r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13825
Expires: Tue, 06 Dec 2022 13:49:21 GMT
Date: Tue, 06 Dec 2022 09:58:56 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ee088fab9b287e174cfd1f2c735a909f
25c3335b514a36ad1a24d00413d60c3d394f5161
494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4061
Cache-Control: max-age=92404
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 09:58:56 GMT
Etag: "638dc877-1d7"
Expires: Wed, 07 Dec 2022 11:39:00 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
svwipe.com/clickout/13970/200045/
188.114.97.1302 Found 0 B URL HTTP/1.1 svwipe.com/clickout/13970/200045/
IP 188.114.97.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /clickout/13970/200045/ HTTP/1.1
Host: svwipe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Tue, 06 Dec 2022 09:58:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=0dgpjt9uu3ffp9rfsphoigu39i; path=/
Expires: Tue, 06 Dec 2022 09:58:56 GMT
Cache-Control: no-cache
Pragma: no-cache
Location: https://uk.unleadmediabuy.com/trk/pid_117_cid_72_aOsyYdQoi3OJ6WJr?subId=9847&clickid=fa28bc84f4e9419ce9b1b5bf9b46a0ca107fb9289fe1206a88b24d6bfb9275db
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j0I%2BGEneO7mdo%2F5UaPsesNErGUKHs97ryypZWRVjWgQ3yPlfXVCZQ3MhusQ21o97V7NZNCjhFPgibfiRfkNfK8H0tWIScG%2FPMEgmUwvrt4HV%2FNqG4oBsX6JVmUFr"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77542a7b5860b4f1-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13919
Expires: Tue, 06 Dec 2022 13:50:55 GMT
Date: Tue, 06 Dec 2022 09:58:56 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 06 Dec 2022 09:20:23 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2313
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: L1r3i+kpj5ii/lHOZu/kBhtKs3ttm6C0KEJ8jPPK8RHqNUglBk7Avz+7iyDLAU4S+Ttr9n+K4aA=
x-amz-request-id: AM6TVNZCG7765H4A
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 06 Dec 2022 09:48:53 GMT
age: 603
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 09:58:56 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 06 Dec 2022 09:08:58 GMT
cache-control: public,max-age=3600
age: 2999
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 76cf827b3b6baddae2a856b351b56b56
c503de45e6b4ddd988e10bacbc090fa00c43e367
f1ecacfa6acfa7933d95e8b5c4244be9d02337acd0d00b6085aed7f5012c1463
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F1ECACFA6ACFA7933D95E8B5C4244BE9D02337ACD0D00B6085AED7F5012C1463"
Last-Modified: Sat, 03 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 06 Dec 2022 15:58:57 GMT
Date: Tue, 06 Dec 2022 09:58:57 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2b9d6a686aa3c4ea24568425e43a5221
d53bb4c9579bd1db78a0520619e888aec79f750f
c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4012
Cache-Control: max-age=87287
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 09:58:57 GMT
Etag: "638db4ac-1d7"
Expires: Wed, 07 Dec 2022 10:13:44 GMT
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
uk.unleadmediabuy.com/trk/pid_117_cid_72_aOsyYdQoi3OJ6WJr?subId=9847&clickid=fa28bc84f4e9419ce9b1b5bf9b46a0ca107fb9289fe1206a88b24d6bfb9275db
145.239.11.188302 Found 0 B URL HTTP/2 uk.unleadmediabuy.com/trk/pid_117_cid_72_aOsyYdQoi3OJ6WJr?subId=9847&clickid=fa28bc84f4e9419ce9b1b5bf9b46a0ca107fb9289fe1206a88b24d6bfb9275db
IP 145.239.11.188:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trk/pid_117_cid_72_aOsyYdQoi3OJ6WJr?subId=9847&clickid=fa28bc84f4e9419ce9b1b5bf9b46a0ca107fb9289fe1206a88b24d6bfb9275db HTTP/1.1
Host: uk.unleadmediabuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Tue, 06 Dec 2022 09:58:57 GMT
content-type: text/html; charset=UTF-8
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: trk-pid_117_cid_72_aOsyYdQoi3OJ6WJr-click=YES; expires=Tue, 06-Dec-2022 10:58:57 GMT; Max-Age=3600
PHPSESSID=rc75c153rh2sso1beba9lh9mh2; path=/
location: https://vacations01.selected-winners.co.uk/trk/pid_117_cid_72_aOsyYdQoi3OJ6WJr?subId=9847&clickid=fa28bc84f4e9419ce9b1b5bf9b46a0ca107fb9289fe1206a88b24d6bfb9275db
x-powered-by: PHP/7.4.25, PleskLin
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ffabbbb9486f0707805cb4d624285472
13aed1009c8644fd18e34c98a0cd0067b4711690
49019d152e79956845545c1bc62e3f635b65e6bb79c144ef94f122a6916e83cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49019D152E79956845545C1BC62E3F635B65E6BB79C144EF94F122A6916E83CB"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 06 Dec 2022 15:58:57 GMT
Date: Tue, 06 Dec 2022 09:58:57 GMT
Connection: keep-alive
push.services.mozilla.com/
34.218.164.174101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.218.164.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: tANyJUe//MXLjq3jd8nLCw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: EDK9DqHhL6jE4e0jyrqFp80osF8=
vacations01.selected-winners.co.uk/trk/pid_117_cid_72_aOsyYdQoi3OJ6WJr?subId=9847&clickid=fa28bc84f4e9419ce9b1b5bf9b46a0ca107fb9289fe1206a88b24d6bfb9275db
145.239.11.188200 OK 5.0 kB URL HTTP/2 vacations01.selected-winners.co.uk/trk/pid_117_cid_72_aOsyYdQoi3OJ6WJr?subId=9847&clickid=fa28bc84f4e9419ce9b1b5bf9b46a0ca107fb9289fe1206a88b24d6bfb9275db
IP 145.239.11.188:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (581)
Hash 56af13c6778da7e225d2b92d85961744
c4d0a3125664b1806e067f047ff8f35052bb7dd7
f7100d2b533bf86c7593cebd92ef3b1dd6b78f88fdb12f76df3ccee4a8224c65
GET /trk/pid_117_cid_72_aOsyYdQoi3OJ6WJr?subId=9847&clickid=fa28bc84f4e9419ce9b1b5bf9b46a0ca107fb9289fe1206a88b24d6bfb9275db HTTP/1.1
Host: vacations01.selected-winners.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 09:58:57 GMT
content-type: text/html; charset=UTF-8
content-length: 4966
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: trk-pid_117_cid_72_aOsyYdQoi3OJ6WJr-click=YES; expires=Tue, 06-Dec-2022 10:58:57 GMT; Max-Age=3600
PHPSESSID=5l3glv2tcve4om9ja5ms8s4sdp; path=/
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PHP/7.4.25, PleskLin
X-Firefox-Spdy: h2
vacations01.selected-winners.co.uk/themes/cmapp/Frontend/theme1/assets/css/style.css
145.239.11.188200 OK 6.1 kB URL HTTP/2 vacations01.selected-winners.co.uk/themes/cmapp/Frontend/theme1/assets/css/style.css
IP 145.239.11.188:0
File type ASCII text, with very long lines (304)
Hash d3569c318313691454253a7b6de9e0f8
417c61b529074e139abe9f102ef28102100948f5
a1f8b3310eacaf73ff226d134447924456b4d180b39cc7df66e352ba62445b13
GET /themes/cmapp/Frontend/theme1/assets/css/style.css HTTP/1.1
Host: vacations01.selected-winners.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/trk/pid_117_cid_72_aOsyYdQoi3OJ6WJr?subId=9847&clickid=fa28bc84f4e9419ce9b1b5bf9b46a0ca107fb9289fe1206a88b24d6bfb9275db
Cookie: PHPSESSID=5l3glv2tcve4om9ja5ms8s4sdp
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 09:58:58 GMT
content-type: text/css
content-length: 6053
last-modified: Wed, 25 May 2022 13:18:48 GMT
etag: "6ea1-5dfd5e9e53071-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2
vacations01.selected-winners.co.uk/themes/cmapp/Frontend/theme1/assets/css/creativa-popup.css
145.239.11.188200 OK 1.1 kB URL HTTP/2 vacations01.selected-winners.co.uk/themes/cmapp/Frontend/theme1/assets/css/creativa-popup.css
IP 145.239.11.188:0
Hash bfa5b57ed80c1b9cfb0e83a8976d7969
359597a1805afda51a4d130d338662c8526075b3
0babef9229f41609104b730af61be0c083b8d39ab437ac2370878eced77b81b0
GET /themes/cmapp/Frontend/theme1/assets/css/creativa-popup.css HTTP/1.1
Host: vacations01.selected-winners.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/trk/pid_117_cid_72_aOsyYdQoi3OJ6WJr?subId=9847&clickid=fa28bc84f4e9419ce9b1b5bf9b46a0ca107fb9289fe1206a88b24d6bfb9275db
Cookie: PHPSESSID=5l3glv2tcve4om9ja5ms8s4sdp
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 09:58:58 GMT
content-type: text/css
content-length: 1139
last-modified: Wed, 25 May 2022 13:18:48 GMT
etag: "197b-5dfd5e9e53071-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 3f4ef8a54bffe08abfd72fbbe3b259e8
28770087be63936aabfdd9d802739767c8fca454
642f68596c1c285397713d2b1147f77a94a5e2eadcb8b18632133f1f87276639
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5871
Cache-Control: max-age=129836
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 09:58:58 GMT
Etag: "638e539f-118"
Expires: Wed, 07 Dec 2022 22:02:54 GMT
Last-Modified: Mon, 05 Dec 2022 20:25:03 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 280
ajax.aspnetcdn.com/ajax/jquery.validate/1.11.1/jquery.validate.min.js
152.199.19.160200 OK 6.4 kB URL HTTP/2 ajax.aspnetcdn.com/ajax/jquery.validate/1.11.1/jquery.validate.min.js
IP 152.199.19.160:0
File type Unicode text, UTF-8 text, with very long lines (20965)
Hash cecd04557e2515d8890ca6574f2ae57c
cacf0b60ac7690c7e159312f51bff421ff496cbc
051f28bbf2453836cc48eacacdc76c02b65ff95657eb0b8bdd8a4be01e260761
GET /ajax/jquery.validate/1.11.1/jquery.validate.min.js HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 12038242
cache-control: public,max-age=31536000
content-type: application/javascript
date: Tue, 06 Dec 2022 09:58:58 GMT
etag: "08a7370d033d21:0"
last-modified: Mon, 31 Oct 2016 23:42:28 GMT
server: ECAcc (ska/F6BC)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 6367
X-Firefox-Spdy: h2
vacations01.selected-winners.co.uk/themes/cmapp/Frontend/theme1/assets/fonts/material-design-iconic-font/css/material-design-iconic-font.css
145.239.11.188200 OK 14 kB URL HTTP/2 vacations01.selected-winners.co.uk/themes/cmapp/Frontend/theme1/assets/fonts/material-design-iconic-font/css/material-design-iconic-font.css
IP 145.239.11.188:0
Hash 6687359460ab886dd73ffa40520ba538
36d84a3a0e0f6d4585014cc45f472bb968430d14
f87247556afa91828e430ab73a2e7954acf83cfae0e343869fb63b698d6a678b
GET /themes/cmapp/Frontend/theme1/assets/fonts/material-design-iconic-font/css/material-design-iconic-font.css HTTP/1.1
Host: vacations01.selected-winners.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/trk/pid_117_cid_72_aOsyYdQoi3OJ6WJr?subId=9847&clickid=fa28bc84f4e9419ce9b1b5bf9b46a0ca107fb9289fe1206a88b24d6bfb9275db
Cookie: PHPSESSID=5l3glv2tcve4om9ja5ms8s4sdp
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 09:58:58 GMT
content-type: text/css
content-length: 13984
last-modified: Wed, 25 May 2022 13:18:48 GMT
etag: "14d38-5dfd5e9e53071-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2
vacations01.selected-winners.co.uk/custom_themes/HolidayVacations/css/custom_style.css
145.239.11.188200 OK 2.5 kB URL HTTP/2 vacations01.selected-winners.co.uk/custom_themes/HolidayVacations/css/custom_style.css
IP 145.239.11.188:0
Hash b7a5832f633a0fbc5262b35205dce251
9a99ada8f33a034976baf0e22fee55d95972cdd0
a96b9836f557989d64d61f4e8d69a5d946847ea8de0eefbff6a46b34124702fb
GET /custom_themes/HolidayVacations/css/custom_style.css HTTP/1.1
Host: vacations01.selected-winners.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/trk/pid_117_cid_72_aOsyYdQoi3OJ6WJr?subId=9847&clickid=fa28bc84f4e9419ce9b1b5bf9b46a0ca107fb9289fe1206a88b24d6bfb9275db
Cookie: PHPSESSID=5l3glv2tcve4om9ja5ms8s4sdp
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 09:58:58 GMT
content-type: text/css
content-length: 2462
last-modified: Thu, 21 Jul 2022 08:51:25 GMT
etag: "218e-5e44cd29ce213-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery-typeahead/2.10.6/jquery.typeahead.js
104.17.25.14200 OK 22 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery-typeahead/2.10.6/jquery.typeahead.js
IP 104.17.25.14:0
Hash c720f8ac0690333950c542458b7809f1
8265697c9ed166be19dd652eb6138db81c54190d
d6f439506a39f1d91d47b825d548628036dc96c1a56822c2d43fc3a3d086d46d
GET /ajax/libs/jquery-typeahead/2.10.6/jquery.typeahead.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 09:58:58 GMT
content-type: application/javascript; charset=utf-8
content-length: 22517
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec2-26faf"
last-modified: Mon, 04 May 2020 16:11:46 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 5940684
expires: Sun, 26 Nov 2023 09:58:58 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zwTDDQgO6OM6Tw3YFIyAYPtigrWN9VrTm9stgO2wRZQrg2r0rKPpw6Fsd51gAQj7BN2zid0QaK0KuRXI3sTktOoQJn40AacIKjYoz%2FnKUl32knMA9ybl4fbxziq2FnnQ97JZ6zRr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77542a855decfac0-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 3f4ef8a54bffe08abfd72fbbe3b259e8
28770087be63936aabfdd9d802739767c8fca454
642f68596c1c285397713d2b1147f77a94a5e2eadcb8b18632133f1f87276639
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5871
Cache-Control: max-age=129836
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 09:58:58 GMT
Etag: "638e539f-118"
Expires: Wed, 07 Dec 2022 22:02:54 GMT
Last-Modified: Mon, 05 Dec 2022 20:25:03 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c10bc583c46449dc192a809398b4e814
ff0f7ad905d32d7f3d01e4054552d0ad551503a5
defd2b2559e55c9c6c0f8be9b23c53c4e781a736feae3dd73b4d203b69cfcc57
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 09:58:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5006b8e985c5838b7fd2f2b558a65bc4
183ff15e0faedf346305fd6fe1c70c9c7a1eef4a
fcbfec9f5fd0e10d44778c1df64d8612281cd39881cdfd0aa8ca30d13655655a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 09:58:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/smoothness/jquery-ui.css
142.250.74.74200 OK 8.4 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/smoothness/jquery-ui.css
IP 142.250.74.74:0
File type ASCII text, with very long lines (2363)
Hash 2a62e39574e3f140d120ca586599550b
d87ef8f44bb7aab2c0558b3d48bf40c279b7ea53
023d5699a1e2cddeeee77f5536805f260577c74acafd9a29510f3ccfdfaf42c7
GET /ajax/libs/jqueryui/1.12.1/themes/smoothness/jquery-ui.css HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 8422
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Dec 2022 13:29:32 GMT
expires: Sat, 02 Dec 2023 13:29:32 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 332966
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
vacations01.selected-winners.co.uk/themes/cmapp/Frontend/theme1/assets/js/creativa-popup.js
145.239.11.188200 OK 2.3 kB URL HTTP/2 vacations01.selected-winners.co.uk/themes/cmapp/Frontend/theme1/assets/js/creativa-popup.js
IP 145.239.11.188:0
Hash a6474d5982ae9a8d88bfc24b63474800
438079a0b57aecdbea37fd591e061341d3c9af88
57e842076cb1e5bbc3c086ee031b907c1477c1b5cb374502001e0e923a90a382
GET /themes/cmapp/Frontend/theme1/assets/js/creativa-popup.js HTTP/1.1
Host: vacations01.selected-winners.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/trk/pid_117_cid_72_aOsyYdQoi3OJ6WJr?subId=9847&clickid=fa28bc84f4e9419ce9b1b5bf9b46a0ca107fb9289fe1206a88b24d6bfb9275db
Cookie: PHPSESSID=5l3glv2tcve4om9ja5ms8s4sdp
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 09:58:58 GMT
content-type: application/javascript
content-length: 2254
last-modified: Wed, 25 May 2022 13:18:48 GMT
etag: "22df-5dfd5e9e58e30-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2
vacations01.selected-winners.co.uk/themes/cmapp/Frontend/theme1/assets/js/jquery.steps.js
145.239.11.188200 OK 11 kB URL HTTP/2 vacations01.selected-winners.co.uk/themes/cmapp/Frontend/theme1/assets/js/jquery.steps.js
IP 145.239.11.188:0
Hash c8753745db6667918536b9a7c5c2f170
f3a836ceb6aaf90e9382c9d8586eb4e74920a47a
8fe321a498a5f0f9f76b8e89667ff4c046a75b9c68b4a61d339ab09c59aa1f69
GET /themes/cmapp/Frontend/theme1/assets/js/jquery.steps.js HTTP/1.1
Host: vacations01.selected-winners.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/trk/pid_117_cid_72_aOsyYdQoi3OJ6WJr?subId=9847&clickid=fa28bc84f4e9419ce9b1b5bf9b46a0ca107fb9289fe1206a88b24d6bfb9275db
Cookie: PHPSESSID=5l3glv2tcve4om9ja5ms8s4sdp
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 09:58:58 GMT
content-type: application/javascript
content-length: 10624
last-modified: Wed, 25 May 2022 13:18:48 GMT
etag: "d0d8-5dfd5e9e58e30-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2
vacations01.selected-winners.co.uk/themes/cmapp/Frontend/theme1/assets/js/jquery-3.3.1.min.js
145.239.11.188200 OK 30 kB URL HTTP/2 vacations01.selected-winners.co.uk/themes/cmapp/Frontend/theme1/assets/js/jquery-3.3.1.min.js
IP 145.239.11.188:0
File type ASCII text, with very long lines (65451)
Hash fb0e6981c97fba54d76f9b2bca152299
7c26673f6d5dd46220ca13f2197a5f5e70d06335
09b221854d59bd9fb7dcd7042f9fcee8b6b8f958d932096a9ca307e2d63813d0
GET /themes/cmapp/Frontend/theme1/assets/js/jquery-3.3.1.min.js HTTP/1.1
Host: vacations01.selected-winners.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/trk/pid_117_cid_72_aOsyYdQoi3OJ6WJr?subId=9847&clickid=fa28bc84f4e9419ce9b1b5bf9b46a0ca107fb9289fe1206a88b24d6bfb9275db
Cookie: PHPSESSID=5l3glv2tcve4om9ja5ms8s4sdp
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 09:58:58 GMT
content-type: application/javascript
content-length: 30307
last-modified: Wed, 25 May 2022 13:18:48 GMT
etag: "1538f-5dfd5e9e58e30-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2
vacations01.selected-winners.co.uk/themes/cmapp/Frontend/theme1/assets/js/main_news.js?v=638f1261eccb8
145.239.11.188200 OK 8.9 kB URL HTTP/2 vacations01.selected-winners.co.uk/themes/cmapp/Frontend/theme1/assets/js/main_news.js?v=638f1261eccb8
IP 145.239.11.188:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (436)
Hash 255c5abce4225c44920a25c9be4274e6
4c54f81368edffa8bf42713f3553193623f35eb2
335bf2fb06caa7034566a1df169509a148aad4e4f2f013e94ab058a2f532043a
GET /themes/cmapp/Frontend/theme1/assets/js/main_news.js?v=638f1261eccb8 HTTP/1.1
Host: vacations01.selected-winners.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/trk/pid_117_cid_72_aOsyYdQoi3OJ6WJr?subId=9847&clickid=fa28bc84f4e9419ce9b1b5bf9b46a0ca107fb9289fe1206a88b24d6bfb9275db
Cookie: PHPSESSID=5l3glv2tcve4om9ja5ms8s4sdp
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 09:58:58 GMT
content-type: application/javascript
content-length: 8855
last-modified: Thu, 06 Oct 2022 13:06:19 GMT
etag: "a562-5ea5d5bf288f8-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2
vacations01.selected-winners.co.uk/themes/cmapp/Frontend/theme1/assets/js/main_UK.js?v=638f1261ecca8
145.239.11.188200 OK 9.1 kB URL HTTP/2 vacations01.selected-winners.co.uk/themes/cmapp/Frontend/theme1/assets/js/main_UK.js?v=638f1261ecca8
IP 145.239.11.188:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (504)
Hash 1701efa57d6bbd3badc4ad34dcdcf674
c1a08fa67938fd603ea88109eba7ecf0b25b93b9
5b8f0cc97795b801d3f20abc3a408ff6fbd784552ccf2d168778e0bd01d90529
GET /themes/cmapp/Frontend/theme1/assets/js/main_UK.js?v=638f1261ecca8 HTTP/1.1
Host: vacations01.selected-winners.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/trk/pid_117_cid_72_aOsyYdQoi3OJ6WJr?subId=9847&clickid=fa28bc84f4e9419ce9b1b5bf9b46a0ca107fb9289fe1206a88b24d6bfb9275db
Cookie: PHPSESSID=5l3glv2tcve4om9ja5ms8s4sdp
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 09:58:58 GMT
content-type: application/javascript
content-length: 9075
last-modified: Wed, 26 Oct 2022 09:07:51 GMT
etag: "8725-5ebec5c003496-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2
vacations01.selected-winners.co.uk/custom_themes/HolidayVacations/img/small.png
145.239.11.188200 OK 92 kB URL HTTP/2 vacations01.selected-winners.co.uk/custom_themes/HolidayVacations/img/small.png
IP 145.239.11.188:0
File type PNG image data, 750 x 300, 8-bit colormap, non-interlaced\012- data
Hash 90b89487f1eade6a8647bade0f1b4a80
5815dd5e5abfab1b62d59dcb8a425ac10e24e94a
e997ba8cbab308b8baa84a65b030e63c9688bb421c06e1093813e996818d90d2
GET /custom_themes/HolidayVacations/img/small.png HTTP/1.1
Host: vacations01.selected-winners.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/trk/pid_117_cid_72_aOsyYdQoi3OJ6WJr?subId=9847&clickid=fa28bc84f4e9419ce9b1b5bf9b46a0ca107fb9289fe1206a88b24d6bfb9275db
Cookie: PHPSESSID=5l3glv2tcve4om9ja5ms8s4sdp
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 09:58:58 GMT
content-type: image/png
content-length: 91997
last-modified: Thu, 21 Jul 2022 08:51:25 GMT
etag: "1675d-5e44cd29dfb50"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
vacations01.selected-winners.co.uk/custom_themes/HolidayVacations/img/headline.png
145.239.11.188200 OK 293 B URL HTTP/2 vacations01.selected-winners.co.uk/custom_themes/HolidayVacations/img/headline.png
IP 145.239.11.188:0
Hash 6cc400743dc3abe368742d8a7f6d8f6c
72d74439761228d3558d660068e502bb64291a10
a611685e04f15e9b4e682c150e03c646361cfc4c76909d21d77a87fdcc4c19aa
GET /custom_themes/HolidayVacations/img/headline.png HTTP/1.1
Host: vacations01.selected-winners.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/trk/pid_117_cid_72_aOsyYdQoi3OJ6WJr?subId=9847&clickid=fa28bc84f4e9419ce9b1b5bf9b46a0ca107fb9289fe1206a88b24d6bfb9275db
Cookie: PHPSESSID=5l3glv2tcve4om9ja5ms8s4sdp
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 09:58:58 GMT
content-type: text/html; charset=UTF-8
content-length: 293
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PHP/7.4.25, PleskLin
X-Firefox-Spdy: h2
vacations01.selected-winners.co.uk/custom_themes/HolidayVacations/img/prize.png
145.239.11.188200 OK 293 B URL HTTP/2 vacations01.selected-winners.co.uk/custom_themes/HolidayVacations/img/prize.png
IP 145.239.11.188:0
Hash 6cc400743dc3abe368742d8a7f6d8f6c
72d74439761228d3558d660068e502bb64291a10
a611685e04f15e9b4e682c150e03c646361cfc4c76909d21d77a87fdcc4c19aa
GET /custom_themes/HolidayVacations/img/prize.png HTTP/1.1
Host: vacations01.selected-winners.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/trk/pid_117_cid_72_aOsyYdQoi3OJ6WJr?subId=9847&clickid=fa28bc84f4e9419ce9b1b5bf9b46a0ca107fb9289fe1206a88b24d6bfb9275db
Cookie: PHPSESSID=5l3glv2tcve4om9ja5ms8s4sdp
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 09:58:58 GMT
content-type: text/html; charset=UTF-8
content-length: 293
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PHP/7.4.25, PleskLin
X-Firefox-Spdy: h2
vacations01.selected-winners.co.uk/custom_themes/HolidayVacations/js/custom_main.js?v=638f1261ed2fb
145.239.11.188200 OK 293 B URL HTTP/2 vacations01.selected-winners.co.uk/custom_themes/HolidayVacations/js/custom_main.js?v=638f1261ed2fb
IP 145.239.11.188:0
Hash 6cc400743dc3abe368742d8a7f6d8f6c
72d74439761228d3558d660068e502bb64291a10
a611685e04f15e9b4e682c150e03c646361cfc4c76909d21d77a87fdcc4c19aa
GET /custom_themes/HolidayVacations/js/custom_main.js?v=638f1261ed2fb HTTP/1.1
Host: vacations01.selected-winners.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/trk/pid_117_cid_72_aOsyYdQoi3OJ6WJr?subId=9847&clickid=fa28bc84f4e9419ce9b1b5bf9b46a0ca107fb9289fe1206a88b24d6bfb9275db
Cookie: PHPSESSID=5l3glv2tcve4om9ja5ms8s4sdp
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 09:58:58 GMT
content-type: text/html; charset=UTF-8
content-length: 293
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PHP/7.4.25, PleskLin
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?render=6LfBf7MeAAAAABENSOmge6ooeMmrwZHxWRxLX8su
142.250.74.132200 OK 581 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6LfBf7MeAAAAABENSOmge6ooeMmrwZHxWRxLX8su
IP 142.250.74.132:0
File type ASCII text, with very long lines (884), with no line terminators
Hash 4403afb5486f82c58a96f50fb86ea96a
4e26e61dd7e2bf51f0af1a51be130b5969596944
575ec21b59bce87b727bec49ab3cf84067f38dd648c3da521f1c31c9932d0046
GET /recaptcha/api.js?render=6LfBf7MeAAAAABENSOmge6ooeMmrwZHxWRxLX8su HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Tue, 06 Dec 2022 09:58:58 GMT
date: Tue, 06 Dec 2022 09:58:58 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 581
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
vacations01.selected-winners.co.uk/custom_themes/HolidayVacations/img/bg-desk.jpg
145.239.11.188200 OK 187 kB URL HTTP/2 vacations01.selected-winners.co.uk/custom_themes/HolidayVacations/img/bg-desk.jpg
IP 145.239.11.188:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 2184x891, components 3\012- data
Size 187 kB (186575 bytes)
Hash 3918b6f5101a4a7f964b407a03ed559b
fac0cf1bff4b0417b91260389f225b5ad68dda82
3cd00546aa4b8764ef64194dccd1cc74a5463855c8483be91865d653dfad0496
GET /custom_themes/HolidayVacations/img/bg-desk.jpg HTTP/1.1
Host: vacations01.selected-winners.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/custom_themes/HolidayVacations/css/custom_style.css
Cookie: PHPSESSID=5l3glv2tcve4om9ja5ms8s4sdp
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 09:58:58 GMT
content-type: image/jpeg
content-length: 186575
last-modified: Thu, 21 Jul 2022 08:51:25 GMT
etag: "2d8cf-5e44cd29fa12c"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
vacations01.selected-winners.co.uk/themes/cmapp/Frontend/theme1/assets/fonts/poppins/Poppins-Regular.ttf
145.239.11.188200 OK 145 kB URL HTTP/2 vacations01.selected-winners.co.uk/themes/cmapp/Frontend/theme1/assets/fonts/poppins/Poppins-Regular.ttf
IP 145.239.11.188:0
File type TrueType Font data, digitally signed, 15 tables, 1st "DSIG", 13 names, Microsoft, language 0x409, Copyright 2014-2017 Indian Type Foundry (info@indiantypefoundry.com)PoppinsRegular3.010;ITFO;Pop\012- data
Size 145 kB (145312 bytes)
Hash 731a28a413d642522667a2de8681ff35
440dc8992517a306d66e55cb0afed0cfe9b971b5
2425ebbc021bfdd18fe55edbeeb1539d22a217212c14430a7d4d75266a333bbc
GET /themes/cmapp/Frontend/theme1/assets/fonts/poppins/Poppins-Regular.ttf HTTP/1.1
Host: vacations01.selected-winners.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/themes/cmapp/Frontend/theme1/assets/css/style.css
Cookie: PHPSESSID=5l3glv2tcve4om9ja5ms8s4sdp
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 09:58:58 GMT
content-type: font/ttf
content-length: 145312
last-modified: Wed, 25 May 2022 13:18:48 GMT
etag: "237a0-5dfd5e9e56ef0"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c10bc583c46449dc192a809398b4e814
ff0f7ad905d32d7f3d01e4054552d0ad551503a5
defd2b2559e55c9c6c0f8be9b23c53c4e781a736feae3dd73b4d203b69cfcc57
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 09:58:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ee6bfe50f8e4b9c142f971a55496ac26
8c3fd42aaa7fa3ebdedc4f7b0271b8caae166e64
4582e8e1ada92a279cbc5d82904c7fd27b9d4b95bc06c7a8b3c13168978f0b33
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 09:58:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3ba864a4daffd79d4639e98e35cf5a8f
4e2dfdbff3ce773c1c39031bdf854e2b0a31131c
73a684466e34cc6ab4250dbab0c6afb73a92c4239e37076020b9e1c446b69b7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 09:58:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-M8HSW7Q
172.217.21.168200 OK 52 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-M8HSW7Q
IP 172.217.21.168:0
File type Unicode text, UTF-8 text, with very long lines (23507)
Hash d479f32d9c7a86ad272f58301e9cfc5c
a7ec74dc78d93c8c39a0b874ed95e2fff037264b
c2d8e1124e7a6f6f897ab3c89a3b85b988458917e54a81268be7d784f6aa8d12
GET /gtm.js?id=GTM-M8HSW7Q HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 06 Dec 2022 09:58:58 GMT
expires: Tue, 06 Dec 2022 09:58:58 GMT
cache-control: private, max-age=900
last-modified: Tue, 06 Dec 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 52506
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3ba864a4daffd79d4639e98e35cf5a8f
4e2dfdbff3ce773c1c39031bdf854e2b0a31131c
73a684466e34cc6ab4250dbab0c6afb73a92c4239e37076020b9e1c446b69b7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 09:58:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
vacations01.selected-winners.co.uk/img/favicon.png
145.239.11.188200 OK 4.4 kB URL HTTP/2 vacations01.selected-winners.co.uk/img/favicon.png
IP 145.239.11.188:0
File type PNG image data, 80 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash cc37f681b6ad4b66e04e4ebcd68e5d36
91a5c41702ca71e6673fb52f9b8545644c5d2dbe
da7e0e7761aee6f2b7f8f1e8a42a8e667b8fd26d5adbbe38bf1885eb1ca20acc
GET /img/favicon.png HTTP/1.1
Host: vacations01.selected-winners.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/trk/pid_117_cid_72_aOsyYdQoi3OJ6WJr?subId=9847&clickid=fa28bc84f4e9419ce9b1b5bf9b46a0ca107fb9289fe1206a88b24d6bfb9275db
Cookie: PHPSESSID=5l3glv2tcve4om9ja5ms8s4sdp
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 09:58:58 GMT
content-type: image/png
content-length: 4435
last-modified: Wed, 25 May 2022 13:18:48 GMT
etag: "1153-5dfd5e9e1293c"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e24f2da4ed2e3cd07b0999a67550d634
6e2277e734fd0015849c3554dd2cf2ae289c2cf2
74dc14d7d9ba8bba4a162680e59801af1d7c2995639df51f32ff2f3d4d0b0051
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 09:58:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.99200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.99:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vacations01.selected-winners.co.uk
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 14:23:41 GMT
expires: Tue, 05 Dec 2023 14:23:41 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 70517
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e24f2da4ed2e3cd07b0999a67550d634
6e2277e734fd0015849c3554dd2cf2ae289c2cf2
74dc14d7d9ba8bba4a162680e59801af1d7c2995639df51f32ff2f3d4d0b0051
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 09:58:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
vacations01.selected-winners.co.uk/themes/cmapp/Frontend/theme1/assets/css/truck_38x32.png
145.239.11.188200 OK 1.5 kB URL HTTP/2 vacations01.selected-winners.co.uk/themes/cmapp/Frontend/theme1/assets/css/truck_38x32.png
IP 145.239.11.188:0
File type PNG image data, 38 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 4b6b8c6f1ea8bba299d28e47cbc45436
2f0d8e5b242c1c794b1f084fd7316900e20eeae5
ece55f0df517c608cddd5dac5c43e4d5d6b64e8d31b2ee6a3423b8ad4816392b
GET /themes/cmapp/Frontend/theme1/assets/css/truck_38x32.png HTTP/1.1
Host: vacations01.selected-winners.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/themes/cmapp/Frontend/theme1/assets/css/style.css
Cookie: PHPSESSID=5l3glv2tcve4om9ja5ms8s4sdp
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 09:58:58 GMT
content-type: image/png
content-length: 1534
last-modified: Wed, 25 May 2022 13:18:48 GMT
etag: "5fe-5dfd5e9e53071"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
vacations01.selected-winners.co.uk/themes/cmapp/Frontend/theme1/assets/fonts/muli/Muli-Bold.ttf
145.239.11.188200 OK 94 kB URL HTTP/2 vacations01.selected-winners.co.uk/themes/cmapp/Frontend/theme1/assets/fonts/muli/Muli-Bold.ttf
IP 145.239.11.188:0
File type TrueType Font data, digitally signed, 18 tables, 1st "DSIG", 26 names, Macintosh, Copyright 2016 The Muli Project Authors (contact@sansoxygen.com)MuliBold2.000;UKWN;Muli-BoldMuli\012- data
Hash 557f369c1c3c1a1b80b26ab8a91a6979
bc94d321e64d9b7bce62250064a48bedf72aaa17
63890d8aa2abbfa52e5fdb58d07f32865c3e618b367569bd3a756a94058309ad
GET /themes/cmapp/Frontend/theme1/assets/fonts/muli/Muli-Bold.ttf HTTP/1.1
Host: vacations01.selected-winners.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/themes/cmapp/Frontend/theme1/assets/css/style.css
Cookie: PHPSESSID=5l3glv2tcve4om9ja5ms8s4sdp
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 09:58:58 GMT
content-type: font/ttf
content-length: 93816
last-modified: Wed, 25 May 2022 13:18:48 GMT
etag: "16e78-5dfd5e9e54011"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
vacations01.selected-winners.co.uk/themes/cmapp/Frontend/theme1/assets/fonts/material-design-iconic-font/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0
145.239.11.188200 OK 38 kB URL HTTP/2 vacations01.selected-winners.co.uk/themes/cmapp/Frontend/theme1/assets/fonts/material-design-iconic-font/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0
IP 145.239.11.188:0
File type Web Open Font Format (Version 2), TrueType, length 38384, version 1.0\012- data
Hash a4d31128b633bc0b1cc1f18a34fb3851
6ee4c79372c3fd679706306ede47e4b03cf53d60
e8eea96e29a7c0a72612ab85ca3229979666467a28349642c2176e7189a1a39c
GET /themes/cmapp/Frontend/theme1/assets/fonts/material-design-iconic-font/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0 HTTP/1.1
Host: vacations01.selected-winners.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/themes/cmapp/Frontend/theme1/assets/fonts/material-design-iconic-font/css/material-design-iconic-font.css
Cookie: PHPSESSID=5l3glv2tcve4om9ja5ms8s4sdp
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 09:58:58 GMT
content-type: font/woff2
content-length: 38384
last-modified: Wed, 25 May 2022 13:18:48 GMT
etag: "95f0-5dfd5e9e53071"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a179b3b6ab78e29169af8cc2363d6280
501cd2871c5b70c56852c6cd0c87f383504ca933
ceecf34d673dd0d910e3622aa0fa8d84fea748592acc796286c4ec5e76fbc170
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3970
Cache-Control: max-age=105969
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 09:58:58 GMT
Etag: "638dfdd1-1d7"
Expires: Wed, 07 Dec 2022 15:25:07 GMT
Last-Modified: Mon, 05 Dec 2022 14:18:57 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 06 Dec 2022 08:41:08 GMT
expires: Tue, 06 Dec 2022 10:41:08 GMT
cache-control: public, max-age=7200
age: 4670
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
157.240.200.14200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: HdhcPD+uISoVLwec07/vE/Qrlm8IPMxqFDiAvzqSH7LN7/rmrbazRi+MFdjwg0qzPOLJGLDXgbs94ye13deikQ==
priority: u=3,i
content-length: 27340
x-fb-trip-id: 1679558926
date: Tue, 06 Dec 2022 09:58:58 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash cb3365b701b71d3970e05143cb15e904
0f4613acd23585fa360cd3c01253375255fa0188
14c45aa5cae5cf2c548f08a80c002b343a0ca1cdf9d830fa7b45bd6f5518bd7c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:58:58 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 02:24:22 GMT
Expires: Tue, 13 Dec 2022 02:24:21 GMT
Etag: "0f4613acd23585fa360cd3c01253375255fa0188"
Cache-Control: max-age=576922,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77542a896fdf1bfa-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a179b3b6ab78e29169af8cc2363d6280
501cd2871c5b70c56852c6cd0c87f383504ca933
ceecf34d673dd0d910e3622aa0fa8d84fea748592acc796286c4ec5e76fbc170
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3970
Cache-Control: max-age=105969
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 09:58:58 GMT
Etag: "638dfdd1-1d7"
Expires: Wed, 07 Dec 2022 15:25:07 GMT
Last-Modified: Mon, 05 Dec 2022 14:18:57 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11006
Expires: Tue, 06 Dec 2022 13:02:24 GMT
Date: Tue, 06 Dec 2022 09:58:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11006
Expires: Tue, 06 Dec 2022 13:02:24 GMT
Date: Tue, 06 Dec 2022 09:58:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11006
Expires: Tue, 06 Dec 2022 13:02:24 GMT
Date: Tue, 06 Dec 2022 09:58:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11006
Expires: Tue, 06 Dec 2022 13:02:24 GMT
Date: Tue, 06 Dec 2022 09:58:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11006
Expires: Tue, 06 Dec 2022 13:02:24 GMT
Date: Tue, 06 Dec 2022 09:58:58 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcfc1e29-0017-4346-aacf-66d3875076ce.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcfc1e29-0017-4346-aacf-66d3875076ce.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 18bbcbf84b00d3bc602830478ff1bd7f
1f25392db4cf3693259202b24e898f21093b8bf9
cb2b44e1f74a9bb43fab48536f6146e273c728b34e4889ff3f18a411d14d2282
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcfc1e29-0017-4346-aacf-66d3875076ce.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5790
x-amzn-requestid: 2e409a5f-ce04-4b9b-b3a2-74e5bbd256d3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSvoEoUoAMFsxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64ca-72e1bb13187b18aa26c8566f;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WBNaNTgYQaDVlJqu2u341xYy_6zmr5LqmCD2BPjGPGgmAG20WNHyKw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:46:52 GMT
age: 43926
etag: "1f25392db4cf3693259202b24e898f21093b8bf9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7663e5fc-37de-4be8-9be7-49805622f85d.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7663e5fc-37de-4be8-9be7-49805622f85d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 99d1ff8fa2e095dcf2bda3d1e1af1221
f914f04a0e1fb45a221d31d2105bfc73015b03e6
90325d4299a44dbd213857ada6f6880db8c33ad61685cfcb60c4a2455a84cf87
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7663e5fc-37de-4be8-9be7-49805622f85d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10183
x-amzn-requestid: 557e6b38-7be9-4953-968b-2e5bd3491ef4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUDYEQbIAMFwRg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e66e2-1fcd8fc4719bc0bc7d11abd2;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: z1_zJTJMuk724WMOmIc660b54AyZK8ffNVF5N7ehZ00W2kaL3Lcd1A==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:47:14 GMT
age: 43904
etag: "f914f04a0e1fb45a221d31d2105bfc73015b03e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b15136d60fd0a5e0f657a4f5c75d540f
36082b7329d473829178f280cb71a83b1531e486
79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:23:09 GMT
age: 41749
etag: "36082b7329d473829178f280cb71a83b1531e486"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ca09fa3-9c1c-4e27-b763-2de04564da9d.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ca09fa3-9c1c-4e27-b763-2de04564da9d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 73b9f329cd3a39d0756de62dd5f190b7
0f1c7567b89cc3de60196e47e37879296359bc78
e15711efe27a3d302a9869cf01d27fd65bd0beca9d03a19d93bbf11e28f3e1d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ca09fa3-9c1c-4e27-b763-2de04564da9d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4827
x-amzn-requestid: 9091cc45-8fb1-4b07-8ef9-3f42b85fb81e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSuYH_KIAMFpMQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64c2-6bf3bf8659ef3feb27c1803f;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fxdYE-ftBwC_0KcBJBQqvUbVXM54TmsKR8QXIfLIhdLYsqtaxdx9tg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:22:26 GMT
age: 41792
etag: "0f1c7567b89cc3de60196e47e37879296359bc78"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ba08976-65c4-4b8b-9ef1-92055a7b5235.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ba08976-65c4-4b8b-9ef1-92055a7b5235.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 53afd826523f4c18bf968764818d7ca7
9a26884875abb0652c568c50438b65f801779f9a
4f9dfeda67a040fef9c6987a7c334a91c993c84f694fa91771fcf7fd1d2e4937
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ba08976-65c4-4b8b-9ef1-92055a7b5235.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12293
x-amzn-requestid: 49891ceb-3f74-4e83-8064-f54fc8b30961
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSyGHPOIAMFYqw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64da-651e4e0c55257bcc553cd176;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4f0QQ4-21m-DiP4oUtIG75_vremc835laqhfDerlqCuW-WyKClvc9Q==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:29:38 GMT
age: 41360
etag: "9a26884875abb0652c568c50438b65f801779f9a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70fb9d31-10e5-4323-9fbd-ed451a00e6b1.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70fb9d31-10e5-4323-9fbd-ed451a00e6b1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7e1b54923ba506fde6b21c5bfb51ccc8
366aa3ab0790c496ea51bc08d1f2ff3358530d9e
a993ca6dc9a1f854f4542f9221e4f90060825ea863974b5163a9d3e284dc4663
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70fb9d31-10e5-4323-9fbd-ed451a00e6b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10594
x-amzn-requestid: eee9f193-eef5-44bf-997a-877fa206749e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSyIHpGoAMF1fw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64da-0a9190f7698dbf2f73bb1575;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: f-KQCOuDl461V8MBPsSOj1ILCU91Q0pCSENaldkMHR2oZdrEUnHeaA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:03:16 GMT
age: 42942
etag: "366aa3ab0790c496ea51bc08d1f2ff3358530d9e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.99200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.99:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 21:46:16 GMT
expires: Fri, 01 Dec 2023 21:46:16 GMT
cache-control: public, max-age=31536000
age: 389562
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.99200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.99:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Dec 2022 12:31:58 GMT
expires: Sun, 03 Dec 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 250020
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
script.hotjar.com/modules.d53d96d4fefc0e537bd8.js
143.204.55.40200 OK 69 kB URL HTTP/2 script.hotjar.com/modules.d53d96d4fefc0e537bd8.js
IP 143.204.55.40:0
File type Unicode text, UTF-8 text, with very long lines (48714)
Hash 6f3e85a9867f8c1e87f393ee1344782f
9a3e0b1e33cd0bca903fbdb82e43aa71ec23d165
80cf78eadecdac25834fa2be80c9a96f5eba43069c0295d800ec8d14123f7fba
GET /modules.d53d96d4fefc0e537bd8.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 68700
date: Mon, 05 Dec 2022 14:58:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "6f3e85a9867f8c1e87f393ee1344782f"
last-modified: Mon, 05 Dec 2022 14:57:50 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: FBzxbg4LcvivMkdsar8MST3aVwjnIu6Pnf_9cjVzIHV4XCQ7fuDGRw==
age: 68453
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-2FLJ2L11VH>m=2oebu0&_p=1130375927&cid=308369110.1670320739&ul=en-us&sr=1280x1024&_s=1&sid=1670320738&sct=1&seg=0&dl=https%3A%2F%2Fvacations01.selected-winners.co.uk%2Ftrk%2Fpid_117_cid_72_aOsyYdQoi3OJ6WJr%3FsubId%3D9847%26clickid%3Dfa28bc84f4e9419ce9b1b5bf9b46a0ca107fb9289fe1206a88b24d6bfb9275db&dt=Win%20your%20%C2%A31000%20holiday%20voucher&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-2FLJ2L11VH>m=2oebu0&_p=1130375927&cid=308369110.1670320739&ul=en-us&sr=1280x1024&_s=1&sid=1670320738&sct=1&seg=0&dl=https%3A%2F%2Fvacations01.selected-winners.co.uk%2Ftrk%2Fpid_117_cid_72_aOsyYdQoi3OJ6WJr%3FsubId%3D9847%26clickid%3Dfa28bc84f4e9419ce9b1b5bf9b46a0ca107fb9289fe1206a88b24d6bfb9275db&dt=Win%20your%20%C2%A31000%20holiday%20voucher&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-2FLJ2L11VH>m=2oebu0&_p=1130375927&cid=308369110.1670320739&ul=en-us&sr=1280x1024&_s=1&sid=1670320738&sct=1&seg=0&dl=https%3A%2F%2Fvacations01.selected-winners.co.uk%2Ftrk%2Fpid_117_cid_72_aOsyYdQoi3OJ6WJr%3FsubId%3D9847%26clickid%3Dfa28bc84f4e9419ce9b1b5bf9b46a0ca107fb9289fe1206a88b24d6bfb9275db&dt=Win%20your%20%C2%A31000%20holiday%20voucher&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vacations01.selected-winners.co.uk
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://vacations01.selected-winners.co.uk
date: Tue, 06 Dec 2022 09:58:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
143.204.55.20200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
IP 143.204.55.20:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash e0652b84b7b3b650769c759fc520c3f8
0b55d6e28613350c7f41b88f19e726e6751ad03b
94b4c240f83065223dcacdd3f8b69cb229d0616edc3e2041eef3e270d859fc3d
GET /box-5e66f98b4ee957db209dc6f63e3d59dd.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Wed, 23 Nov 2022 13:10:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ciL4A2T6Arnp0vhhjpjSUadlQTW_c3C8W5lTZuzNZc0ZwEKI4TcbYw==
age: 1111733
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash d6f472b432f2b57460b5d1de8246162e
19418285ecd1eea9bc9d6b64809e38cb393786f5
6151c46b5202159ab830bed47b90ebd93db55e90b63c72ea9a8c409b754536c4
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=109814
Date: Tue, 06 Dec 2022 09:58:59 GMT
Etag: "638e0d5e-1d7"
Expires: Wed, 07 Dec 2022 16:29:13 GMT
Last-Modified: Mon, 05 Dec 2022 15:25:18 GMT
Server: ECS (nyb/1D1C)
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: uh9pXoRY0BS2BBjILNK4nUJRsU0KEgOMLLx7fSx11MxypdxvaaY6hQ==
Age: 3835
vacations01.selected-winners.co.uk/indexfront/settings/72
145.239.11.188200 OK 0 B URL HTTP/2 vacations01.selected-winners.co.uk/indexfront/settings/72
IP 145.239.11.188:0
GET /indexfront/settings/72 HTTP/1.1
Host: vacations01.selected-winners.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/trk/pid_117_cid_72_aOsyYdQoi3OJ6WJr?subId=9847&clickid=fa28bc84f4e9419ce9b1b5bf9b46a0ca107fb9289fe1206a88b24d6bfb9275db
Cookie: PHPSESSID=5l3glv2tcve4om9ja5ms8s4sdp
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 09:58:58 GMT
content-type: application/json; charset=utf-8
x-powered-by: PHP/7.4.25, PleskLin
content-encoding: br
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js
142.250.74.74200 OK 0 B URL HTTP/2 ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js
IP 142.250.74.74:0
GET /ajax/libs/jqueryui/1.12.1/jquery-ui.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 67948
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 22:08:22 GMT
expires: Wed, 29 Nov 2023 22:08:22 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 561036
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.cookie-script.com/s/198e834708ebc11fdb3eb06dc6d07818.js
78.46.117.148200 OK 0 B URL HTTP/2 cdn.cookie-script.com/s/198e834708ebc11fdb3eb06dc6d07818.js
IP 78.46.117.148:0
ASN #24940 Hetzner Online GmbH
GET /s/198e834708ebc11fdb3eb06dc6d07818.js HTTP/1.1
Host: cdn.cookie-script.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Tue, 06 Dec 2022 09:58:58 GMT
vary: Accept-Encoding
last-modified: Thu, 08 Sep 2022 14:22:29 GMT
etag: W/"36c62b7aec07f386eddc6a9ef2eb8607"
access-control-allow-origin: *
x-cache-status: HIT
content-type: application/javascript
content-encoding: gzip
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-2777518.js?sv=6
143.204.55.37200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-2777518.js?sv=6
IP 143.204.55.37:0
GET /c/hotjar-2777518.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Tue, 06 Dec 2022 09:58:59 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: W/940e23bc276d37d8a768b8031ba4c14a
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 6hnG-olbp4ZXxxYrAndK4ICTCecUSY0LrnPBGUtASq20rIetZ6RoDw==
X-Firefox-Spdy: h2
in.hotjar.com/api/v2/client/sites/2777518/visit-data?sv=6
52.31.187.71200 OK 0 B URL HTTP/2 in.hotjar.com/api/v2/client/sites/2777518/visit-data?sv=6
IP 52.31.187.71:0
POST /api/v2/client/sites/2777518/visit-data?sv=6 HTTP/1.1
Host: in.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 117
Origin: https://vacations01.selected-winners.co.uk
Connection: keep-alive
Referer: https://vacations01.selected-winners.co.uk/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 09:58:59 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2