www.ledivin.co.uk Open in urlscan Pro
87.247.245.133  Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response www.ledivin.co.uk/reservation/	72 KB 72 KB	832ms 674ms	Document text/html	87.247.245.133 GD-EMEA-DC-LD5
General Check archive.org Show headers Download Go to Full URL http://www.ledivin.co.uk/reservation/ Protocol HTTP/1.1 Server 87.247.245.133 Leeds, United Kingdom, ASN20738 (GD-EMEA-DC-LD5, DE), Reverse DNS iowa.footholds.net Software Apache / Resource Hash 33818cadce9e010a43561a2937f5987b6fb134dbb71c420451fc84952c78530f Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Connection Upgrade, Keep-Alive Content-Type text/html; charset=UTF-8 Date Tue, 06 Feb 2024 21:47:15 GMT Keep-Alive timeout=5, max=100 Link <https://www.ledivin.co.uk/wp-json/>; rel="https://api.w.org/", <https://www.ledivin.co.uk/wp-json/wp/v2/pages/2003>; rel="alternate"; type="application/json", <https://www.ledivin.co.uk/?p=2003>; rel=shortlink Server Apache Transfer-Encoding chunked Upgrade h2,h2c
GET H/1.1	200 OK	styles.css www.ledivin.co.uk/wp-content/plugins/contact-form-7/includes/css/	3 KB 3 KB	200ms 100ms	Stylesheet text/css	87.247.245.133 GD-EMEA-DC-LD5
General Check archive.org Show headers Download Go to Full URL http://www.ledivin.co.uk/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.7 Requested by Host: www.ledivin.co.uk URL: http://www.ledivin.co.uk/reservation/ Protocol HTTP/1.1 Server 87.247.245.133 Leeds, United Kingdom, ASN20738 (GD-EMEA-DC-LD5, DE), Reverse DNS iowa.footholds.net Software Apache / Resource Hash ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b Request headers accept-language en-US,en;q=0.9 Referer http://www.ledivin.co.uk/reservation/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Date Tue, 06 Feb 2024 21:47:15 GMT Last-Modified Mon, 05 Feb 2024 11:51:34 GMT Server Apache Upgrade h2,h2c Content-Type text/css Connection Upgrade, Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 2894
GET H/1.1	200 OK	css fonts.googleapis.com/	4 KB 1 KB	63ms 39ms	Stylesheet text/css	2607:f8b0:4006:822::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL http://fonts.googleapis.com/css?family=Merriweather%3A700%2C400&display=swap&ver=6.4.3 Requested by Host: www.ledivin.co.uk URL: http://www.ledivin.co.uk/reservation/ Protocol HTTP/1.1 Server 2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 6b418ab701de1f01254625b9edae1709e7dc14e3cac7ca7c3865afaa9147b875 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer http://www.ledivin.co.uk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Date Tue, 06 Feb 2024 21:47:15 GMT Content-Encoding gzip X-Content-Type-Options nosniff Transfer-Encoding chunked Cross-Origin-Resource-Policy cross-origin X-XSS-Protection 0 Last-Modified Tue, 06 Feb 2024 21:47:15 GMT Server ESF Cross-Origin-Opener-Policy same-origin-allow-popups X-Frame-Options SAMEORIGIN Content-Type text/css; charset=utf-8 Access-Control-Allow-Origin * Cache-Control private, max-age=86400, stale-while-revalidate=604800 Timing-Allow-Origin * Link <http://fonts.gstatic.com>; rel=preconnect; crossorigin Expires Tue, 06 Feb 2024 21:47:15 GMT
GET H/1.1	200 OK	style.min.css www.ledivin.co.uk/wp-content/themes/Impreza/css/	422 KB 422 KB	200ms 101ms	Stylesheet text/css	87.247.245.133 GD-EMEA-DC-LD5
General Check archive.org Show headers Download Go to Full URL http://www.ledivin.co.uk/wp-content/themes/Impreza/css/style.min.css?ver=8.19 Requested by Host: www.ledivin.co.uk URL: http://www.ledivin.co.uk/reservation/ Protocol HTTP/1.1 Server 87.247.245.133 Leeds, United Kingdom, ASN20738 (GD-EMEA-DC-LD5, DE), Reverse DNS iowa.footholds.net Software Apache / Resource Hash c299159e0f42cce5d588fed88e1a3ecff764f25dc914a434ccaf060938d10e77 Request headers accept-language en-US,en;q=0.9 Referer http://www.ledivin.co.uk/reservation/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Date Tue, 06 Feb 2024 21:47:15 GMT Last-Modified Thu, 16 Nov 2023 12:55:25 GMT Server Apache Upgrade h2,h2c Content-Type text/css Connection Upgrade, Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 432222
GET BLOB	200 OK	f958ed22-ed62-40f3-9fd1-1f047270fcc4 http://www.ledivin.co.uk/	1 KB 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:http://www.ledivin.co.uk/f958ed22-ed62-40f3-9fd1-1f047270fcc4 Requested by Host: www.ledivin.co.uk URL: http://www.ledivin.co.uk/reservation/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22 Request headers accept-language en-US,en;q=0.9 Referer http://www.ledivin.co.uk/reservation/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Content-Length 1245 Content-Type text/javascript
GET H2	200	ledivin-logo.png www.ledivin.co.uk/wp-content/uploads/2021/09/	18 KB 18 KB	414ms 203ms	Image image/png	87.247.245.133 GD-EMEA-DC-LD5
General Check archive.org Show headers Download Go to Show image Full URL https://www.ledivin.co.uk/wp-content/uploads/2021/09/ledivin-logo.png Requested by Host: www.ledivin.co.uk URL: http://www.ledivin.co.uk/reservation/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 87.247.245.133 Leeds, United Kingdom, ASN20738 (GD-EMEA-DC-LD5, DE), Reverse DNS iowa.footholds.net Software Apache / Resource Hash 1ec83a4f4be763d77084f73918298ddc2cbd1b8666ff157ff8626f1a3224ae30 Request headers accept-language en-US,en;q=0.9 Referer http://www.ledivin.co.uk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Tue, 06 Feb 2024 21:47:16 GMT last-modified Wed, 08 Sep 2021 17:49:24 GMT server Apache accept-ranges bytes content-length 18103 content-type image/png
GET H/1.1	200 OK	index.js Show response www.ledivin.co.uk/wp-content/plugins/contact-form-7/includes/swv/js/	11 KB 11 KB	101ms 100ms	Script application/javascript	87.247.245.133 GD-EMEA-DC-LD5
General Check archive.org Show headers Download Go to Full URL http://www.ledivin.co.uk/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.7 Requested by Host: www.ledivin.co.uk URL: http://www.ledivin.co.uk/reservation/ Protocol HTTP/1.1 Server 87.247.245.133 Leeds, United Kingdom, ASN20738 (GD-EMEA-DC-LD5, DE), Reverse DNS iowa.footholds.net Software Apache / Resource Hash 9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d Request headers accept-language en-US,en;q=0.9 Referer http://www.ledivin.co.uk/reservation/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Date Tue, 06 Feb 2024 21:47:16 GMT Last-Modified Mon, 05 Feb 2024 11:51:34 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 11117
GET H/1.1	200 OK	index.js Show response www.ledivin.co.uk/wp-content/plugins/contact-form-7/includes/js/	13 KB 13 KB	105ms 100ms	Script application/javascript	87.247.245.133 GD-EMEA-DC-LD5
General Check archive.org Show headers Download Go to Full URL http://www.ledivin.co.uk/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.7 Requested by Host: www.ledivin.co.uk URL: http://www.ledivin.co.uk/reservation/ Protocol HTTP/1.1 Server 87.247.245.133 Leeds, United Kingdom, ASN20738 (GD-EMEA-DC-LD5, DE), Reverse DNS iowa.footholds.net Software Apache / Resource Hash 7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1 Request headers accept-language en-US,en;q=0.9 Referer http://www.ledivin.co.uk/reservation/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Date Tue, 06 Feb 2024 21:47:16 GMT Last-Modified Mon, 05 Feb 2024 11:51:34 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 13182
GET H/1.1	200 OK	jquery.min.js Show response www.ledivin.co.uk/wp-includes/js/jquery/	86 KB 86 KB	101ms 101ms	Script application/javascript	87.247.245.133 GD-EMEA-DC-LD5
General Check archive.org Show headers Download Go to Full URL http://www.ledivin.co.uk/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 Requested by Host: www.ledivin.co.uk URL: http://www.ledivin.co.uk/reservation/ Protocol HTTP/1.1 Server 87.247.245.133 Leeds, United Kingdom, ASN20738 (GD-EMEA-DC-LD5, DE), Reverse DNS iowa.footholds.net Software Apache / Resource Hash cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf Request headers accept-language en-US,en;q=0.9 Referer http://www.ledivin.co.uk/reservation/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Date Tue, 06 Feb 2024 21:47:16 GMT Last-Modified Thu, 16 Nov 2023 12:54:27 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 87553
GET H/1.1	200 OK	us.core.min.js Show response www.ledivin.co.uk/wp-content/themes/Impreza/js/	192 KB 192 KB	102ms 100ms	Script application/javascript	87.247.245.133 GD-EMEA-DC-LD5
General Check archive.org Show headers Download Go to Full URL http://www.ledivin.co.uk/wp-content/themes/Impreza/js/us.core.min.js?ver=8.19 Requested by Host: www.ledivin.co.uk URL: http://www.ledivin.co.uk/reservation/ Protocol HTTP/1.1 Server 87.247.245.133 Leeds, United Kingdom, ASN20738 (GD-EMEA-DC-LD5, DE), Reverse DNS iowa.footholds.net Software Apache / Resource Hash e2b118b0858369b1c86b0fa1977f89ca9a306f94fa3c000a0d4073f1ca8dc35f Request headers accept-language en-US,en;q=0.9 Referer http://www.ledivin.co.uk/reservation/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Date Tue, 06 Feb 2024 21:47:16 GMT Last-Modified Thu, 16 Nov 2023 12:55:25 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 196412
GET H2	200	28918 Show response booking.resdiary.com/widget/FixedSize/LeDiVinWineBar/ Frame 4248	48 KB 10 KB	1558ms 1459ms	Document text/html	2606:4700:10::6814:6ed CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking.resdiary.com/widget/FixedSize/LeDiVinWineBar/28918 Requested by Host: www.ledivin.co.uk URL: http://www.ledivin.co.uk/reservation/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:6ed , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e922c1515566bf2dd04d19a4e67800e675af04fca5e5ed520c78ba534956d798 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer http://www.ledivin.co.uk/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 accept-language en-US,en;q=0.9 Response headers cache-control public,max-age=60 cf-cache-status DYNAMIC cf-ray 85169734b8bb4bc3-BUF content-encoding gzip content-type text/html; charset=utf-8 date Tue, 06 Feb 2024 21:47:18 GMT server cloudflare strict-transport-security max-age=31536000; includeSubDomains; preload vary *
GET H2	200	hero-1.jpg www.ledivin.co.uk/wp-content/uploads/2021/09/	555 KB 556 KB	106ms 103ms	Image image/jpeg	87.247.245.133 GD-EMEA-DC-LD5
General Check archive.org Show headers Download Go to Show image Full URL https://www.ledivin.co.uk/wp-content/uploads/2021/09/hero-1.jpg Requested by Host: www.ledivin.co.uk URL: http://www.ledivin.co.uk/reservation/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 87.247.245.133 Leeds, United Kingdom, ASN20738 (GD-EMEA-DC-LD5, DE), Reverse DNS iowa.footholds.net Software Apache / Resource Hash 4eff5959e39e3f74ecc107c1d8fa0b3fc2cbb1c9934d96e19af201af066dc59e Request headers accept-language en-US,en;q=0.9 Referer http://www.ledivin.co.uk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Tue, 06 Feb 2024 21:47:16 GMT last-modified Mon, 20 Sep 2021 09:38:11 GMT server Apache accept-ranges bytes content-length 568630 content-type image/jpeg
GET H/1.1	200 OK	u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2 fonts.gstatic.com/s/merriweather/v30/	19 KB 20 KB	51ms 26ms	Font font/woff2	2607:f8b0:4006:81d::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2 Requested by Host: fonts.googleapis.com URL: http://fonts.googleapis.com/css?family=Merriweather%3A700%2C400&display=swap&ver=6.4.3 Protocol HTTP/1.1 Server 2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://fonts.googleapis.com/ Origin http://www.ledivin.co.uk accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Date Thu, 01 Feb 2024 09:16:12 GMT X-Content-Type-Options nosniff Age 477064 Content-Security-Policy-Report-Only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes Cross-Origin-Resource-Policy cross-origin Content-Length 19740 X-XSS-Protection 0 Last-Modified Tue, 26 Apr 2022 15:48:38 GMT Server sffe Cross-Origin-Opener-Policy same-origin; report-to="apps-themes" Report-To {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} Content-Type font/woff2 Access-Control-Allow-Origin * Cache-Control public, max-age=31536000 Accept-Ranges bytes Timing-Allow-Origin * Expires Fri, 31 Jan 2025 09:16:12 GMT
GET H/1.1	200 OK	fa-brands-400.woff2 www.ledivin.co.uk/wp-content/themes/Impreza/fonts/	75 KB 75 KB	101ms 101ms	Font font/woff2	87.247.245.133 GD-EMEA-DC-LD5
General Check archive.org Show headers Download Go to Full URL http://www.ledivin.co.uk/wp-content/themes/Impreza/fonts/fa-brands-400.woff2?ver=8.19 Requested by Host: www.ledivin.co.uk URL: http://www.ledivin.co.uk/reservation/ Protocol HTTP/1.1 Server 87.247.245.133 Leeds, United Kingdom, ASN20738 (GD-EMEA-DC-LD5, DE), Reverse DNS iowa.footholds.net Software Apache / Resource Hash 39c658ef377f9ec31442c5343a15bdfc4c4653bcca74bc7d6fe4b3e736a60aa4 Request headers Referer http://www.ledivin.co.uk/reservation/ Origin http://www.ledivin.co.uk accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Date Tue, 06 Feb 2024 21:47:16 GMT Last-Modified Thu, 16 Nov 2023 12:55:25 GMT Server Apache Content-Type font/woff2 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 76728
GET H/1.1	200 OK	fa-solid-900.woff2 www.ledivin.co.uk/wp-content/themes/Impreza/fonts/	134 KB 134 KB	103ms 102ms	Font font/woff2	87.247.245.133 GD-EMEA-DC-LD5
General Check archive.org Show headers Download Go to Full URL http://www.ledivin.co.uk/wp-content/themes/Impreza/fonts/fa-solid-900.woff2?ver=8.19 Requested by Host: www.ledivin.co.uk URL: http://www.ledivin.co.uk/reservation/ Protocol HTTP/1.1 Server 87.247.245.133 Leeds, United Kingdom, ASN20738 (GD-EMEA-DC-LD5, DE), Reverse DNS iowa.footholds.net Software Apache / Resource Hash 8d4d29042c23b5fcbed3af690421776de0f8ad3d308d66e24a9d80bcc8ccb522 Request headers Referer http://www.ledivin.co.uk/reservation/ Origin http://www.ledivin.co.uk accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Date Tue, 06 Feb 2024 21:47:16 GMT Last-Modified Thu, 16 Nov 2023 12:55:25 GMT Server Apache Content-Type font/woff2 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 137104
GET H/1.1	200 OK	u-440qyriQwlOrhSvowK_l5-fCZM.woff2 fonts.gstatic.com/s/merriweather/v30/	20 KB 20 KB	48ms 24ms	Font font/woff2	2607:f8b0:4006:81d::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2 Requested by Host: fonts.googleapis.com URL: http://fonts.googleapis.com/css?family=Merriweather%3A700%2C400&display=swap&ver=6.4.3 Protocol HTTP/1.1 Server 2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://fonts.googleapis.com/ Origin http://www.ledivin.co.uk accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Date Thu, 01 Feb 2024 09:22:36 GMT X-Content-Type-Options nosniff Age 476680 Content-Security-Policy-Report-Only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes Cross-Origin-Resource-Policy cross-origin Content-Length 20028 X-XSS-Protection 0 Last-Modified Tue, 26 Apr 2022 16:41:08 GMT Server sffe Cross-Origin-Opener-Policy same-origin; report-to="apps-themes" Report-To {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} Content-Type font/woff2 Access-Control-Allow-Origin * Cache-Control public, max-age=31536000 Accept-Ranges bytes Timing-Allow-Origin * Expires Fri, 31 Jan 2025 09:22:36 GMT
GET H/1.1	200 OK	material-icons.woff2 www.ledivin.co.uk/wp-content/themes/Impreza/fonts/	125 KB 126 KB	103ms 102ms	Font font/woff2	87.247.245.133 GD-EMEA-DC-LD5
General Check archive.org Show headers Download Go to Full URL http://www.ledivin.co.uk/wp-content/themes/Impreza/fonts/material-icons.woff2?ver=8.19 Requested by Host: www.ledivin.co.uk URL: http://www.ledivin.co.uk/reservation/ Protocol HTTP/1.1 Server 87.247.245.133 Leeds, United Kingdom, ASN20738 (GD-EMEA-DC-LD5, DE), Reverse DNS iowa.footholds.net Software Apache / Resource Hash 8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1 Request headers Referer http://www.ledivin.co.uk/reservation/ Origin http://www.ledivin.co.uk accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Date Tue, 06 Feb 2024 21:47:16 GMT Last-Modified Thu, 16 Nov 2023 12:55:25 GMT Server Apache Upgrade h2,h2c Content-Type font/woff2 Connection Upgrade, Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 128352
GET H/1.1	200 OK	fa-regular-400.woff2 www.ledivin.co.uk/wp-content/themes/Impreza/fonts/	165 KB 165 KB	162ms 100ms	Font font/woff2	87.247.245.133 GD-EMEA-DC-LD5
General Check archive.org Show headers Download Go to Full URL http://www.ledivin.co.uk/wp-content/themes/Impreza/fonts/fa-regular-400.woff2?ver=8.19 Requested by Host: www.ledivin.co.uk URL: http://www.ledivin.co.uk/reservation/ Protocol HTTP/1.1 Server 87.247.245.133 Leeds, United Kingdom, ASN20738 (GD-EMEA-DC-LD5, DE), Reverse DNS iowa.footholds.net Software Apache / Resource Hash 3bbb0df89b8dbe8001e8c24de4e2d1693f94997b29f007a7bda22a9802832768 Request headers Referer http://www.ledivin.co.uk/reservation/ Origin http://www.ledivin.co.uk accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Date Tue, 06 Feb 2024 21:47:16 GMT Last-Modified Thu, 16 Nov 2023 12:55:25 GMT Server Apache Content-Type font/woff2 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 168824
GET H/1.1	200 OK	wp-emoji-release.min.js Show response www.ledivin.co.uk/wp-includes/js/	18 KB 19 KB	111ms 102ms	Script application/javascript	87.247.245.133 GD-EMEA-DC-LD5
General Check archive.org Show headers Download Go to Full URL http://www.ledivin.co.uk/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3 Requested by Host: www.ledivin.co.uk URL: http://www.ledivin.co.uk/reservation/ Protocol HTTP/1.1 Server 87.247.245.133 Leeds, United Kingdom, ASN20738 (GD-EMEA-DC-LD5, DE), Reverse DNS iowa.footholds.net Software Apache / Resource Hash 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230 Request headers accept-language en-US,en;q=0.9 Referer http://www.ledivin.co.uk/reservation/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Date Tue, 06 Feb 2024 21:47:16 GMT Last-Modified Tue, 23 May 2023 08:41:57 GMT Server Apache Upgrade h2,h2c Content-Type application/javascript Connection Upgrade, Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 18692
GET H2	200	fixedsizewidget.css booking.resdiary.com/bundles/css/ Frame 4248	494 KB 65 KB	766ms 764ms	Stylesheet text/css	2606:4700:10::6814:6ed CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking.resdiary.com/bundles/css/fixedsizewidget.css?v=jglUdKodwydO_kuPIllqywSz1V3Yo_zqmq5Pgp2um4E Requested by Host: booking.resdiary.com URL: https://booking.resdiary.com/widget/FixedSize/LeDiVinWineBar/28918 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:6ed , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8e095474aa1dc3274efe4b8f22596acb04b3d55dd8a3fcea9aae4f829dae9b81 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer https://booking.resdiary.com/widget/FixedSize/LeDiVinWineBar/28918 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Tue, 06 Feb 2024 21:47:18 GMT content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains; preload last-modified Mon, 22 Jan 2024 14:15:15 GMT server cloudflare cf-cache-status REVALIDATED etag "1da4d3d6b51a34c" vary Accept-Encoding content-type text/css cache-control max-age=300 cf-ray 8516973de80e4bc3-BUF
GET H2	200	local.css booking.resdiary.com/bundles/css/ Frame 4248	20 KB 4 KB	800ms 796ms	Stylesheet text/css	2606:4700:10::6814:6ed CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking.resdiary.com/bundles/css/local.css?v=gJbdYINwJY-9O2l_o7nj9eYxNZYRowhTQZR-QteZLPg Requested by Host: booking.resdiary.com URL: https://booking.resdiary.com/widget/FixedSize/LeDiVinWineBar/28918 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:6ed , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8096dd608370258fbd3b697fa3b9e3f5e631359611a3085341947e42d7992cf8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer https://booking.resdiary.com/widget/FixedSize/LeDiVinWineBar/28918 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Tue, 06 Feb 2024 21:47:18 GMT content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains; preload last-modified Mon, 22 Jan 2024 14:15:15 GMT server cloudflare cf-cache-status REVALIDATED etag "1da4d3d6b564b14" vary Accept-Encoding content-type text/css cache-control max-age=300 cf-ray 8516973de8104bc3-BUF
GET H2	200	28918.css widgetthemes-live.azureedge.net/Providers/LeDiVinWineBar/ Frame 4248	8 KB 1 KB	148ms 33ms	Stylesheet text/css	2606:2800:11f:17a5:191a:18d5:537:22f9 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://widgetthemes-live.azureedge.net/Providers/LeDiVinWineBar/28918.css?v=637702580605170000 Requested by Host: booking.resdiary.com URL: https://booking.resdiary.com/widget/FixedSize/LeDiVinWineBar/28918 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:11f:17a5:191a:18d5:537:22f9 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (nya/1C6B) / Resource Hash 848c1a120b6f683af1c202874b12f4f5c385b9638b8aa3dfe418bded9c6c59dd Request headers accept-language en-US,en;q=0.9 Referer https://booking.resdiary.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Tue, 06 Feb 2024 21:47:18 GMT content-encoding gzip last-modified Tue, 19 Oct 2021 16:34:20 GMT server ECAcc (nya/1C6B) content-md5 B+WwoeYnz/xUlzzb0Jc89A== age 557220 etag 0x8D9931E4D4D8C4C vary Accept-Encoding x-cache HIT content-type text/css x-ms-request-id 8d3fa5aa-901e-009b-3434-541778000000 x-ms-version 2009-09-19 content-length 1205
GET H2	200	warning.svg booking.resdiary.com/Content/Images/ Frame 4248	1 KB 807 B	754ms 754ms	Image image/svg+xml	2606:4700:10::6814:6ed CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://booking.resdiary.com/Content/Images/warning.svg Requested by Host: booking.resdiary.com URL: https://booking.resdiary.com/widget/FixedSize/LeDiVinWineBar/28918 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:6ed , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0756b23e73d630a47ddbb3b19468f543853cf4df15cde270fdbfabcbdd3f3d75 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer https://booking.resdiary.com/widget/FixedSize/LeDiVinWineBar/28918 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Tue, 06 Feb 2024 21:47:19 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip cf-cache-status REVALIDATED last-modified Mon, 22 Jan 2024 14:15:14 GMT server cloudflare etag W/"1da4d3d6abd81d9" vary Accept-Encoding content-type image/svg+xml cache-control max-age=300 cf-ray 8516973f59164bc3-BUF
GET H2	200	widget-jquery.js Show response booking.resdiary.com/bundles/ Frame 4248	990 KB 315 KB	762ms 762ms	Script application/javascript	2606:4700:10::6814:6ed CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking.resdiary.com/bundles/widget-jquery.js?v=5-yuzD1IOwJbiR5QroWBepgwMqny3oGvjlAuM9W8C28 Requested by Host: booking.resdiary.com URL: https://booking.resdiary.com/widget/FixedSize/LeDiVinWineBar/28918 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:6ed , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e7ecaecc3d483b025b891e50ae85817a983032a9f2de81af8e502e33d5bc0b6f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer https://booking.resdiary.com/widget/FixedSize/LeDiVinWineBar/28918 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Tue, 06 Feb 2024 21:47:19 GMT content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains; preload last-modified Mon, 22 Jan 2024 14:15:15 GMT server cloudflare cf-cache-status REVALIDATED etag "1da4d3d6b5962fd" vary Accept-Encoding content-type application/javascript cache-control max-age=300 cf-ray 85169740fa714bc3-BUF
GET H2	200	Setup Show response booking.resdiary.com/api/Restaurant/LeDiVinWineBar/ Frame 4248	14 KB 5 KB	569ms 568ms	XHR application/json	2606:4700:10::6814:6ed CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking.resdiary.com/api/Restaurant/LeDiVinWineBar/Setup?date=2024-02-06&channelCode=ONLINE Requested by Host: booking.resdiary.com URL: https://booking.resdiary.com/bundles/widget-jquery.js?v=5-yuzD1IOwJbiR5QroWBepgwMqny3oGvjlAuM9W8C28 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:6ed , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2710255a989c67d308358cee60c23fbbf91a52b07bb6a4eb898215ae29f4f8ed Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept */* Referer https://booking.resdiary.com/widget/FixedSize/LeDiVinWineBar/28918 X-Requested-With XMLHttpRequest accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Content-Type application/json Response headers date Tue, 06 Feb 2024 21:47:20 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip cf-cache-status DYNAMIC server cloudflare cf-ray 85169746cdfd4bc3-BUF content-type application/json; charset=utf-8
GET H2	200	newwidgetlogo1.svg widgetthemes-live.azureedge.net/ Frame 4248	20 KB 21 KB	33ms 33ms	Image image/svg+xml	2606:2800:11f:17a5:191a:18d5:537:22f9 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://widgetthemes-live.azureedge.net/newwidgetlogo1.svg Requested by Host: widgetthemes-live.azureedge.net URL: https://widgetthemes-live.azureedge.net/Providers/LeDiVinWineBar/28918.css?v=637702580605170000 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:11f:17a5:191a:18d5:537:22f9 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (nya/7982) / Resource Hash c1a0edae0b799b5a69bc4252059790ae060e3543671fbe45e55b701cc8708271 Request headers accept-language en-US,en;q=0.9 Referer https://widgetthemes-live.azureedge.net/Providers/LeDiVinWineBar/28918.css?v=637702580605170000 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Tue, 06 Feb 2024 21:47:19 GMT last-modified Wed, 31 Jan 2024 07:42:53 GMT server ECAcc (nya/7982) content-md5 umEjyv/laYFQdaeXer7oLg== age 562879 etag 0x8DC22303BCE9E2B x-cache HIT content-type image/svg+xml x-ms-request-id b6bb1043-e01e-0075-4127-54bd51000000 x-ms-version 2009-09-19 accept-ranges bytes content-length 20861
GET H2	200	OpenSans-Regular.ttf booking.resdiary.com/Content/fonts/ Frame 4248	212 KB 213 KB	765ms 765ms	Font application/x-font-ttf	2606:4700:10::6814:6ed CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking.resdiary.com/Content/fonts/OpenSans-Regular.ttf Requested by Host: booking.resdiary.com URL: https://booking.resdiary.com/bundles/css/local.css?v=gJbdYINwJY-9O2l_o7nj9eYxNZYRowhTQZR-QteZLPg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:6ed , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0895a025355dc0e29cc5993d7e62e8a54d9a446bfe274065ed86b5ece6209f80 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://booking.resdiary.com/bundles/css/local.css?v=gJbdYINwJY-9O2l_o7nj9eYxNZYRowhTQZR-QteZLPg Origin https://booking.resdiary.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Tue, 06 Feb 2024 21:47:20 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cf-cache-status REVALIDATED last-modified Mon, 22 Jan 2024 14:15:15 GMT server cloudflare etag "1da4d3d6b554a90" vary Accept-Encoding content-type application/x-font-ttf access-control-allow-origin * cache-control max-age=300 accept-ranges bytes cf-ray 851697472e2f4bc3-BUF content-length 217360
GET H/1.1	200 OK	Powered%20by%20Stripe%20-%20black.svg resdiary.blob.core.windows.net/widgetthemes/ Frame 4248	3 KB 4 KB	520ms 109ms	Image image/svg+xml	52.239.141.196 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://resdiary.blob.core.windows.net/widgetthemes/Powered%20by%20Stripe%20-%20black.svg Requested by Host: booking.resdiary.com URL: https://booking.resdiary.com/bundles/css/fixedsizewidget.css?v=jglUdKodwydO_kuPIllqywSz1V3Yo_zqmq5Pgp2um4E Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.239.141.196 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash e434f84af23af5d3ab6dbe7cfc9f6fc6009d95d1986ad6d529c2760ec18a524b Request headers accept-language en-US,en;q=0.9 Referer https://booking.resdiary.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob Date Tue, 06 Feb 2024 21:47:19 GMT Last-Modified Mon, 06 Mar 2023 12:31:30 GMT Server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 Content-MD5 tPYTT8s81inXbCOZvZ4bsw== ETag 0x8DB1E3EB6C82A57 Content-Type image/svg+xml x-ms-request-id 6830fbdc-b01e-000a-1446-5972ca000000 x-ms-version 2009-09-19 Content-Length 3311
GET H2	200	glyphicons-halflings-regular.woff2 booking.resdiary.com/Content/fonts/ Frame 4248	18 KB 18 KB	767ms 765ms	Font font/woff2	2606:4700:10::6814:6ed CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking.resdiary.com/Content/fonts/glyphicons-halflings-regular.woff2 Requested by Host: booking.resdiary.com URL: https://booking.resdiary.com/bundles/css/fixedsizewidget.css?v=jglUdKodwydO_kuPIllqywSz1V3Yo_zqmq5Pgp2um4E Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:6ed , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://booking.resdiary.com/bundles/css/fixedsizewidget.css?v=jglUdKodwydO_kuPIllqywSz1V3Yo_zqmq5Pgp2um4E Origin https://booking.resdiary.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Tue, 06 Feb 2024 21:47:20 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cf-cache-status REVALIDATED last-modified Mon, 22 Jan 2024 14:15:15 GMT server cloudflare etag "1da4d3d6b565dec" vary Accept-Encoding content-type font/woff2 access-control-allow-origin * cache-control max-age=300 accept-ranges bytes cf-ray 851697472e344bc3-BUF content-length 18028
GET H2	200	/ Show response js.stripe.com/v3/ Frame 4248	588 KB 163 KB	199ms 21ms	Script text/javascript	151.101.192.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/?_=1707256039388 Requested by Host: booking.resdiary.com URL: https://booking.resdiary.com/bundles/widget-jquery.js?v=5-yuzD1IOwJbiR5QroWBepgwMqny3oGvjlAuM9W8C28 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.192.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 59b64093a1333815ee72906b4248911a61932e43e3c32c129709f940861f27ea Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://booking.resdiary.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Tue, 06 Feb 2024 21:47:19 GMT via 1.1 varnish age 33 x-cache HIT content-length 166890 x-request-id 5446f247-b014-49de-9337-7064f432dcf4 x-served-by cache-yyz4565-YYZ last-modified Tue, 06 Feb 2024 18:47:42 GMT server Fastly etag "403e0847ee63436496f68bdbf35a5052" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=60 accept-ranges bytes timing-allow-origin * x-cache-hits 14
GET H2	200	warning.svg booking.resdiary.com/Content/Images/ Frame 4248	1 KB 733 B	278ms 277ms	Image image/svg+xml	2606:4700:10::6814:6ed CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://booking.resdiary.com/Content/Images/warning.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:6ed , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0756b23e73d630a47ddbb3b19468f543853cf4df15cde270fdbfabcbdd3f3d75 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer https://booking.resdiary.com/widget/FixedSize/LeDiVinWineBar/28918 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Tue, 06 Feb 2024 21:47:19 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip cf-cache-status REVALIDATED last-modified Mon, 22 Jan 2024 14:15:14 GMT server cloudflare etag W/"1da4d3d6abd81d9" vary Accept-Encoding content-type image/svg+xml cache-control max-age=300 cf-ray 85169747fe744bc3-BUF
GET H2	200	m-outer-3437aaddcdf6922d623e172c2d6f9278.html Show response js.stripe.com/v3/ Frame FA40	200 B 840 B	18ms 17ms	Document text/html	151.101.192.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/?_=1707256039388 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.192.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://booking.resdiary.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 7277205 cache-control max-age=31536000 content-encoding br content-length 154 content-security-policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report content-security-policy-report-only base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Tue, 06 Feb 2024 21:47:20 GMT etag "3437aaddcdf6922d623e172c2d6f9278" last-modified Fri, 11 Nov 2022 20:25:37 GMT server Fastly strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 varnish x-cache HIT x-cache-hits 133539 x-content-type-options nosniff x-request-id 86cda074-f1c8-4cc5-86af-bb054d64837c x-served-by cache-yyz4565-YYZ
GET H2	200	m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Show response js.stripe.com/v3/fingerprinted/js/ Frame FA40	526 B 450 B	19ms 18ms	Script text/javascript	151.101.192.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.192.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Tue, 06 Feb 2024 21:47:20 GMT via 1.1 varnish age 5381906 x-cache HIT content-length 315 x-request-id 59b4cabb-f818-42ca-871a-d0ed1dfd2bca x-served-by cache-yyz4565-YYZ last-modified Fri, 11 Nov 2022 20:25:36 GMT server Fastly etag "d96c709017743c0759cf3853d1806ba5" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes timing-allow-origin * x-cache-hits 123587
POST H2	200	csp-report q.stripe.com/ Frame FA40	0 715 B	278ms 86ms	Other text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: www.ledivin.co.uk URL: http://www.ledivin.co.uk/reservation/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Content-Type application/csp-report Response headers date Tue, 06 Feb 2024 21:47:20 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1707256040281084 x-envoy-upstream-service-time 1 content-length 0 x-stripe-bg-intended-route-color blue pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 0 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1707256040280810 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
POST H2	200	csp-report q.stripe.com/ Frame FA40	0 715 B	279ms 87ms	Other text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: www.ledivin.co.uk URL: http://www.ledivin.co.uk/reservation/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Content-Type application/csp-report Response headers date Tue, 06 Feb 2024 21:47:20 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1707256040281236 x-envoy-upstream-service-time 1 content-length 0 x-stripe-bg-intended-route-color blue pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 0 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1707256040280988 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
GET H2	200	inner.html Show response m.stripe.network/ Frame DCAA	930 B 1 KB	28ms 18ms	Document text/html	151.101.192.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://m.stripe.network/inner.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.192.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1 Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes age 57 cache-control max-age=300, public content-encoding br content-length 540 content-security-policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Tue, 06 Feb 2024 21:47:20 GMT server Fastly strict-transport-security max-age=31556926; includeSubDomains; preload vary Accept-Encoding, Origin via 1.1 varnish x-cache HIT x-cache-hits 51 x-content-type-options nosniff x-request-id 71ead0c0-74f3-450a-afcf-7cdd7cca9f23 x-served-by cache-yyz4565-YYZ x-timer S1707256040.078350,VS0,VE0
POST H2	200	csp-report q.stripe.com/ Frame DCAA	0 490 B	223ms 88ms	Other text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: www.ledivin.co.uk URL: http://www.ledivin.co.uk/reservation/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://m.stripe.network/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Content-Type application/csp-report Response headers date Tue, 06 Feb 2024 21:47:20 GMT strict-transport-security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1707256040281374 x-envoy-upstream-service-time 2 content-length 0 x-stripe-bg-intended-route-color blue pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin x-stripe-server-envoy-upstream-service-time-ms 1 x-stripe-client-envoy-start-time-us 1707256040280978 cache-control max-age=0, no-cache, no-store, must-revalidate x-robots-tag none expires 0
GET H2	200	out-4.5.43.js Show response m.stripe.network/ Frame DCAA	87 KB 15 KB	18ms 18ms	Script text/javascript	151.101.192.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://m.stripe.network/out-4.5.43.js Requested by Host: m.stripe.network URL: https://m.stripe.network/inner.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.192.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://m.stripe.network/inner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload date Tue, 06 Feb 2024 21:47:20 GMT x-content-type-options nosniff content-encoding br via 1.1 varnish age 48 x-cache HIT content-length 15509 x-request-id 0cacb8df-b1e7-4850-9cc9-60bb7c514935 x-served-by cache-yyz4565-YYZ server Fastly x-timer S1707256040.105950,VS0,VE0 vary Accept-Encoding, Origin content-type text/javascript; charset=utf-8 cache-control max-age=300, public accept-ranges bytes x-cache-hits 47
POST H2	200	6 Show response m.stripe.com/ Frame DCAA	156 B 669 B	280ms 89ms	XHR application/json	34.213.37.126
General Check archive.org Show headers Download Go to Full URL https://m.stripe.com/6 Requested by Host: m.stripe.network URL: https://m.stripe.network/out-4.5.43.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.213.37.126 -, , ASN (), Reverse DNS Software nginx / Resource Hash 677d842045433ea976106c8045fdbb81ef6e861d0a27d9fe641761b920c7295d Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://m.stripe.network/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-stripe-bg-intended-route-color blue date Tue, 06 Feb 2024 21:47:20 GMT strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1707256040436380 server nginx content-type application/json;charset=utf-8 x-stripe-server-envoy-upstream-service-time-ms 2 access-control-allow-origin https://m.stripe.network x-stripe-client-envoy-start-time-us 1707256040435967 access-control-allow-credentials true access-control-allow-headers Content-Type content-length 156
POST H2	200	AvailabilityForDateRange Show response booking.resdiary.com/api/Restaurant/LeDiVinWineBar/ Frame 4248	85 KB 1 KB	959ms 956ms	XHR application/json	2606:4700:10::6814:6ed CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking.resdiary.com/api/Restaurant/LeDiVinWineBar/AvailabilityForDateRange Requested by Host: booking.resdiary.com URL: https://booking.resdiary.com/bundles/widget-jquery.js?v=5-yuzD1IOwJbiR5QroWBepgwMqny3oGvjlAuM9W8C28 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:6ed , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 129566ab84403322fe8bcb22255725b88f4cc550a5a0ae34a90d433bccdc7f70 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept */* Referer https://booking.resdiary.com/widget/FixedSize/LeDiVinWineBar/28918 X-Requested-With XMLHttpRequest accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Content-Type application/json Response headers date Tue, 06 Feb 2024 21:47:21 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip cf-cache-status DYNAMIC server cloudflare content-type application/json; charset=utf-8 access-control-allow-origin * cf-ray 8516974c18864bc3-BUF
GET H2	200	AvailabilitySearch Show response booking.resdiary.com/api/Restaurant/LeDiVinWineBar/ Frame 4248	81 B 154 B	1628ms 1627ms	XHR application/json	2606:4700:10::6814:6ed CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking.resdiary.com/api/Restaurant/LeDiVinWineBar/AvailabilitySearch?date=2024-02-06&covers=2&channelCode=ONLINE&areaId=0&availabilityType=Reservation Requested by Host: booking.resdiary.com URL: https://booking.resdiary.com/bundles/widget-jquery.js?v=5-yuzD1IOwJbiR5QroWBepgwMqny3oGvjlAuM9W8C28 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:6ed , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b377fdc84e833c2823076e236525e5be7ef9524adc2f085e58daa1be5e8fc3d2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept */* Referer https://booking.resdiary.com/widget/FixedSize/LeDiVinWineBar/28918 X-Requested-With XMLHttpRequest accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Content-Type application/json Response headers date Tue, 06 Feb 2024 21:47:21 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip cf-cache-status DYNAMIC server cloudflare cf-ray 8516974c18874bc3-BUF content-type application/json; charset=utf-8

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| _wpemojiSettings object| root object| $us object| swv object| wpcf7 undefined| $ function| jQuery function| pow object| _document object| _navigator undefined| _undefined object| _window object| $ush function| EvEmitter function| imagesLoaded function| USAnimate function| usGmapLoaded function| USHeader object| twemoji object| wp

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			m.stripe.com/	1970-01-21 03:50:16	Name: m Value: 96cb2a9a-c07e-4cb4-8d4c-7f5b7665325e91069f

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
other	warning	URL: http://www.ledivin.co.uk/reservation/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

booking.resdiary.com
fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
m.stripe.com
m.stripe.network
q.stripe.com
resdiary.blob.core.windows.net
widgetthemes-live.azureedge.net
www.ledivin.co.uk
151.101.192.176
2606:2800:11f:17a5:191a:18d5:537:22f9
2606:4700:10::6814:6ed
2607:f8b0:4006:81d::2003
2607:f8b0:4006:822::200a
34.213.37.126
52.239.141.196
54.186.23.98
87.247.245.133
0756b23e73d630a47ddbb3b19468f543853cf4df15cde270fdbfabcbdd3f3d75
0895a025355dc0e29cc5993d7e62e8a54d9a446bfe274065ed86b5ece6209f80
129566ab84403322fe8bcb22255725b88f4cc550a5a0ae34a90d433bccdc7f70
1ec83a4f4be763d77084f73918298ddc2cbd1b8666ff157ff8626f1a3224ae30
2710255a989c67d308358cee60c23fbbf91a52b07bb6a4eb898215ae29f4f8ed
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
33818cadce9e010a43561a2937f5987b6fb134dbb71c420451fc84952c78530f
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
39c658ef377f9ec31442c5343a15bdfc4c4653bcca74bc7d6fe4b3e736a60aa4
3bbb0df89b8dbe8001e8c24de4e2d1693f94997b29f007a7bda22a9802832768
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4eff5959e39e3f74ecc107c1d8fa0b3fc2cbb1c9934d96e19af201af066dc59e
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
59b64093a1333815ee72906b4248911a61932e43e3c32c129709f940861f27ea
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
677d842045433ea976106c8045fdbb81ef6e861d0a27d9fe641761b920c7295d
6b418ab701de1f01254625b9edae1709e7dc14e3cac7ca7c3865afaa9147b875
7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1
8096dd608370258fbd3b697fa3b9e3f5e631359611a3085341947e42d7992cf8
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
848c1a120b6f683af1c202874b12f4f5c385b9638b8aa3dfe418bded9c6c59dd
8d4d29042c23b5fcbed3af690421776de0f8ad3d308d66e24a9d80bcc8ccb522
8e095474aa1dc3274efe4b8f22596acb04b3d55dd8a3fcea9aae4f829dae9b81
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d
b377fdc84e833c2823076e236525e5be7ef9524adc2f085e58daa1be5e8fc3d2
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
c1a0edae0b799b5a69bc4252059790ae060e3543671fbe45e55b701cc8708271
c299159e0f42cce5d588fed88e1a3ecff764f25dc914a434ccaf060938d10e77
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e2b118b0858369b1c86b0fa1977f89ca9a306f94fa3c000a0d4073f1ca8dc35f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e434f84af23af5d3ab6dbe7cfc9f6fc6009d95d1986ad6d529c2760ec18a524b
e7ecaecc3d483b025b891e50ae85817a983032a9f2de81af8e502e33d5bc0b6f
e922c1515566bf2dd04d19a4e67800e675af04fca5e5ed520c78ba534956d798
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c