svwipe.com/clickout/13970/200045/
188.114.97.1302 Found 0 B URL HTTP/1.1 svwipe.com/clickout/13970/200045/
IP 188.114.97.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /clickout/13970/200045/ HTTP/1.1
Host: svwipe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Mon, 09 Jan 2023 12:58:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=qvnnm759s4uonb9fgh818qbaba; path=/
Expires: Mon, 09 Jan 2023 12:58:52 GMT
Cache-Control: no-cache
Pragma: no-cache
Location: https://uk.unleadmediabuy.com/trk/pid_117_cid_72_aOsyYdQoi3OJ6WJr?subId=9847&clickid=8db1b325d04045c37a017719105e0306f911a4f9d0e7862d9782c0be038c1084
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dk%2BntIU%2F36WxFfijVQxv27GgnM%2F56%2F3xrX2S%2B5ZzjCG7XpDdztelUgRFHYCA4con%2BeFYe%2BpN%2FUol62WQrvFQJjbIaVcSQ2b4STCaOgRP1dKEQNXEK%2FaqW7YEDglT"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 786d58d038430b49-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1f67827b21be68d925837dd729590f2d
dc24511141f5352e496b300d7d7e81b0cffb7475
afb1850e7c16f02d267a1310f1681367ecf598816fc62bd02447ffcd26117a9f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AFB1850E7C16F02D267A1310F1681367ECF598816FC62BD02447FFCD26117A9F"
Last-Modified: Mon, 09 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14453
Expires: Mon, 09 Jan 2023 16:59:46 GMT
Date: Mon, 09 Jan 2023 12:58:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b782882bdabaf3b08e64120922b4a4b7
2035ed7fc9fb5b6ee9715601ba43de5f94d0c0e9
3fe7d1a9a55b86ec25d02634749ccfae11f3477033ba8cd7ac4131b7948ba619
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3FE7D1A9A55B86EC25D02634749CCFAE11F3477033BA8CD7AC4131B7948BA619"
Last-Modified: Sat, 07 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4388
Expires: Mon, 09 Jan 2023 14:12:01 GMT
Date: Mon, 09 Jan 2023 12:58:53 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 09 Jan 2023 12:48:23 GMT
content-type: application/json
age: 630
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 89a058935fd04697c87e9441fbb466a9
59b5b08119374b1da34cff7e43a7c6dc80103f6e
3a3261f495323ff0f60067b2930b8d0e5e4e5cd6ae9b14929a88047587b735da
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3A3261F495323FF0F60067B2930B8D0E5E4E5CD6AE9B14929A88047587B735DA"
Last-Modified: Sat, 07 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2274
Expires: Mon, 09 Jan 2023 13:36:47 GMT
Date: Mon, 09 Jan 2023 12:58:53 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Ol2gWgPPYVNICXG5X+yDpkVfuAnqIU9/zN6D9pAaK4AuA8KD3FfEnSxBAYpvXS/NcMZWw2Eba0w=
x-amz-request-id: 9YKN3TWSGWC8Z6PA
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 09 Jan 2023 12:01:14 GMT
age: 3459
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 12:58:53 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 86b95ed4edf661128d947b7196e3c3ce
6c28477144b34e35ae25dc68db84cd45f3bc6cca
a3d1ff17ccdefaff4c276d6837fbc65388e5dad2b5b78f4977273c12fab8dd32
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3D1FF17CCDEFAFF4C276D6837FBC65388E5DAD2B5B78F4977273C12FAB8DD32"
Last-Modified: Sat, 07 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9722
Expires: Mon, 09 Jan 2023 15:40:55 GMT
Date: Mon, 09 Jan 2023 12:58:53 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 09 Jan 2023 12:33:44 GMT
age: 1509
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e8e0c910ffff02061a1806b1aa8cf9d2
c5bf0e7ad96e89b17a657fcb1e1cd1aa6d15ab89
896f08fa0030a1313df1f05ef47c5d1f11caa9094380fc026b95193164005448
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2079
Cache-Control: max-age=160954
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 12:58:53 GMT
Etag: "63bbd928-1d7"
Expires: Wed, 11 Jan 2023 09:41:27 GMT
Last-Modified: Mon, 09 Jan 2023 09:06:48 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
uk.unleadmediabuy.com/trk/pid_117_cid_72_aOsyYdQoi3OJ6WJr?subId=9847&clickid=8db1b325d04045c37a017719105e0306f911a4f9d0e7862d9782c0be038c1084
145.239.11.188302 Found 0 B URL HTTP/2 uk.unleadmediabuy.com/trk/pid_117_cid_72_aOsyYdQoi3OJ6WJr?subId=9847&clickid=8db1b325d04045c37a017719105e0306f911a4f9d0e7862d9782c0be038c1084
IP 145.239.11.188:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trk/pid_117_cid_72_aOsyYdQoi3OJ6WJr?subId=9847&clickid=8db1b325d04045c37a017719105e0306f911a4f9d0e7862d9782c0be038c1084 HTTP/1.1
Host: uk.unleadmediabuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Mon, 09 Jan 2023 12:58:53 GMT
content-type: text/html; charset=UTF-8
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: trk-pid_117_cid_72_aOsyYdQoi3OJ6WJr-click=YES; expires=Mon, 09-Jan-2023 13:58:53 GMT; Max-Age=3600
PHPSESSID=evf1b9trp55k4e8u64sn5npmcq; path=/
location: https://vacations01.selected-winners.co.uk/trk/pid_117_cid_72_aOsyYdQoi3OJ6WJr?subId=9847&clickid=8db1b325d04045c37a017719105e0306f911a4f9d0e7862d9782c0be038c1084
x-powered-by: PHP/7.4.25, PleskLin
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a540eb0e08ce693fabb8c5bb0e06060f
ab298080f21970fef8e29eb1b7ebb9ff86a0a9ba
ac718b549e02a5440c2b4a7c521bc7acfc89ad020701c1f4bbbb4df8dc19f490
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC718B549E02A5440C2B4A7C521BC7ACFC89AD020701C1F4BBBB4DF8DC19F490"
Last-Modified: Sun, 08 Jan 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21549
Expires: Mon, 09 Jan 2023 18:58:03 GMT
Date: Mon, 09 Jan 2023 12:58:54 GMT
Connection: keep-alive
push.services.mozilla.com/
54.148.242.254101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.242.254:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: uEOIpFaNPNIGaZWfFkujvQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ivwe/GevXvI7wnijbifBZNHSVr0=
vacations01.selected-winners.co.uk/trk/pid_117_cid_72_aOsyYdQoi3OJ6WJr?subId=9847&clickid=8db1b325d04045c37a017719105e0306f911a4f9d0e7862d9782c0be038c1084
145.239.11.188200 OK 5.0 kB URL HTTP/2 vacations01.selected-winners.co.uk/trk/pid_117_cid_72_aOsyYdQoi3OJ6WJr?subId=9847&clickid=8db1b325d04045c37a017719105e0306f911a4f9d0e7862d9782c0be038c1084
IP 145.239.11.188:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (581)
Hash 86a660d3c545cdee53777949a7623a32
63301186d2d08ff13732209ece162a7a01943f7e
84675a0bc16916bb0032f3d9c319a50b8144e84f2f41082455183db4aee0343f
GET /trk/pid_117_cid_72_aOsyYdQoi3OJ6WJr?subId=9847&clickid=8db1b325d04045c37a017719105e0306f911a4f9d0e7862d9782c0be038c1084 HTTP/1.1
Host: vacations01.selected-winners.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 12:58:54 GMT
content-type: text/html; charset=UTF-8
content-length: 4974
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: trk-pid_117_cid_72_aOsyYdQoi3OJ6WJr-click=YES; expires=Mon, 09-Jan-2023 13:58:54 GMT; Max-Age=3600
PHPSESSID=79gba9krknti4te5t9h7aiqphi; path=/
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PHP/7.4.25, PleskLin
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery-typeahead/2.10.6/jquery.typeahead.js
104.17.24.14200 OK 22 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery-typeahead/2.10.6/jquery.typeahead.js
IP 104.17.24.14:0
Hash c720f8ac0690333950c542458b7809f1
8265697c9ed166be19dd652eb6138db81c54190d
d6f439506a39f1d91d47b825d548628036dc96c1a56822c2d43fc3a3d086d46d
GET /ajax/libs/jquery-typeahead/2.10.6/jquery.typeahead.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 12:58:54 GMT
content-type: application/javascript; charset=utf-8
content-length: 22517
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec2-26faf"
last-modified: Mon, 04 May 2020 16:11:46 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 299527
expires: Sat, 30 Dec 2023 12:58:54 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nbdxt4zvXGs3eSQJEt9TEVQnqZKzK8%2FzWU6TOTUkEEp4c8tKXJkINGD3qHZIq4bfkgGE0jLfVxjxoeZN2RWzbFFKOao6NsNWvDJrHujwhdT128q4MsNx62ZW5VpOhnjl5P9tfHu3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 786d58daef25b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
vacations01.selected-winners.co.uk/themes/cmapp/Frontend/theme1/assets/fonts/material-design-iconic-font/css/material-design-iconic-font.css
145.239.11.188200 OK 14 kB URL HTTP/2 vacations01.selected-winners.co.uk/themes/cmapp/Frontend/theme1/assets/fonts/material-design-iconic-font/css/material-design-iconic-font.css
IP 145.239.11.188:0
Hash 6687359460ab886dd73ffa40520ba538
36d84a3a0e0f6d4585014cc45f472bb968430d14
f87247556afa91828e430ab73a2e7954acf83cfae0e343869fb63b698d6a678b
GET /themes/cmapp/Frontend/theme1/assets/fonts/material-design-iconic-font/css/material-design-iconic-font.css HTTP/1.1
Host: vacations01.selected-winners.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/trk/pid_117_cid_72_aOsyYdQoi3OJ6WJr?subId=9847&clickid=8db1b325d04045c37a017719105e0306f911a4f9d0e7862d9782c0be038c1084
Cookie: PHPSESSID=79gba9krknti4te5t9h7aiqphi
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 12:58:54 GMT
content-type: text/css
content-length: 13984
last-modified: Wed, 25 May 2022 13:18:48 GMT
etag: "14d38-5dfd5e9e53071-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2
ajax.aspnetcdn.com/ajax/jquery.validate/1.11.1/jquery.validate.min.js
152.199.19.160200 OK 6.4 kB URL HTTP/2 ajax.aspnetcdn.com/ajax/jquery.validate/1.11.1/jquery.validate.min.js
IP 152.199.19.160:0
File type Unicode text, UTF-8 text, with very long lines (20965)
Hash cecd04557e2515d8890ca6574f2ae57c
cacf0b60ac7690c7e159312f51bff421ff496cbc
051f28bbf2453836cc48eacacdc76c02b65ff95657eb0b8bdd8a4be01e260761
GET /ajax/jquery.validate/1.11.1/jquery.validate.min.js HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 14986638
cache-control: public,max-age=31536000
content-type: application/javascript
date: Mon, 09 Jan 2023 12:58:54 GMT
etag: "08a7370d033d21:0"
last-modified: Mon, 31 Oct 2016 23:42:28 GMT
server: ECAcc (ska/F6BC)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 6367
X-Firefox-Spdy: h2
vacations01.selected-winners.co.uk/themes/cmapp/Frontend/theme1/assets/css/creativa-popup.css
145.239.11.188200 OK 1.1 kB URL HTTP/2 vacations01.selected-winners.co.uk/themes/cmapp/Frontend/theme1/assets/css/creativa-popup.css
IP 145.239.11.188:0
Hash bfa5b57ed80c1b9cfb0e83a8976d7969
359597a1805afda51a4d130d338662c8526075b3
0babef9229f41609104b730af61be0c083b8d39ab437ac2370878eced77b81b0
GET /themes/cmapp/Frontend/theme1/assets/css/creativa-popup.css HTTP/1.1
Host: vacations01.selected-winners.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/trk/pid_117_cid_72_aOsyYdQoi3OJ6WJr?subId=9847&clickid=8db1b325d04045c37a017719105e0306f911a4f9d0e7862d9782c0be038c1084
Cookie: PHPSESSID=79gba9krknti4te5t9h7aiqphi
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 12:58:54 GMT
content-type: text/css
content-length: 1139
last-modified: Wed, 25 May 2022 13:18:48 GMT
etag: "197b-5dfd5e9e53071-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2
vacations01.selected-winners.co.uk/themes/cmapp/Frontend/theme1/assets/css/style.css
145.239.11.188200 OK 6.1 kB URL HTTP/2 vacations01.selected-winners.co.uk/themes/cmapp/Frontend/theme1/assets/css/style.css
IP 145.239.11.188:0
File type ASCII text, with very long lines (304)
Hash d3569c318313691454253a7b6de9e0f8
417c61b529074e139abe9f102ef28102100948f5
a1f8b3310eacaf73ff226d134447924456b4d180b39cc7df66e352ba62445b13
GET /themes/cmapp/Frontend/theme1/assets/css/style.css HTTP/1.1
Host: vacations01.selected-winners.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/trk/pid_117_cid_72_aOsyYdQoi3OJ6WJr?subId=9847&clickid=8db1b325d04045c37a017719105e0306f911a4f9d0e7862d9782c0be038c1084
Cookie: PHPSESSID=79gba9krknti4te5t9h7aiqphi
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 12:58:54 GMT
content-type: text/css
content-length: 6053
last-modified: Wed, 25 May 2022 13:18:48 GMT
etag: "6ea1-5dfd5e9e53071-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2
vacations01.selected-winners.co.uk/custom_themes/HolidayVacations/css/custom_style.css
145.239.11.188200 OK 2.5 kB URL HTTP/2 vacations01.selected-winners.co.uk/custom_themes/HolidayVacations/css/custom_style.css
IP 145.239.11.188:0
Hash b7a5832f633a0fbc5262b35205dce251
9a99ada8f33a034976baf0e22fee55d95972cdd0
a96b9836f557989d64d61f4e8d69a5d946847ea8de0eefbff6a46b34124702fb
GET /custom_themes/HolidayVacations/css/custom_style.css HTTP/1.1
Host: vacations01.selected-winners.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/trk/pid_117_cid_72_aOsyYdQoi3OJ6WJr?subId=9847&clickid=8db1b325d04045c37a017719105e0306f911a4f9d0e7862d9782c0be038c1084
Cookie: PHPSESSID=79gba9krknti4te5t9h7aiqphi
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 12:58:54 GMT
content-type: text/css
content-length: 2462
last-modified: Thu, 21 Jul 2022 08:51:25 GMT
etag: "218e-5e44cd29ce213-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2
vacations01.selected-winners.co.uk/themes/cmapp/Frontend/theme1/assets/js/creativa-popup.js
145.239.11.188200 OK 2.3 kB URL HTTP/2 vacations01.selected-winners.co.uk/themes/cmapp/Frontend/theme1/assets/js/creativa-popup.js
IP 145.239.11.188:0
Hash a6474d5982ae9a8d88bfc24b63474800
438079a0b57aecdbea37fd591e061341d3c9af88
57e842076cb1e5bbc3c086ee031b907c1477c1b5cb374502001e0e923a90a382
GET /themes/cmapp/Frontend/theme1/assets/js/creativa-popup.js HTTP/1.1
Host: vacations01.selected-winners.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/trk/pid_117_cid_72_aOsyYdQoi3OJ6WJr?subId=9847&clickid=8db1b325d04045c37a017719105e0306f911a4f9d0e7862d9782c0be038c1084
Cookie: PHPSESSID=79gba9krknti4te5t9h7aiqphi
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 12:58:54 GMT
content-type: application/javascript
content-length: 2254
last-modified: Wed, 25 May 2022 13:18:48 GMT
etag: "22df-5dfd5e9e58e30-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 8b33ebf66adf8ea748d256ed5248639a
54f661bd5cdfe8ec55371d0d7d63437abc1d54b7
d7b4bf07bc0c94009920239a1136dfdafa898ac2efab9d4131e68682f826e76b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 12:58:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash cd1d39135eb079c9842a1696f1c3bacf
ee41d3b22fed5948c20a6d1639b6955a4252fc11
c1f219c13b6c6e622515b78d1549a1dacdc6fab1a2109d540e30d07a52990db5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 12:58:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash cd1d39135eb079c9842a1696f1c3bacf
ee41d3b22fed5948c20a6d1639b6955a4252fc11
c1f219c13b6c6e622515b78d1549a1dacdc6fab1a2109d540e30d07a52990db5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 12:58:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/smoothness/jquery-ui.css
142.250.74.106200 OK 8.4 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/smoothness/jquery-ui.css
IP 142.250.74.106:0
File type ASCII text, with very long lines (2363)
Hash 2a62e39574e3f140d120ca586599550b
d87ef8f44bb7aab2c0558b3d48bf40c279b7ea53
023d5699a1e2cddeeee77f5536805f260577c74acafd9a29510f3ccfdfaf42c7
GET /ajax/libs/jqueryui/1.12.1/themes/smoothness/jquery-ui.css HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 8422
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 08 Jan 2023 17:23:23 GMT
expires: Mon, 08 Jan 2024 17:23:23 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 70531
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
vacations01.selected-winners.co.uk/themes/cmapp/Frontend/theme1/assets/js/jquery.steps.js
145.239.11.188200 OK 11 kB URL HTTP/2 vacations01.selected-winners.co.uk/themes/cmapp/Frontend/theme1/assets/js/jquery.steps.js
IP 145.239.11.188:0
Hash c8753745db6667918536b9a7c5c2f170
f3a836ceb6aaf90e9382c9d8586eb4e74920a47a
8fe321a498a5f0f9f76b8e89667ff4c046a75b9c68b4a61d339ab09c59aa1f69
GET /themes/cmapp/Frontend/theme1/assets/js/jquery.steps.js HTTP/1.1
Host: vacations01.selected-winners.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/trk/pid_117_cid_72_aOsyYdQoi3OJ6WJr?subId=9847&clickid=8db1b325d04045c37a017719105e0306f911a4f9d0e7862d9782c0be038c1084
Cookie: PHPSESSID=79gba9krknti4te5t9h7aiqphi
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 12:58:54 GMT
content-type: application/javascript
content-length: 10624
last-modified: Wed, 25 May 2022 13:18:48 GMT
etag: "d0d8-5dfd5e9e58e30-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?render=6LfBf7MeAAAAABENSOmge6ooeMmrwZHxWRxLX8su
142.250.74.132200 OK 583 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6LfBf7MeAAAAABENSOmge6ooeMmrwZHxWRxLX8su
IP 142.250.74.132:0
File type ASCII text, with very long lines (884), with no line terminators
Hash 820db4ec707912132fb3b68465e52be9
6d6e03db37ad778e79278e06c44739daf52b56be
630daefc5c18ea7f5dcafed3c6c93d2b7126b6159f2c3cf0539f2d6be4aa7208
GET /recaptcha/api.js?render=6LfBf7MeAAAAABENSOmge6ooeMmrwZHxWRxLX8su HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Mon, 09 Jan 2023 12:58:54 GMT
date: Mon, 09 Jan 2023 12:58:54 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 583
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
vacations01.selected-winners.co.uk/themes/cmapp/Frontend/theme1/assets/js/jquery-3.3.1.min.js
145.239.11.188200 OK 30 kB URL HTTP/2 vacations01.selected-winners.co.uk/themes/cmapp/Frontend/theme1/assets/js/jquery-3.3.1.min.js
IP 145.239.11.188:0
File type ASCII text, with very long lines (65451)
Hash fb0e6981c97fba54d76f9b2bca152299
7c26673f6d5dd46220ca13f2197a5f5e70d06335
09b221854d59bd9fb7dcd7042f9fcee8b6b8f958d932096a9ca307e2d63813d0
GET /themes/cmapp/Frontend/theme1/assets/js/jquery-3.3.1.min.js HTTP/1.1
Host: vacations01.selected-winners.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/trk/pid_117_cid_72_aOsyYdQoi3OJ6WJr?subId=9847&clickid=8db1b325d04045c37a017719105e0306f911a4f9d0e7862d9782c0be038c1084
Cookie: PHPSESSID=79gba9krknti4te5t9h7aiqphi
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 12:58:54 GMT
content-type: application/javascript
content-length: 30307
last-modified: Wed, 25 May 2022 13:18:48 GMT
etag: "1538f-5dfd5e9e58e30-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2
vacations01.selected-winners.co.uk/themes/cmapp/Frontend/theme1/assets/js/main_UK.js?v=63bc0f8e4775f
145.239.11.188200 OK 9.1 kB URL HTTP/2 vacations01.selected-winners.co.uk/themes/cmapp/Frontend/theme1/assets/js/main_UK.js?v=63bc0f8e4775f
IP 145.239.11.188:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (504)
Hash 1701efa57d6bbd3badc4ad34dcdcf674
c1a08fa67938fd603ea88109eba7ecf0b25b93b9
5b8f0cc97795b801d3f20abc3a408ff6fbd784552ccf2d168778e0bd01d90529
GET /themes/cmapp/Frontend/theme1/assets/js/main_UK.js?v=63bc0f8e4775f HTTP/1.1
Host: vacations01.selected-winners.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/trk/pid_117_cid_72_aOsyYdQoi3OJ6WJr?subId=9847&clickid=8db1b325d04045c37a017719105e0306f911a4f9d0e7862d9782c0be038c1084
Cookie: PHPSESSID=79gba9krknti4te5t9h7aiqphi
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 12:58:54 GMT
content-type: application/javascript
content-length: 9075
last-modified: Wed, 26 Oct 2022 09:07:51 GMT
etag: "8725-5ebec5c003496-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2
vacations01.selected-winners.co.uk/themes/cmapp/Frontend/theme1/assets/js/main_news.js?v=63bc0f8e4777a
145.239.11.188200 OK 8.9 kB URL HTTP/2 vacations01.selected-winners.co.uk/themes/cmapp/Frontend/theme1/assets/js/main_news.js?v=63bc0f8e4777a
IP 145.239.11.188:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (436)
Hash 255c5abce4225c44920a25c9be4274e6
4c54f81368edffa8bf42713f3553193623f35eb2
335bf2fb06caa7034566a1df169509a148aad4e4f2f013e94ab058a2f532043a
GET /themes/cmapp/Frontend/theme1/assets/js/main_news.js?v=63bc0f8e4777a HTTP/1.1
Host: vacations01.selected-winners.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/trk/pid_117_cid_72_aOsyYdQoi3OJ6WJr?subId=9847&clickid=8db1b325d04045c37a017719105e0306f911a4f9d0e7862d9782c0be038c1084
Cookie: PHPSESSID=79gba9krknti4te5t9h7aiqphi
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 12:58:54 GMT
content-type: application/javascript
content-length: 8855
last-modified: Thu, 06 Oct 2022 13:06:19 GMT
etag: "a562-5ea5d5bf288f8-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2
vacations01.selected-winners.co.uk/custom_themes/HolidayVacations/js/custom_main.js?v=63bc0f8e483c5
145.239.11.188200 OK 293 B URL HTTP/2 vacations01.selected-winners.co.uk/custom_themes/HolidayVacations/js/custom_main.js?v=63bc0f8e483c5
IP 145.239.11.188:0
Hash 6cc400743dc3abe368742d8a7f6d8f6c
72d74439761228d3558d660068e502bb64291a10
a611685e04f15e9b4e682c150e03c646361cfc4c76909d21d77a87fdcc4c19aa
GET /custom_themes/HolidayVacations/js/custom_main.js?v=63bc0f8e483c5 HTTP/1.1
Host: vacations01.selected-winners.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/trk/pid_117_cid_72_aOsyYdQoi3OJ6WJr?subId=9847&clickid=8db1b325d04045c37a017719105e0306f911a4f9d0e7862d9782c0be038c1084
Cookie: PHPSESSID=79gba9krknti4te5t9h7aiqphi
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 12:58:54 GMT
content-type: text/html; charset=UTF-8
content-length: 293
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PHP/7.4.25, PleskLin
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js
142.250.74.106200 OK 68 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js
IP 142.250.74.106:0
File type ASCII text, with very long lines (32073)
Hash 33411bb179575dfc40cc62c61899664f
d03c06d5893d632e1a7f826a6ffd9768ba885e11
274befc7b39609fed270e69335bc92b3d8251545594636eb408d5d93e0ae1a4f
GET /ajax/libs/jqueryui/1.12.1/jquery-ui.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 67948
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 05 Jan 2023 09:56:44 GMT
expires: Fri, 05 Jan 2024 09:56:44 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 356530
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
vacations01.selected-winners.co.uk/custom_themes/HolidayVacations/img/prize.png
145.239.11.188200 OK 293 B URL HTTP/2 vacations01.selected-winners.co.uk/custom_themes/HolidayVacations/img/prize.png
IP 145.239.11.188:0
Hash 6cc400743dc3abe368742d8a7f6d8f6c
72d74439761228d3558d660068e502bb64291a10
a611685e04f15e9b4e682c150e03c646361cfc4c76909d21d77a87fdcc4c19aa
GET /custom_themes/HolidayVacations/img/prize.png HTTP/1.1
Host: vacations01.selected-winners.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/trk/pid_117_cid_72_aOsyYdQoi3OJ6WJr?subId=9847&clickid=8db1b325d04045c37a017719105e0306f911a4f9d0e7862d9782c0be038c1084
Cookie: PHPSESSID=79gba9krknti4te5t9h7aiqphi
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 12:58:54 GMT
content-type: text/html; charset=UTF-8
content-length: 293
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PHP/7.4.25, PleskLin
X-Firefox-Spdy: h2
vacations01.selected-winners.co.uk/custom_themes/HolidayVacations/img/headline.png
145.239.11.188200 OK 293 B URL HTTP/2 vacations01.selected-winners.co.uk/custom_themes/HolidayVacations/img/headline.png
IP 145.239.11.188:0
Hash 6cc400743dc3abe368742d8a7f6d8f6c
72d74439761228d3558d660068e502bb64291a10
a611685e04f15e9b4e682c150e03c646361cfc4c76909d21d77a87fdcc4c19aa
GET /custom_themes/HolidayVacations/img/headline.png HTTP/1.1
Host: vacations01.selected-winners.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/trk/pid_117_cid_72_aOsyYdQoi3OJ6WJr?subId=9847&clickid=8db1b325d04045c37a017719105e0306f911a4f9d0e7862d9782c0be038c1084
Cookie: PHPSESSID=79gba9krknti4te5t9h7aiqphi
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 12:58:54 GMT
content-type: text/html; charset=UTF-8
content-length: 293
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PHP/7.4.25, PleskLin
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash cd1d39135eb079c9842a1696f1c3bacf
ee41d3b22fed5948c20a6d1639b6955a4252fc11
c1f219c13b6c6e622515b78d1549a1dacdc6fab1a2109d540e30d07a52990db5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 12:58:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
vacations01.selected-winners.co.uk/custom_themes/HolidayVacations/img/small.png
145.239.11.188200 OK 472 B URL HTTP/2 vacations01.selected-winners.co.uk/custom_themes/HolidayVacations/img/small.png
IP 145.239.11.188:0
Hash 53e4963971e19408d4cf264bd653599d
271fa6d9b5843b97d579a713fbb48b388c61eba0
c3245e3793f7aab542ba2b4b719f5145a45ba29d536456ad629a364ab2df400b
GET /custom_themes/HolidayVacations/img/small.png HTTP/1.1
Host: vacations01.selected-winners.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/trk/pid_117_cid_72_aOsyYdQoi3OJ6WJr?subId=9847&clickid=8db1b325d04045c37a017719105e0306f911a4f9d0e7862d9782c0be038c1084
Cookie: PHPSESSID=79gba9krknti4te5t9h7aiqphi
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 12:58:54 GMT
content-type: image/png
content-length: 91997
last-modified: Thu, 21 Jul 2022 08:51:25 GMT
etag: "1675d-5e44cd29dfb50"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
vacations01.selected-winners.co.uk/themes/cmapp/Frontend/theme1/assets/fonts/poppins/Poppins-Regular.ttf
145.239.11.188200 OK 145 kB URL HTTP/2 vacations01.selected-winners.co.uk/themes/cmapp/Frontend/theme1/assets/fonts/poppins/Poppins-Regular.ttf
IP 145.239.11.188:0
File type TrueType Font data, digitally signed, 15 tables, 1st "DSIG", 13 names, Microsoft, language 0x409, Copyright 2014-2017 Indian Type Foundry (info@indiantypefoundry.com)PoppinsRegular3.010;ITFO;Pop\012- data
Size 145 kB (145312 bytes)
Hash 731a28a413d642522667a2de8681ff35
440dc8992517a306d66e55cb0afed0cfe9b971b5
2425ebbc021bfdd18fe55edbeeb1539d22a217212c14430a7d4d75266a333bbc
GET /themes/cmapp/Frontend/theme1/assets/fonts/poppins/Poppins-Regular.ttf HTTP/1.1
Host: vacations01.selected-winners.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/themes/cmapp/Frontend/theme1/assets/css/style.css
Cookie: PHPSESSID=79gba9krknti4te5t9h7aiqphi
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 12:58:54 GMT
content-type: font/ttf
content-length: 145312
last-modified: Wed, 25 May 2022 13:18:48 GMT
etag: "237a0-5dfd5e9e56ef0"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 67efa309cd1a12359fd7a5f70e366655
85ee5c0f2d9deeacbfe1a38bd18eb724138f066c
6872e796d42a65959b21ea56670a5c11643aa3bc06d51275b68dd3b23b0e1844
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 12:58:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
vacations01.selected-winners.co.uk/themes/cmapp/Frontend/theme1/assets/fonts/poppins/Poppins-SemiBold.ttf
145.239.11.188200 OK 142 kB URL HTTP/2 vacations01.selected-winners.co.uk/themes/cmapp/Frontend/theme1/assets/fonts/poppins/Poppins-SemiBold.ttf
IP 145.239.11.188:0
File type TrueType Font data, digitally signed, 15 tables, 1st "DSIG", 15 names, Microsoft, language 0x409, Copyright 2014-2017 Indian Type Foundry (info@indiantypefoundry.com)Poppins SemiBoldRegular3.010\012- data
Size 142 kB (142148 bytes)
Hash e63b93dfac2600782654e2b87910d681
0dbbb6d5a8fa0f9ece415dda4a69c8aa6595fba5
1d665d5b75a9500040b2cc201c2b07af5faca7228372dc6f4572d2d5b2291097
GET /themes/cmapp/Frontend/theme1/assets/fonts/poppins/Poppins-SemiBold.ttf HTTP/1.1
Host: vacations01.selected-winners.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/themes/cmapp/Frontend/theme1/assets/css/style.css
Cookie: PHPSESSID=79gba9krknti4te5t9h7aiqphi
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 12:58:54 GMT
content-type: font/ttf
content-length: 142148
last-modified: Wed, 25 May 2022 13:18:48 GMT
etag: "22b44-5dfd5e9e57e90"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
vacations01.selected-winners.co.uk/custom_themes/HolidayVacations/img/bg-desk.jpg
145.239.11.188200 OK 187 kB URL HTTP/2 vacations01.selected-winners.co.uk/custom_themes/HolidayVacations/img/bg-desk.jpg
IP 145.239.11.188:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 2184x891, components 3\012- data
Size 187 kB (186575 bytes)
Hash 3918b6f5101a4a7f964b407a03ed559b
fac0cf1bff4b0417b91260389f225b5ad68dda82
3cd00546aa4b8764ef64194dccd1cc74a5463855c8483be91865d653dfad0496
GET /custom_themes/HolidayVacations/img/bg-desk.jpg HTTP/1.1
Host: vacations01.selected-winners.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/custom_themes/HolidayVacations/css/custom_style.css
Cookie: PHPSESSID=79gba9krknti4te5t9h7aiqphi
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 12:58:54 GMT
content-type: image/jpeg
content-length: 186575
last-modified: Thu, 21 Jul 2022 08:51:25 GMT
etag: "2d8cf-5e44cd29fa12c"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-M8HSW7Q
142.250.74.8200 OK 54 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-M8HSW7Q
IP 142.250.74.8:0
File type Unicode text, UTF-8 text, with very long lines (23763)
Hash 62749ddf6d1bda8fadb3d0f5a15e6d6f
6c5ec61a554bcd563ffc092a75402686f51b892c
d95c0d64c820651983ee26c31a01803a0b66b7aaa9ba1c78c3461c54e3d4f00e
GET /gtm.js?id=GTM-M8HSW7Q HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 09 Jan 2023 12:58:54 GMT
expires: Mon, 09 Jan 2023 12:58:54 GMT
cache-control: private, max-age=900
last-modified: Mon, 09 Jan 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 54116
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 67efa309cd1a12359fd7a5f70e366655
85ee5c0f2d9deeacbfe1a38bd18eb724138f066c
6872e796d42a65959b21ea56670a5c11643aa3bc06d51275b68dd3b23b0e1844
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 12:58:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
vacations01.selected-winners.co.uk/img/favicon.png
145.239.11.188200 OK 4.4 kB URL HTTP/2 vacations01.selected-winners.co.uk/img/favicon.png
IP 145.239.11.188:0
File type PNG image data, 80 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash cc37f681b6ad4b66e04e4ebcd68e5d36
91a5c41702ca71e6673fb52f9b8545644c5d2dbe
da7e0e7761aee6f2b7f8f1e8a42a8e667b8fd26d5adbbe38bf1885eb1ca20acc
GET /img/favicon.png HTTP/1.1
Host: vacations01.selected-winners.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/trk/pid_117_cid_72_aOsyYdQoi3OJ6WJr?subId=9847&clickid=8db1b325d04045c37a017719105e0306f911a4f9d0e7862d9782c0be038c1084
Cookie: PHPSESSID=79gba9krknti4te5t9h7aiqphi
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 12:58:54 GMT
content-type: image/png
content-length: 4435
last-modified: Wed, 25 May 2022 13:18:48 GMT
etag: "1153-5dfd5e9e1293c"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 6845714035871de50607bf6185f94f64
c8b0da305ef4c6a587307d87224ce7ae19ac31dc
75d805e1f96447b58ac3f8226c16c4b13d4e664e1e508be26e9968510145017a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 12:58:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__en.js
142.250.74.3200 OK 165 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__en.js
IP 142.250.74.3:0
File type ASCII text, with very long lines (658)
Size 165 kB (164706 bytes)
Hash 0b7fccb24ee065a01fdde10928c03c3f
9b198014f81844820588c202cc24bf5e03bf3dd7
68756de8f0d6742525ddaca56ab350e34d822777e86939fea27eb704ae013280
GET /recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vacations01.selected-winners.co.uk
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 164706
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 08 Jan 2023 05:56:49 GMT
expires: Mon, 08 Jan 2024 05:56:49 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
content-type: text/javascript
age: 111725
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 6845714035871de50607bf6185f94f64
c8b0da305ef4c6a587307d87224ce7ae19ac31dc
75d805e1f96447b58ac3f8226c16c4b13d4e664e1e508be26e9968510145017a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 12:58:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
vacations01.selected-winners.co.uk/indexfront/settings/72
145.239.11.188200 OK 23 kB URL HTTP/2 vacations01.selected-winners.co.uk/indexfront/settings/72
IP 145.239.11.188:0
File type JSON data\012- HTML document, ASCII text, with very long lines (1798), with no line terminators
Hash 1127642e86c8fc60a8bbf3fd3830fd21
83f7e8835ba86d817ccb139f805eabbc4bcfb16b
ac301c7dcb45a120b7455daa4a3a6ec2fc4825a5c3845dc01a29fe3ca3ddebca
GET /indexfront/settings/72 HTTP/1.1
Host: vacations01.selected-winners.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/trk/pid_117_cid_72_aOsyYdQoi3OJ6WJr?subId=9847&clickid=8db1b325d04045c37a017719105e0306f911a4f9d0e7862d9782c0be038c1084
Cookie: PHPSESSID=79gba9krknti4te5t9h7aiqphi
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 12:58:55 GMT
content-type: application/json; charset=utf-8
x-powered-by: PHP/7.4.25, PleskLin
content-encoding: br
X-Firefox-Spdy: h2
vacations01.selected-winners.co.uk/themes/cmapp/Frontend/theme1/assets/css/truck_38x32.png
145.239.11.188200 OK 1.5 kB URL HTTP/2 vacations01.selected-winners.co.uk/themes/cmapp/Frontend/theme1/assets/css/truck_38x32.png
IP 145.239.11.188:0
File type PNG image data, 38 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 4b6b8c6f1ea8bba299d28e47cbc45436
2f0d8e5b242c1c794b1f084fd7316900e20eeae5
ece55f0df517c608cddd5dac5c43e4d5d6b64e8d31b2ee6a3423b8ad4816392b
GET /themes/cmapp/Frontend/theme1/assets/css/truck_38x32.png HTTP/1.1
Host: vacations01.selected-winners.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/themes/cmapp/Frontend/theme1/assets/css/style.css
Cookie: PHPSESSID=79gba9krknti4te5t9h7aiqphi
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 12:58:55 GMT
content-type: image/png
content-length: 1534
last-modified: Wed, 25 May 2022 13:18:48 GMT
etag: "5fe-5dfd5e9e53071"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
vacations01.selected-winners.co.uk/themes/cmapp/Frontend/theme1/assets/fonts/muli/Muli-Bold.ttf
145.239.11.188200 OK 94 kB URL HTTP/2 vacations01.selected-winners.co.uk/themes/cmapp/Frontend/theme1/assets/fonts/muli/Muli-Bold.ttf
IP 145.239.11.188:0
File type TrueType Font data, digitally signed, 18 tables, 1st "DSIG", 26 names, Macintosh, Copyright 2016 The Muli Project Authors (contact@sansoxygen.com)MuliBold2.000;UKWN;Muli-BoldMuli\012- data
Hash 557f369c1c3c1a1b80b26ab8a91a6979
bc94d321e64d9b7bce62250064a48bedf72aaa17
63890d8aa2abbfa52e5fdb58d07f32865c3e618b367569bd3a756a94058309ad
GET /themes/cmapp/Frontend/theme1/assets/fonts/muli/Muli-Bold.ttf HTTP/1.1
Host: vacations01.selected-winners.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/themes/cmapp/Frontend/theme1/assets/css/style.css
Cookie: PHPSESSID=79gba9krknti4te5t9h7aiqphi
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 12:58:55 GMT
content-type: font/ttf
content-length: 93816
last-modified: Wed, 25 May 2022 13:18:48 GMT
etag: "16e78-5dfd5e9e54011"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
vacations01.selected-winners.co.uk/themes/cmapp/Frontend/theme1/assets/fonts/material-design-iconic-font/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0
145.239.11.188200 OK 38 kB URL HTTP/2 vacations01.selected-winners.co.uk/themes/cmapp/Frontend/theme1/assets/fonts/material-design-iconic-font/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0
IP 145.239.11.188:0
File type Web Open Font Format (Version 2), TrueType, length 38384, version 1.0\012- data
Hash a4d31128b633bc0b1cc1f18a34fb3851
6ee4c79372c3fd679706306ede47e4b03cf53d60
e8eea96e29a7c0a72612ab85ca3229979666467a28349642c2176e7189a1a39c
GET /themes/cmapp/Frontend/theme1/assets/fonts/material-design-iconic-font/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0 HTTP/1.1
Host: vacations01.selected-winners.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/themes/cmapp/Frontend/theme1/assets/fonts/material-design-iconic-font/css/material-design-iconic-font.css
Cookie: PHPSESSID=79gba9krknti4te5t9h7aiqphi
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 12:58:55 GMT
content-type: font/woff2
content-length: 38384
last-modified: Wed, 25 May 2022 13:18:48 GMT
etag: "95f0-5dfd5e9e53071"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f7172ba8ac61060c9f94ad799db6af44
253917924d50c99a5b2fd83a816135846f7a9b80
3c2eee988ef973aca8d53e8c23e6475f9eb8311dff948fbe64106fd20b217d81
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C2EEE988EF973ACA8D53E8C23E6475F9EB8311DFF948FBE64106FD20B217D81"
Last-Modified: Mon, 09 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12021
Expires: Mon, 09 Jan 2023 16:19:16 GMT
Date: Mon, 09 Jan 2023 12:58:55 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 826d11723a9433383ea51213b7028fb6
54d410f01a0fdeeb01801e76f2a0e52593451b0f
e3e3e309324799d76d4edb746eba71628bca18c080f1d628e1ba1eac871cbecd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4725
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 12:58:55 GMT
Last-Modified: Mon, 09 Jan 2023 11:40:10 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f7172ba8ac61060c9f94ad799db6af44
253917924d50c99a5b2fd83a816135846f7a9b80
3c2eee988ef973aca8d53e8c23e6475f9eb8311dff948fbe64106fd20b217d81
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C2EEE988EF973ACA8D53E8C23E6475F9EB8311DFF948FBE64106FD20B217D81"
Last-Modified: Mon, 09 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12021
Expires: Mon, 09 Jan 2023 16:19:16 GMT
Date: Mon, 09 Jan 2023 12:58:55 GMT
Connection: keep-alive
www.google-analytics.com/analytics.js
142.250.74.46200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Mon, 09 Jan 2023 12:21:55 GMT
expires: Mon, 09 Jan 2023 14:21:55 GMT
cache-control: public, max-age=7200
age: 2220
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f66a423-2d06-442e-9b60-52f1638487d5.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f66a423-2d06-442e-9b60-52f1638487d5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f0defc5fd929d3ca7df12b102b551453
f44e4ac4a10991e12994e3b5d6f3cc1b1658967a
f551a1c156ec30405668d66bff9e1359805b773457602e44748be80cbb1f8a23
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f66a423-2d06-442e-9b60-52f1638487d5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4687
x-amzn-requestid: 18bf71d4-030e-4a08-ae18-48fe037e6e0d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eWhZ7GzXIAMFnFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b8e2a5-710f414a2d1b239f6d59d73a;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 03:10:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wkKw4Bgb_vxuY641mGDczUNQUfGXiozbOtpFwfK6aThfJj_q5T_IDg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 09 Jan 2023 03:49:53 GMT
age: 32942
etag: "f44e4ac4a10991e12994e3b5d6f3cc1b1658967a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46239df3-17a1-48a0-95bc-7ac540c3def6.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46239df3-17a1-48a0-95bc-7ac540c3def6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0b75a93b9f0106516f046eb424b0c8d9
c9509f976390441bbd3bd7521cb1848f4f481fd0
0b69fd368ef68510387a871acfffe82afc4414163c661f76e574dffdcc94104a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46239df3-17a1-48a0-95bc-7ac540c3def6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12971
x-amzn-requestid: ed6346eb-d3ae-4343-8eab-b4321aad3135
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eXEBqG97IAMF3Kg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b91a0a-4eb212756fcc0d3175dd0225;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 07:06:50 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: m2BuFpIx0utir3G3NvMxAz8nTBmTl_nKgyMuEcM80DMRc9uinAl-mw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 f958a3846d80a3925f664b320dfad9c8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 09 Jan 2023 05:40:49 GMT
age: 26286
etag: "c9509f976390441bbd3bd7521cb1848f4f481fd0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba1a2529-b52c-4956-93ad-e18515541dfa.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba1a2529-b52c-4956-93ad-e18515541dfa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a287e312b7ea41cf63badb369b85158b
65763688f4b00b498d0e70151a09d4ebb14e2b33
a9dc69148414c0794cfb5b576b5cf74221c465e8dccbe9da71b40521e8cff129
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba1a2529-b52c-4956-93ad-e18515541dfa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7226
x-amzn-requestid: 5b7b8eb4-7a80-4a00-b693-d624ed174108
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eZ0WsHvZIAMF34Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ba342a-19e87b9b175b436e72df3fd9;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 03:10:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: SN-7M5K3nkGxyLSGXyHkbvhxDhSvzcir6hL46Tvi__SWLgOyWflwcg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 09 Jan 2023 03:34:32 GMT
age: 33863
etag: "65763688f4b00b498d0e70151a09d4ebb14e2b33"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 4aa5723e20bb937995d58baee63ccef3
4f4451ce70e0f1174447f509b9ecfae0030d69b8
a442ce52f0330fe4e1d6e25a76d9cf569cf7e649416caf201d0570a1cadf7de8
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: dFCD5VjW+K7NmOVjlHUTzUS/uPUV7ccFuuPDI145Nn5NcQHOEOVkjwphKSonErI+3hWgoZAWGJKKE47yIrTmGQ==
content-length: 27613
x-fb-trip-id: 1904183273
date: Mon, 09 Jan 2023 12:58:55 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47a0e7dd-37cd-4bec-8133-1c67d450aded.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47a0e7dd-37cd-4bec-8133-1c67d450aded.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 412c9be19a182a70270af3885bdacc80
51382789a4b3fb643748514985ab94c9f0a045e0
b3c4a8845abf221ae234d12441525419346c08f47bf5ba8b0e3ada59d9f04986
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47a0e7dd-37cd-4bec-8133-1c67d450aded.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11322
x-amzn-requestid: fecf6c9b-54e3-4320-897b-0e74117c6d98
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ecWFgEEpIAMFgMA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bb36ef-53935876772cbb0a1eb1a1e2;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 21:34:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lqGS287bx4l8uOXA45DvLzwGRRftXEbFkRfegumNL7j9zBmyGQHiUg==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 08 Jan 2023 22:01:35 GMT
age: 53840
etag: "51382789a4b3fb643748514985ab94c9f0a045e0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f2b50a0-7eb4-4513-84d9-bef528bd99f3.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f2b50a0-7eb4-4513-84d9-bef528bd99f3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 23b87f42d40f3cc7bc9f46964e83d787
400474fb7b7d241935f5a5745281e6d95902581c
5a2818d70f4304bb2ed26ad0fe1658bc130aff43e11c60e0abac8be6e51836c7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f2b50a0-7eb4-4513-84d9-bef528bd99f3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8284
x-amzn-requestid: 63848f4b-7540-4a5f-bfe4-f4d7d19f6450
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ecZPxFWUoAMF3hw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bb3bfe-11b47e784b3d329e4d698137;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 21:56:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ruMyNWcLKGt-fDCBxTx5ofenbzXNBv48Y0U1GPwhDWDrwm-njm1lGA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 09 Jan 2023 03:36:09 GMT
age: 33766
etag: "400474fb7b7d241935f5a5745281e6d95902581c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e832123ea0c92a446b5894e75efc86ae
bb438ca635b43819701067ef07a3d910ad29a0c7
e1b0c6cd873f304de15664f96af6b6914e13fbbfb3e2179ba43369e116446773
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5578
x-amzn-requestid: 405085aa-d0f5-4786-8fd7-46d74a6e8d1e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ecaIxGdkIAMFaBQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bb3d6b-07f34cbf7e1df2fa7a4d8982;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 22:02:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mRyiYL1hTv7MvjLg92gwPBszcW1mqdKadIcQVG_rsQ6b15uyGkyZbQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 09 Jan 2023 02:16:11 GMT
age: 38564
etag: "bb438ca635b43819701067ef07a3d910ad29a0c7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 826d11723a9433383ea51213b7028fb6
54d410f01a0fdeeb01801e76f2a0e52593451b0f
e3e3e309324799d76d4edb746eba71628bca18c080f1d628e1ba1eac871cbecd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4725
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 12:58:55 GMT
Last-Modified: Mon, 09 Jan 2023 11:40:10 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 05 Jan 2023 21:48:03 GMT
expires: Fri, 05 Jan 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 313852
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 05 Jan 2023 16:40:43 GMT
expires: Fri, 05 Jan 2024 16:40:43 GMT
cache-control: public, max-age=31536000
age: 332292
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash c7cc6f52f73dc0e66134546e08a3f105
8024295c014c8ecf79bd6ce139998597f702c3d5
ffa9fba083a0fda70bdf1acc22878753eb549825c54fccaea4388e6c7840b639
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 12:58:55 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 06 Jan 2023 14:24:24 GMT
Expires: Fri, 13 Jan 2023 14:24:23 GMT
Etag: "8024295c014c8ecf79bd6ce139998597f702c3d5"
Cache-Control: max-age=350127,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 786d58dfa875b4f9-OSL
script.hotjar.com/modules.563beb7d4ef2e22dbb74.js
143.204.55.96200 OK 69 kB URL HTTP/2 script.hotjar.com/modules.563beb7d4ef2e22dbb74.js
IP 143.204.55.96:0
File type Unicode text, UTF-8 text, with very long lines (48636)
Hash c7ec806fc012fea99e86e2b314268f81
e29811a40a4f88aa241b0aa2d058018b2260c82f
e0e4461c092613ebaa4299682852f30cbe9bad1f51c6490f382e3d064283c232
GET /modules.563beb7d4ef2e22dbb74.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 68844
date: Mon, 09 Jan 2023 10:54:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "c7ec806fc012fea99e86e2b314268f81"
last-modified: Mon, 09 Jan 2023 10:53:14 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: YvcjYLr5yx0n-VzLC8vqDDI_GkzRnZ1HI9fSXNxqlV8IJIiaZqNwvg==
age: 7489
X-Firefox-Spdy: h2
vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
143.204.55.118200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
IP 143.204.55.118:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash e0652b84b7b3b650769c759fc520c3f8
0b55d6e28613350c7f41b88f19e726e6751ad03b
94b4c240f83065223dcacdd3f8b69cb229d0616edc3e2041eef3e270d859fc3d
GET /box-5e66f98b4ee957db209dc6f63e3d59dd.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Wed, 23 Nov 2022 13:10:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: DimBWybPC-g9SBYVOnbUPs3BnQC9--Fk5SmglsutEiVq8CmWRNEjdg==
age: 4060129
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-2FLJ2L11VH>m=2oe120&_p=1194083585&cid=1783330749.1673269122&ul=en-us&sr=1280x1024&_s=1&sid=1673269122&sct=1&seg=0&dl=https%3A%2F%2Fvacations01.selected-winners.co.uk%2Ftrk%2Fpid_117_cid_72_aOsyYdQoi3OJ6WJr%3FsubId%3D9847%26clickid%3D8db1b325d04045c37a017719105e0306f911a4f9d0e7862d9782c0be038c1084&dt=Win%20your%20%C2%A31000%20holiday%20voucher&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-2FLJ2L11VH>m=2oe120&_p=1194083585&cid=1783330749.1673269122&ul=en-us&sr=1280x1024&_s=1&sid=1673269122&sct=1&seg=0&dl=https%3A%2F%2Fvacations01.selected-winners.co.uk%2Ftrk%2Fpid_117_cid_72_aOsyYdQoi3OJ6WJr%3FsubId%3D9847%26clickid%3D8db1b325d04045c37a017719105e0306f911a4f9d0e7862d9782c0be038c1084&dt=Win%20your%20%C2%A31000%20holiday%20voucher&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-2FLJ2L11VH>m=2oe120&_p=1194083585&cid=1783330749.1673269122&ul=en-us&sr=1280x1024&_s=1&sid=1673269122&sct=1&seg=0&dl=https%3A%2F%2Fvacations01.selected-winners.co.uk%2Ftrk%2Fpid_117_cid_72_aOsyYdQoi3OJ6WJr%3FsubId%3D9847%26clickid%3D8db1b325d04045c37a017719105e0306f911a4f9d0e7862d9782c0be038c1084&dt=Win%20your%20%C2%A31000%20holiday%20voucher&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vacations01.selected-winners.co.uk
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://vacations01.selected-winners.co.uk
date: Mon, 09 Jan 2023 12:58:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 1d8dc86fecf6e7d5a9ccbac9281a810b
e23838dabfe20202c0907f3dae03a6c2f5d2d350
809ae6ecf4d70db47f851f023cd6e3e3861b5d77b4de87630e5990881ebd5376
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=96171
Date: Mon, 09 Jan 2023 12:58:56 GMT
Etag: "63bae05d-1d7"
Expires: Tue, 10 Jan 2023 15:41:47 GMT
Last-Modified: Sun, 08 Jan 2023 15:25:17 GMT
Server: ECS (nyb/1D23)
X-Cache: Miss from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 8sBo6D40EvtbWNP5mq55PNHmEBHIsTzXjjr6_LxoyhkCvCS6NGKcKg==
Age: 990
cdn.cookie-script.com/s/198e834708ebc11fdb3eb06dc6d07818.js
65.108.188.9200 OK 0 B URL HTTP/2 cdn.cookie-script.com/s/198e834708ebc11fdb3eb06dc6d07818.js
IP 65.108.188.9:0
ASN #24940 Hetzner Online GmbH
GET /s/198e834708ebc11fdb3eb06dc6d07818.js HTTP/1.1
Host: cdn.cookie-script.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Mon, 09 Jan 2023 12:58:55 GMT
vary: Accept-Encoding
last-modified: Thu, 08 Sep 2022 14:22:29 GMT
etag: W/"36c62b7aec07f386eddc6a9ef2eb8607"
access-control-allow-origin: *
x-cache-status: HIT
content-type: application/javascript
content-encoding: gzip
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-2777518.js?sv=6
143.204.55.84200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-2777518.js?sv=6
IP 143.204.55.84:0
GET /c/hotjar-2777518.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Mon, 09 Jan 2023 12:58:55 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: W/fddb3f0970d9b497da88ff1bcdaa30de
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: iWdgl77k5gRt-0rUXylde4SDazNNEqr618l2spW7hXN8UdibeGIm6A==
X-Firefox-Spdy: h2
in.hotjar.com/api/v2/client/sites/2777518/visit-data?sv=6
52.18.92.22200 OK 0 B URL HTTP/2 in.hotjar.com/api/v2/client/sites/2777518/visit-data?sv=6
IP 52.18.92.22:0
POST /api/v2/client/sites/2777518/visit-data?sv=6 HTTP/1.1
Host: in.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 129
Origin: https://vacations01.selected-winners.co.uk
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 12:58:56 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2