/wp-content/themes/heal_tcd077/css/swiper-bundle.css?ver=1.3.2
162.43.117.39200 OK 4.8 kB URL HTTP/2 aroma-modena.com/wp-content/themes/heal_tcd077/css/swiper-bundle.css?ver=1.3.2
IP 162.43.117.39:0
File type ASCII text, with very long lines (2257)
Hash 6e959b041a8c27bba20962add855db82
153878228609c0ec468760d209d5a07147a7d092
d95e313abe658c8d9980a6437bcf0bc0c72654a724d49948c509b9801166820d
GET /wp-content/themes/heal_tcd077/css/swiper-bundle.css?ver=1.3.2 HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:57 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 18 Jan 2022 17:43:09 GMT
etag: W/"42bc-5d5decd66c99c"
content-encoding: br
X-Firefox-Spdy: h2
aroma-modena.com/wp-content/themes/heal_tcd077/js/jquery.easing.1.4.js?ver=1.3.2
162.43.117.39200 OK 99 kB URL HTTP/2 aroma-modena.com/wp-content/themes/heal_tcd077/js/jquery.easing.1.4.js?ver=1.3.2
IP 162.43.117.39:0
File type ASCII text, with very long lines (2532), with no line terminators
Hash 8e772c86147f5ad0280b0e657259f4ae
eb1a2f9563819c1eafc6da4d95c0c21ab3d2af3d
038f24df8e8576983451944ad299b1be2bda9657e0c82788400edc3bee15d651
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/heal_tcd077/js/jquery.easing.1.4.js?ver=1.3.2 HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:56 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 18 Jan 2022 17:43:18 GMT
etag: W/"9e4-5d5decdf5dac7"
content-encoding: br
X-Firefox-Spdy: h2
aroma-modena.com/wp-content/uploads/2021/09/main02_1450_550.jpg
162.43.117.39200 OK 274 kB URL HTTP/2 aroma-modena.com/wp-content/uploads/2021/09/main02_1450_550.jpg
IP 162.43.117.39:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 Macintosh, datetime=2021:04:19 12:55:08], progressive, precision 8, 1450x550, components 3\012- data
Size 274 kB (273682 bytes)
Hash c20347d0fdce670f259bd2ecda8c5a9f
919784dda780dce3db29910fe4cd2e6078d41645
65934a0beeefcf3f20ba9dc110c979ef8a00f2d2d81845941be6187a1c3b028e
GET /wp-content/uploads/2021/09/main02_1450_550.jpg HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:57 GMT
content-type: image/jpeg
content-length: 273682
last-modified: Tue, 18 Jan 2022 17:46:39 GMT
etag: "42d12-5d5ded9ea0c9e"
accept-ranges: bytes
X-Firefox-Spdy: h2
maps.gstatic.com/maps-api-v3/embed/js/51/2/intl/ja_ALL/init_embed.js
216.58.207.227200 OK 70 kB URL HTTP/2 maps.gstatic.com/maps-api-v3/embed/js/51/2/intl/ja_ALL/init_embed.js
IP 216.58.207.227:0
File type ASCII text, with very long lines (2669)
Hash bb2eb5fffbaeb308ee101768dd049254
ce90ec79db13cee06163882130eaba5ce09757a3
2b8977ef05fafed6e970f6cf549690a55172527de4598363ffa5228cb59548b6
GET /maps-api-v3/embed/js/51/2/intl/ja_ALL/init_embed.js HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 69682
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 21:54:57 GMT
expires: Thu, 30 Nov 2023 21:54:57 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 28 Nov 2022 22:32:00 GMT
content-type: text/javascript
age: 426661
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
aroma-modena.com/wp-content/uploads/2022/10/1666272626968.jpg
162.43.117.39200 OK 258 kB URL HTTP/2 aroma-modena.com/wp-content/uploads/2022/10/1666272626968.jpg
IP 162.43.117.39:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=4, height=0, orientation=upper-left, width=0], baseline, precision 8, 1108x1108, components 3\012- data
Size 258 kB (257937 bytes)
Hash b40486e1e639853b9b2f27a83206fa7e
c7141de70cddfbbde42b1be52850ff6dbdfc9ebd
bb2bf96c189bbc4f75adb5e7ce142cceb699077df9a91a14134432e632610352
GET /wp-content/uploads/2022/10/1666272626968.jpg HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:57 GMT
content-type: image/jpeg
content-length: 257937
last-modified: Thu, 20 Oct 2022 14:57:27 GMT
etag: "3ef91-5eb788b3397eb"
accept-ranges: bytes
X-Firefox-Spdy: h2
aroma-modena.com/wp-content/uploads/2021/09/main03_1450_550.jpg
162.43.117.39200 OK 432 kB URL HTTP/2 aroma-modena.com/wp-content/uploads/2021/09/main03_1450_550.jpg
IP 162.43.117.39:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 Macintosh, datetime=2021:04:19 13:14:40], progressive, precision 8, 1450x550, components 3\012- data
Size 432 kB (431860 bytes)
Hash 57d485cd88a2a4b3990e694d27da5c51
ce7e11aaedd22ec42001420c5a2d0ecac0c3a420
1c138375e078feef6cc1c05f94781aef1798cb08f494b77611c8e17d89709192
GET /wp-content/uploads/2021/09/main03_1450_550.jpg HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:57 GMT
content-type: image/jpeg
content-length: 431860
last-modified: Tue, 18 Jan 2022 17:46:41 GMT
etag: "696f4-5d5deda120709"
accept-ranges: bytes
X-Firefox-Spdy: h2
aroma-modena.com/wp-content/themes/heal_tcd077/js/swiper-bundle.min.js?ver=1.3.2
162.43.117.39200 OK 55 kB URL HTTP/2 aroma-modena.com/wp-content/themes/heal_tcd077/js/swiper-bundle.min.js?ver=1.3.2
IP 162.43.117.39:0
File type ASCII text, with very long lines (65282)
Hash 2ee26be93e78cf6966b661c430b56a4e
90325c6ff5e0a53176675977bcf6327cdb38bb27
6ec5892207f0fd578ba5a3e54da3af553f854704df182162fa4b018ae5aac797
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/heal_tcd077/js/swiper-bundle.min.js?ver=1.3.2 HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:56 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 18 Jan 2022 17:43:21 GMT
etag: W/"22baa-5d5dece1f6b74"
content-encoding: br
X-Firefox-Spdy: h2
aroma-modena.com/wp-content/uploads/2022/07/16388532289631.jpg
162.43.117.39200 OK 27 kB URL HTTP/2 aroma-modena.com/wp-content/uploads/2022/07/16388532289631.jpg
IP 162.43.117.39:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=2, orientation=upper-left], baseline, precision 8, 300x400, components 3\012- data
Hash 60ce44a29df05240ed926b3a43e7ed7d
513cd06b7cd0096e5534b2340f3fdcf8442de938
1afa248cda49e2870b6ad2c914b0846dc4402c0fabf3a6eddd0bd531734d5a11
GET /wp-content/uploads/2022/07/16388532289631.jpg HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:58 GMT
content-type: image/jpeg
content-length: 26674
last-modified: Thu, 07 Jul 2022 04:22:01 GMT
etag: "6832-5e32f6d602d2f"
accept-ranges: bytes
X-Firefox-Spdy: h2
aroma-modena.com/wp-content/uploads/2022/08/modena-ricruit.png
162.43.117.39200 OK 1.0 MB URL HTTP/2 aroma-modena.com/wp-content/uploads/2022/08/modena-ricruit.png
IP 162.43.117.39:0
File type PNG image data, 1587 x 2245, 8-bit/color RGBA, non-interlaced\012- data
Size 1.0 MB (1029932 bytes)
Hash 3db3a59b0ac32f2c8d8313ab81371c67
136ce3ad625e704959278a9c36fc2a3d4f2c3ccc
283632d8bf8fccbad9cb1cc08479dd907fb6bd335967897e380424fd71af6a07
GET /wp-content/uploads/2022/08/modena-ricruit.png HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:56 GMT
content-type: image/png
content-length: 1029932
last-modified: Wed, 03 Aug 2022 04:34:51 GMT
etag: "fb72c-5e54ec0ff1748"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:25:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
aroma-modena.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
162.43.117.39200 OK 7.9 kB URL HTTP/2 aroma-modena.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP 162.43.117.39:0
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash eea7cb5d0f20f726c184779002b35846
6f83bd41c4c6bc901a644ca745ae17607d539470
a71b6c2c23629874551bd594e43b407c43f922e1fd352eacd002a02be8d1392c
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:56 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 02 Nov 2022 06:05:46 GMT
etag: W/"53c0-5ec76a1a8b983"
content-encoding: br
X-Firefox-Spdy: h2
aroma-modena.com/wp-content/themes/heal_tcd077/css/sns-botton.css?ver=1.3.2
162.43.117.39200 OK 13 kB URL HTTP/2 aroma-modena.com/wp-content/themes/heal_tcd077/css/sns-botton.css?ver=1.3.2
IP 162.43.117.39:0
File type Unicode text, UTF-8 text, with very long lines (461)
Hash 76c623de4d3b1d2b48b0971171270ece
41ad05e0a2c1591d77e38948c548e72c54586d0c
7c53e3489f509eec44aee14c1ffd573ca01e51b18ab70e570b8441667318819c
GET /wp-content/themes/heal_tcd077/css/sns-botton.css?ver=1.3.2 HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:56 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 18 Jan 2022 17:43:08 GMT
etag: W/"35ee-5d5decd64683c"
content-encoding: br
X-Firefox-Spdy: h2
aroma-modena.com/wp-content/uploads/2021/09/main01_1450_550.jpg
162.43.117.39200 OK 1.4 kB URL HTTP/2 aroma-modena.com/wp-content/uploads/2021/09/main01_1450_550.jpg
IP 162.43.117.39:0
File type gzip compressed data, max compression\012- data
Hash 3933c07c610028a0b8da7598fdbe6915
77cd4a65c663dee7a0eeddba30c62d4081b3e9e0
a389d645b7ebab2f1529bf6eb7322a51d90be87e3415729c3a1437c40ea3fc90
GET /wp-content/uploads/2021/09/main01_1450_550.jpg HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:57 GMT
content-type: image/jpeg
content-length: 372576
last-modified: Tue, 18 Jan 2022 17:46:36 GMT
etag: "5af60-5d5ded9bdebb0"
accept-ranges: bytes
X-Firefox-Spdy: h2
webfonts.xserver.jp/advance/ref/ja/107/checkdigit?K18MUcZzRRA%3D
202.226.37.225200 OK 1 B URL HTTP/1.1 webfonts.xserver.jp/advance/ref/ja/107/checkdigit?K18MUcZzRRA%3D
IP 202.226.37.225:0
File type very short file (no magic)
Hash cfcd208495d565ef66e7dff9f98764da
b6589fc6ab0dc82cf12099d1c2d40ab994e8410c
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
GET /advance/ref/ja/107/checkdigit?K18MUcZzRRA%3D HTTP/1.1
Host: webfonts.xserver.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Origin: https://aroma-modena.com
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 20:25:58 GMT
Content-Type: text/plain;;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
ETag: "typesquare-use-cache"
Cache-Control: public, s-maxage=8640000
Pragma: cache
X-Cache-Status: HIT
region1.google-analytics.com/g/collect?v=2&tid=G-NPC8QXL79X>m=2oebu0&_p=246094443&cid=362623398.1670271955&ul=en-us&sr=1280x1024&_s=1&sid=1670271955&sct=1&seg=0&dl=https%3A%2F%2Faroma-modena.com%2F&dt=AromaMODENA%20-%E3%83%A2%E3%83%87%E3%83%8A-%20%E3%81%AF%E7%A6%8F%E5%B2%A1%E5%8D%9A%E5%A4%9A%E9%A7%85%E5%BE%92%E6%AD%A93%E5%88%86%E5%9C%8F%E5%86%85%E3%81%AB%E3%81%82%E3%82%8B%E5%AE%8C%E5%85%A8%E5%80%8B%E5%AE%A4%E3%81%AE%E5%A4%A7%E4%BA%BA%E3%81%AE%E9%9A%A0%E3%82%8C%E5%AE%B6%E3%83%A1%E3%83%B3%E3%82%BA%E3%82%A8%E3%82%B9%E3%83%86%E3%81%A7%E3%81%99%E3%80%82&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-NPC8QXL79X>m=2oebu0&_p=246094443&cid=362623398.1670271955&ul=en-us&sr=1280x1024&_s=1&sid=1670271955&sct=1&seg=0&dl=https%3A%2F%2Faroma-modena.com%2F&dt=AromaMODENA%20-%E3%83%A2%E3%83%87%E3%83%8A-%20%E3%81%AF%E7%A6%8F%E5%B2%A1%E5%8D%9A%E5%A4%9A%E9%A7%85%E5%BE%92%E6%AD%A93%E5%88%86%E5%9C%8F%E5%86%85%E3%81%AB%E3%81%82%E3%82%8B%E5%AE%8C%E5%85%A8%E5%80%8B%E5%AE%A4%E3%81%AE%E5%A4%A7%E4%BA%BA%E3%81%AE%E9%9A%A0%E3%82%8C%E5%AE%B6%E3%83%A1%E3%83%B3%E3%82%BA%E3%82%A8%E3%82%B9%E3%83%86%E3%81%A7%E3%81%99%E3%80%82&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-NPC8QXL79X>m=2oebu0&_p=246094443&cid=362623398.1670271955&ul=en-us&sr=1280x1024&_s=1&sid=1670271955&sct=1&seg=0&dl=https%3A%2F%2Faroma-modena.com%2F&dt=AromaMODENA%20-%E3%83%A2%E3%83%87%E3%83%8A-%20%E3%81%AF%E7%A6%8F%E5%B2%A1%E5%8D%9A%E5%A4%9A%E9%A7%85%E5%BE%92%E6%AD%A93%E5%88%86%E5%9C%8F%E5%86%85%E3%81%AB%E3%81%82%E3%82%8B%E5%AE%8C%E5%85%A8%E5%80%8B%E5%AE%A4%E3%81%AE%E5%A4%A7%E4%BA%BA%E3%81%AE%E9%9A%A0%E3%82%8C%E5%AE%B6%E3%83%A1%E3%83%B3%E3%82%BA%E3%82%A8%E3%82%B9%E3%83%86%E3%81%A7%E3%81%99%E3%80%82&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://aroma-modena.com
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://aroma-modena.com
date: Mon, 05 Dec 2022 20:25:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ranking-deli.jp/8/shop/29794/diarywidget/?prev-sp=true&type=3&list=y
13.112.208.20403 Forbidden 118 B URL HTTP/2 ranking-deli.jp/8/shop/29794/diarywidget/?prev-sp=true&type=3&list=y
IP 13.112.208.20:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash bad2e8579dcdb79399aac2064216a37d
7771e4d9c60e02ce2246b5d71bb23f92b9fb8a90
58bf2215b395dcac74c009aa98701854e43cbe54a1cd3a95fee6a647ca9910d4
GET /8/shop/29794/diarywidget/?prev-sp=true&type=3&list=y HTTP/1.1
Host: ranking-deli.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
server: awselb/2.0
date: Mon, 05 Dec 2022 20:25:58 GMT
content-type: text/html
content-length: 118
X-Firefox-Spdy: h2
platform.twitter.com/widgets.js
93.184.220.66200 OK 29 kB URL HTTP/1.1 platform.twitter.com/widgets.js
IP 93.184.220.66:0
File type Unicode text, UTF-8 text, with very long lines (33915)
Hash 7899fffaf0046efb7f9be2495d9dc928
d4c60d88e8deea577a50f9d20e1b6b3a20cba2cf
07d50450f22df0588cc1b67f5a124cb91d99a032a229586eb7dc490cce9f7f30
GET /widgets.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Age: 866
Cache-Control: public, max-age=1800
Content-Type: application/javascript; charset=utf-8
Date: Mon, 05 Dec 2022 20:25:58 GMT
Etag: "6633f9603c759c40d9b200995454f17c+gzip"
Last-Modified: Wed, 02 Nov 2022 19:43:37 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F708)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 29221
d30ifc8mca3chm.cloudfront.net/banner/admin/cashback_eyoyaku_740140.jpg
143.204.42.225200 OK 50 kB URL HTTP/2 d30ifc8mca3chm.cloudfront.net/banner/admin/cashback_eyoyaku_740140.jpg
IP 143.204.42.225:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 740x140, components 3\012- data
Hash 733edfb9c6acbabdaadea165e30d56a9
015e9dc89bdd7151fddacda089263f175a001a37
f2e649d2ad77bb4b0c34058c2c8d2cdd0cb4225be464ff10be376a7db4195b6b
GET /banner/admin/cashback_eyoyaku_740140.jpg HTTP/1.1
Host: d30ifc8mca3chm.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpg
content-length: 50305
date: Tue, 29 Nov 2022 01:20:25 GMT
last-modified: Mon, 20 Dec 2021 08:29:41 GMT
etag: "733edfb9c6acbabdaadea165e30d56a9"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: QC4Rw1GEW4uAmDPniMvDqZthsTvFCPH-embGGtUUHJh2hBOy-kz2xg==
age: 587131
X-Firefox-Spdy: h2
webfonts.xserver.jp/advance/mkfont/ja/107/ts?condition=e38123f77e9d6dc18df78efa3e2dfa1f&eid=K18MUcZzRRA%3D&location=https%3A%2F%2Faroma-modena.com%2F&bw[name]=Firefox&bw[ftf]=0&bw[os]=Windows&fonts[family]=A1%E6%98%8E%E6%9C%9D&fonts[str]=LmZ1a29hbWRlbjU4QGdpbGNHOuacrOaXpeOBruWHuuWLpFRPREFZJ1NDSEVVTDFCNlfjgYTjgYrjgoooMjPmrbMpN%2BODnuODquOCszDjga%2FjgovjgYvjgonjgpPjgZXjgajjgb8544GINOOBoeOBj%2BOBquODlOODvOOCv%2BanmOmZkOWumuOBp%2BWFqOOCueiqleeUn%2BWGhkbkuovliY3kuojntITlibLjgIHpm6jmmLw%3D
202.226.37.225200 OK 42 B URL HTTP/1.1 webfonts.xserver.jp/advance/mkfont/ja/107/ts?condition=e38123f77e9d6dc18df78efa3e2dfa1f&eid=K18MUcZzRRA%3D&location=https%3A%2F%2Faroma-modena.com%2F&bw[name]=Firefox&bw[ftf]=0&bw[os]=Windows&fonts[family]=A1%E6%98%8E%E6%9C%9D&fonts[str]=LmZ1a29hbWRlbjU4QGdpbGNHOuacrOaXpeOBruWHuuWLpFRPREFZJ1NDSEVVTDFCNlfjgYTjgYrjgoooMjPmrbMpN%2BODnuODquOCszDjga%2FjgovjgYvjgonjgpPjgZXjgajjgb8544GINOOBoeOBj%2BOBquODlOODvOOCv%2BanmOmZkOWumuOBp%2BWFqOOCueiqleeUn%2BWGhkbkuovliY3kuojntITlibLjgIHpm6jmmLw%3D
IP 202.226.37.225:0
File type ASCII text, with no line terminators
Hash fc4d37c8cebe035d8aa0337686d2a2a0
0902789a9ce0d23edb924bcf8da2437b0623a9d0
03c762b9364316fe254b87db0a3b3b418de66c2334d7b3d0d5af597c1fc35fcf
GET /advance/mkfont/ja/107/ts?condition=e38123f77e9d6dc18df78efa3e2dfa1f&eid=K18MUcZzRRA%3D&location=https%3A%2F%2Faroma-modena.com%2F&bw[name]=Firefox&bw[ftf]=0&bw[os]=Windows&fonts[family]=A1%E6%98%8E%E6%9C%9D&fonts[str]=LmZ1a29hbWRlbjU4QGdpbGNHOuacrOaXpeOBruWHuuWLpFRPREFZJ1NDSEVVTDFCNlfjgYTjgYrjgoooMjPmrbMpN%2BODnuODquOCszDjga%2FjgovjgYvjgonjgpPjgZXjgajjgb8544GINOOBoeOBj%2BOBquODlOODvOOCv%2BanmOmZkOWumuOBp%2BWFqOOCueiqleeUn%2BWGhkbkuovliY3kuojntITlibLjgIHpm6jmmLw%3D HTTP/1.1
Host: webfonts.xserver.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://aroma-modena.com
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 20:25:58 GMT
Content-Type: text/plain;;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Pragma: no-cache
Cache-Control: max-age=0
X-Cache-Status: MISS
platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Faroma-modena.com
93.184.220.66200 OK 105 kB URL HTTP/1.1 platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Faroma-modena.com
IP 93.184.220.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (56168)
Size 105 kB (105445 bytes)
Hash 2b4968b185495eddda0d85b2351ebb71
c665785ca0f4039f8c71d94631cd50a879d866b5
eb8af089d8082a58a6e90fedc23007f17a9e89ddbc6a29b6e535e4847ba94160
GET /widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Faroma-modena.com HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 398883
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Mon, 05 Dec 2022 20:25:59 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:59 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71E)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105445
aroma-modena.com/favicon.ico
162.43.117.39302 Found 0 B URL HTTP/2 aroma-modena.com/favicon.ico
IP 162.43.117.39:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Cookie: _ga_NPC8QXL79X=GS1.1.1670271955.1.0.1670271955.0.0.0; _ga=GA1.1.362623398.1670271955
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
server: nginx
date: Mon, 05 Dec 2022 20:25:59 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://aroma-modena.com/wp-includes/images/w-logo-blue-white-bg.png
link: <https://aroma-modena.com/wp-json/>; rel="https://api.w.org/"
x-redirect-by: WordPress
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash ac8da4a07cc2c9bf09020185af2a2e8c
5b28aa4395bc9ea2792a59029435d579b9099287
36a409371566530a17a1a71b1ea1cdd8539df011341e232a54ff3216f043ccfc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6543
Cache-Control: max-age=124170
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:25:59 GMT
Etag: "638d7c52-139"
Expires: Wed, 07 Dec 2022 06:55:29 GMT
Last-Modified: Mon, 05 Dec 2022 05:06:26 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 313
webfonts.xserver.jp/ab.woff
202.226.37.225200 OK 18 kB URL HTTP/1.1 webfonts.xserver.jp/ab.woff
IP 202.226.37.225:0
File type Web Open Font Format, TrueType, length 17784, version 0.0\012- data
Hash 537dbe5cff510deb7c96f75dde2685a7
5693b9fb5e93e2455e05247dd97611109d1cda88
e2fa69feab176160c642026437a980e8d82132c225290fcfb0c50a333dd31552
GET /ab.woff HTTP/1.1
Host: webfonts.xserver.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://aroma-modena.com
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 20:25:59 GMT
Content-Type: font/woff
Content-Length: 17784
Connection: keep-alive
Last-Modified: Fri, 26 Feb 2021 05:26:27 GMT
ETag: "60388683-4578"
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Max-Age: 31536000
X-Cache-Status: HIT
Accept-Ranges: bytes
syndication.twitter.com/settings?session_id=7e8a6cc567f8285493bd6a7a502f3157b315824d
104.244.42.8200 OK 386 B URL HTTP/2 syndication.twitter.com/settings?session_id=7e8a6cc567f8285493bd6a7a502f3157b315824d
IP 104.244.42.8:0
File type JSON data\012- , ASCII text, with very long lines (980), with no line terminators
Hash d8191391c888619de075f6e68400d5d0
c50e4465150fa960db0be7c1eb5907a5f96eb5ed
115d700c917d36ef2d666d1c634f3b77413b2bccb78266bdba043b318009f773
GET /settings?session_id=7e8a6cc567f8285493bd6a7a502f3157b315824d HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://platform.twitter.com/
Origin: https://platform.twitter.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:25:59 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: application/json; charset=utf-8
cache-control: must-revalidate, max-age=600
last-modified: Mon, 05 Dec 2022 20:25:59 GMT
content-length: 386
content-encoding: gzip
x-transaction-id: 8659479641c8b3cc
strict-transport-security: max-age=631138519
access-control-allow-origin: https://platform.twitter.com
access-control-allow-credentials: true
x-response-time: 115
x-connection-hash: 0e55565d2cc262a758e183c07238b7eb89ac2584b2af4679f614e904743a743c
X-Firefox-Spdy: h2
aroma-modena.com/wp-includes/images/w-logo-blue-white-bg.png
162.43.117.39200 OK 4.1 kB URL HTTP/2 aroma-modena.com/wp-includes/images/w-logo-blue-white-bg.png
IP 162.43.117.39:0
File type PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 000bf649cc8f6bf27cfb04d1bcdcd3c7
d73d2f6d74ec6cdcbae07955592962e77d8ae814
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aroma-modena.com/
Connection: keep-alive
Cookie: _ga_NPC8QXL79X=GS1.1.1670271955.1.0.1670271955.0.0.0; _ga=GA1.1.362623398.1670271955
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:59 GMT
content-type: image/png
content-length: 4119
last-modified: Fri, 23 Sep 2022 14:09:34 GMT
etag: "1017-5e958ba415654"
accept-ranges: bytes
X-Firefox-Spdy: h2
aroma-modena.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
162.43.117.39200 OK 31 kB URL HTTP/2 aroma-modena.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 162.43.117.39:0
File type ASCII text, with very long lines (11126)
Hash 9ac8b2b91ab2fb7cb3d250ad12fc8c53
02fd92762eaedc7a23318adbd1de3d1035b77e5e
09c309142a41aa2dd2182afe44c377874484c4ddcf4754fa236190d29258c1d9
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:56 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 23 Sep 2022 14:09:39 GMT
etag: W/"2bd8-5e958ba89aa08"
content-encoding: br
X-Firefox-Spdy: h2
aroma-modena.com/wp-content/themes/heal_tcd077/js/slick.css?ver=1.0.0
162.43.117.39200 OK 3.6 kB URL HTTP/2 aroma-modena.com/wp-content/themes/heal_tcd077/js/slick.css?ver=1.0.0
IP 162.43.117.39:0
Hash 9d619981431db1ed168654aa39463b8c
1e107cbb0000929905c8f6e29d8057a25a5ad9e6
bc6b19dfd47ea4cd453bf966bd93224fe19d08f02ca8b17a0b72d2cb1bee245e
GET /wp-content/themes/heal_tcd077/js/slick.css?ver=1.0.0 HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:56 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 18 Jan 2022 17:43:20 GMT
etag: W/"6c1-5d5dece11a030"
content-encoding: br
X-Firefox-Spdy: h2
syndication.twitter.com/i/jot/embeds?l=%7B%22experiment_key%22%3A%22tfw_horizon_timeline_12034%22%2C%22bucket%22%3A%22treatment%22%2C%22version%22%3Anull%2C%22data%22%3A%7B%7D%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1670271956990%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22widget_origin%22%3A%22%22%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22ddg%22%2C%22section%22%3A%22tfw_horizon_timeline_12034%22%2C%22action%22%3A%22experiment%22%7D%7D&session_id=7e8a6cc567f8285493bd6a7a502f3157b315824d
104.244.42.8200 OK 43 B URL HTTP/2 syndication.twitter.com/i/jot/embeds?l=%7B%22experiment_key%22%3A%22tfw_horizon_timeline_12034%22%2C%22bucket%22%3A%22treatment%22%2C%22version%22%3Anull%2C%22data%22%3A%7B%7D%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1670271956990%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22widget_origin%22%3A%22%22%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22ddg%22%2C%22section%22%3A%22tfw_horizon_timeline_12034%22%2C%22action%22%3A%22experiment%22%7D%7D&session_id=7e8a6cc567f8285493bd6a7a502f3157b315824d
IP 104.244.42.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/jot/embeds?l=%7B%22experiment_key%22%3A%22tfw_horizon_timeline_12034%22%2C%22bucket%22%3A%22treatment%22%2C%22version%22%3Anull%2C%22data%22%3A%7B%7D%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1670271956990%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22widget_origin%22%3A%22%22%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22ddg%22%2C%22section%22%3A%22tfw_horizon_timeline_12034%22%2C%22action%22%3A%22experiment%22%7D%7D&session_id=7e8a6cc567f8285493bd6a7a502f3157b315824d HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:25:59 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: image/gif
cache-control: must-revalidate, max-age=600
last-modified: Mon, 05 Dec 2022 20:25:59 GMT
content-length: 43
x-transaction-id: 83c153a989acfe2b
strict-transport-security: max-age=631138519
x-response-time: 107
x-connection-hash: 0e55565d2cc262a758e183c07238b7eb89ac2584b2af4679f614e904743a743c
X-Firefox-Spdy: h2
syndication.twitter.com/srv/timeline-profile/screen-name/AromaModena?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19zaG93X2J1c2luZXNzX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9LCJ0ZndfY2hpbl9waWxsc18xNDc0MSI6eyJidWNrZXQiOiJjb2xvcl9pY29ucyIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfcmVzdWx0X21pZ3JhdGlvbl8xMzk3OSI6eyJidWNrZXQiOiJ0d2VldF9yZXN1bHQiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NlbnNpdGl2ZV9tZWRpYV9pbnRlcnN0aXRpYWxfMTM5NjMiOnsiYnVja2V0IjoiaW50ZXJzdGl0aWFsIiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmx1ZV92ZXJpZmllZF9iYWRnZSI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=ja&maxHeight=800px&origin=https%3A%2F%2Faroma-modena.com%2F&sessionId=7e8a6cc567f8285493bd6a7a502f3157b315824d&showHeader=true&showReplies=false&theme=light&transparent=false&widgetsVersion=a3525f077c700%3A1667415560940
104.244.42.8200 OK 15 kB URL HTTP/2 syndication.twitter.com/srv/timeline-profile/screen-name/AromaModena?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19zaG93X2J1c2luZXNzX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9LCJ0ZndfY2hpbl9waWxsc18xNDc0MSI6eyJidWNrZXQiOiJjb2xvcl9pY29ucyIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfcmVzdWx0X21pZ3JhdGlvbl8xMzk3OSI6eyJidWNrZXQiOiJ0d2VldF9yZXN1bHQiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NlbnNpdGl2ZV9tZWRpYV9pbnRlcnN0aXRpYWxfMTM5NjMiOnsiYnVja2V0IjoiaW50ZXJzdGl0aWFsIiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmx1ZV92ZXJpZmllZF9iYWRnZSI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=ja&maxHeight=800px&origin=https%3A%2F%2Faroma-modena.com%2F&sessionId=7e8a6cc567f8285493bd6a7a502f3157b315824d&showHeader=true&showReplies=false&theme=light&transparent=false&widgetsVersion=a3525f077c700%3A1667415560940
IP 104.244.42.8:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (60415), with no line terminators
Hash d4ee9c68852616c94903fdebb2cbba94
cbab654ab0264bc52408cadbfe1503e76470cc79
83eaac09941e6f302afc545686ba8407cf0fa4bff22801c0840cca49f0c203eb
GET /srv/timeline-profile/screen-name/AromaModena?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19zaG93X2J1c2luZXNzX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9LCJ0ZndfY2hpbl9waWxsc18xNDc0MSI6eyJidWNrZXQiOiJjb2xvcl9pY29ucyIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfcmVzdWx0X21pZ3JhdGlvbl8xMzk3OSI6eyJidWNrZXQiOiJ0d2VldF9yZXN1bHQiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NlbnNpdGl2ZV9tZWRpYV9pbnRlcnN0aXRpYWxfMTM5NjMiOnsiYnVja2V0IjoiaW50ZXJzdGl0aWFsIiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmx1ZV92ZXJpZmllZF9iYWRnZSI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=ja&maxHeight=800px&origin=https%3A%2F%2Faroma-modena.com%2F&sessionId=7e8a6cc567f8285493bd6a7a502f3157b315824d&showHeader=true&showReplies=false&theme=light&transparent=false&widgetsVersion=a3525f077c700%3A1667415560940 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:26:00 GMT
etag: "2667f-/qJh48FgmDpyLMEuT/F9usH/BJg"
perf: 7626143928
server: tsa_o
content-type: text/html; charset=utf-8
cache-control: must-revalidate, max-age=60
x-transaction-id: 3873625a1b6eb790
x-xss-protection: 0
strict-transport-security: max-age=631138519
content-encoding: gzip
content-length: 15424
x-response-time: 1008
x-connection-hash: 0e55565d2cc262a758e183c07238b7eb89ac2584b2af4679f614e904743a743c
X-Firefox-Spdy: h2
platform.twitter.com/_next/static/chunks/runtime-a148fbcbc5efcd91d3a7.js
93.184.220.66200 OK 2.1 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/runtime-a148fbcbc5efcd91d3a7.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (3835), with no line terminators
Hash a7a94df486e306b619ab921142d234e2
1386bcf32860c146b6b7d912b92a540662cc7361
f4de548de8d166e7872adeefa8e8345f952b9001b40ca56622cd40033a34bf22
GET /_next/static/chunks/runtime-a148fbcbc5efcd91d3a7.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 426004
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Mon, 05 Dec 2022 20:26:00 GMT
Etag: "581beb14123ea389fe5c0fe24167fe0a+gzip"
Last-Modified: Thu, 03 Nov 2022 19:46:26 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71B)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 2097
aroma-modena.com/wp-content/themes/heal_tcd077/css/responsive.css?ver=1.3.2
162.43.117.39200 OK 105 kB URL HTTP/2 aroma-modena.com/wp-content/themes/heal_tcd077/css/responsive.css?ver=1.3.2
IP 162.43.117.39:0
Size 105 kB (105059 bytes)
Hash 01de752cc03533c53cde9feda0ccb29b
ef71a3c3e939172fc6ec2619fe22e4d0acd30dfa
40fe17e0e73cc7acaca64540ebdfef5dac7a359000efacaf908a1b8a9ccfdb9b
GET /wp-content/themes/heal_tcd077/css/responsive.css?ver=1.3.2 HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:57 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 18 Jan 2022 17:43:08 GMT
etag: W/"b670-5d5decd5f093a"
content-encoding: br
X-Firefox-Spdy: h2
platform.twitter.com/_next/static/chunks/pages/timeline-profile/screen-name/%5BscreenName%5D-c8b4c96951cf24f547b4.js
93.184.220.66200 OK 1.3 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/pages/timeline-profile/screen-name/%5BscreenName%5D-c8b4c96951cf24f547b4.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (13043), with no line terminators
Hash 8adb343cedc0a30c90eb6a3fdb9abbf3
e7774aed61dfb59a9e7c440d9703704b55f16878
d1116078b8c245e9cf9bb78d7d30704c0560aeb405d48d2e1fc2a9fb2153fb10
GET /_next/static/chunks/pages/timeline-profile/screen-name/%5BscreenName%5D-c8b4c96951cf24f547b4.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 426004
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Mon, 05 Dec 2022 20:26:01 GMT
Etag: "1efc61e416c7f4f293501e877fbec836+gzip"
Last-Modified: Thu, 03 Nov 2022 19:46:26 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F714)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 1285
platform.twitter.com/_next/static/chunks/main-e9db78f5e7b3d83edd5e.js
93.184.220.66200 OK 90 B URL HTTP/1.1 platform.twitter.com/_next/static/chunks/main-e9db78f5e7b3d83edd5e.js
IP 93.184.220.66:0
File type ASCII text, with no line terminators
Hash 8e33207e7b788da9abde5b6d33da0b00
23e48f1b412b3a0a406639f297fb6f4c4740efe8
80534a6e1ec41d37acec8be383f8d1112dbbeea31dd51ead47463095c13bff3a
GET /_next/static/chunks/main-e9db78f5e7b3d83edd5e.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 426004
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Mon, 05 Dec 2022 20:26:01 GMT
Etag: "8e33207e7b788da9abde5b6d33da0b00"
Last-Modified: Thu, 03 Nov 2022 19:46:26 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71A)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 90
platform.twitter.com/_next/static/chunks/pages/_app-446fb4a338b215deec8c.js
93.184.220.66200 OK 668 B URL HTTP/1.1 platform.twitter.com/_next/static/chunks/pages/_app-446fb4a338b215deec8c.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (1338), with no line terminators
Hash f484761515a4b9ac64196dda9871d887
60855cb536423f7f3c65b234237b79ebf034b32f
2ccd2bece3debd31c61513310eaa6a8c00fd8429d5e68e7728e3944f54093aa4
GET /_next/static/chunks/pages/_app-446fb4a338b215deec8c.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 426005
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Mon, 05 Dec 2022 20:26:01 GMT
Etag: "be3e428d416daa9027cecf70b5f26bf9+gzip"
Last-Modified: Thu, 03 Nov 2022 19:46:26 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71D)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 668
platform.twitter.com/_next/static/octaUlqc-A_Am4qAPnvU1/_buildManifest.js
93.184.220.66200 OK 414 B URL HTTP/1.1 platform.twitter.com/_next/static/octaUlqc-A_Am4qAPnvU1/_buildManifest.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (1208), with no line terminators
Hash 19e50b016c2418a8b7178a219a9fe03d
68c691a19558f28e9111b35f0c0f182addd31e3f
ff39afa732cf28797d8c7d8170b9e4dcc5ab8bcbd688b44be3dc0d82a5b3bbe4
GET /_next/static/octaUlqc-A_Am4qAPnvU1/_buildManifest.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 426004
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Mon, 05 Dec 2022 20:26:01 GMT
Etag: "12a5a08767706f15b6b316996cd057c1+gzip"
Last-Modified: Thu, 03 Nov 2022 19:46:26 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F70D)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 414
platform.twitter.com/_next/static/octaUlqc-A_Am4qAPnvU1/_ssgManifest.js
93.184.220.66200 OK 76 B URL HTTP/1.1 platform.twitter.com/_next/static/octaUlqc-A_Am4qAPnvU1/_ssgManifest.js
IP 93.184.220.66:0
File type ASCII text, with no line terminators
Hash abee47769bf307639ace4945f9cfd4ff
c0a0dc51ee8a2852baf5ff30c33b1478ff302585
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479
GET /_next/static/octaUlqc-A_Am4qAPnvU1/_ssgManifest.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 426004
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Mon, 05 Dec 2022 20:26:01 GMT
Etag: "abee47769bf307639ace4945f9cfd4ff"
Last-Modified: Thu, 03 Nov 2022 19:46:26 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F716)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 76
platform.twitter.com/_next/static/chunks/24.44f9078e41d852c001b3.js
93.184.220.66200 OK 14 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/24.44f9078e41d852c001b3.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (57870), with no line terminators
Hash e1390015f77921190a71dd074bc15213
bc55ecbd29ecd92785c4beb7ba225e44ce928511
9d6c2dc32ae89b884a069d7a95e4c0a8f05dc4498587e250d89fa838a429ac05
GET /_next/static/chunks/24.44f9078e41d852c001b3.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 425991
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Mon, 05 Dec 2022 20:26:01 GMT
Etag: "1ec3a3ced960c296ac62a33e6b803b9c+gzip"
Last-Modified: Thu, 03 Nov 2022 19:46:26 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F6FE)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 13528
platform.twitter.com/_next/static/chunks/2.691622e4391d1973cb65.js
93.184.220.66200 OK 7.7 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/2.691622e4391d1973cb65.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (23122), with no line terminators
Hash 31d7e323dedf8e32fc0b3f12f85c505a
25ccecc0c6b6c15f1a52688506c3bf1ca3fb3338
862e997d04a13cada2219e2370397f792983f7e63f1502e3d0da1aea3f4786a5
GET /_next/static/chunks/2.691622e4391d1973cb65.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 426004
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Mon, 05 Dec 2022 20:26:01 GMT
Etag: "942b5b928a24465d1906b4716131d896+gzip"
Last-Modified: Thu, 03 Nov 2022 19:46:26 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F712)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 7674
platform.twitter.com/_next/static/chunks/4.87a72bcd1cc186518122.js
93.184.220.66200 OK 1.3 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/4.87a72bcd1cc186518122.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (2558), with no line terminators
Hash 385597e7610afe03d76680534f29c35d
12280b5eef389f1e5a45b2b6ff7b21d1ca0b2f8f
ba66755ab4b673c2c028ddc2540308742f6287ae47243b6424df833c4ccd1be3
GET /_next/static/chunks/4.87a72bcd1cc186518122.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 426004
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Mon, 05 Dec 2022 20:26:01 GMT
Etag: "ff2a4a029f711ed6f7dcb3f1f834609a+gzip"
Last-Modified: Thu, 03 Nov 2022 19:46:26 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F717)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 1276
platform.twitter.com/_next/static/chunks/1.f4b5d6e5e8dcb4c6aa7f.js
93.184.220.66200 OK 299 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/1.f4b5d6e5e8dcb4c6aa7f.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 299 kB (299281 bytes)
Hash 37911f421b8b06c74a625ce6d756bf02
e46b6ad082f67fdbbe9a580c5101389142f67ccb
4a8884b498676dbc1d2eb772bc28b6fab7abef976c997b46667c53b41e47c633
GET /_next/static/chunks/1.f4b5d6e5e8dcb4c6aa7f.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 426003
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Mon, 05 Dec 2022 20:26:01 GMT
Etag: "5a0c374fae04eeb3b101385087754b18+gzip"
Last-Modified: Thu, 03 Nov 2022 19:46:26 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F708)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 299281
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:54 GMT
expires: Thu, 30 Nov 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 435127
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:56 GMT
expires: Thu, 30 Nov 2023 19:33:56 GMT
cache-control: public, max-age=31536000
age: 435125
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
platform.twitter.com/_next/static/chunks/ondemand.Dropdown.8bc7f6ae41bfb038b2b2.js
93.184.220.66200 OK 2.6 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/ondemand.Dropdown.8bc7f6ae41bfb038b2b2.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (6721), with no line terminators
Hash 49f5b55936cdab12275a31750ba532c6
e7319555785aae707edd8fe90066a8c047cf0e8d
e1e93c439ee51eb31aa6adcc7cc267331b66b6d5d16c3ce0463b167e947edbcd
GET /_next/static/chunks/ondemand.Dropdown.8bc7f6ae41bfb038b2b2.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 426002
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Mon, 05 Dec 2022 20:26:01 GMT
Etag: "24b6ad17fef6a1d54596d62f11e5a2c6+gzip"
Last-Modified: Thu, 03 Nov 2022 19:46:26 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F705)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 2624
abs-0.twimg.com/emoji/v2/svg/270a.svg
104.244.43.131200 OK 950 B URL HTTP/2 abs-0.twimg.com/emoji/v2/svg/270a.svg
IP 104.244.43.131:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1760), with no line terminators
Hash 3128e90206bc5c55c48e02ace4b847d6
0c1584a32ff36fec6454490f8b474e734cf6eea1
bd3e06f7062e4cfe3dabda6c7a3be00263f35918de5ffef432c17f21f6281d62
GET /emoji/v2/svg/270a.svg HTTP/1.1
Host: abs-0.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "prgKDv/pkqfas6DaGDNdOQ=="
expires: Fri, 17 Mar 2023 08:18:02 GMT
content-type: image/svg+xml
last-modified: Fri, 18 Jan 2019 21:01:16 GMT
content-encoding: gzip
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
x-content-type-options: nosniff
accept-ranges: bytes
date: Mon, 05 Dec 2022 20:26:01 GMT
x-served-by: cache-fty21347-FTY, cache-bma1630-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
x-tw-cdn: FT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 950
X-Firefox-Spdy: h2
abs-0.twimg.com/emoji/v2/svg/1f495.svg
104.244.43.131200 OK 384 B URL HTTP/2 abs-0.twimg.com/emoji/v2/svg/1f495.svg
IP 104.244.43.131:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (630), with no line terminators
Hash adda80f30ba58452b7a136c471ca0bc3
6603f048c04e075c5a3027851b55789411ebab2f
7956d891c14de7f38063b950fc9a3237e0e1b1b60d1ec30bade18268b82df737
GET /emoji/v2/svg/1f495.svg HTTP/1.1
Host: abs-0.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
content-encoding: gzip
content-type: image/svg+xml
etag: "cLNcPcLpCSh4I72GJhUAiQ=="
expires: Fri, 10 Jun 2022 07:03:42 GMT
last-modified: Fri, 10 Aug 2018 17:44:44 GMT
strict-transport-security: max-age=631138519
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
x-content-type-options: nosniff
accept-ranges: bytes
date: Mon, 05 Dec 2022 20:26:01 GMT
x-served-by: cache-fty21368-FTY, cache-bma1630-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
x-tw-cdn: FT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 384
X-Firefox-Spdy: h2
abs-0.twimg.com/emoji/v2/svg/1f381.svg
104.244.43.131200 OK 359 B URL HTTP/2 abs-0.twimg.com/emoji/v2/svg/1f381.svg
IP 104.244.43.131:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (656), with no line terminators
Hash ba368ed073b9f030934fe9cc1e780b01
a910d3fa2004cd8ec1a51baa682b7011d9fe420f
5d019dbbd6d1d730353931f3d52267b88d285df500e7cf6a0192acfe3b6f7838
GET /emoji/v2/svg/1f381.svg HTTP/1.1
Host: abs-0.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "en/zXyJ9ZZ6179gX4gUhdA=="
expires: Thu, 10 Nov 2022 10:56:53 GMT
content-type: image/svg+xml
last-modified: Wed, 21 Feb 2018 22:30:50 GMT
content-encoding: gzip
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
x-content-type-options: nosniff
accept-ranges: bytes
date: Mon, 05 Dec 2022 20:26:01 GMT
x-served-by: cache-fty21357-FTY, cache-bma1630-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
x-tw-cdn: FT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 359
X-Firefox-Spdy: h2
abs-0.twimg.com/emoji/v2/svg/35-20e3.svg
104.244.43.131200 OK 408 B URL HTTP/2 abs-0.twimg.com/emoji/v2/svg/35-20e3.svg
IP 104.244.43.131:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (695), with no line terminators
Hash fd6c35f35e243dbc7dab35c7e7af69f2
8434f99dbbbc3b0f20e7b8fc503a80ce8f943004
a74288e39d954d62021c44c4b5acaa8e317b4cb44fa72b3cfba6de8929742ad7
GET /emoji/v2/svg/35-20e3.svg HTTP/1.1
Host: abs-0.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "VXWGXiyz1Q6gUbCdfh0lUA=="
expires: Wed, 05 Apr 2023 07:03:09 GMT
content-type: image/svg+xml
last-modified: Wed, 21 Feb 2018 22:32:29 GMT
content-encoding: gzip
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
x-content-type-options: nosniff
accept-ranges: bytes
date: Mon, 05 Dec 2022 20:26:01 GMT
x-served-by: cache-fty21350-FTY, cache-bma1630-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
x-tw-cdn: FT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 408
X-Firefox-Spdy: h2
abs-0.twimg.com/emoji/v2/svg/2728.svg
104.244.43.131200 OK 508 B URL HTTP/2 abs-0.twimg.com/emoji/v2/svg/2728.svg
IP 104.244.43.131:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1052), with no line terminators
Hash e96e946a645421ed7c388aef591f5ae5
1c04b4e5069c5b272bb9761f5a523d3a80362b89
656311abe6553cf0e632864eb6f9f2d19cf9f0c2c70ba6af7d2be0c1951b63a5
GET /emoji/v2/svg/2728.svg HTTP/1.1
Host: abs-0.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
content-encoding: gzip
content-type: image/svg+xml
etag: "6CCjBscyuQUVmJ2tqZlalw=="
expires: Fri, 10 Jun 2022 07:55:48 GMT
last-modified: Wed, 21 Feb 2018 22:32:28 GMT
perf: 6
strict-transport-security: max-age=631138519
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
x-transaction-id: 0035bfb500065131
x-content-type-options: nosniff
accept-ranges: bytes
date: Mon, 05 Dec 2022 20:26:01 GMT
x-served-by: cache-fty21364-FTY, cache-bma1630-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
x-tw-cdn: FT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 508
X-Firefox-Spdy: h2
abs-0.twimg.com/emoji/v2/svg/1f973.svg
104.244.43.131200 OK 1.2 kB URL HTTP/2 abs-0.twimg.com/emoji/v2/svg/1f973.svg
IP 104.244.43.131:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2487), with no line terminators
Hash b87026198973e5dbd0fc3ac3191c98c6
da48cdbe3ab9497ed95e518fe64cfdcd9e1c6abc
e6fe2eeb85c03ba1440170ff795bcc36216729cd1416bc468644e5b805b44ccc
GET /emoji/v2/svg/1f973.svg HTTP/1.1
Host: abs-0.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "8+MHlgscgd4TDEKQNIAmGA=="
expires: Fri, 08 Jul 2022 09:00:13 GMT
content-type: image/svg+xml
last-modified: Mon, 04 Jun 2018 23:15:19 GMT
content-encoding: gzip
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
x-content-type-options: nosniff
accept-ranges: bytes
date: Mon, 05 Dec 2022 20:26:01 GMT
x-served-by: cache-fty21380-FTY, cache-bma1630-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
x-tw-cdn: FT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 1220
X-Firefox-Spdy: h2
abs-0.twimg.com/emoji/v2/svg/1f451.svg
104.244.43.131200 OK 504 B URL HTTP/2 abs-0.twimg.com/emoji/v2/svg/1f451.svg
IP 104.244.43.131:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1311), with no line terminators
Hash 8a96ae631f57e2e05b6d4f9b44a249a9
8955cbc636adf8f573e898bb80b1494d4adeddc9
bb0f0924801987ed77b21f7e4517994f15821f333b2e4e12dd0a54ba15f2efdd
GET /emoji/v2/svg/1f451.svg HTTP/1.1
Host: abs-0.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "mP6c3sK/je14Knvx4wK2ZA=="
expires: Thu, 16 Mar 2023 06:24:02 GMT
content-type: image/svg+xml
last-modified: Wed, 21 Feb 2018 22:30:55 GMT
content-encoding: gzip
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
x-content-type-options: nosniff
accept-ranges: bytes
date: Mon, 05 Dec 2022 20:26:01 GMT
x-served-by: cache-fty21347-FTY, cache-bma1630-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
x-tw-cdn: FT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 504
X-Firefox-Spdy: h2
abs-0.twimg.com/emoji/v2/svg/2764.svg
104.244.43.131200 OK 268 B URL HTTP/2 abs-0.twimg.com/emoji/v2/svg/2764.svg
IP 104.244.43.131:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (368), with no line terminators
Hash 95e1d04b43b41695bcabf7c8f4b121cf
785b7a4f7b0819f76b228ee74e2bc209d7a32d57
398e85423b6964eb4dbd3581bfb4eacfa5c7db0eabb8506cd9ee1838ab8f26af
GET /emoji/v2/svg/2764.svg HTTP/1.1
Host: abs-0.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
content-encoding: gzip
content-type: image/svg+xml
etag: "BIPytkjcyYbQE4UGIFKuHA=="
expires: Thu, 09 Jun 2022 07:29:22 GMT
last-modified: Fri, 10 Aug 2018 17:46:01 GMT
strict-transport-security: max-age=631138519
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
x-content-type-options: nosniff
accept-ranges: bytes
date: Mon, 05 Dec 2022 20:26:01 GMT
x-served-by: cache-fty21366-FTY, cache-bma1630-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
x-tw-cdn: FT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 268
X-Firefox-Spdy: h2
abs-0.twimg.com/emoji/v2/svg/1f478.svg
104.244.43.131200 OK 640 B URL HTTP/2 abs-0.twimg.com/emoji/v2/svg/1f478.svg
IP 104.244.43.131:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1296), with no line terminators
Hash 82bae869900c18a7c2132d4ad6ccc35a
a8c14ff59f12269f37b57af4fec1dbed65a99d12
95a46ccaebb44730da30e2a1f444fd86b127bdab8bfcbfd49bb1ceb73160b9d0
GET /emoji/v2/svg/1f478.svg HTTP/1.1
Host: abs-0.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "U/2AV2worcbMQ+rUY31gtw=="
expires: Thu, 16 Feb 2023 08:28:11 GMT
content-type: image/svg+xml
last-modified: Wed, 21 Feb 2018 22:31:02 GMT
content-encoding: gzip
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
x-content-type-options: nosniff
accept-ranges: bytes
date: Mon, 05 Dec 2022 20:26:01 GMT
x-served-by: cache-fty21366-FTY, cache-bma1630-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
x-tw-cdn: FT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 640
X-Firefox-Spdy: h2
abs-0.twimg.com/emoji/v2/svg/30-20e3.svg
104.244.43.131200 OK 284 B URL HTTP/2 abs-0.twimg.com/emoji/v2/svg/30-20e3.svg
IP 104.244.43.131:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (471), with no line terminators
Hash 97d0347956cf6a58e1e8c081600c372d
fe47f076680e285b186aac4a494e9b1e78749d41
d6f81c6a078403e4abdde0a7e94390d6f89a808a6ef64f85bc9498b52abd759c
GET /emoji/v2/svg/30-20e3.svg HTTP/1.1
Host: abs-0.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "0Q7q1YI0N8CLUofPk71SIw=="
expires: Thu, 16 Mar 2023 07:53:35 GMT
content-type: image/svg+xml
last-modified: Wed, 21 Feb 2018 22:32:28 GMT
content-encoding: gzip
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
x-content-type-options: nosniff
accept-ranges: bytes
date: Mon, 05 Dec 2022 20:26:01 GMT
x-served-by: cache-fty21365-FTY, cache-bma1630-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
x-tw-cdn: FT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 284
X-Firefox-Spdy: h2
abs-0.twimg.com/emoji/v2/svg/32-20e3.svg
104.244.43.131200 OK 377 B URL HTTP/2 abs-0.twimg.com/emoji/v2/svg/32-20e3.svg
IP 104.244.43.131:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (618), with no line terminators
Hash 2373b72cc3a01936ae3c424112177894
75ac5b3a6091ee340552c9843daa8be871913dd9
140772ac19ae9fcb114fada1bd24b886ee07d046327bc2d90c09e8ceefbc0fb9
GET /emoji/v2/svg/32-20e3.svg HTTP/1.1
Host: abs-0.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "6ynOX89UvDsj/3cDmk7PPA=="
expires: Fri, 26 Aug 2022 08:54:17 GMT
content-type: image/svg+xml
last-modified: Wed, 21 Feb 2018 22:32:28 GMT
content-encoding: gzip
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
x-content-type-options: nosniff
accept-ranges: bytes
date: Mon, 05 Dec 2022 20:26:01 GMT
x-served-by: cache-fty21372-FTY, cache-bma1630-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
x-tw-cdn: FT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 377
X-Firefox-Spdy: h2
abs-0.twimg.com/emoji/v2/svg/1f337.svg
104.244.43.131200 OK 374 B URL HTTP/2 abs-0.twimg.com/emoji/v2/svg/1f337.svg
IP 104.244.43.131:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (586), with no line terminators
Hash 37d07ce8f4c93c34c8e7f7e41fabb0d3
cc0782481bce2407edd30dfe3c35a1030f530194
72262b92d300fc771595d7dd259999fec7b108c8f21b1813d4b192bc15ace4ff
GET /emoji/v2/svg/1f337.svg HTTP/1.1
Host: abs-0.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
content-encoding: gzip
content-type: image/svg+xml
etag: "uNBDXCDJNtotqk67QS3EXA=="
expires: Fri, 10 Jun 2022 08:00:19 GMT
last-modified: Wed, 21 Feb 2018 22:30:49 GMT
strict-transport-security: max-age=631138519
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
x-content-type-options: nosniff
accept-ranges: bytes
date: Mon, 05 Dec 2022 20:26:01 GMT
x-served-by: cache-fty21377-FTY, cache-bma1630-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
x-tw-cdn: FT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 374
X-Firefox-Spdy: h2
abs-0.twimg.com/emoji/v2/svg/1f92d.svg
104.244.43.131200 OK 644 B URL HTTP/2 abs-0.twimg.com/emoji/v2/svg/1f92d.svg
IP 104.244.43.131:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1388), with no line terminators
Hash 6463f1665ac4cc56cbb7b13c55dc31f8
fffca475bbecf8138462bf9fd343c8af627d6716
80999724482f6ebcd99fa0f86ac20d7befba5ab04cfefd5115b0797b044536d5
GET /emoji/v2/svg/1f92d.svg HTTP/1.1
Host: abs-0.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "a6OFX16nm5sBTmayjFRCnA=="
expires: Fri, 02 Sep 2022 05:29:27 GMT
content-type: image/svg+xml
last-modified: Wed, 21 Feb 2018 22:31:14 GMT
content-encoding: gzip
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
x-content-type-options: nosniff
accept-ranges: bytes
date: Mon, 05 Dec 2022 20:26:01 GMT
x-served-by: cache-fty21375-FTY, cache-bma1630-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
x-tw-cdn: FT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 644
X-Firefox-Spdy: h2
abs-0.twimg.com/emoji/v2/svg/1f340.svg
104.244.43.131200 OK 593 B URL HTTP/2 abs-0.twimg.com/emoji/v2/svg/1f340.svg
IP 104.244.43.131:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1058), with no line terminators
Hash 8aa2fc2f54d5698c5ab401f13113d877
b6ea6cabbccfb7489eedfb4904c1cfa5b8aa19e6
831ae8ebda0a4c2a7f70e074979c91cbca937f78cc4e0c46a777644d2cc763a4
GET /emoji/v2/svg/1f340.svg HTTP/1.1
Host: abs-0.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
content-encoding: gzip
content-type: image/svg+xml
etag: "zLOTsTfpIYrDrxayxGF6Lg=="
expires: Fri, 20 May 2022 07:10:18 GMT
last-modified: Wed, 21 Feb 2018 22:30:49 GMT
strict-transport-security: max-age=631138519
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
timing-server-allow: https://twitter.com;https://mobile.twitter.com
x-content-type-options: nosniff
accept-ranges: bytes
date: Mon, 05 Dec 2022 20:26:01 GMT
x-served-by: cache-fty21337-FTY, cache-bma1630-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
x-tw-cdn: FT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 593
X-Firefox-Spdy: h2
abs-0.twimg.com/emoji/v2/svg/1f44f.svg
104.244.43.131200 OK 1.2 kB URL HTTP/2 abs-0.twimg.com/emoji/v2/svg/1f44f.svg
IP 104.244.43.131:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2721), with no line terminators
Hash f6d888183583d059d25773d558aecc4d
57456183e3038c29d558c298b835c8d4ad1984b6
2a16dc8913113bbf9de8460cc80d2afe80aca6df399f23980203859ccbd93da8
GET /emoji/v2/svg/1f44f.svg HTTP/1.1
Host: abs-0.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "n6CR9nbkRR7llG/tlIy4/g=="
expires: Thu, 10 Nov 2022 09:22:32 GMT
content-type: image/svg+xml
last-modified: Wed, 21 Feb 2018 22:30:55 GMT
content-encoding: gzip
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
x-content-type-options: nosniff
accept-ranges: bytes
date: Mon, 05 Dec 2022 20:26:01 GMT
x-served-by: cache-fty21365-FTY, cache-bma1630-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
x-tw-cdn: FT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 1154
X-Firefox-Spdy: h2
abs-0.twimg.com/emoji/v2/svg/1f338.svg
104.244.43.131200 OK 1.5 kB URL HTTP/2 abs-0.twimg.com/emoji/v2/svg/1f338.svg
IP 104.244.43.131:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3827), with no line terminators
Hash 248d3e8c6b90cb0994f08d15d7310900
23663c13b3af7a6fef19801dcf2bb42d0335f9e1
5753f4fd0c4848db38d3aae24aa86c8097f39ea89b7ed75516f4a98a7f0d67d2
GET /emoji/v2/svg/1f338.svg HTTP/1.1
Host: abs-0.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
content-encoding: gzip
content-type: image/svg+xml
etag: "dkg2wdmC1qmZ717mqxHrhw=="
expires: Fri, 08 Jul 2022 07:48:30 GMT
last-modified: Wed, 21 Feb 2018 22:30:49 GMT
strict-transport-security: max-age=631138519
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
x-content-type-options: nosniff
accept-ranges: bytes
date: Mon, 05 Dec 2022 20:26:02 GMT
x-served-by: cache-fty21358-FTY, cache-bma1630-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
x-tw-cdn: FT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 1541
X-Firefox-Spdy: h2
abs-0.twimg.com/emoji/v2/svg/1f60a.svg
104.244.43.131200 OK 576 B URL HTTP/2 abs-0.twimg.com/emoji/v2/svg/1f60a.svg
IP 104.244.43.131:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1055), with no line terminators
Hash 46672fd17456d50e53f5385aa23355a6
b26637697448b13a36d1548c128a76ac80d18c80
72496f342fc52f33fa364054bcecc71c6774f4838922118fd62acf39b56e2824
GET /emoji/v2/svg/1f60a.svg HTTP/1.1
Host: abs-0.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "b3W1jrdG0IwsGEUVc4dikg=="
expires: Fri, 15 Jul 2022 07:51:19 GMT
content-type: image/svg+xml
last-modified: Wed, 21 Feb 2018 22:31:08 GMT
content-encoding: gzip
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
x-content-type-options: nosniff
accept-ranges: bytes
date: Mon, 05 Dec 2022 20:26:02 GMT
x-served-by: cache-fty21381-FTY, cache-bma1630-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
x-tw-cdn: FT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 576
X-Firefox-Spdy: h2
abs-0.twimg.com/emoji/v2/svg/1f64f.svg
104.244.43.131200 OK 701 B URL HTTP/2 abs-0.twimg.com/emoji/v2/svg/1f64f.svg
IP 104.244.43.131:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1519), with no line terminators
Hash c4e9b7420144f0f2abfd469d992a0e0a
4f47bcb3df6cdf957bd9f92b07a0fd880dcd40c6
333b34c5090c9e4cdf521f1ce3b14ed223c087c9514a387a670a247fb7e1f9bc
GET /emoji/v2/svg/1f64f.svg HTTP/1.1
Host: abs-0.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "GQQpGrGqXRSyrar/I6V43Q=="
expires: Sat, 17 Sep 2022 06:37:28 GMT
content-type: image/svg+xml
last-modified: Wed, 21 Feb 2018 22:31:11 GMT
content-encoding: gzip
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
x-content-type-options: nosniff
accept-ranges: bytes
date: Mon, 05 Dec 2022 20:26:02 GMT
x-served-by: cache-fty21324-FTY, cache-bma1630-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
x-tw-cdn: FT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 701
X-Firefox-Spdy: h2
abs-0.twimg.com/emoji/v2/svg/2600.svg
104.244.43.131200 OK 310 B URL HTTP/2 abs-0.twimg.com/emoji/v2/svg/2600.svg
IP 104.244.43.131:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (759), with no line terminators
Hash afbd64874b85df1f9841ee9ca5799a90
3162438703afce71af1b541f24a3976cf3499a16
f8f948d1f6cb1d27c31f6b5c2fceb0a416145be027e1402aea066c2419edd7e0
GET /emoji/v2/svg/2600.svg HTTP/1.1
Host: abs-0.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
content-encoding: gzip
content-type: image/svg+xml
etag: "EDjO5HoKgxPcLUAGFF/O5g=="
expires: Fri, 10 Jun 2022 07:56:15 GMT
last-modified: Wed, 21 Feb 2018 22:32:26 GMT
strict-transport-security: max-age=631138519
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
x-content-type-options: nosniff
accept-ranges: bytes
date: Mon, 05 Dec 2022 20:26:02 GMT
x-served-by: cache-fty21336-FTY, cache-bma1630-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
x-tw-cdn: FT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 310
X-Firefox-Spdy: h2
abs-0.twimg.com/emoji/v2/svg/1f4aa.svg
104.244.43.131200 OK 690 B URL HTTP/2 abs-0.twimg.com/emoji/v2/svg/1f4aa.svg
IP 104.244.43.131:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1205), with no line terminators
Hash 6040e7dfd91afe50e9424959cc720778
af529e1e121c8476dfdd95baadf17dda160febca
de68015a1582eb2660cc89ef372ed4625474da939e725a475ccc3086a25db614
GET /emoji/v2/svg/1f4aa.svg HTTP/1.1
Host: abs-0.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
content-encoding: gzip
content-type: image/svg+xml
etag: "GDfFcZqXc2JkL/r0mQtrrA=="
expires: Wed, 08 Jun 2022 09:51:00 GMT
last-modified: Wed, 15 Apr 2020 20:58:46 GMT
strict-transport-security: max-age=631138519
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
x-content-type-options: nosniff
accept-ranges: bytes
date: Mon, 05 Dec 2022 20:26:02 GMT
x-served-by: cache-fty21353-FTY, cache-bma1630-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
x-tw-cdn: FT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 690
X-Firefox-Spdy: h2
abs-0.twimg.com/emoji/v2/svg/1f4e3.svg
104.244.43.131200 OK 275 B URL HTTP/2 abs-0.twimg.com/emoji/v2/svg/1f4e3.svg
IP 104.244.43.131:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (404), with no line terminators
Hash 64ad3d5c41daf61f989224fe01aecadc
818795bfc548fe7ce19d50d5de08b1350f034a47
2372969ebe21474b0fd86697d0382abc01f7b322c33183a0d5fb731470ed7738
GET /emoji/v2/svg/1f4e3.svg HTTP/1.1
Host: abs-0.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "dcKNNwsNrMpViewoxCP1cg=="
expires: Tue, 29 Nov 2022 00:22:58 GMT
content-type: image/svg+xml
last-modified: Wed, 21 Feb 2018 22:31:05 GMT
content-encoding: gzip
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
x-content-type-options: nosniff
accept-ranges: bytes
date: Mon, 05 Dec 2022 20:26:02 GMT
x-served-by: cache-fty21329-FTY, cache-bma1630-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
x-tw-cdn: FT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 275
X-Firefox-Spdy: h2
abs-0.twimg.com/emoji/v2/svg/1f5fe.svg
104.244.43.131200 OK 315 B URL HTTP/2 abs-0.twimg.com/emoji/v2/svg/1f5fe.svg
IP 104.244.43.131:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (593), with no line terminators
Hash 25d3d69f3fe34e5df7cd737080d9e257
3b4fbf2ff4f48d1a8069fdd5f38e3c2062520577
8b2c1adfb46446a178a417d79770970062f393750e2673ac2d022d09c3dc2bbe
GET /emoji/v2/svg/1f5fe.svg HTTP/1.1
Host: abs-0.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "FohGiT32Kz9yeYdMEi/0iA=="
perf: 7626143928
expires: Wed, 27 Sep 2023 05:54:01 GMT
content-type: image/svg+xml
last-modified: Wed, 21 Feb 2018 22:31:08 GMT
content-encoding: gzip
x-transaction-id: 4d3db612e5240d13
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
x-content-type-options: nosniff
accept-ranges: bytes
date: Mon, 05 Dec 2022 20:26:02 GMT
x-served-by: cache-fty21380-FTY, cache-bma1630-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
x-tw-cdn: FT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 315
X-Firefox-Spdy: h2
abs-0.twimg.com/emoji/v2/svg/1f389.svg
104.244.43.131200 OK 1.4 kB URL HTTP/2 abs-0.twimg.com/emoji/v2/svg/1f389.svg
IP 104.244.43.131:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3153), with no line terminators
Hash 9150b1a80e9092976df4c598f67b009a
a06b31c8b56d9bc80123c9a0062e1e9aeeb48e7f
46a5652add1705de2a358f144d4b94d064b55f5027ed121d6fb8f19029646264
GET /emoji/v2/svg/1f389.svg HTTP/1.1
Host: abs-0.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
content-encoding: gzip
content-type: image/svg+xml
etag: "sFKkvvV8Gqc818/1vE+2HQ=="
expires: Wed, 15 Jun 2022 08:08:00 GMT
last-modified: Wed, 21 Feb 2018 22:30:50 GMT
strict-transport-security: max-age=631138519
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
x-content-type-options: nosniff
accept-ranges: bytes
date: Mon, 05 Dec 2022 20:26:02 GMT
x-served-by: cache-fty21329-FTY, cache-bma1630-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
x-tw-cdn: FT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 1369
X-Firefox-Spdy: h2
abs-0.twimg.com/emoji/v2/svg/1f49c.svg
104.244.43.131200 OK 268 B URL HTTP/2 abs-0.twimg.com/emoji/v2/svg/1f49c.svg
IP 104.244.43.131:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (368), with no line terminators
Hash d8c10c2eef863bc126c4efa36774eb24
c79c97425730d6d24865c839c10c931456d6a806
84aff1bb2e1bca99d6b46c21a2128d9c7b8a178a3dbf9451efb445624a84a19d
GET /emoji/v2/svg/1f49c.svg HTTP/1.1
Host: abs-0.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "7BBwjwC1tnZ0kP/lDf4mYw=="
expires: Sat, 22 Oct 2022 06:32:22 GMT
content-type: image/svg+xml
last-modified: Wed, 21 Feb 2018 22:31:04 GMT
content-encoding: gzip
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
x-content-type-options: nosniff
accept-ranges: bytes
date: Mon, 05 Dec 2022 20:26:02 GMT
x-served-by: cache-fty21355-FTY, cache-bma1630-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
x-tw-cdn: FT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 268
X-Firefox-Spdy: h2
abs-0.twimg.com/emoji/v2/svg/1f496.svg
104.244.43.131200 OK 502 B URL HTTP/2 abs-0.twimg.com/emoji/v2/svg/1f496.svg
IP 104.244.43.131:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1018), with no line terminators
Hash 6713a121f062986c5ff45b06d9b4eb0b
9861ea5f822aa433f4d137de4195a55820f6dd99
32f48c02b0014c8aa3ae9f7722d60e2b604986ad30d190a03d12923f548f6e15
GET /emoji/v2/svg/1f496.svg HTTP/1.1
Host: abs-0.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "hUTqXOMv2eF9+AbrHP6rRw=="
expires: Fri, 17 Mar 2023 06:40:52 GMT
content-type: image/svg+xml
last-modified: Fri, 10 Aug 2018 17:44:44 GMT
content-encoding: gzip
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
x-content-type-options: nosniff
accept-ranges: bytes
date: Mon, 05 Dec 2022 20:26:02 GMT
x-served-by: cache-fty21381-FTY, cache-bma1630-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
x-tw-cdn: FT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 502
X-Firefox-Spdy: h2
abs-0.twimg.com/emoji/v2/svg/1f3c6.svg
104.244.43.131200 OK 647 B URL HTTP/2 abs-0.twimg.com/emoji/v2/svg/1f3c6.svg
IP 104.244.43.131:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1237), with no line terminators
Hash 8bda34f55f8015bc184121088d802eb3
8e7d4edf374656c9ea550e41bcf0337adbefa470
68f9eef2c4e75218bc680c4e391ca48fa4ea112a82e9e8ab490dd18c68602fa7
GET /emoji/v2/svg/1f3c6.svg HTTP/1.1
Host: abs-0.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "CgDoZcRF1C37n2S+36uM+A=="
expires: Fri, 15 Jul 2022 08:25:06 GMT
content-type: image/svg+xml
last-modified: Wed, 21 Feb 2018 22:30:52 GMT
content-encoding: gzip
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
x-content-type-options: nosniff
accept-ranges: bytes
date: Mon, 05 Dec 2022 20:26:02 GMT
x-served-by: cache-fty21347-FTY, cache-bma1630-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
x-tw-cdn: FT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 647
X-Firefox-Spdy: h2
abs-0.twimg.com/emoji/v2/svg/2705.svg
104.244.43.131200 OK 318 B URL HTTP/2 abs-0.twimg.com/emoji/v2/svg/2705.svg
IP 104.244.43.131:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (482), with no line terminators
Hash f3e9154302b8b2cebffda2e8daa0bfef
3ab0bb35c9ce28a20bc3b9d1688cbbc57fa1dc14
7e0f796b2c8094291c040b84fcd92510092c277fee3811ab6e42b1bcc09d8156
GET /emoji/v2/svg/2705.svg HTTP/1.1
Host: abs-0.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "IS4w5HIyvgMDOofcWO2qlQ=="
expires: Thu, 16 Mar 2023 06:40:08 GMT
content-type: image/svg+xml
last-modified: Wed, 21 Feb 2018 22:32:28 GMT
content-encoding: gzip
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
x-content-type-options: nosniff
accept-ranges: bytes
date: Mon, 05 Dec 2022 20:26:02 GMT
x-served-by: cache-fty21328-FTY, cache-bma1630-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
x-tw-cdn: FT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 318
X-Firefox-Spdy: h2
abs-0.twimg.com/emoji/v2/svg/1f447.svg
104.244.43.131200 OK 361 B URL HTTP/2 abs-0.twimg.com/emoji/v2/svg/1f447.svg
IP 104.244.43.131:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (558), with no line terminators
Hash e7bbc34baf6a224b6c198bcd589b36f2
13731cdada03b4b1e7a1c1a71d112b99125b26da
3355531d098e09b18230772f999236564a6908dccae138a9afab8194f07b2657
GET /emoji/v2/svg/1f447.svg HTTP/1.1
Host: abs-0.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "mFuy0jmL5x4baLx+IQPJkw=="
expires: Fri, 07 Oct 2022 06:47:07 GMT
content-type: image/svg+xml
last-modified: Wed, 21 Feb 2018 22:30:55 GMT
content-encoding: gzip
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
x-content-type-options: nosniff
accept-ranges: bytes
date: Mon, 05 Dec 2022 20:26:02 GMT
x-served-by: cache-fty21321-FTY, cache-bma1630-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
x-tw-cdn: FT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 361
X-Firefox-Spdy: h2
abs-0.twimg.com/emoji/v2/svg/1f60d.svg
104.244.43.131200 OK 517 B URL HTTP/2 abs-0.twimg.com/emoji/v2/svg/1f60d.svg
IP 104.244.43.131:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (941), with no line terminators
Hash 1b1b9d4f4c427f574c643fd9ce1443dc
51a3dd1d23acc243c04dddd16d437430e1b9f043
40bc211d8e8ff715ccce4606b574003a0f8537f311b351df733b8a628809289c
GET /emoji/v2/svg/1f60d.svg HTTP/1.1
Host: abs-0.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "5V9VK9CxzzaLRmQiQIyEAQ=="
expires: Sat, 18 Jun 2022 06:38:05 GMT
content-type: image/svg+xml
last-modified: Fri, 10 Aug 2018 17:45:01 GMT
content-encoding: gzip
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
x-content-type-options: nosniff
accept-ranges: bytes
date: Mon, 05 Dec 2022 20:26:02 GMT
x-served-by: cache-fty21326-FTY, cache-bma1630-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
x-tw-cdn: FT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 517
X-Firefox-Spdy: h2
abs-0.twimg.com/emoji/v2/svg/1f64b.svg
104.244.43.131200 OK 742 B URL HTTP/2 abs-0.twimg.com/emoji/v2/svg/1f64b.svg
IP 104.244.43.131:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1477), with no line terminators
Hash c40689c18e53533758bd0c4eb79a5e6d
144fbfa750850c6b46a2ee1e12d3eadf81367b01
9a5c5d51264578c9852756c416934231370dbae98b09fc8babf21942e4e7c28e
GET /emoji/v2/svg/1f64b.svg HTTP/1.1
Host: abs-0.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "9gKcMVVou/lrK2poh5if+w=="
perf: 7626143928
expires: Wed, 27 Sep 2023 09:44:57 GMT
content-type: image/svg+xml
last-modified: Thu, 31 Oct 2019 20:41:40 GMT
content-encoding: gzip
x-transaction-id: c8e49585dd6e3223
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
x-content-type-options: nosniff
accept-ranges: bytes
date: Mon, 05 Dec 2022 20:26:02 GMT
x-served-by: cache-fty21342-FTY, cache-bma1630-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
x-tw-cdn: FT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 742
X-Firefox-Spdy: h2
abs-0.twimg.com/emoji/v2/svg/2665.svg
104.244.43.131200 OK 183 B URL HTTP/2 abs-0.twimg.com/emoji/v2/svg/2665.svg
IP 104.244.43.131:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash b5eab38d0a2aa49ffa04a976dae0a9b5
cba139dc3b4399eedadeeabad39bc31913cec1e4
a3a11da652e323e55589eade5b6598aa8f78ac2078f0f99c09db80b01df20b18
GET /emoji/v2/svg/2665.svg HTTP/1.1
Host: abs-0.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "Gv08eZ8+FYZipwSY6D4qhw=="
expires: Fri, 07 Oct 2022 06:46:24 GMT
content-type: image/svg+xml
last-modified: Fri, 10 Aug 2018 17:45:55 GMT
content-encoding: gzip
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
x-content-type-options: nosniff
accept-ranges: bytes
date: Mon, 05 Dec 2022 20:26:02 GMT
x-served-by: cache-fty21374-FTY, cache-bma1630-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
x-tw-cdn: FT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 183
X-Firefox-Spdy: h2
abs-0.twimg.com/emoji/v2/svg/1f38c.svg
104.244.43.131200 OK 557 B URL HTTP/2 abs-0.twimg.com/emoji/v2/svg/1f38c.svg
IP 104.244.43.131:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1132), with no line terminators
Hash 3523f79bf79da4887198ee8a279ad911
6d7fb002e8a2db33ac26b21bf743ba1049164d31
5adff1a6d1b7054bc8f01224495230a898adc5c379e11241587bd38a0932c006
GET /emoji/v2/svg/1f38c.svg HTTP/1.1
Host: abs-0.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "Vg9oeCMF03NvaTJmMhOu3w=="
perf: 7626143928
expires: Wed, 08 Nov 2023 07:34:32 GMT
content-type: image/svg+xml
last-modified: Wed, 21 Feb 2018 22:30:50 GMT
content-encoding: gzip
x-transaction-id: 1f207209af0a67f7
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
x-content-type-options: nosniff
accept-ranges: bytes
date: Mon, 05 Dec 2022 20:26:02 GMT
x-served-by: cache-fty21341-FTY, cache-bma1630-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
x-tw-cdn: FT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 557
X-Firefox-Spdy: h2
abs-0.twimg.com/emoji/v2/svg/2615.svg
104.244.43.131200 OK 635 B URL HTTP/2 abs-0.twimg.com/emoji/v2/svg/2615.svg
IP 104.244.43.131:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1294), with no line terminators
Hash c768e9681ef6744de3d32c6ecdfdc9a7
b98e8b0675d88db83ca74ac2cf36246b5b3caf64
ada6f40eaef62666c8bcb40d2b999ccac2662a0287828bd58cd9def986646e3a
GET /emoji/v2/svg/2615.svg HTTP/1.1
Host: abs-0.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "Lgge4Avpjb/GFfpdXcJJsQ=="
expires: Mon, 22 Aug 2022 08:25:17 GMT
content-type: image/svg+xml
last-modified: Wed, 21 Feb 2018 22:32:26 GMT
content-encoding: gzip
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
x-content-type-options: nosniff
accept-ranges: bytes
date: Mon, 05 Dec 2022 20:26:02 GMT
x-served-by: cache-fty21379-FTY, cache-bma1630-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
x-tw-cdn: FT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 635
X-Firefox-Spdy: h2
abs-0.twimg.com/emoji/v2/svg/1f9e1.svg
104.244.43.131200 OK 267 B URL HTTP/2 abs-0.twimg.com/emoji/v2/svg/1f9e1.svg
IP 104.244.43.131:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (368), with no line terminators
Hash 3f2d91f887cb467a746aa976b35f8dc1
cc27e85bd71c32351753c959bb8c8f6402f40795
790be9b5e510dff451d4871381f346d4e515aa154a66c07bb366b2d1cb94807b
GET /emoji/v2/svg/1f9e1.svg HTTP/1.1
Host: abs-0.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "7Au6Yole4kI67Qqr9fs8gw=="
expires: Thu, 16 Mar 2023 07:41:25 GMT
content-type: image/svg+xml
last-modified: Mon, 13 Jul 2020 16:56:15 GMT
content-encoding: gzip
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
x-content-type-options: nosniff
accept-ranges: bytes
date: Mon, 05 Dec 2022 20:26:02 GMT
x-served-by: cache-fty21367-FTY, cache-bma1630-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
x-tw-cdn: FT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 267
X-Firefox-Spdy: h2
platform.twitter.com/_next/static/chunks/vendors~ondemand.LottieWeb.84a69543ec64b75cae2a.js
93.184.220.66200 OK 42 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/vendors~ondemand.LottieWeb.84a69543ec64b75cae2a.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 3a5a15f5d161fad8f5f32584051ed743
a5828a48cc6b380cb5b6f119098d360841032ffa
d19a5ab141c21185dd7386f916442d387b40254538350f21cbfb48126603f879
GET /_next/static/chunks/vendors~ondemand.LottieWeb.84a69543ec64b75cae2a.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 426003
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Mon, 05 Dec 2022 20:26:02 GMT
Etag: "72929dff5e574c1b877555fd36c7683a+gzip"
Last-Modified: Thu, 03 Nov 2022 19:46:27 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F711)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 41941
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba66ee21-e2f8-434c-a2b3-004950fdfd58.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba66ee21-e2f8-434c-a2b3-004950fdfd58.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 557fea28a0a540d2ffdadd828e03de0b
c314368e2e73dabf2c5d856e2c3e1fae610a3005
0fdd195911cdfff46a6dd8ba7b760953e5317fd7ee88abf1e19458518979fdee
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba66ee21-e2f8-434c-a2b3-004950fdfd58.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 11253
x-amzn-requestid: e0561a00-8657-4af0-b24c-08b328282f79
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_wKE9coAMFjmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1334-2844266d51d5c5672f34ff61;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: iT3IPDIK-qKf-y1_x7hZNSW-4GqKLNuX6U__8bY8eZP178PPnD0IeA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:57:03 GMT
age: 80940
etag: "c314368e2e73dabf2c5d856e2c3e1fae610a3005"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1670271960177%2C%22event_namespace%22%3A%7B%22action%22%3A%22results%22%2C%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline-profile%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Faroma-modena.com%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%223a64761%3A1667500028145%22%2C%22widget_data_source%22%3A%22screen-name%3AAromaModena%22%7D&session_id=7e8a6cc567f8285493bd6a7a502f3157b315824d
104.244.42.8200 OK 43 B URL HTTP/2 syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1670271960177%2C%22event_namespace%22%3A%7B%22action%22%3A%22results%22%2C%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline-profile%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Faroma-modena.com%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%223a64761%3A1667500028145%22%2C%22widget_data_source%22%3A%22screen-name%3AAromaModena%22%7D&session_id=7e8a6cc567f8285493bd6a7a502f3157b315824d
IP 104.244.42.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1670271960177%2C%22event_namespace%22%3A%7B%22action%22%3A%22results%22%2C%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline-profile%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Faroma-modena.com%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%223a64761%3A1667500028145%22%2C%22widget_data_source%22%3A%22screen-name%3AAromaModena%22%7D&session_id=7e8a6cc567f8285493bd6a7a502f3157b315824d HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/srv/timeline-profile/screen-name/AromaModena?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19zaG93X2J1c2luZXNzX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9LCJ0ZndfY2hpbl9waWxsc18xNDc0MSI6eyJidWNrZXQiOiJjb2xvcl9pY29ucyIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfcmVzdWx0X21pZ3JhdGlvbl8xMzk3OSI6eyJidWNrZXQiOiJ0d2VldF9yZXN1bHQiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NlbnNpdGl2ZV9tZWRpYV9pbnRlcnN0aXRpYWxfMTM5NjMiOnsiYnVja2V0IjoiaW50ZXJzdGl0aWFsIiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmx1ZV92ZXJpZmllZF9iYWRnZSI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=ja&maxHeight=800px&origin=https%3A%2F%2Faroma-modena.com%2F&sessionId=7e8a6cc567f8285493bd6a7a502f3157b315824d&showHeader=true&showReplies=false&theme=light&transparent=false&widgetsVersion=a3525f077c700%3A1667415560940
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:26:02 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: image/gif
cache-control: must-revalidate, max-age=600
last-modified: Mon, 05 Dec 2022 20:26:02 GMT
content-length: 43
x-transaction-id: 18206aa79a7e7706
strict-transport-security: max-age=631138519
x-response-time: 110
x-connection-hash: 0e55565d2cc262a758e183c07238b7eb89ac2584b2af4679f614e904743a743c
X-Firefox-Spdy: h2
abs.twimg.com/sticky/animations/like.4.json
152.199.21.141200 OK 1.9 kB URL HTTP/2 abs.twimg.com/sticky/animations/like.4.json
IP 152.199.21.141:0
File type ASCII text, with very long lines (24291)
Hash c5203df5bd1440c2fdf4b44f0eb3116a
6b928e79e59b281eb5b9f5c2ad608f81078b5869
0b638ce107a37db0734fcd82af97d1dd575c246d737949c5414aa1dc549540e3
GET /sticky/animations/like.4.json HTTP/1.1
Host: abs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://syndication.twitter.com/
Origin: https://syndication.twitter.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 3987284
content-type: application/json
date: Mon, 05 Dec 2022 20:26:03 GMT
etag: "YKYmOkwIx9KztN7bQT7x8g=="
expires: Tue, 05 Dec 2023 20:26:03 GMT
last-modified: Thu, 20 Oct 2022 16:50:56 GMT
perf: 7626143928
server: ECAcc (ska/F695)
strict-transport-security: max-age=631138519
surrogate-key: twitter-assets
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
vary: Accept-Encoding
x-cache: HIT
x-connection-hash: 00620de26479f72103b0d6f4ca0873a782dd4164b4c1379a9b6b21190ad4a58b
x-content-type-options: nosniff
x-response-time: 10
x-ton-expected-size: 24292
x-transaction-id: 80afab27525733bc
content-length: 1897
X-Firefox-Spdy: h2
pbs.twimg.com/tweet_video_thumb/FjMiKIdUoAA1SRP.jpg
151.101.84.159200 OK 180 kB URL HTTP/2 pbs.twimg.com/tweet_video_thumb/FjMiKIdUoAA1SRP.jpg
IP 151.101.84.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1200x675, components 3\012- data
Size 180 kB (180164 bytes)
Hash d5bc24f7d65295f803440407a1f7e57a
d35f85410a47d0048042419e8857840d8cf1ba90
31f7903a10df1bba15257e6e9aa5208fed00b0b1e32b14eb7d4b7b0d4efd1788
GET /tweet_video_thumb/FjMiKIdUoAA1SRP.jpg HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
perf: 7626143928
cache-control: max-age=604800, must-revalidate
last-modified: Mon, 05 Dec 2022 06:58:03 GMT
x-transaction-id: 7b2427721801c79c
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
content-type: image/jpeg
accept-ranges: bytes
date: Mon, 05 Dec 2022 20:26:02 GMT
x-cache: HIT, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7346-LHR, cache-bma1673-BMA, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 180164
X-Firefox-Spdy: h2
aroma-modena.com/wp-content/themes/heal_tcd077/js/slick.min.js?ver=1.0.0
162.43.117.39200 OK 0 B URL HTTP/2 aroma-modena.com/wp-content/themes/heal_tcd077/js/slick.min.js?ver=1.0.0
IP 162.43.117.39:0
GET /wp-content/themes/heal_tcd077/js/slick.min.js?ver=1.0.0 HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:56 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 18 Jan 2022 17:43:20 GMT
etag: W/"a3e1-5d5dece19fcd2"
content-encoding: br
X-Firefox-Spdy: h2
aroma-modena.com/wp-content/themes/heal_tcd077/js/owl.theme.default.min.css?ver=1.0.0
162.43.117.39200 OK 0 B URL HTTP/2 aroma-modena.com/wp-content/themes/heal_tcd077/js/owl.theme.default.min.css?ver=1.0.0
IP 162.43.117.39:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/heal_tcd077/js/owl.theme.default.min.css?ver=1.0.0 HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:56 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 18 Jan 2022 17:43:19 GMT
etag: W/"3f5-5d5dece02daeb"
content-encoding: br
X-Firefox-Spdy: h2
aroma-modena.com/wp-content/themes/heal_tcd077/style.css?ver=1.3.2
162.43.117.39200 OK 0 B URL HTTP/2 aroma-modena.com/wp-content/themes/heal_tcd077/style.css?ver=1.3.2
IP 162.43.117.39:0
GET /wp-content/themes/heal_tcd077/style.css?ver=1.3.2 HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:56 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 18 Jan 2022 17:40:09 GMT
etag: W/"1d093-5d5dec2ab56a2"
content-encoding: br
X-Firefox-Spdy: h2
aroma-modena.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
162.43.117.39200 OK 0 B URL HTTP/2 aroma-modena.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 162.43.117.39:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:56 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 23 Sep 2022 14:09:44 GMT
etag: W/"48b9-5e958bada799e"
content-encoding: br
X-Firefox-Spdy: h2
aroma-modena.com/wp-content/themes/heal_tcd077/js/simplebar.min.js?ver=1.3.2
162.43.117.39200 OK 0 B URL HTTP/2 aroma-modena.com/wp-content/themes/heal_tcd077/js/simplebar.min.js?ver=1.3.2
IP 162.43.117.39:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/heal_tcd077/js/simplebar.min.js?ver=1.3.2 HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:56 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 18 Jan 2022 17:43:20 GMT
etag: W/"b378-5d5dece0f7d4f"
content-encoding: br
X-Firefox-Spdy: h2
aroma-modena.com/wp-content/themes/heal_tcd077/js/swiper-bundle.js?ver=1.3.2
162.43.117.39200 OK 0 B URL HTTP/2 aroma-modena.com/wp-content/themes/heal_tcd077/js/swiper-bundle.js?ver=1.3.2
IP 162.43.117.39:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/heal_tcd077/js/swiper-bundle.js?ver=1.3.2 HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:56 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 18 Jan 2022 17:43:21 GMT
etag: W/"51f70-5d5dece201754"
content-encoding: br
X-Firefox-Spdy: h2
aroma-modena.com/wp-content/themes/heal_tcd077/js/owl.carousel.min.js?ver=1.0.0
162.43.117.39200 OK 0 B URL HTTP/2 aroma-modena.com/wp-content/themes/heal_tcd077/js/owl.carousel.min.js?ver=1.0.0
IP 162.43.117.39:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/heal_tcd077/js/owl.carousel.min.js?ver=1.0.0 HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:56 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 18 Jan 2022 17:43:19 GMT
etag: W/"ad36-5d5dece01b20b"
content-encoding: br
X-Firefox-Spdy: h2
aroma-modena.com/wp-content/themes/heal_tcd077/js/owl.carousel.min.css?ver=1.0.0
162.43.117.39200 OK 0 B URL HTTP/2 aroma-modena.com/wp-content/themes/heal_tcd077/js/owl.carousel.min.css?ver=1.0.0
IP 162.43.117.39:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/heal_tcd077/js/owl.carousel.min.css?ver=1.0.0 HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:56 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 18 Jan 2022 17:43:18 GMT
etag: W/"d17-5d5decdfdba6a"
content-encoding: br
X-Firefox-Spdy: h2
aroma-modena.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
162.43.117.39200 OK 0 B URL HTTP/2 aroma-modena.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 162.43.117.39:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:56 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 02 Nov 2022 06:05:46 GMT
etag: W/"15e54-5ec76a1b57b27"
content-encoding: br
X-Firefox-Spdy: h2
aroma-modena.com/
162.43.117.39200 OK 0 B IP 162.43.117.39:0
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:55 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://aroma-modena.com/wp-json/>; rel="https://api.w.org/", <https://aroma-modena.com/wp-json/wp/v2/pages/320>; rel="alternate"; type="application/json", <https://aroma-modena.com/>; rel=shortlink
content-encoding: br
X-Firefox-Spdy: h2
aroma-modena.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
162.43.117.39200 OK 0 B URL HTTP/2 aroma-modena.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 162.43.117.39:0
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:56 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 16 Nov 2022 06:06:54 GMT
etag: W/"172a9-5ed9047822e9f"
content-encoding: br
X-Firefox-Spdy: h2
aroma-modena.com/wp-content/themes/heal_tcd077/css/design-plus.css?ver=1.3.2
162.43.117.39200 OK 0 B URL HTTP/2 aroma-modena.com/wp-content/themes/heal_tcd077/css/design-plus.css?ver=1.3.2
IP 162.43.117.39:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/heal_tcd077/css/design-plus.css?ver=1.3.2 HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:56 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 18 Jan 2022 17:43:07 GMT
etag: W/"6193-5d5decd55d1d7"
content-encoding: br
X-Firefox-Spdy: h2
aroma-modena.com/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.2
162.43.117.39200 OK 0 B URL HTTP/2 aroma-modena.com/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.2
IP 162.43.117.39:0
GET /wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.2 HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:56 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 02 Nov 2022 06:05:46 GMT
etag: W/"8f7b-5ec76a1b38727"
content-encoding: br
X-Firefox-Spdy: h2
aroma-modena.com/wp-content/themes/heal_tcd077/css/footer-bar.css?ver=1.3.2
162.43.117.39200 OK 0 B URL HTTP/2 aroma-modena.com/wp-content/themes/heal_tcd077/css/footer-bar.css?ver=1.3.2
IP 162.43.117.39:0
GET /wp-content/themes/heal_tcd077/css/footer-bar.css?ver=1.3.2 HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:57 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 18 Jan 2022 17:43:08 GMT
etag: W/"954-5d5decd5b6f59"
content-encoding: br
X-Firefox-Spdy: h2
platform.twitter.com/_next/static/chunks/0.ad6e60829dfc07776f5e.js
93.184.220.66200 OK 0 B URL HTTP/1.1 platform.twitter.com/_next/static/chunks/0.ad6e60829dfc07776f5e.js
IP 93.184.220.66:0
GET /_next/static/chunks/0.ad6e60829dfc07776f5e.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 426004
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Mon, 05 Dec 2022 20:26:01 GMT
Etag: "f8a649284ac45133fc2c0b92defbd7b3+gzip"
Last-Modified: Thu, 03 Nov 2022 19:46:28 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F711)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 187307
aroma-modena.com/wp-includes/js/comment-reply.min.js?ver=6.1.1
162.43.117.39200 OK 0 B URL HTTP/2 aroma-modena.com/wp-includes/js/comment-reply.min.js?ver=6.1.1
IP 162.43.117.39:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/comment-reply.min.js?ver=6.1.1 HTTP/1.1
Host: aroma-modena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aroma-modena.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:56 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 23 Sep 2022 14:09:35 GMT
etag: W/"ba5-5e958ba4cdf77"
content-encoding: br
X-Firefox-Spdy: h2