Report - emailfredolsencruises.com/t/8ID-85PAG-TY62J-50X1PX-1/c.aspx?utm_source=cvdb&utm_medium=email&utm

Report Overview

Submitted URL
emailfredolsencruises.com/t/8ID-85PAG-TY62J-50X1PX-1/c.aspx?utm_source=cvdb&utm_medium=email&utm_campaign=MOL-YOU-FredOlsen-280123
IP
104.16.207.86
ASN
#13335 CLOUDFLARENET
Submitted
2023-01-28 11:30:52
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	686 B	1.4 kB	142.250.74.131
storage.googleapis.com	420	2012-08-06T08:33:30Z	2023-03-13T08:48:59Z	450 B	1.8 kB	142.250.74.144
pipedream.wistia.com	6958	2017-01-30T05:30:40Z	2023-03-13T08:06:25Z	493 B	211 B	35.173.174.179
api.feefo.com	32378	2016-09-29T18:19:15Z	2023-03-10T14:15:15Z	487 B	949 B	104.16.75.76
platform-api.sharethis.com	5118	2017-01-29T12:44:16Z	2023-03-13T05:10:08Z	386 B	596 B	54.230.111.115
l.sharethis.com	4794	2012-05-21T23:59:04Z	2023-03-13T05:10:08Z	1.2 kB	409 B	3.125.136.212
buttons-config.sharethis.com	6006	2017-05-04T11:18:15Z	2023-03-13T05:10:08Z	403 B	949 B	54.230.111.11
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-13T08:22:43Z	340 B	963 B	104.18.32.68
foclstatic.co.uk	unknown			4.9 kB	14 kB	104.21.58.134
68c8648dbe66747498d1-6027f91c84d2b73bebfc9b6bc4f4a0ac.ssl.cf3.rackcdn.com	unknown			1.5 kB	207 kB	23.38.200.149
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	700 B	18 kB	54.230.245.118
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	58 kB	34.120.237.76
emailfredolsencruises.com	unknown			461 B	836 B	104.16.207.86
ocsp.usertrust.com	899	2012-05-21T17:43:18Z	2023-03-13T08:38:38Z	342 B	2.8 kB	104.18.32.68
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	35.155.48.47
distillery.wistia.com	6708	2012-09-30T04:46:15Z	2023-03-13T08:06:23Z	454 B	164 B	52.207.88.224
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.7 kB	7.1 kB	95.101.11.115
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
www.fredolsencruises.com	627539			10 kB	159 kB	185.181.198.136
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	2.7 kB	4.5 kB	93.184.220.29
fast.wistia.com	5153	2012-07-04T02:34:57Z	2023-03-13T08:06:19Z	3.3 kB	316 kB	151.101.130.110
embed-ssl.wistia.com	22795	2017-01-29T18:01:09Z	2023-03-13T08:06:21Z	953 B	117 kB	151.101.194.133

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-01-28 11:30:45	medium	Client IP	79.137.197.160	ET INFO Dotted Quad Host DLL Request

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (22)

	URL	Size	First Seen	Last Seen
	foclstatic.co.uk/1674128294362/js/pkg.frontend-focl.app.js	395 kB	2023-03-13	2023-03-13
Pretty URL foclstatic.co.uk/1674128294362/js/pkg.frontend-focl.app.js IP 104.21.58.134 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 09:42:01 Last Seen2023-03-13 09:42:01 Times Seen1 Hash c7e2098b273941e4488d8bc7812e888a 23140675f1e9b80ee3e687255dcebea04f7cfa16 db4c189507fbd7198481ee8cfba8c6ecebbaa35768949eaf6ec56a8211daf37f Loading...

	foclstatic.co.uk/1674128294362/js/pwa.js	2.7 kB	2023-03-13	2024-03-02
Pretty URL foclstatic.co.uk/1674128294362/js/pwa.js IP 104.21.58.134 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 09:42:01 Last Seen2024-03-02 11:34:15 Times Seen2 Hash 9c6d1cf867fc6e3886e9bdfce373305c 595e4dc07821f45810ed9559165e8d7dcbe1b095 2b79377525e04e662c6598f3852ac238f495fddd219d0d8b9f6c41d9c62bc8f0 Loading...

	platform-api.sharethis.com/js/sharethis.js#property=5a1e9ab506d3310011e61455&product=custom-share-buttons	197 kB	2023-03-13	2023-03-13
Pretty URL platform-api.sharethis.com/js/sharethis.js#property=5a1e9ab506d3310011e61455&product=custom-share-buttons IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 06:58:00 Last Seen2023-03-13 12:46:49 Times Seen1 Hash 2c942f90c211a2371a902746d678fdac 106e03353cd09dde3d5d9510fc6b375b21f3168e 15a03579a9226414c71d3bb85d039865eec13c1d73ab10b1d532f59341a21844 Loading...

	fast.wistia.com/assets/external/E-v1.js	644 kB	2023-03-13	2023-03-13
Pretty URL fast.wistia.com/assets/external/E-v1.js IP 151.101.130.110 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:43:06 Last Seen2023-03-13 14:45:41 Times Seen1 Hash e7411a8ec0b42329c5c0f38d4983076d 20bc3813763ceec3b6ed248a971bc13e5e51f401 f88e40e44dc1e7ebb1204a44d7bacb6f1b347b3a66146b726bd4d5e6ea043d2d Loading...

	buttons-config.sharethis.com/js/5a1e9ab506d3310011e61455.js	373 B	2023-03-13	2023-03-13
Pretty URL buttons-config.sharethis.com/js/5a1e9ab506d3310011e61455.js IP 54.230.111.11 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 09:42:01 Last Seen2023-03-13 09:42:01 Times Seen1 Hash c98544f050ff8267efb959fb60b22475 ab0bd055f68b231ca6d1bc8d65d53114ddfde430 0308f26fec01b36ba6f28a2111005adc7806f78bac020b2b77fad60aa23a3f7b Loading...

	fast.wistia.com/assets/external/playPauseLoadingControl.js	60 kB	2023-03-13	2023-03-13
Pretty URL fast.wistia.com/assets/external/playPauseLoadingControl.js IP 151.101.130.110 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 04:19:54 Last Seen2023-03-13 17:48:32 Times Seen1 Hash b8fcfdba73d1ef14ae0d1a16f94f0c54 6945d142696cfadf2ab422489012e77ffc683dc8 6abf92ff9e0a1a724a6ed538868622935bbdc1d415f37307b9e4daa7b3934365 Loading...

	foclstatic.co.uk/1674128294362/lib/handlebars/dist/handlebars.min.js	80 kB	2023-03-08	2024-04-14
Pretty URL foclstatic.co.uk/1674128294362/lib/handlebars/dist/handlebars.min.js IP 104.21.58.134 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:24:29 Last Seen2024-04-14 21:03:23 Times Seen223 Hash 3aff04d4186d0c55335c88e47cb2ae21 f04614443ce9f742d924fbf54acd14a4441d3403 6529eb58d68fcc67bcbf6e723f44ba61a31a0cb3130c70bee261d3c34c727449 Loading...

	foclstatic.co.uk/1674128294362/modules/FOCL/Common/js/statistics.js?_=20190620	7.6 kB	2023-03-13	2023-03-13
Pretty URL foclstatic.co.uk/1674128294362/modules/FOCL/Common/js/statistics.js?_=20190620 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 09:42:01 Last Seen2023-03-13 09:42:01 Times Seen1 Hash 7527afafbb076e70c9af6b1eb9050ead 25cfaf02744c55d19614f28b69dc6e245467cf3d c5da4d83b0c41649ce3c473f224d6977550160bd0e393f11644305713a253829 Loading...

	www.fredolsencruises.com/fred-olsen-difference/our-signature-experiences?utm_source=email&utm_medium=e-shot&utm_campaign=olsenway_05.10.2022&dm_t=0,0,0,0,0	21 B	2023-03-13	2024-03-02
Pretty URL www.fredolsencruises.com/fred-olsen-difference/our-signature-experiences?utm_source=email&utm_medium=e-shot&utm_campaign=olsenway_05.10.2022&dm_t=0,0,0,0,0 IP 185.181.198.136 ASN #61323 Ukfast.net Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 09:42:01 Last Seen2024-03-02 11:34:14 Times Seen2 Hash d6a6f9ccba057050a387eee805608a34 77f88b494d1bc1c92a4c0aafdda4c9f3f9c691a2 6b1fb718eced26d51398e5037e04ce7f603ca78bb5b197318dd6bf2d08732679 Loading...

	www.fredolsencruises.com/fred-olsen-difference/our-signature-experiences?utm_source=email&utm_medium=e-shot&utm_campaign=olsenway_05.10.2022&dm_t=0,0,0,0,0	728 B	2023-03-13	2023-03-13
Pretty URL www.fredolsencruises.com/fred-olsen-difference/our-signature-experiences?utm_source=email&utm_medium=e-shot&utm_campaign=olsenway_05.10.2022&dm_t=0,0,0,0,0 IP 185.181.198.136 ASN #61323 Ukfast.net Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 09:42:01 Last Seen2023-03-13 09:42:01 Times Seen1 Hash 39b726c6e9becceb1b132bb65422d9bf b2fede007d88b78712f30ecf99a8c30cfcfa2c75 f2f81732f37361ca825c4a330377622d13fc33d970030bbfc0314ed3a259f55e Loading...

	fast.wistia.com/assets/external/wistia-mux.js	127 kB	2023-03-13	2023-03-13
Pretty URL fast.wistia.com/assets/external/wistia-mux.js IP 151.101.130.110 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 06:23:04 Last Seen2023-03-13 14:52:01 Times Seen1 Hash 14fe4b6857b4040fb16c8b07e154b5cb fe731bdea73324cb5fb0e6bdd500e2dacf83db4a 0f005c000563f5d35ee2d35eb99eb07fac72a3c8495e65bee1dc3dee1b8a3725 Loading...

	foclstatic.co.uk/1674128294362/lib/jquery/dist/jquery.min.js	90 kB	2023-03-07	2024-04-24
Pretty URL foclstatic.co.uk/1674128294362/lib/jquery/dist/jquery.min.js IP 104.21.58.134 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-04-24 11:50:15 Times Seen260924 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	foclstatic.co.uk/1674128294362/js/pkg.frontend-focl.lib.js	352 kB	2023-03-13	2023-03-13
Pretty URL foclstatic.co.uk/1674128294362/js/pkg.frontend-focl.lib.js IP 104.21.58.134 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 09:42:01 Last Seen2023-03-13 09:42:01 Times Seen1 Hash 797d1278c72cbe983cebf77ad630b6e0 21c3d48750bf836523dc8ca11ed9573869c21665 b7a5040b4a28c67b73cdbee53389f793ff90f2adfa762d508ccbe75e47d8e6db Loading...

	www.fredolsencruises.com/fred-olsen-difference/our-signature-experiences?utm_source=email&utm_medium=e-shot&utm_campaign=olsenway_05.10.2022&dm_t=0,0,0,0,0	204 B	2023-03-13	2023-03-13
Pretty URL www.fredolsencruises.com/fred-olsen-difference/our-signature-experiences?utm_source=email&utm_medium=e-shot&utm_campaign=olsenway_05.10.2022&dm_t=0,0,0,0,0 IP 185.181.198.136 ASN #61323 Ukfast.net Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 09:42:01 Last Seen2023-03-13 09:42:01 Times Seen1 Hash 04fce187227385786243fd22c0b07dbe 495e03072b3474c1244fae890c1abef8256dd4e4 71a7407ed023f9bc62623ea5370c55ca54b333c5eb677b164e93161c76d3091b Loading...

	www.fredolsencruises.com/fred-olsen-difference/our-signature-experiences?utm_source=email&utm_medium=e-shot&utm_campaign=olsenway_05.10.2022&dm_t=0,0,0,0,0	796 B	2023-03-13	2023-03-13
Pretty URL www.fredolsencruises.com/fred-olsen-difference/our-signature-experiences?utm_source=email&utm_medium=e-shot&utm_campaign=olsenway_05.10.2022&dm_t=0,0,0,0,0 IP 185.181.198.136 ASN #61323 Ukfast.net Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 09:42:01 Last Seen2023-03-13 09:42:01 Times Seen1 Hash 56e3ec513f49b65ffdc9f922851bd967 cf4d0ba58cfaa65533528ccc87afa589ec334c00 dd9593a9b0f7efe1f0bca58e9baac39305d630187f67c03c4446dc8ea8926a01 Loading...

	www.fredolsencruises.com/fred-olsen-difference/our-signature-experiences?utm_source=email&utm_medium=e-shot&utm_campaign=olsenway_05.10.2022&dm_t=0,0,0,0,0	111 B	2023-03-13	2023-03-13
Pretty URL www.fredolsencruises.com/fred-olsen-difference/our-signature-experiences?utm_source=email&utm_medium=e-shot&utm_campaign=olsenway_05.10.2022&dm_t=0,0,0,0,0 IP 185.181.198.136 ASN #61323 Ukfast.net Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 09:42:01 Last Seen2023-03-13 09:42:01 Times Seen1 Hash 512434e5de002cb9f7be7921c2f4b5cd 3eb7d49c8667e30d3b0d85b9c7c90ad158da5f5f fb4d8058f809e5ac6191bbe04ea3cc21a52c96e29a7331e79b230137eb2fc351 Loading...

	fast.wistia.com/embed/medias/7vu4god4n0.jsonp	5.6 kB	2023-03-13	2023-03-13
Pretty URL fast.wistia.com/embed/medias/7vu4god4n0.jsonp IP 151.101.130.110 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 09:42:01 Last Seen2023-03-13 09:42:01 Times Seen1 Hash 0549964a0b45dcba922a1e7d29a9b42a a269d18cdd1842fee5336b97a1dc3edf9848fcc4 cb604fc764c38f05924e2b0c9758eb7fe306214b32c98f03b8403723d6e3dca0 Loading...

	fast.wistia.com/assets/external/popover.js	114 kB	2023-03-13	2023-03-13
Pretty URL fast.wistia.com/assets/external/popover.js IP 151.101.130.110 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 06:23:04 Last Seen2023-03-13 17:07:00 Times Seen1 Hash c28117dc3bba4ed9b2f97329dd54bc27 dde153c0fe4e01c804250ef84a14fa644fe3bdef b167470b8508eef009c945ec66c14e34778cb04d065f3a87c8475158d74be116 Loading...

	fast.wistia.com/assets/external/engines/hls_video.js	496 kB	2023-03-13	2023-03-13
Pretty URL fast.wistia.com/assets/external/engines/hls_video.js IP 151.101.130.110 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 06:23:04 Last Seen2023-03-13 15:05:48 Times Seen1 Hash 3b360cf8efc4fb697c094ed6fbf6f8fb bddce207bd1590c4aae95aa8df0c3ca5e7426820 8f6dc3e9675085b2fd39ef1fdec64a0a711df9a1314b3c8eecad5a975dacb7b1 Loading...

	foclstatic.co.uk/1674128294362/js/pkg.lazy-site.lib.js	18 kB	2023-03-13	2023-03-13
Pretty URL foclstatic.co.uk/1674128294362/js/pkg.lazy-site.lib.js IP 104.21.58.134 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 09:42:01 Last Seen2023-03-13 09:42:01 Times Seen1 Hash 32805a8d19fd49723de27ef2dec2db53 77bf08fecd05abd069cd4266cdee3b12b0bf853d 997ec5f3f6768b8ea87e5b0599178fe676248bcc985614c000165426cead5a97 Loading...

	foclstatic.co.uk/1674128294362/js/pkg.frontend-focl.hbs.js	371 kB	2023-03-13	2023-03-13
Pretty URL foclstatic.co.uk/1674128294362/js/pkg.frontend-focl.hbs.js IP 104.21.58.134 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 09:42:01 Last Seen2023-03-13 09:42:01 Times Seen1 Hash 94738116300922a14940ef4d3bf68865 c38d3a54530599e16bc6dbea6f5addaacc0c1a24 a1771a5c62cdb2f50d7b6fa8ca36354ae740752d6741739997b866807fefe511 Loading...

	www.fredolsencruises.com/fred-olsen-difference/our-signature-experiences?utm_source=email&utm_medium=e-shot&utm_campaign=olsenway_05.10.2022&dm_t=0,0,0,0,0	891 B	2023-03-13	2023-03-13
Pretty URL www.fredolsencruises.com/fred-olsen-difference/our-signature-experiences?utm_source=email&utm_medium=e-shot&utm_campaign=olsenway_05.10.2022&dm_t=0,0,0,0,0 IP 185.181.198.136 ASN #61323 Ukfast.net Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 09:42:01 Last Seen2023-03-13 09:42:01 Times Seen1 Hash 3e1a38c23ae1829cea0309bd34946000 444c8c61992df88ead4b9ea37dd31d24cc5d7abf fb2b395ab5ff5326468ed4cc39a31a60b1a8344a1820dd5d50cfeddf86073355 Loading...

HTTP Transactions (80)

	URL	IP	Response	Size
	emailfredolsencruises.com/t/8ID-85PAG-TY62J-50X1PX-1/c.aspx?utm_source=cvdb&utm_medium=email&utm_campaign=MOL-YOU-FredOlsen-280123	104.16.207.86	302 Found	0 B
URL HTTP/1.1 emailfredolsencruises.com/t/8ID-85PAG-TY62J-50X1PX-1/c.aspx?utm_source=cvdb&utm_medium=email&utm_campaign=MOL-YOU-FredOlsen-280123 IP 104.16.207.86:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /t/8ID-85PAG-TY62J-50X1PX-1/c.aspx?utm_source=cvdb&utm_medium=email&utm_campaign=MOL-YOU-FredOlsen-280123 HTTP/1.1 Host: emailfredolsencruises.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` HTTP/1.1 302 Found Date: Sat, 28 Jan 2023 11:30:41 GMT Content-Length: 0 Connection: keep-alive Cache-Control: private, max-age=0 Location: https://www.fredolsencruises.com:443/fred-olsen-difference/our-signature-experiences?utm_source=email&utm_medium=e-shot&utm_campaign=olsenway_05.10.2022&dm_t=0,0,0,0,0 CF-Cache-Status: DYNAMIC Set-Cookie: __cf_bm=djDlcALLUm6tufA9AqHtqc3hFEvZUSQ_VbQCg8hKALA-1674905441-0-AQxfLZSONXvxIxPlXyLRhMB+cWSZ9EkwD95Xt9WjWBhAhXaAGIPj9rlg2QJxbJDOWA9giOF1bW6M1smZXM6I9mg=; path=/; expires=Sat, 28-Jan-23 12:00:41 GMT; domain=.emailfredolsencruises.com; HttpOnly; SameSite=None __cflb=0H28vbka3Tp63XFuYsqHHrawjcNu2NcdZtQ2irxGPpY; SameSite=Lax; path=/; expires=Sun, 29-Jan-23 10:30:41 GMT; HttpOnly Server: cloudflare CF-RAY: 790965bf7b820b61-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 81dd5c5cc5b3278876cb44dcb520a60f c0511a59e9eccdcdda98717b87c89c5d59974808 41736c303afdb3d31e48724b107dcb22883cae02f3562308eb52d9164001a2de HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "41736C303AFDB3D31E48724B107DCB22883CAE02F3562308EB52D9164001A2DE" Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6777 Expires: Sat, 28 Jan 2023 13:23:38 GMT Date: Sat, 28 Jan 2023 11:30:41 GMT Connection: keep-alive`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 9fbe85f42e8ae8ae41cc12df5f98b141 949fa36ff0f22f72565fd584bef094dd4de23037 184d3e4df4bce559b4d7c4836372f5fd2de9782a96b04d364230b7d695d737d8 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "184D3E4DF4BCE559B4D7C4836372F5FD2DE9782A96B04D364230B7D695D737D8" Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2489 Expires: Sat, 28 Jan 2023 12:12:10 GMT Date: Sat, 28 Jan 2023 11:30:41 GMT Connection: keep-alive`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 69f73ac59327cd9ad7d99816ccfcc03e c54844f82dbee0d5ee4c8ce344eb0139373e6c6b e81c685b2d8f0e31b89e5cfc911a2c5a99a556646830ac5a8468d991b5e871a3 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "E81C685B2D8F0E31B89E5CFC911A2C5A99A556646830AC5A8468D991B5E871A3" Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8117 Expires: Sat, 28 Jan 2023 13:45:58 GMT Date: Sat, 28 Jan 2023 11:30:41 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash bf0c602d32b3c14606f22a86183b5e3c 6eabd8d83475eba731968abe1a05a8bfd272f160 6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Sat, 28 Jan 2023 10:35:29 GMT content-type: application/json age: 3312 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash 7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK x-amz-id-2: CQsB60GDRwganphirA3TuIg3QjZk5plkWrUX8RkRwWBTc6eX/MHtY0YnVklBEEd4ItG146DQtsE= x-amz-request-id: GBFFB9MWDDS7DS6M content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Sat, 28 Jan 2023 11:20:57 GMT age: 584 last-modified: Mon, 09 Jan 2023 18:04:21 GMT etag: "7b922915ebf1fa3639b333f994c74f24" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2`

	ocsp.usertrust.com/	104.18.32.68	200 OK	2.2 kB
URL HTTP/1.1 ocsp.usertrust.com/ IP 104.18.32.68:0 ASN #13335 CLOUDFLARENET File type data Size 2.2 kB (2236 bytes) Hash 16f09f725c74a0adbf79ead3ecfa96c6 38624ae577298e44fc9eacb1329557ce8f70f2be 01edce14b61f8b8fd77c623ceddeab12438bf7b81c391130d1bb138c148fa18c HTTP Headers `POST / HTTP/1.1 Host: ocsp.usertrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Date: Sat, 28 Jan 2023 11:30:41 GMT Content-Type: application/ocsp-response Content-Length: 2236 Connection: keep-alive Last-Modified: Wed, 25 Jan 2023 10:12:16 GMT Expires: Wed, 01 Feb 2023 10:12:15 GMT Etag: "38624ae577298e44fc9eacb1329557ce8f70f2be" Cache-Control: max-age=604015,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb6 X-Frame-Options: SAMEORIGIN CF-Cache-Status: HIT Age: 516 Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 790965c1d902b523-OSL

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Sat, 28 Jan 2023 11:30:41 GMT content-type: application/json content-length: 12 vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-credentials: true access-control-expose-headers: content-type strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Sat, 28 Jan 2023 10:41:40 GMT age: 2941 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	ocsp.sectigo.com/	104.18.32.68	200 OK	471 B
URL HTTP/1.1 ocsp.sectigo.com/ IP 104.18.32.68:0 ASN #13335 CLOUDFLARENET File type data Size 471 B (471 bytes) Hash a792c799b848ef3f972f280b85b0307b 607a8abd7bf4bf9e5f1cf69aa074e323a662887b 7f9aba8888dbff574747cf112cd2a4e40b1807df9d4121852371f6dac1a4640b HTTP Headers `POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Sat, 28 Jan 2023 11:30:42 GMT Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Last-Modified: Wed, 25 Jan 2023 10:57:25 GMT Expires: Wed, 01 Feb 2023 10:57:24 GMT Etag: "607a8abd7bf4bf9e5f1cf69aa074e323a662887b" Cache-Control: max-age=343002,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb2 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 790965c1fbb0b4f7-OSL`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 16a7b6a7128312e2f985d30df18c4487 6017bff79ffb525d9c7f9f32b999b74b5dc69602 663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16" Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=20247 Expires: Sat, 28 Jan 2023 17:08:09 GMT Date: Sat, 28 Jan 2023 11:30:42 GMT Connection: keep-alive`

	www.fredolsencruises.com/fred-olsen-difference/our-signature-experiences?utm_source=email&utm_medium=e-shot&utm_campaign=olsenway_05.10.2022&dm_t=0,0,0,0,0	185.181.198.136	200 OK	54 kB
URL HTTP/2 www.fredolsencruises.com/fred-olsen-difference/our-signature-experiences?utm_source=email&utm_medium=e-shot&utm_campaign=olsenway_05.10.2022&dm_t=0,0,0,0,0 IP 185.181.198.136:0 ASN #61323 Ukfast.net Limited File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1932), with CRLF, LF line terminators Size 54 kB (54364 bytes) Hash 9ba19c86737b1b8031e56a6051872219 a883620ff371385e9c1b55ca44526a19a92aeae0 d0dbe4051d57514021b1af687e1fa0e3d1f54ee0be16ec76576de758fb4e7dba HTTP Headers GET /fred-olsen-difference/our-signature-experiences?utm_source=email&utm_medium=e-shot&utm_campaign=olsenway_05.10.2022&dm_t=0,0,0,0,0 HTTP/1.1 Host: www.fredolsencruises.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 HTTP/2 200 OK date: Sat, 28 Jan 2023 11:30:42 GMT content-type: text/html; charset=utf-8 content-length: 54364 content-encoding: gzip etag: W/"47b4a-DB0OSTO4Bw1jY/jcnEdcnAtH//E" vary: Accept-Encoding server: NA x-powered-by: NA strict-transport-security: max-age=31536000; preload x-ua-compatible: IE=edge,chrome=1 x-xss-protection: 0 x-host: web-04.fredolsencruises.com set-cookie: session.id.oceans=s%3AN8Cudf9T6UG64eY8VwPUeWnsMkISZC5w.0fn1eJSr6AHXoxRzolNrmYqoUZdNQn%2BYJjtHLKavkrQ; Path=/; HttpOnly; Secure; SameSite=None SERVERID=srv3_d229_17; path=/; HttpOnly; Secure; SameSite=none cache-control: public, max-age=300, private x-ddosx-request-id: 7f60ad1f2fbbaea3cc64bd2bfb9da873 x-proxy-cache: MISS X-Firefox-Spdy: h2

	www.fredolsencruises.com/images/Main/footer_logos/GLT_Award.png?_=20180217	185.181.198.136	200 OK	6.3 kB
URL HTTP/2 www.fredolsencruises.com/images/Main/footer_logos/GLT_Award.png?_=20180217 IP 185.181.198.136:0 ASN #61323 Ukfast.net Limited File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data Size 6.3 kB (6322 bytes) Hash 91abd2f51fe9c343a84647e842a9d714 4c908977bce1c73bd896e3812abe5358e7eaa55f c1aa86834207143358078bdad38adb90604f24d6c175abee35cbf57737407822 HTTP Headers GET /images/Main/footer_logos/GLT_Award.png?_=20180217 HTTP/1.1 Host: www.fredolsencruises.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.fredolsencruises.com/fred-olsen-difference/our-signature-experiences?utm_source=email&utm_medium=e-shot&utm_campaign=olsenway_05.10.2022&dm_t=0,0,0,0,0 Cookie: session.id.oceans=s%3AN8Cudf9T6UG64eY8VwPUeWnsMkISZC5w.0fn1eJSr6AHXoxRzolNrmYqoUZdNQn%2BYJjtHLKavkrQ; SERVERID=srv3_d229_17 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK date: Sat, 28 Jan 2023 11:30:42 GMT content-type: image/png content-length: 6322 cache-control: public, immutable, max-age=31536000 last-modified: Wed, 14 Dec 2022 09:15:00 GMT etag: W/"18b2-1850fea707c" server: NA x-powered-by: NA x-host: web-02.fredolsencruises.com x-ddosx-request-id: 5c328d780c54de83e3d6f503f7a7ab17 x-proxy-cache: HIT accept-ranges: bytes X-Firefox-Spdy: h2`

	push.services.mozilla.com/	35.155.48.47	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 35.155.48.47:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: ziC0fsd8FFGW85Ktk0LLfA== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: wpNH5C7Qy1uU6/nEU3kDGReu4No=`

	ocsp.digicert.com/	93.184.220.29	200 OK	280 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 280 B (280 bytes) Hash ed93a3b93e180bca9c85c6c5218b4fdc 6d40db23193f419c6f7c6a97c5c0bce4956d1c5f 18f9e803fe03a095474b4b4b0286933159326c4635cdc10e55e03e166737b35c HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 1849 Cache-Control: max-age=160986 Content-Type: application/ocsp-response Date: Sat, 28 Jan 2023 11:30:42 GMT Etag: "63d4d203-118" Expires: Mon, 30 Jan 2023 08:13:48 GMT Last-Modified: Sat, 28 Jan 2023 07:42:59 GMT Server: ECS (amb/6BB4) X-Cache: HIT Content-Length: 280`

	ocsp.digicert.com/	93.184.220.29	200 OK	280 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 280 B (280 bytes) Hash ed93a3b93e180bca9c85c6c5218b4fdc 6d40db23193f419c6f7c6a97c5c0bce4956d1c5f 18f9e803fe03a095474b4b4b0286933159326c4635cdc10e55e03e166737b35c HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 5712 Cache-Control: 'max-age=158059' Content-Type: application/ocsp-response Date: Sat, 28 Jan 2023 11:30:42 GMT Last-Modified: Sat, 28 Jan 2023 09:55:30 GMT Server: ECS (amb/6BA8) X-Cache: HIT Content-Length: 280`

	foclstatic.co.uk/1674128294362/images/Main/Feefo/feefo_logo_w_70.png?_=1674128294362	104.21.58.134	200 OK	1.9 kB
URL HTTP/2 foclstatic.co.uk/1674128294362/images/Main/Feefo/feefo_logo_w_70.png?_=1674128294362 IP 104.21.58.134:0 ASN #13335 CLOUDFLARENET File type PNG image data, 70 x 16, 8-bit colormap, non-interlaced\012- data Size 1.9 kB (1909 bytes) Hash 12b7043ead96ec2594a4a58daeae007a d658007b31d60a5d5033327d5772fe71be8ed9fa 2e3b37d20c36304ed38adf367cba67fbbcccf930c62a4776c9a9d33f1a5abb5a HTTP Headers `GET /1674128294362/images/Main/Feefo/feefo_logo_w_70.png?_=1674128294362 HTTP/1.1 Host: foclstatic.co.uk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.fredolsencruises.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK date: Sat, 28 Jan 2023 11:30:42 GMT content-type: image/png content-length: 1909 cache-control: public, immutable, max-age=31536000 last-modified: Thu, 19 Jan 2023 11:38:48 GMT etag: "0943b98fa2bd91:0" x-host: web-02.fredolsencruises.com access-control-max-age: 31536000 access-control-expose-headers: etag access-control-allow-headers: If-Modified-Since, If-None-Match access-control-allow-origin: * x-powered-by: NA cf-cache-status: HIT age: 273327 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oJS0Hi%2B2601HoNe%2FAjj8NuqQ3%2F9rZ4cVsuPiH4x%2F%2FQ%2B1hWD%2BcNemYFmFz5HM7bGFjdlcQKwaRaNjKQfHu9ZAv04yk%2FvuiQLnM2jB7Fz%2B2rvb8ZegAlW3aItNT3Nry2HXEFTu"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding strict-transport-security: max-age=15552000; includeSubDomains; preload x-content-type-options: nosniff server: cloudflare cf-ray: 790965c7a8681c02-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	ocsp.digicert.com/	93.184.220.29	200 OK	280 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 280 B (280 bytes) Hash ed93a3b93e180bca9c85c6c5218b4fdc 6d40db23193f419c6f7c6a97c5c0bce4956d1c5f 18f9e803fe03a095474b4b4b0286933159326c4635cdc10e55e03e166737b35c HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 1849 Cache-Control: max-age=160986 Content-Type: application/ocsp-response Date: Sat, 28 Jan 2023 11:30:42 GMT Etag: "63d4d203-118" Expires: Mon, 30 Jan 2023 08:13:48 GMT Last-Modified: Sat, 28 Jan 2023 07:42:59 GMT Server: ECS (ska/F70B) X-Cache: HIT Content-Length: 280`

	ocsp.digicert.com/	93.184.220.29	200 OK	280 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 280 B (280 bytes) Hash ed93a3b93e180bca9c85c6c5218b4fdc 6d40db23193f419c6f7c6a97c5c0bce4956d1c5f 18f9e803fe03a095474b4b4b0286933159326c4635cdc10e55e03e166737b35c HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Cache-Control: 'max-age=158059' Content-Type: application/ocsp-response Date: Sat, 28 Jan 2023 11:30:42 GMT Server: ECS (amb/6BB6) Content-Length: 280`

	ocsp.digicert.com/	93.184.220.29	200 OK	280 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 280 B (280 bytes) Hash ed93a3b93e180bca9c85c6c5218b4fdc 6d40db23193f419c6f7c6a97c5c0bce4956d1c5f 18f9e803fe03a095474b4b4b0286933159326c4635cdc10e55e03e166737b35c HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Cache-Control: 'max-age=158059' Content-Type: application/ocsp-response Date: Sat, 28 Jan 2023 11:30:42 GMT Etag: "63d22f07-116" Server: ECS (amb/6B92) Content-Length: 280`

	ocsp.digicert.com/	93.184.220.29	200 OK	280 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 280 B (280 bytes) Hash ed93a3b93e180bca9c85c6c5218b4fdc 6d40db23193f419c6f7c6a97c5c0bce4956d1c5f 18f9e803fe03a095474b4b4b0286933159326c4635cdc10e55e03e166737b35c HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Cache-Control: max-age=159137 Content-Type: application/ocsp-response Date: Sat, 28 Jan 2023 11:30:42 GMT Etag: "63d4d203-118" Expires: Mon, 30 Jan 2023 07:42:59 GMT Last-Modified: Sat, 28 Jan 2023 07:42:59 GMT Server: nginx Content-Length: 280`

	www.fredolsencruises.com/my-cruises/user-info	185.181.198.136	200 OK	49 B
URL HTTP/2 www.fredolsencruises.com/my-cruises/user-info IP 185.181.198.136:0 ASN #61323 Ukfast.net Limited File type JSON data\012- , ASCII text, with no line terminators Size 49 B (49 bytes) Hash 8e3f19c9c8b6659aae1c9c12021e694b b576c6cd795b67e9d9cb962a63a3c9f65f8109b4 b7304b363f6f0d58bc803a5343cf2119ec71aa7586773d42e02963b47abf9031 HTTP Headers GET /my-cruises/user-info HTTP/1.1 Host: www.fredolsencruises.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br X-Requested-With: XMLHttpRequest Connection: keep-alive Referer: https://www.fredolsencruises.com/fred-olsen-difference/our-signature-experiences?utm_source=email&utm_medium=e-shot&utm_campaign=olsenway_05.10.2022&dm_t=0,0,0,0,0 Cookie: session.id.oceans=s%3AN8Cudf9T6UG64eY8VwPUeWnsMkISZC5w.0fn1eJSr6AHXoxRzolNrmYqoUZdNQn%2BYJjtHLKavkrQ; SERVERID=srv3_d229_17 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers HTTP/2 200 OK date: Sat, 28 Jan 2023 11:30:42 GMT content-type: application/json; charset=utf-8 content-length: 49 cache-control: private, no-cache, no-store, must-revalidate pragma: no-cache expires: 0 etag: W/"31-tXbGzXlbZ+nZy5YqY6PJ9l+BCbQ" server: NA x-powered-by: NA strict-transport-security: max-age=31536000; preload x-ua-compatible: IE=edge,chrome=1 x-xss-protection: 0 x-host: web-04.fredolsencruises.com x-ddosx-request-id: b43e63d8daed4918f3bf4f39441da980 x-proxy-cache: MISS X-Firefox-Spdy: h2

	www.fredolsencruises.com/Alerts/GetForPage?id=63108fe2ea368529fc7638c2	185.181.198.136	200 OK	23 B
URL HTTP/2 www.fredolsencruises.com/Alerts/GetForPage?id=63108fe2ea368529fc7638c2 IP 185.181.198.136:0 ASN #61323 Ukfast.net Limited File type JSON data\012- , ASCII text, with no line terminators Size 23 B (23 bytes) Hash f31ac01f9a59383150bc7ed52b6b80ba 00717982e4b370caac9e0edc5b9168262e62e148 10be667e0b6331ee26fa5fe18f14ac145e2a6b660bce961a1420a94b279c57c6 HTTP Headers GET /Alerts/GetForPage?id=63108fe2ea368529fc7638c2 HTTP/1.1 Host: www.fredolsencruises.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/javascript, /; q=0.01 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br X-Requested-With: XMLHttpRequest Connection: keep-alive Referer: https://www.fredolsencruises.com/fred-olsen-difference/our-signature-experiences?utm_source=email&utm_medium=e-shot&utm_campaign=olsenway_05.10.2022&dm_t=0,0,0,0,0 Cookie: session.id.oceans=s%3AN8Cudf9T6UG64eY8VwPUeWnsMkISZC5w.0fn1eJSr6AHXoxRzolNrmYqoUZdNQn%2BYJjtHLKavkrQ; SERVERID=srv3_d229_17 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK date: Sat, 28 Jan 2023 11:30:42 GMT content-type: application/json; charset=utf-8 content-length: 23 cache-control: public, max-age=30 etag: W/"17-AHF5guSzcMqsng7cW5FoJi5i4Ug" server: NA x-powered-by: NA strict-transport-security: max-age=31536000; preload x-ua-compatible: IE=edge,chrome=1 x-xss-protection: 0 x-host: web-03.fredolsencruises.com x-ddosx-request-id: 0b26f40afb9310fed1b36df5d6e0b378 x-proxy-cache: REVALIDATED X-Firefox-Spdy: h2`

	www.fredolsencruises.com/SearchResults/RedisFacetObjects?type=oceans	185.181.198.136	200 OK	3.7 kB
URL HTTP/2 www.fredolsencruises.com/SearchResults/RedisFacetObjects?type=oceans IP 185.181.198.136:0 ASN #61323 Ukfast.net Limited File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (3710), with no line terminators Size 3.7 kB (3720 bytes) Hash c9e49782132b96ed6a02bde45b174a8e 0b19c3e56bdd54755b13fbb7835c36a426b9e59e 210f3e7ce0453241ba3ef3c47e60fd6f2431de31c733627658223c5b913ce4ec HTTP Headers GET /SearchResults/RedisFacetObjects?type=oceans HTTP/1.1 Host: www.fredolsencruises.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br X-Requested-With: XMLHttpRequest Connection: keep-alive Referer: https://www.fredolsencruises.com/fred-olsen-difference/our-signature-experiences?utm_source=email&utm_medium=e-shot&utm_campaign=olsenway_05.10.2022&dm_t=0,0,0,0,0 Cookie: session.id.oceans=s%3AN8Cudf9T6UG64eY8VwPUeWnsMkISZC5w.0fn1eJSr6AHXoxRzolNrmYqoUZdNQn%2BYJjtHLKavkrQ; SERVERID=srv3_d229_17; focl_cookie_consent_session=1674905445376 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK date: Sat, 28 Jan 2023 11:30:43 GMT content-type: application/json; charset=utf-8 content-length: 3720 cache-control: public, max-age=300 etag: W/"e88-CxnD5WvdVHVbE/u3g1w2pCa55Z4" server: NA strict-transport-security: max-age=31536000; preload x-ua-compatible: IE=edge,chrome=1 x-xss-protection: 0 x-powered-by: NA, NA x-host: Web01 x-ddosx-request-id: 2606a7119ee836618a3645709702fef8 x-proxy-cache: HIT X-Firefox-Spdy: h2`

	www.fredolsencruises.com/SearchResults/RedisFacetObjects?type=oceans	185.181.198.136	200 OK	3.7 kB
URL HTTP/2 www.fredolsencruises.com/SearchResults/RedisFacetObjects?type=oceans IP 185.181.198.136:0 ASN #61323 Ukfast.net Limited File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (3710), with no line terminators Size 3.7 kB (3720 bytes) Hash c9e49782132b96ed6a02bde45b174a8e 0b19c3e56bdd54755b13fbb7835c36a426b9e59e 210f3e7ce0453241ba3ef3c47e60fd6f2431de31c733627658223c5b913ce4ec HTTP Headers GET /SearchResults/RedisFacetObjects?type=oceans HTTP/1.1 Host: www.fredolsencruises.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br X-Requested-With: XMLHttpRequest Connection: keep-alive Referer: https://www.fredolsencruises.com/fred-olsen-difference/our-signature-experiences?utm_source=email&utm_medium=e-shot&utm_campaign=olsenway_05.10.2022&dm_t=0,0,0,0,0 Cookie: session.id.oceans=s%3AN8Cudf9T6UG64eY8VwPUeWnsMkISZC5w.0fn1eJSr6AHXoxRzolNrmYqoUZdNQn%2BYJjtHLKavkrQ; SERVERID=srv3_d229_17; focl_cookie_consent_session=1674905445376 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK date: Sat, 28 Jan 2023 11:30:43 GMT content-type: application/json; charset=utf-8 content-length: 3720 cache-control: public, max-age=300 etag: W/"e88-CxnD5WvdVHVbE/u3g1w2pCa55Z4" server: NA strict-transport-security: max-age=31536000; preload x-ua-compatible: IE=edge,chrome=1 x-xss-protection: 0 x-powered-by: NA, NA x-host: Web01 x-ddosx-request-id: 880147c78660a1806618eb6271b14ae9 x-proxy-cache: HIT X-Firefox-Spdy: h2`

	www.fredolsencruises.com/SearchResults/RedisFacetObjects?type=rivers	185.181.198.136	200 OK	1.3 kB
URL HTTP/2 www.fredolsencruises.com/SearchResults/RedisFacetObjects?type=rivers IP 185.181.198.136:0 ASN #61323 Ukfast.net Limited File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (1289), with no line terminators Size 1.3 kB (1293 bytes) Hash 709bdb8df2e6526d3b08ec8c54743faa e97c5ecb549a7a0907ba92cad2fccc2bb46ab671 08d8a51ab3605c8e227a3e7a5f85ea5449c2cd9481c26d5afb8398adb3de2e65 HTTP Headers GET /SearchResults/RedisFacetObjects?type=rivers HTTP/1.1 Host: www.fredolsencruises.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br X-Requested-With: XMLHttpRequest Connection: keep-alive Referer: https://www.fredolsencruises.com/fred-olsen-difference/our-signature-experiences?utm_source=email&utm_medium=e-shot&utm_campaign=olsenway_05.10.2022&dm_t=0,0,0,0,0 Cookie: session.id.oceans=s%3AN8Cudf9T6UG64eY8VwPUeWnsMkISZC5w.0fn1eJSr6AHXoxRzolNrmYqoUZdNQn%2BYJjtHLKavkrQ; SERVERID=srv3_d229_17; focl_cookie_consent_session=1674905445376 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK date: Sat, 28 Jan 2023 11:30:43 GMT content-type: application/json; charset=utf-8 content-length: 1293 cache-control: public, max-age=300 etag: W/"50d-6Xxey1SaegkHupLK0vzMK7RqtnE" server: NA x-powered-by: NA strict-transport-security: max-age=31536000; preload x-ua-compatible: IE=edge,chrome=1 x-xss-protection: 0 x-host: web-03.fredolsencruises.com x-ddosx-request-id: 883c5ee2f26cca309900e36c7df61433 x-proxy-cache: HIT X-Firefox-Spdy: h2`

	www.fredolsencruises.com/modules/FOCL/MyCruises//templates/Alert.hbs	185.181.198.136	200 OK	590 B
URL HTTP/2 www.fredolsencruises.com/modules/FOCL/MyCruises//templates/Alert.hbs IP 185.181.198.136:0 ASN #61323 Ukfast.net Limited File type exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators Size 590 B (590 bytes) Hash d59d5c93793a12ea072142a1868be52a e948155cef347aab068315c791ae1e69c50d10fd e0ff316140081e0e7209fae74941cd7f1b101a98e99ac076cd0bd0e6061cdb3b HTTP Headers GET /modules/FOCL/MyCruises//templates/Alert.hbs HTTP/1.1 Host: www.fredolsencruises.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.fredolsencruises.com/fred-olsen-difference/our-signature-experiences?utm_source=email&utm_medium=e-shot&utm_campaign=olsenway_05.10.2022&dm_t=0,0,0,0,0 Cookie: session.id.oceans=s%3AN8Cudf9T6UG64eY8VwPUeWnsMkISZC5w.0fn1eJSr6AHXoxRzolNrmYqoUZdNQn%2BYJjtHLKavkrQ; SERVERID=srv3_d229_17; focl_cookie_consent_session=1674905445376 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers HTTP/2 200 OK date: Sat, 28 Jan 2023 11:30:43 GMT content-type: text/x-handlebars-template; charset=UTF-8 content-length: 590 cache-control: public, max-age=0 content-encoding: gzip last-modified: Wed, 14 Dec 2022 09:14:59 GMT accept-ranges: bytes etag: W/"43f-1850fea6bd9" vary: Accept-Encoding server: NA x-powered-by: NA strict-transport-security: max-age=31536000; preload x-host: web-04.fredolsencruises.com x-ddosx-request-id: 8335ee45a3acca66db920e7adaef9eac x-proxy-cache: MISS X-Firefox-Spdy: h2

	ocsp.digicert.com/	93.184.220.29	200 OK	278 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 278 B (278 bytes) Hash e85a4e4061402b8f8134522129ba594d 306ef28cf3d08b8306a2f62d9de77462c396fdb5 3ee177cb3eb6c77577b781fb4c1b7486c3630512a8fa457a47f948230e526bbe HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 2557 Cache-Control: max-age=88227 Content-Type: application/ocsp-response Date: Sat, 28 Jan 2023 11:30:43 GMT Etag: "63d3b309-116" Expires: Sun, 29 Jan 2023 12:01:10 GMT Last-Modified: Fri, 27 Jan 2023 11:18:33 GMT Server: ECS (ska/F6FC) X-Cache: HIT Content-Length: 278`

	www.fredolsencruises.com/GetLatestNotification	185.181.198.136	200 OK	1.9 kB
URL HTTP/2 www.fredolsencruises.com/GetLatestNotification IP 185.181.198.136:0 ASN #61323 Ukfast.net Limited File type JSON data\012- HTML document, ASCII text, with very long lines (1853), with no line terminators Size 1.9 kB (1853 bytes) Hash 5f689b65423b23c0c44387dad97971d2 f8f7526cf2b9ee76e8a7b3937299c5c1c7f4f543 53fcfef332abe5b6e97758d28d5521f255b10b3bfa0cf692e3ab1a483bc4fc0e HTTP Headers GET /GetLatestNotification HTTP/1.1 Host: www.fredolsencruises.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br X-Requested-With: XMLHttpRequest Connection: keep-alive Referer: https://www.fredolsencruises.com/fred-olsen-difference/our-signature-experiences?utm_source=email&utm_medium=e-shot&utm_campaign=olsenway_05.10.2022&dm_t=0,0,0,0,0 Cookie: session.id.oceans=s%3AN8Cudf9T6UG64eY8VwPUeWnsMkISZC5w.0fn1eJSr6AHXoxRzolNrmYqoUZdNQn%2BYJjtHLKavkrQ; SERVERID=srv3_d229_17; focl_cookie_consent_session=1674905445376 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK date: Sat, 28 Jan 2023 11:30:43 GMT content-type: application/json; charset=utf-8 content-length: 1853 etag: W/"73d-+PdSbPK57nbop7OTcpnFwcf09UM" server: NA x-powered-by: NA strict-transport-security: max-age=31536000; preload x-ua-compatible: IE=edge,chrome=1 x-xss-protection: 0 x-host: web-04.fredolsencruises.com x-ddosx-request-id: 68917a464ed578467d8d0b0ada6b2187 x-proxy-cache: MISS X-Firefox-Spdy: h2`

	www.fredolsencruises.com/favourites/list	185.181.198.136	200 OK	2 B
URL HTTP/2 www.fredolsencruises.com/favourites/list IP 185.181.198.136:0 ASN #61323 Ukfast.net Limited File type JSON data\012- , ASCII text, with no line terminators Size 2 B (2 bytes) Hash d751713988987e9331980363e24189ce 97d170e1550eee4afc0af065b78cda302a97674c 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 HTTP Headers GET /favourites/list HTTP/1.1 Host: www.fredolsencruises.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br X-Requested-With: XMLHttpRequest Connection: keep-alive Referer: https://www.fredolsencruises.com/fred-olsen-difference/our-signature-experiences?utm_source=email&utm_medium=e-shot&utm_campaign=olsenway_05.10.2022&dm_t=0,0,0,0,0 Cookie: session.id.oceans=s%3AN8Cudf9T6UG64eY8VwPUeWnsMkISZC5w.0fn1eJSr6AHXoxRzolNrmYqoUZdNQn%2BYJjtHLKavkrQ; SERVERID=srv3_d229_17; focl_cookie_consent_session=1674905445376 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK date: Sat, 28 Jan 2023 11:30:43 GMT content-type: application/json; charset=utf-8 content-length: 2 etag: W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w" server: NA x-powered-by: NA strict-transport-security: max-age=31536000; preload x-ua-compatible: IE=edge,chrome=1 x-xss-protection: 0 x-host: web-04.fredolsencruises.com x-ddosx-request-id: a9942eff6374d50e3715d56095dc898a x-proxy-cache: MISS X-Firefox-Spdy: h2`

	www.fredolsencruises.com/overlays/findOverlaysForPage?id=63108fe2ea368529fc7638c2&device=desktop	185.181.198.136	200 OK	15 B
URL HTTP/2 www.fredolsencruises.com/overlays/findOverlaysForPage?id=63108fe2ea368529fc7638c2&device=desktop IP 185.181.198.136:0 ASN #61323 Ukfast.net Limited File type JSON data\012- , ASCII text, with no line terminators Size 15 B (15 bytes) Hash bdd786d8de8c3d9ed266333eb8a30e0d ba8cfbb5171ce5fcfc240114d2276d0c3c0e54f0 306669cdad4bc110d87e196035e466ef94b6ae6dc655414b36b7fee28f1a03ae HTTP Headers GET /overlays/findOverlaysForPage?id=63108fe2ea368529fc7638c2&device=desktop HTTP/1.1 Host: www.fredolsencruises.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br X-Requested-With: XMLHttpRequest Connection: keep-alive Referer: https://www.fredolsencruises.com/fred-olsen-difference/our-signature-experiences?utm_source=email&utm_medium=e-shot&utm_campaign=olsenway_05.10.2022&dm_t=0,0,0,0,0 Cookie: session.id.oceans=s%3AN8Cudf9T6UG64eY8VwPUeWnsMkISZC5w.0fn1eJSr6AHXoxRzolNrmYqoUZdNQn%2BYJjtHLKavkrQ; SERVERID=srv3_d229_17; focl_cookie_consent_session=1674905445376 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK date: Sat, 28 Jan 2023 11:30:43 GMT content-type: application/json; charset=utf-8 content-length: 15 etag: W/"f-uoz7tRcc5fz8JAEU0idtDDwOVPA" server: NA x-powered-by: NA strict-transport-security: max-age=31536000; preload x-ua-compatible: IE=edge,chrome=1 x-xss-protection: 0 x-host: web-04.fredolsencruises.com x-ddosx-request-id: 447b8a0ed3af225441a09c252f3ab9c5 x-proxy-cache: MISS X-Firefox-Spdy: h2`

	fast.wistia.com/assets/external/E-v1.js	151.101.130.110	200 OK	117 kB
URL HTTP/2 fast.wistia.com/assets/external/E-v1.js IP 151.101.130.110:0 ASN #54113 FASTLY File type ASCII text, with very long lines (65536), with no line terminators Size 117 kB (116767 bytes) Hash 00492617eb8d73731c2c3fffe2501ed5 5b15229ef44fe829ca95b487517b9ee67e57582d d9b87c8406d178661be9b75dfc2536f130f840f4406084104842ce0f21e62127 HTTP Headers `GET /assets/external/E-v1.js HTTP/1.1 Host: fast.wistia.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.fredolsencruises.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * cache-control: public, max-age=3600 content-encoding: br content-type: application/javascript etag: "63d2c5c4-1c81f" last-modified: Thu, 26 Jan 2023 18:26:12 GMT timing-allow-origin: * via: 1.1 varnish, 1.1 varnish accept-ranges: bytes date: Sat, 28 Jan 2023 11:30:43 GMT age: 1076 x-served-by: cache-iad-kiad7000159-IAD, cache-bma1652-BMA x-cache: HIT, HIT x-cache-hits: 26, 50 x-timer: S1674905443.075358,VS0,VE0 vary: Accept-Encoding strict-transport-security: max-age=0 x-ecma-v: modern x-browser: firefox x-browser-version: 105 content-length: 116767 X-Firefox-Spdy: h2

	68c8648dbe66747498d1-6027f91c84d2b73bebfc9b6bc4f4a0ac.ssl.cf3.rackcdn.com/6310d378b84ed50b7cf05a2d/Treatofregionbanner.jpg	23.38.200.149	200 OK	119 kB
URL HTTP/1.1 68c8648dbe66747498d1-6027f91c84d2b73bebfc9b6bc4f4a0ac.ssl.cf3.rackcdn.com/6310d378b84ed50b7cf05a2d/Treatofregionbanner.jpg IP 23.38.200.149:0 ASN #16625 AKAMAI-AS File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=10, manufacturer=NIKON CORPORATION, model=NIKON D800E, orientation=upper-left, xresolution=168, yresolution=176, resolutionunit=2, software=Adobe Photoshop Lightroom Classic 10.2 (Windows), datetime=2022-09-01T16:45:03+01:00], baseline, precision 8, 1222x474, components 3\012- data Size 119 kB (119105 bytes) Hash 92549860fa14d208ba58bf7b112432f9 0e27527222f1d6b0aa8e26ad0485b68cdc6cd6eb b572c42b8dba16d6cefd0ccce05bd1d58ec09f531df6ea327ba573028b4b87fe HTTP Headers `GET /6310d378b84ed50b7cf05a2d/Treatofregionbanner.jpg HTTP/1.1 Host: 68c8648dbe66747498d1-6027f91c84d2b73bebfc9b6bc4f4a0ac.ssl.cf3.rackcdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.fredolsencruises.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/1.1 200 OK Last-Modified: Thu, 01 Sep 2022 15:44:57 GMT ETag: 92549860fa14d208ba58bf7b112432f9 Content-Length: 119105 Accept-Ranges: bytes X-Timestamp: 1662047096.77252 Content-Type: image/jpeg X-Trans-Id: tx4ded7e3261834a08b3926-006352ee41lon3 Cache-Control: public, max-age=210504 Expires: Mon, 30 Jan 2023 21:59:07 GMT Date: Sat, 28 Jan 2023 11:30:43 GMT Connection: keep-alive`

	ocsp.digicert.com/	93.184.220.29	200 OK	278 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 278 B (278 bytes) Hash e85a4e4061402b8f8134522129ba594d 306ef28cf3d08b8306a2f62d9de77462c396fdb5 3ee177cb3eb6c77577b781fb4c1b7486c3630512a8fa457a47f948230e526bbe HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 4818 Cache-Control: max-age=90488 Content-Type: application/ocsp-response Date: Sat, 28 Jan 2023 11:30:43 GMT Etag: "63d3b309-116" Expires: Sun, 29 Jan 2023 12:38:51 GMT Last-Modified: Fri, 27 Jan 2023 11:18:33 GMT Server: ECS (amb/6BBC) X-Cache: HIT Content-Length: 278`

	fast.wistia.com/embed/medias/7vu4god4n0.jsonp	151.101.130.110	200 OK	1.6 kB
URL HTTP/2 fast.wistia.com/embed/medias/7vu4god4n0.jsonp IP 151.101.130.110:0 ASN #54113 FASTLY File type ASCII text, with very long lines (5468) Size 1.6 kB (1619 bytes) Hash 093c7571602fe6a5f3732efaa3439c11 7344dad774ec297c50eed03f9870a0da38cd90e3 d9203a52ea3d6d76a971e3d2dc0dc4e355ec2fe4b9c4dbcfa9d5d49d912ddf34 HTTP Headers `GET /embed/medias/7vu4god4n0.jsonp HTTP/1.1 Host: fast.wistia.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.fredolsencruises.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * cache-control: public, no-cache content-encoding: br content-type: application/javascript; charset=utf-8 etag: W/"cb604fc764c38f05924e2b0c9758eb7f" p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR" referrer-policy: strict-origin-when-cross-origin timing-allow-origin: * x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none x-request-id: 0c5b400a58b39719be60234f0206b960 x-runtime: 0.054539 via: 1.1 varnish, 1.1 varnish accept-ranges: bytes date: Sat, 28 Jan 2023 11:30:43 GMT age: 82305 x-served-by: cache-iad-kiad7000154-IAD, cache-bma1652-BMA x-cache: HIT, MISS x-cache-hits: 10, 0 x-timer: S1674905443.074726,VS0,VE91 vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override strict-transport-security: max-age=0 x-ecma-v: modern x-browser: firefox x-browser-version: 105 content-length: 1619 X-Firefox-Spdy: h2

	fast.wistia.com/assets/external/popover.js	151.101.130.110	200 OK	28 kB
URL HTTP/2 fast.wistia.com/assets/external/popover.js IP 151.101.130.110:0 ASN #54113 FASTLY File type ASCII text, with very long lines (65536), with no line terminators Size 28 kB (27459 bytes) Hash 1bf8f668418af1f82de3c54bdb1e8e22 fd32ac79c32aa6c1fd8e5bf1b65cc94192a79bc9 4be7e5326bc0b1f4742a7285f3692d7b92a57c7d84fa3cead1f32035f6c52064 HTTP Headers `GET /assets/external/popover.js HTTP/1.1 Host: fast.wistia.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.fredolsencruises.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK access-control-allow-origin: * cache-control: public, max-age=3600 content-encoding: br content-type: application/javascript etag: "63d2c5c4-6b43" last-modified: Thu, 26 Jan 2023 18:26:12 GMT timing-allow-origin: * via: 1.1 varnish, 1.1 varnish accept-ranges: bytes date: Sat, 28 Jan 2023 11:30:43 GMT age: 1073 x-served-by: cache-iad-kiad7000087-IAD, cache-bma1652-BMA x-cache: HIT, HIT x-cache-hits: 39, 4 x-timer: S1674905443.350395,VS0,VE0 vary: Accept-Encoding strict-transport-security: max-age=0 x-ecma-v: modern x-browser: firefox x-browser-version: 105 content-length: 27459 X-Firefox-Spdy: h2

	fast.wistia.com/assets/external/wistia-mux.js	151.101.130.110	200 OK	31 kB
URL HTTP/2 fast.wistia.com/assets/external/wistia-mux.js IP 151.101.130.110:0 ASN #54113 FASTLY File type ASCII text, with very long lines (65468) Size 31 kB (31285 bytes) Hash 28328fdccbc799365ef07b65a7205f52 f21354d9cd402a15a5f0a32d4f08762e0cfa9b8f a03fcf9175dbd717914f64d48c742c58de0ec8213a44727314cc353c0f1cff14 HTTP Headers `GET /assets/external/wistia-mux.js HTTP/1.1 Host: fast.wistia.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.fredolsencruises.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK access-control-allow-origin: * cache-control: public, max-age=3600 content-encoding: br content-type: application/javascript etag: "63d2c5c4-7a35" last-modified: Thu, 26 Jan 2023 18:26:12 GMT timing-allow-origin: * via: 1.1 varnish, 1.1 varnish accept-ranges: bytes date: Sat, 28 Jan 2023 11:30:43 GMT age: 1074 x-served-by: cache-iad-kcgs7200128-IAD, cache-bma1652-BMA x-cache: HIT, HIT x-cache-hits: 90, 28 x-timer: S1674905443.350839,VS0,VE0 vary: Accept-Encoding strict-transport-security: max-age=0 x-ecma-v: modern x-browser: firefox x-browser-version: 105 content-length: 31285 X-Firefox-Spdy: h2

	ocsp.sca1b.amazontrust.com/	54.230.245.118	200 OK	17 kB
URL HTTP/1.1 ocsp.sca1b.amazontrust.com/ IP 54.230.245.118:0 ASN #16509 AMAZON-02 File type data Size 17 kB (16882 bytes) Hash 23a186bec7725dac2f5d58e8403b852e fb4fe0d564886c8490ec6373c7fdd4ae176bdcad 8e0a47e107f0882a7d7ca27ab1ce2d1eaeeb00b197d5cf781ee92f40a82de05b HTTP Headers `POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: 'max-age=158059' Date: Sat, 28 Jan 2023 11:30:43 GMT Last-Modified: Sat, 28 Jan 2023 10:57:10 GMT Server: ECS (nyb/1D29) X-Cache: Miss from cloudfront Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: 10qYKFbpETo5NI2IXxXn8NNstLUW_5LpC52R5nl9FM88Ba4WQod47g== Age: 2013`

	68c8648dbe66747498d1-6027f91c84d2b73bebfc9b6bc4f4a0ac.ssl.cf3.rackcdn.com/63121fc2074a661684a74216/Itininsights.jpg	23.38.200.149	200 OK	36 kB
URL HTTP/1.1 68c8648dbe66747498d1-6027f91c84d2b73bebfc9b6bc4f4a0ac.ssl.cf3.rackcdn.com/63121fc2074a661684a74216/Itininsights.jpg IP 23.38.200.149:0 ASN #16625 AKAMAI-AS File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, copyright=@Fred. Olsen Cruise Lines], progressive, precision 8, 450x300, components 3\012- data Size 36 kB (35486 bytes) Hash e1c007284524a1b32fa8b6bcd08b2b2f 2b09864e30f02efec90df27bd97304e9a98fd866 256c46dfa566a2d3869d952efd630ff9e0b83becb0cac8e35f0535fe391040cf HTTP Headers `GET /63121fc2074a661684a74216/Itininsights.jpg HTTP/1.1 Host: 68c8648dbe66747498d1-6027f91c84d2b73bebfc9b6bc4f4a0ac.ssl.cf3.rackcdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.fredolsencruises.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/1.1 200 OK Last-Modified: Fri, 02 Sep 2022 15:22:43 GMT ETag: e1c007284524a1b32fa8b6bcd08b2b2f X-Trans-Id: tx7a63e8e4b55d435892c40-0063bac077lon3 Content-Length: 35486 Accept-Ranges: bytes X-Timestamp: 1662132162.16094 Content-Type: image/jpeg Cache-Control: public, max-age=210509 Expires: Mon, 30 Jan 2023 21:59:12 GMT Date: Sat, 28 Jan 2023 11:30:43 GMT Connection: keep-alive`

	l.sharethis.com/pview?event=pview&hostname=www.fredolsencruises.com&location=%2Ffred-olsen-difference%2Four-signature-experiences&product=custom-share-buttons&url=https%3A%2F%2Fwww.fredolsencruises.com%2Ffred-olsen-difference%2Four-signature-experiences%3Futm_source%3Demail%26utm_medium%3De-shot%26utm_campaign%3Dolsenway_05.10.2022%26dm_t%3D0%2C0%2C0%2C0%2C0&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Signature%20Cruising%20Experience%20-%20Scenic%20Cruises%20%7C%20Fred.%20Olsen%20Cruises&cms=unknown&publisher=5a1e9ab506d3310011e61455&sop=true&version=st_sop.js&lang=en&description=Discover%20the%205%20newly%20designed%20signature%20experiences%20from%20Fred.%20Olsen%20Cruises%20for%202023!%20From%20scenic%20discoveries%20to%20cruising%20at%20sunset%2C%20find%20it%20all%20at%20Fred.%20Olsen.	3.125.136.212	204 No Content	0 B
URL HTTP/1.1 l.sharethis.com/pview?event=pview&hostname=www.fredolsencruises.com&location=%2Ffred-olsen-difference%2Four-signature-experiences&product=custom-share-buttons&url=https%3A%2F%2Fwww.fredolsencruises.com%2Ffred-olsen-difference%2Four-signature-experiences%3Futm_source%3Demail%26utm_medium%3De-shot%26utm_campaign%3Dolsenway_05.10.2022%26dm_t%3D0%2C0%2C0%2C0%2C0&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Signature%20Cruising%20Experience%20-%20Scenic%20Cruises%20%7C%20Fred.%20Olsen%20Cruises&cms=unknown&publisher=5a1e9ab506d3310011e61455&sop=true&version=st_sop.js&lang=en&description=Discover%20the%205%20newly%20designed%20signature%20experiences%20from%20Fred.%20Olsen%20Cruises%20for%202023!%20From%20scenic%20discoveries%20to%20cruising%20at%20sunset%2C%20find%20it%20all%20at%20Fred.%20Olsen. IP 3.125.136.212:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /pview?event=pview&hostname=www.fredolsencruises.com&location=%2Ffred-olsen-difference%2Four-signature-experiences&product=custom-share-buttons&url=https%3A%2F%2Fwww.fredolsencruises.com%2Ffred-olsen-difference%2Four-signature-experiences%3Futm_source%3Demail%26utm_medium%3De-shot%26utm_campaign%3Dolsenway_05.10.2022%26dm_t%3D0%2C0%2C0%2C0%2C0&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Signature%20Cruising%20Experience%20-%20Scenic%20Cruises%20%7C%20Fred.%20Olsen%20Cruises&cms=unknown&publisher=5a1e9ab506d3310011e61455&sop=true&version=st_sop.js&lang=en&description=Discover%20the%205%20newly%20designed%20signature%20experiences%20from%20Fred.%20Olsen%20Cruises%20for%202023!%20From%20scenic%20discoveries%20to%20cruising%20at%20sunset%2C%20find%20it%20all%20at%20Fred.%20Olsen. HTTP/1.1 Host: l.sharethis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www.fredolsencruises.com Connection: keep-alive Referer: https://www.fredolsencruises.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site `HTTP/1.1 204 No Content Access-Control-Allow-Credentials: true Access-Control-Allow-Headers: * Access-Control-Allow-Origin: https://www.fredolsencruises.com Access-Control-Expose-Headers: stid Access-Control-Max-Age: 1728000 Cache-Control: no-cache, no-store, must-revalidate Date: Sat, 28 Jan 2023 11:30:43 GMT Strict-Transport-Security: max-age=63072000; includeSubDomains; Connection: keep-alive`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69" Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2220 Expires: Sat, 28 Jan 2023 12:07:43 GMT Date: Sat, 28 Jan 2023 11:30:43 GMT Connection: keep-alive`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69" Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2220 Expires: Sat, 28 Jan 2023 12:07:43 GMT Date: Sat, 28 Jan 2023 11:30:43 GMT Connection: keep-alive`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69" Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2220 Expires: Sat, 28 Jan 2023 12:07:43 GMT Date: Sat, 28 Jan 2023 11:30:43 GMT Connection: keep-alive`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69" Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2220 Expires: Sat, 28 Jan 2023 12:07:43 GMT Date: Sat, 28 Jan 2023 11:30:43 GMT Connection: keep-alive`

	buttons-config.sharethis.com/js/5a1e9ab506d3310011e61455.js	54.230.111.11	200 OK	373 B
URL HTTP/2 buttons-config.sharethis.com/js/5a1e9ab506d3310011e61455.js IP 54.230.111.11:0 ASN #16509 AMAZON-02 File type ASCII text, with very long lines (373), with no line terminators Size 373 B (373 bytes) Hash c98544f050ff8267efb959fb60b22475 ab0bd055f68b231ca6d1bc8d65d53114ddfde430 0308f26fec01b36ba6f28a2111005adc7806f78bac020b2b77fad60aa23a3f7b HTTP Headers `GET /js/5a1e9ab506d3310011e61455.js HTTP/1.1 Host: buttons-config.sharethis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.fredolsencruises.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: text/javascript content-length: 373 last-modified: Wed, 29 Nov 2017 14:46:20 GMT accept-ranges: bytes server: AmazonS3 date: Sat, 28 Jan 2023 11:30:44 GMT cache-control: max-age=60,public etag: "c98544f050ff8267efb959fb60b22475" vary: Accept-Encoding x-cache: RefreshHit from cloudfront via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: yYaYOBGC4krpNx3q3NTLoV3tjfKyZHEv7UAC74FHUgIFE8qeBlqiHw== strict-transport-security: max-age=31536000; includeSubDomains X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg	34.120.237.76	200 OK	7.5 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 7.5 kB (7538 bytes) Hash 131eb343c5abd61939457d69bd371348 ffb2035cf64fc83f01db5c6f26ffa264b6aac95b 8486eb9dc6325018f8721bc6f37408f260b6e652b145280f2d778d860d3ec2d5 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 7538 x-amzn-requestid: 113924cc-a196-4dbd-91d9-68c213265afe x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: e3fobF-ZoAMFjjA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63c61302-6b24941a642b22cf21e47dc0;Sampled=0 x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:18 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: 2P09wOtKPDHjxxAuzcLFMQJwmGN1zNJcH9LA6IJpeaGiaPVRF4y-TA== via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google date: Fri, 27 Jan 2023 22:14:23 GMT age: 47780 etag: "ffb2035cf64fc83f01db5c6f26ffa264b6aac95b" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg	34.120.237.76	200 OK	4.5 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 4.5 kB (4475 bytes) Hash 4205d8106659e00fff1cbe9262918b8c ab4f6528594a1725934727dc7d834c028a79c609 31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 4475 x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fa_e6HsaIAMF5Lg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0 x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: hAzO-IMqc1CFpiBAlRl8seIYL9UonyrBMATibovyFq5kEuaweY_VyA== via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google date: Fri, 27 Jan 2023 21:56:46 GMT age: 48837 etag: "ab4f6528594a1725934727dc7d834c028a79c609" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f884785-3b60-4d1a-b7b9-f58e73d6d819.jpeg	34.120.237.76	200 OK	13 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f884785-3b60-4d1a-b7b9-f58e73d6d819.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 13 kB (13375 bytes) Hash b4afa01d2ffe17f8378e4c0b5afd4608 f5c7e2137efa07a207427a6b6fe1df541f85ea25 84fc0c05d25d674b5594b54720017332b86d391f66c7136d76cfce3e884e8e12 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f884785-3b60-4d1a-b7b9-f58e73d6d819.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 13375 x-amzn-requestid: 372fcbe8-85a1-4be2-a006-31fb9289c5e9 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fa-CxF6BoAMFyGg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d443ab-4b9860545c612cc416cbe599;Sampled=0 x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:39 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: otEuPlfCL7DeVwGZiGJuMjxjVyGdMwxPWeCz5T_mpXboi-oRujKhBw== via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google date: Fri, 27 Jan 2023 21:48:58 GMT age: 49305 etag: "f5c7e2137efa07a207427a6b6fe1df541f85ea25" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d0fab44-0562-44c8-b7c7-fb069fb851d7.jpeg	34.120.237.76	200 OK	5.9 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d0fab44-0562-44c8-b7c7-fb069fb851d7.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 5.9 kB (5933 bytes) Hash a1950b80f136ad55bab17c6ad2ba8d2c 80f878475f3801194f869686b3364d35f99836f0 39724d1df38aa7068d9f498271027e500af00b4ce3cd3df41e09c4fa4fd13320 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d0fab44-0562-44c8-b7c7-fb069fb851d7.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 5933 x-amzn-requestid: 107db189-1d15-4d9a-903f-a6a529d841c7 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fa-CwEcmoAMFiMA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d443ab-1cf1e1e975afcfc01eba60bf;Sampled=0 x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:39 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: Aaa0eZwfxkAoeIx6JSoi8k0RLYSAUW4SgFUyR8dgoC70CEm5g9OOtA== via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google date: Fri, 27 Jan 2023 21:48:59 GMT age: 49304 etag: "80f878475f3801194f869686b3364d35f99836f0" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg	34.120.237.76	200 OK	7.6 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 7.6 kB (7585 bytes) Hash ea24bcba583bd8bd139559448a343e68 b9d37c2b14f890d41983a59f352e8f7caa9c94bb e5ef5975eec964ae1684deb424f00833f2d217bdc7e6c385320ed3adeb6bc1c4 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 7585 x-amzn-requestid: bfb52acb-e0d7-482d-8be9-be5db1c16cac x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fa_vkE5roAMF0Hw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d44663-2d38d314177e0ac40d4c8240;Sampled=0 x-amzn-remapped-date: Fri, 27 Jan 2023 21:47:15 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: K9YWM9eaEc1DQ6wtEEuADnG1U-ahRBXDaiHIAm20dkWMOxPWBlJidw== via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google date: Fri, 27 Jan 2023 22:46:13 GMT age: 45870 etag: "b9d37c2b14f890d41983a59f352e8f7caa9c94bb" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdeb12df7-074b-4044-bdbe-0e07bccbc8e9.jpeg	34.120.237.76	200 OK	12 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdeb12df7-074b-4044-bdbe-0e07bccbc8e9.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 12 kB (12397 bytes) Hash 0ed1a0bd725b2078b4cfe4ed83877901 62493ca03be9870aac2341e033611a6d56bd322a 706e84bc63fd98acaeb72789239af3210ae6e3910e6589d92a25899dc9059dfc HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdeb12df7-074b-4044-bdbe-0e07bccbc8e9.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 12397 x-amzn-requestid: e8436997-696d-483a-b03a-a84e7ca614ea x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fa_T5HbzoAMFXsw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d445b2-1c2ccd0a187d0a3e2f6a59cc;Sampled=0 x-amzn-remapped-date: Fri, 27 Jan 2023 21:44:18 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: lmLHc8fKQYUpq9B-GyOQ0FKzhxi0ToTEPA7cu6JnQftgDFDNV8USvw== via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google date: Fri, 27 Jan 2023 21:56:37 GMT etag: "62493ca03be9870aac2341e033611a6d56bd322a" content-type: image/jpeg age: 48846 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	embed-ssl.wistia.com/deliveries/867892559590c32b93da8253bc2508593dc0d0e7.webp?image_crop_resized=640x360	151.101.194.133	200 OK	31 kB
URL HTTP/2 embed-ssl.wistia.com/deliveries/867892559590c32b93da8253bc2508593dc0d0e7.webp?image_crop_resized=640x360 IP 151.101.194.133:0 ASN #54113 FASTLY File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x360, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size 31 kB (31022 bytes) Hash f91b413fcf1b6e4a2e0961cf7e752530 ac0219090ac5fa3275d3fcf1003d0dbefcfe36d6 e625c234a90d5ea3cb9e15f5e358de511f5946cbf3205be88f11e7ae48ee2a61 HTTP Headers `GET /deliveries/867892559590c32b93da8253bc2508593dc0d0e7.webp?image_crop_resized=640x360 HTTP/1.1 Host: embed-ssl.wistia.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.fredolsencruises.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK content-type: image/webp access-control-expose-headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache cache-control: max-age=31536000 content-disposition: inline edge-cache-tag: 867892559590c32b93da8253bc2508593dc0d0e7 last-modified: Fri, 09 Sep 2022 17:26:14 UTC via: 1.1 varnish, 1.1 varnish accept-ranges: bytes date: Sat, 28 Jan 2023 11:30:43 GMT age: 960167 access-control-allow-origin: * access-control-request-method: * access-control-allow-methods: GET, HEAD, OPTIONS x-served-by: cache-iad-kcgs7200046-IAD, cache-bma1663-BMA x-cache: HIT, HIT x-cache-hits: 1, 1 x-timer: S1674905444.617131,VS0,VE1 content-length: 31022 X-Firefox-Spdy: h2

	embed-ssl.wistia.com/deliveries/867892559590c32b93da8253bc2508593dc0d0e7.webp?image_crop_resized=1280x720	151.101.194.133	200 OK	84 kB
URL HTTP/2 embed-ssl.wistia.com/deliveries/867892559590c32b93da8253bc2508593dc0d0e7.webp?image_crop_resized=1280x720 IP 151.101.194.133:0 ASN #54113 FASTLY File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size 84 kB (84466 bytes) Hash da4922ae79d47a94b8fed32e95a6edc3 e44e755932ed7eb8cf494c8f39365274f9581345 a6b6477ddf7a6a71a8e7c4f0b84e3875f78cae6f431cac6789bf9be22f118ac1 HTTP Headers `GET /deliveries/867892559590c32b93da8253bc2508593dc0d0e7.webp?image_crop_resized=1280x720 HTTP/1.1 Host: embed-ssl.wistia.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.fredolsencruises.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: image/webp access-control-expose-headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache cache-control: max-age=31536000 content-disposition: inline edge-cache-tag: 867892559590c32b93da8253bc2508593dc0d0e7 last-modified: Fri, 09 Sep 2022 17:26:14 UTC via: 1.1 varnish, 1.1 varnish accept-ranges: bytes date: Sat, 28 Jan 2023 11:30:43 GMT age: 1584786 access-control-allow-origin: * access-control-request-method: * access-control-allow-methods: GET, HEAD, OPTIONS x-served-by: cache-iad-kiad7000083-IAD, cache-bma1663-BMA x-cache: HIT, MISS x-cache-hits: 38, 0 x-timer: S1674905444.616940,VS0,VE91 content-length: 84466 X-Firefox-Spdy: h2

	fast.wistia.com/assets/external/playPauseLoadingControl.js	151.101.130.110	200 OK	16 kB
URL HTTP/2 fast.wistia.com/assets/external/playPauseLoadingControl.js IP 151.101.130.110:0 ASN #54113 FASTLY File type ASCII text, with very long lines (60297), with no line terminators Size 16 kB (16035 bytes) Hash 76b626b8d206bf49642305aa13f401a6 1607caa95745652db0647deaa9a02365c08bf6fd 9b474f09792c8a1bf01b2cca74f8b62deb7ac6c856921b458fafda8dcefc91f8 HTTP Headers `GET /assets/external/playPauseLoadingControl.js HTTP/1.1 Host: fast.wistia.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.fredolsencruises.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK access-control-allow-origin: * cache-control: public, max-age=3600 content-encoding: br content-type: application/javascript etag: "63d2c5c4-3ea3" last-modified: Thu, 26 Jan 2023 18:26:12 GMT timing-allow-origin: * via: 1.1 varnish, 1.1 varnish accept-ranges: bytes date: Sat, 28 Jan 2023 11:30:43 GMT age: 1076 x-served-by: cache-iad-kcgs7200113-IAD, cache-bma1652-BMA x-cache: HIT, HIT x-cache-hits: 120, 28 x-timer: S1674905444.736373,VS0,VE0 vary: Accept-Encoding strict-transport-security: max-age=0 x-ecma-v: modern x-browser: firefox x-browser-version: 105 content-length: 16035 X-Firefox-Spdy: h2

	www.fredolsencruises.com/service_worker.js	185.181.198.136	200 OK	2.7 kB
URL HTTP/2 www.fredolsencruises.com/service_worker.js IP 185.181.198.136:0 ASN #61323 Ukfast.net Limited File type ASCII text, with CRLF line terminators Size 2.7 kB (2693 bytes) Hash b34a6ef7fdedfca7ec588f26eba1f96a 0f6e441b0a68caa463d1c8be38b744ebec1b5d25 b905650286aa94ed92c0c7ea18606a035639286feab05d58d719132d2f476cc9 HTTP Headers GET /service_worker.js HTTP/1.1 Host: www.fredolsencruises.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Cookie: session.id.oceans=s%3AN8Cudf9T6UG64eY8VwPUeWnsMkISZC5w.0fn1eJSr6AHXoxRzolNrmYqoUZdNQn%2BYJjtHLKavkrQ; SERVERID=srv3_d229_17; focl_cookie_consent_session=1674905445376 Sec-Fetch-Dest: serviceworker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK date: Sat, 28 Jan 2023 11:30:43 GMT content-type: application/javascript; charset=utf-8 content-length: 2693 cache-control: public, must-revalidate, max-age=0, proxy-revalidate, s-max-age=30 content-encoding: gzip etag: W/"280c-nrEGHIUU9UZ2LGjCw4Jmob/qeOw" vary: Accept-Encoding server: NA x-powered-by: NA x-host: web-04.fredolsencruises.com x-ddosx-request-id: 24ef30c505cf4ecbad80970342e7421b x-proxy-cache: MISS X-Firefox-Spdy: h2`

	fast.wistia.com/assets/external/engines/hls_video.js	151.101.130.110	200 OK	114 kB
URL HTTP/2 fast.wistia.com/assets/external/engines/hls_video.js IP 151.101.130.110:0 ASN #54113 FASTLY File type ASCII text, with very long lines (65469) Size 114 kB (114519 bytes) Hash 8b1898cc1548792036659e0a0c7900dc 8ac782abb31dd4a6d8f0ce4b327cf443296ca465 352cc21161c4159cbc44e391a6e374fe2c3ac640e2a811df6f9b2fe706cefd47 HTTP Headers `GET /assets/external/engines/hls_video.js HTTP/1.1 Host: fast.wistia.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.fredolsencruises.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK access-control-allow-origin: * cache-control: public, max-age=3600 content-encoding: br content-type: application/javascript etag: "63d2c5c4-1bf57" last-modified: Thu, 26 Jan 2023 18:26:12 GMT timing-allow-origin: * via: 1.1 varnish, 1.1 varnish accept-ranges: bytes date: Sat, 28 Jan 2023 11:30:43 GMT age: 1929 x-served-by: cache-iad-kiad7000086-IAD, cache-bma1652-BMA x-cache: HIT, HIT x-cache-hits: 37, 26 x-timer: S1674905444.825929,VS0,VE0 vary: Accept-Encoding strict-transport-security: max-age=0 x-ecma-v: modern x-browser: firefox x-browser-version: 105 content-length: 114519 X-Firefox-Spdy: h2

	fast.wistia.com/assets/images/blank.gif	151.101.130.110	200 OK	1.2 kB
URL HTTP/2 fast.wistia.com/assets/images/blank.gif IP 151.101.130.110:0 ASN #54113 FASTLY File type GIF image data, version 89a, 100 x 100\012- data Size 1.2 kB (1214 bytes) Hash fbdc4ed9a1e2ee4917a265306927bcf1 6d177725d8230df0457e72004080f712e26fe624 a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2 HTTP Headers `GET /assets/images/blank.gif HTTP/1.1 Host: fast.wistia.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.fredolsencruises.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK access-control-allow-origin: * cache-control: max-age=315360000, public content-type: image/gif etag: "63d43dd4-4be" expires: Thu, 31 Dec 2037 23:55:55 GMT last-modified: Fri, 27 Jan 2023 21:10:44 GMT timing-allow-origin: * via: 1.1 varnish, 1.1 varnish accept-ranges: bytes date: Sat, 28 Jan 2023 11:30:43 GMT age: 51476 x-served-by: cache-iad-kiad7000052-IAD, cache-bma1652-BMA x-cache: HIT, HIT x-cache-hits: 51, 511 x-timer: S1674905444.998511,VS0,VE0 vary: Accept-Encoding strict-transport-security: max-age=0 x-ecma-v: modern x-browser: firefox x-browser-version: 105 content-length: 1214 X-Firefox-Spdy: h2

	fast.wistia.com/embed/medias/7vu4god4n0.m3u8	151.101.130.110	200 OK	925 B
URL HTTP/2 fast.wistia.com/embed/medias/7vu4god4n0.m3u8 IP 151.101.130.110:0 ASN #54113 FASTLY File type M3U playlist, ASCII text Size 925 B (925 bytes) Hash bbb03c3179e3f9c4b0cdddb643d85253 36a9cb8a35ed0ae8864d23fba7669bfb1211dc21 d6797bf5d86d76b877c2dd25f7b5cedc9c150aafc04356651543f5d75bb5701a HTTP Headers `GET /embed/medias/7vu4god4n0.m3u8 HTTP/1.1 Host: fast.wistia.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www.fredolsencruises.com Connection: keep-alive Referer: https://www.fredolsencruises.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK access-control-allow-origin: * cache-control: public, no-cache content-type: application/x-mpegURL etag: W/"d6797bf5d86d76b877c2dd25f7b5cedc" p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR" referrer-policy: strict-origin-when-cross-origin timing-allow-origin: * x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none x-request-id: 24e98f93f5abc1ef8cd43262c1b0b913 x-runtime: 0.027142 via: 1.1 varnish, 1.1 varnish accept-ranges: bytes date: Sat, 28 Jan 2023 11:30:44 GMT age: 0 x-served-by: cache-iad-kjyo7100175-IAD, cache-bma1652-BMA x-cache: HIT, HIT x-cache-hits: 31, 1 x-timer: S1674905444.992948,VS0,VE91 vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override strict-transport-security: max-age=0 x-ecma-v: modern x-browser: firefox x-browser-version: 105 content-length: 925 X-Firefox-Spdy: h2

	ocsp.sca1b.amazontrust.com/	54.230.245.118	200 OK	471 B
URL HTTP/1.1 ocsp.sca1b.amazontrust.com/ IP 54.230.245.118:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash 548a8469507d279bafa55b92180c644e 40588ce2e2548bf8e717d084e80e83e0e1bd3243 b764c5b5188136a79f9052bf64c4ad307d06a787e20d84fe7412a5b4e880e23c HTTP Headers `POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: 'max-age=158059' Date: Sat, 28 Jan 2023 11:30:44 GMT Last-Modified: Sat, 28 Jan 2023 10:20:50 GMT Server: ECS (nyb/1D34) X-Cache: Miss from cloudfront Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: dxiHuWwnMrmgl-LoOS0aV2f-BiuJSadPAqanyI92CTqyb-j-1Filbg== Age: 4194`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 4075e100c16a983df98f1ac7553c1475 9512b2cb11af72a8605ca82a0f4f45bc02b74336 299df4d86b714f0a6c72118a789456e95917278487ab84bfc6be681e3c57f645 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 28 Jan 2023 11:30:44 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	storage.googleapis.com/workbox-cdn/releases/5.1.2/workbox-sw.js	142.250.74.144	200 OK	739 B
URL HTTP/2 storage.googleapis.com/workbox-cdn/releases/5.1.2/workbox-sw.js IP 142.250.74.144:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (1287) Size 739 B (739 bytes) Hash 249735252fa77748fd785f34d005ec19 3bca9f45092591834a64a26b89b0152deb413305 2365fdf042d37d228fc38934d2371904fbab32d8e731ff8b8b11275f658b4b4b HTTP Headers `GET /workbox-cdn/releases/5.1.2/workbox-sw.js HTTP/1.1 Host: storage.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.fredolsencruises.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK x-guploader-uploadid: ADPycds3GE58b_ywLCPfyifJ8rQy305xkbmKba8YKEd-5gNFRcRMYhhNFVhsL9F6QAp2hymiWSDy4J4NzsZUqOJ-HkKecw x-goog-generation: 1585146749480807 x-goog-metageneration: 1 x-goog-stored-content-encoding: gzip x-goog-stored-content-length: 739 content-encoding: gzip x-goog-hash: crc32c=XWGGlw==, md5=JJc1JS+nd0j9eF800AXsGQ== x-goog-storage-class: MULTI_REGIONAL accept-ranges: bytes vary: Accept-Encoding content-length: 739 access-control-allow-origin: * access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace server: UploadServer date: Sat, 28 Jan 2023 11:26:35 GMT expires: Sun, 28 Jan 2024 11:26:35 GMT cache-control: public, max-age=31536000 age: 249 last-modified: Wed, 25 Mar 2020 14:32:29 GMT etag: "249735252fa77748fd785f34d005ec19" content-type: application/javascript; charset=utf-8 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 4075e100c16a983df98f1ac7553c1475 9512b2cb11af72a8605ca82a0f4f45bc02b74336 299df4d86b714f0a6c72118a789456e95917278487ab84bfc6be681e3c57f645 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 28 Jan 2023 11:30:44 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	distillery.wistia.com/x	52.207.88.224	204 No Content	0 B
URL HTTP/2 distillery.wistia.com/x IP 52.207.88.224:0 ASN #14618 AMAZON-AES File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `POST /x HTTP/1.1 Host: distillery.wistia.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br content-type: text/plain Content-Length: 1748 Origin: https://www.fredolsencruises.com Connection: keep-alive Referer: https://www.fredolsencruises.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 204 No Content date: Sat, 28 Jan 2023 11:30:44 GMT access-control-allow-origin: * cache-control: max-age=0, private, must-revalidate X-Firefox-Spdy: h2`

	68c8648dbe66747498d1-6027f91c84d2b73bebfc9b6bc4f4a0ac.ssl.cf3.rackcdn.com/63121e7d074a661684a737ea/Scenicdiscoveries.jpg	23.38.200.149	200 OK	52 kB
URL HTTP/1.1 68c8648dbe66747498d1-6027f91c84d2b73bebfc9b6bc4f4a0ac.ssl.cf3.rackcdn.com/63121e7d074a661684a737ea/Scenicdiscoveries.jpg IP 23.38.200.149:0 ASN #16625 AKAMAI-AS File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, copyright=\302\251 Fred. Olsen Cruise Lines], progressive, precision 8, 450x300, components 3\012- data Size 52 kB (51642 bytes) Hash b5936d5a6aba4bd3f3aa8f0fe023f5d5 5728ef2e7728dd23002a04248b27f9f405253206 cd59d04ff0d61e17be3b55bb3263681fdbb6b3cdb276406af97bb0b2d745b9b3 HTTP Headers `GET /63121e7d074a661684a737ea/Scenicdiscoveries.jpg HTTP/1.1 Host: 68c8648dbe66747498d1-6027f91c84d2b73bebfc9b6bc4f4a0ac.ssl.cf3.rackcdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.fredolsencruises.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/1.1 200 OK Last-Modified: Fri, 02 Sep 2022 15:17:18 GMT ETag: b5936d5a6aba4bd3f3aa8f0fe023f5d5 Content-Length: 51642 Accept-Ranges: bytes X-Timestamp: 1662131837.38747 Content-Type: image/jpeg X-Trans-Id: tx22a26a0386f345c1bb50f-0063280f50lon3 Cache-Control: public, max-age=259198 Expires: Tue, 31 Jan 2023 11:30:42 GMT Date: Sat, 28 Jan 2023 11:30:44 GMT Connection: keep-alive`

	pipedream.wistia.com/mput?topic=metrics	35.173.174.179	200 OK	2 B
URL HTTP/2 pipedream.wistia.com/mput?topic=metrics IP 35.173.174.179:0 ASN #14618 AMAZON-AES File type ASCII text, with no line terminators Size 2 B (2 bytes) Hash e0aa021e21dddbd6d8cecec71e9cf564 9ce3bd4224c8c1780db56b4125ecf3f24bf748b7 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 HTTP Headers `POST /mput?topic=metrics HTTP/1.1 Host: pipedream.wistia.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br content-type: application/x-www-form-urlencoded Content-Length: 1520 Origin: https://www.fredolsencruises.com Connection: keep-alive Referer: https://www.fredolsencruises.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK date: Sat, 28 Jan 2023 11:30:45 GMT content-type: text/plain; charset=utf-8 content-length: 2 access-control-allow-methods: POST, OPTIONS access-control-allow-origin: * X-Firefox-Spdy: h2`

	www.fredolsencruises.com/focl_manifest.json?_=1674128294362	185.181.198.136	200 OK	5.8 kB
URL HTTP/2 www.fredolsencruises.com/focl_manifest.json?_=1674128294362 IP 185.181.198.136:0 ASN #61323 Ukfast.net Limited File type data Size 5.8 kB (5820 bytes) Hash 76f450dde42f4acdafad80291f6a1549 500a191682399b21f58727e1dec9327e092ea181 04a29596a12ec169f8199338d94e12f7b837228ff411d8fa81768ee3dbe61d1d HTTP Headers GET /focl_manifest.json?_=1674128294362 HTTP/1.1 Host: www.fredolsencruises.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.fredolsencruises.com/service_worker.js Connection: keep-alive Cookie: session.id.oceans=s%3AN8Cudf9T6UG64eY8VwPUeWnsMkISZC5w.0fn1eJSr6AHXoxRzolNrmYqoUZdNQn%2BYJjtHLKavkrQ; SERVERID=srv3_d229_17; focl_cookie_consent_session=1674905445376 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK date: Sat, 28 Jan 2023 11:30:49 GMT content-type: application/json; charset=UTF-8 content-length: 775 cache-control: public, immutable, max-age=31536000 last-modified: Wed, 14 Dec 2022 09:15:00 GMT etag: W/"307-1850fea6eb8" server: NA x-powered-by: NA x-host: web-03.fredolsencruises.com x-ddosx-request-id: 300b651432875412bd14e7e7add14fef x-proxy-cache: HIT accept-ranges: bytes X-Firefox-Spdy: h2`

	www.fredolsencruises.com/foclRivers_manifest.json?_=1674128294362	185.181.198.136	200 OK	23 kB
URL HTTP/2 www.fredolsencruises.com/foclRivers_manifest.json?_=1674128294362 IP 185.181.198.136:0 ASN #61323 Ukfast.net Limited File type data Size 23 kB (22776 bytes) Hash e3eb4c0dcfc0de3caf4edc49ee32cbac ffd129bdd44df011e59cf40789771bde4abb208e 2c28d9b463a380fc83d33e98bc7eaeb321b2b65b2e9390bdc781450471e80db5 HTTP Headers GET /foclRivers_manifest.json?_=1674128294362 HTTP/1.1 Host: www.fredolsencruises.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.fredolsencruises.com/service_worker.js Connection: keep-alive Cookie: session.id.oceans=s%3AN8Cudf9T6UG64eY8VwPUeWnsMkISZC5w.0fn1eJSr6AHXoxRzolNrmYqoUZdNQn%2BYJjtHLKavkrQ; SERVERID=srv3_d229_17; focl_cookie_consent_session=1674905445376 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK date: Sat, 28 Jan 2023 11:30:49 GMT content-type: application/json; charset=UTF-8 content-length: 824 cache-control: public, immutable, max-age=31536000 last-modified: Wed, 14 Dec 2022 09:15:00 GMT etag: W/"338-1850fea6eb7" server: NA x-powered-by: NA x-host: web-03.fredolsencruises.com x-ddosx-request-id: 7c75013975d47e58a99ce82c68af9acd x-proxy-cache: HIT accept-ranges: bytes X-Firefox-Spdy: h2`

	www.fredolsencruises.com/home-page/offline	185.181.198.136	200 OK	49 kB
URL HTTP/2 www.fredolsencruises.com/home-page/offline IP 185.181.198.136:0 ASN #61323 Ukfast.net Limited File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (633), with CRLF, LF line terminators Size 49 kB (48603 bytes) Hash 135eaa401f73a1c7dce67afd08e7b70e 0701f1b3548dfa7db7408f5d093e42953a38dee9 85dabc62a4d5ad2522aca474d902eecc0e9340174a152f7eac57bc14dcae7ae4 HTTP Headers GET /home-page/offline HTTP/1.1 Host: www.fredolsencruises.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.fredolsencruises.com/service_worker.js Connection: keep-alive Cookie: session.id.oceans=s%3AN8Cudf9T6UG64eY8VwPUeWnsMkISZC5w.0fn1eJSr6AHXoxRzolNrmYqoUZdNQn%2BYJjtHLKavkrQ; SERVERID=srv3_d229_17; focl_cookie_consent_session=1674905445376 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK date: Sat, 28 Jan 2023 11:30:49 GMT content-type: text/html; charset=utf-8 content-length: 48603 cache-control: public, max-age=300 content-encoding: gzip etag: W/"43783-4mVyNMOe56gaNJUQuQEy1bx7xfY" vary: Accept-Encoding server: NA x-powered-by: NA strict-transport-security: max-age=31536000; preload x-ua-compatible: IE=edge,chrome=1 x-xss-protection: 0 x-host: web-04.fredolsencruises.com x-ddosx-request-id: 607b2da8f78bcdc98f73a14d8bc7e125 x-proxy-cache: EXPIRED X-Firefox-Spdy: h2`

	foclstatic.co.uk/1674128294362/images/Main/Logos/01_Secondary/FO_Secondary_RGB__DarkBG_Clear_NoClearance.svg?_=1674128294362	104.21.58.134	200 OK	0 B
URL HTTP/2 foclstatic.co.uk/1674128294362/images/Main/Logos/01_Secondary/FO_Secondary_RGB__DarkBG_Clear_NoClearance.svg?_=1674128294362 IP 104.21.58.134:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /1674128294362/images/Main/Logos/01_Secondary/FO_Secondary_RGB__DarkBG_Clear_NoClearance.svg?_=1674128294362 HTTP/1.1 Host: foclstatic.co.uk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.fredolsencruises.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK date: Sat, 28 Jan 2023 11:30:42 GMT content-type: image/svg+xml cache-control: public, immutable, max-age=31536000 last-modified: Thu, 19 Jan 2023 11:38:48 GMT etag: W/"0943b98fa2bd91:0" access-control-max-age: 31536000 access-control-expose-headers: etag access-control-allow-headers: If-Modified-Since, If-None-Match access-control-allow-origin: * cf-cache-status: HIT age: 273327 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wPcDLrM6pjRoCRQesfUEAC2qxWY8P%2F0QDWa1IGfM5wRepM1jq84cSfAcLsn5ox8KD%2BpRBkXphG1RKm5quV9991oqUEPAvR7EqJham2nreFXHj%2FvCDi%2BSKnvUdhQVGDkzoj%2Fo"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding strict-transport-security: max-age=15552000; includeSubDomains; preload x-content-type-options: nosniff server: cloudflare cf-ray: 790965c7a8661c02-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	foclstatic.co.uk/1674128294362/css/pkg.frontend-focl.lib.css	104.21.58.134	200 OK	0 B
URL HTTP/2 foclstatic.co.uk/1674128294362/css/pkg.frontend-focl.lib.css IP 104.21.58.134:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /1674128294362/css/pkg.frontend-focl.lib.css HTTP/1.1 Host: foclstatic.co.uk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.fredolsencruises.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Sat, 28 Jan 2023 11:30:42 GMT content-type: text/css cache-control: public, immutable, max-age=31536000 last-modified: Thu, 19 Jan 2023 11:38:48 GMT etag: W/"0943b98fa2bd91:0" vary: Accept-Encoding x-host: web-03.fredolsencruises.com access-control-max-age: 31536000 access-control-expose-headers: etag access-control-allow-headers: If-Modified-Since, If-None-Match access-control-allow-origin: * x-powered-by: NA cf-cache-status: HIT age: 273327 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tzt6q1dUw%2FZK0oWBplAfuEgWY2bZvHLJjs9Z8AbdaGybSWb7iG0jOzlZ0H7aBVGqYrjy0HEOB0bOkih%2F5OSaUr145RzD%2Fuc9Yi6qhOw4WfsA%2FwqxhAr9%2B4ZX8y0gwAz6CMG0"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15552000; includeSubDomains; preload x-content-type-options: nosniff server: cloudflare cf-ray: 790965c7a8651c02-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	foclstatic.co.uk/1674128294362/lib/handlebars/dist/handlebars.min.js	104.21.58.134	200 OK	0 B
URL HTTP/2 foclstatic.co.uk/1674128294362/lib/handlebars/dist/handlebars.min.js IP 104.21.58.134:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /1674128294362/lib/handlebars/dist/handlebars.min.js HTTP/1.1 Host: foclstatic.co.uk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www.fredolsencruises.com Connection: keep-alive Referer: https://www.fredolsencruises.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Sat, 28 Jan 2023 11:30:42 GMT content-type: application/javascript cache-control: public, immutable, max-age=31536000 last-modified: Thu, 19 Jan 2023 11:38:48 GMT etag: W/"0943b98fa2bd91:0" vary: Accept-Encoding x-host: web-02.fredolsencruises.com access-control-max-age: 31536000 access-control-expose-headers: etag access-control-allow-headers: If-Modified-Since, If-None-Match access-control-allow-origin: * x-powered-by: NA cf-cache-status: HIT age: 273380 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iawRrJC4tIN3WWW%2Fk1o93MPAeD6FXR%2BbFwR0eU%2BMbhhYa7x3DSHPXpgevHqt7S9GOxM%2BJ7nAyZFg%2FXCzIYRDMAiJKY3awffbAjpqhGVIl2rCivk9JyzaZJrDLQGUOZiaaXeo"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15552000; includeSubDomains; preload x-content-type-options: nosniff server: cloudflare cf-ray: 790965c7c813b524-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	foclstatic.co.uk/1674128294362/js/pkg.frontend-focl.app.js	104.21.58.134	200 OK	0 B
URL HTTP/2 foclstatic.co.uk/1674128294362/js/pkg.frontend-focl.app.js IP 104.21.58.134:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /1674128294362/js/pkg.frontend-focl.app.js HTTP/1.1 Host: foclstatic.co.uk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www.fredolsencruises.com Connection: keep-alive Referer: https://www.fredolsencruises.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Sat, 28 Jan 2023 11:30:42 GMT content-type: application/javascript cache-control: public, immutable, max-age=31536000 last-modified: Thu, 19 Jan 2023 11:38:48 GMT etag: W/"0943b98fa2bd91:0" vary: Accept-Encoding x-host: web-02.fredolsencruises.com access-control-max-age: 31536000 access-control-expose-headers: etag access-control-allow-headers: If-Modified-Since, If-None-Match access-control-allow-origin: * x-powered-by: NA cf-cache-status: HIT age: 273380 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qUxR0%2BMNw5djcuspKkLO9Znqoqjg1iBb670suaCvMQezRlXFUGFJKRsK6KWCZs29C461VuyYdS6E7rilt7LeCrxfI6%2FBgk1A1Wj6J3ex%2BqlzYQWqwFThijWXtpoDQ%2BQXsT4f"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15552000; includeSubDomains; preload x-content-type-options: nosniff server: cloudflare cf-ray: 790965c7e833b524-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	api.feefo.com/api/10/reviews/summary/service?since_period=all&merchant_identifier=fred-olsen-cruise-lines	104.16.75.76	200 OK	0 B
URL HTTP/2 api.feefo.com/api/10/reviews/summary/service?since_period=all&merchant_identifier=fred-olsen-cruise-lines IP 104.16.75.76:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /api/10/reviews/summary/service?since_period=all&merchant_identifier=fred-olsen-cruise-lines HTTP/1.1 Host: api.feefo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www.fredolsencruises.com Connection: keep-alive Referer: https://www.fredolsencruises.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Sat, 28 Jan 2023 11:30:43 GMT content-type: application/json;charset=utf-8 access-control-allow-origin: https://www.fredolsencruises.com access-control-allow-headers: Access-Control-Allow-Origin, Access-Control-Allow-Headers, Access-Control-Max-Age, Access-Control-Allow-Methods, Content-Type access-control-allow-credentials: true vary: Origin, Accept-Encoding x-kong-upstream-latency: 16 x-kong-proxy-latency: 0 expires: Sat, 28 Jan 2023 18:03:22 GMT cache-control: max-age=86400 x-xss-protection: 1; mode=block x-content-type-options: nosniff referrer-policy: origin-when-cross-origin strict-transport-security: max-age=31536000; includeSubDomains; always via: kong/2.4.1, 1.1 google alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified: Fri, 27 Jan 2023 18:03:22 GMT cf-cache-status: HIT age: 62680 server: cloudflare cf-ray: 790965cb5d17b51e-OSL content-encoding: br X-Firefox-Spdy: h2

	foclstatic.co.uk/1674128294362/images/Main/Logos/02_Flag/FO_BrandFlag_RGB__Clear_NoClearance.svg?_=1674128294362	104.21.58.134	200 OK	0 B
URL HTTP/2 foclstatic.co.uk/1674128294362/images/Main/Logos/02_Flag/FO_BrandFlag_RGB__Clear_NoClearance.svg?_=1674128294362 IP 104.21.58.134:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /1674128294362/images/Main/Logos/02_Flag/FO_BrandFlag_RGB__Clear_NoClearance.svg?_=1674128294362 HTTP/1.1 Host: foclstatic.co.uk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.fredolsencruises.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK date: Sat, 28 Jan 2023 11:30:42 GMT content-type: image/svg+xml cache-control: public, immutable, max-age=31536000 last-modified: Thu, 19 Jan 2023 11:38:48 GMT etag: W/"0943b98fa2bd91:0" x-host: web-04.fredolsencruises.com access-control-max-age: 31536000 access-control-expose-headers: etag access-control-allow-headers: If-Modified-Since, If-None-Match access-control-allow-origin: * x-powered-by: NA cf-cache-status: HIT age: 273327 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NwvOK8NZ53WKKSWJcJfQfC5WDj2Dr7fYFgIY3NoyzRjSNOODNTIIz4G%2BmLVpXbmORLVK1aQtmu1wBAGIopfaNehEnS8jViUeBxf3cJZADvRIHDf2uwpwzq5yQ%2BuMolPp82m6"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding strict-transport-security: max-age=15552000; includeSubDomains; preload x-content-type-options: nosniff server: cloudflare cf-ray: 790965c7a8671c02-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	foclstatic.co.uk/1674128294362/js/pwa.js	104.21.58.134	200 OK	0 B
URL HTTP/2 foclstatic.co.uk/1674128294362/js/pwa.js IP 104.21.58.134:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /1674128294362/js/pwa.js HTTP/1.1 Host: foclstatic.co.uk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.fredolsencruises.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Sat, 28 Jan 2023 11:30:42 GMT content-type: application/javascript cache-control: public, immutable, max-age=31536000 last-modified: Thu, 19 Jan 2023 11:38:48 GMT etag: W/"0943b98fa2bd91:0" vary: Accept-Encoding x-host: web-02.fredolsencruises.com access-control-max-age: 31536000 access-control-expose-headers: etag access-control-allow-headers: If-Modified-Since, If-None-Match access-control-allow-origin: * x-powered-by: NA cf-cache-status: HIT age: 273327 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=40VWMLD6XV%2Fx3SPMnmXeADdeZ2r166hdGCCpM9%2Bu9Y3xcGaVNdOke3Wehglg9zzZJpwhynQgIuxKsIfPPFLVQ351ntdU126ngRfYhRjSEQJQKqt%2Fkks1lSKcJJF2w0T1G%2FYx"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15552000; includeSubDomains; preload x-content-type-options: nosniff server: cloudflare cf-ray: 790965c7b8701c02-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	foclstatic.co.uk/1674128294362/js/pkg.lazy-site.lib.js	104.21.58.134	200 OK	0 B
URL HTTP/2 foclstatic.co.uk/1674128294362/js/pkg.lazy-site.lib.js IP 104.21.58.134:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /1674128294362/js/pkg.lazy-site.lib.js HTTP/1.1 Host: foclstatic.co.uk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www.fredolsencruises.com Connection: keep-alive Referer: https://www.fredolsencruises.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Sat, 28 Jan 2023 11:30:42 GMT content-type: application/javascript cache-control: public, immutable, max-age=31536000 last-modified: Thu, 19 Jan 2023 11:38:48 GMT etag: W/"0943b98fa2bd91:0" vary: Accept-Encoding x-host: web-04.fredolsencruises.com access-control-max-age: 31536000 access-control-expose-headers: etag access-control-allow-headers: If-Modified-Since, If-None-Match access-control-allow-origin: * x-powered-by: NA cf-cache-status: HIT age: 273380 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y70aIgdPlIHsxUQKpFn6DNPrdFfHaCuDprRjjYFfJqqz5Laa8ityI5WfEiNd6pvLhtsKyNzqs84GXQ4JHnH2UEfVofFqgTqGBH6p4%2BrwG0NiPSugRAbhuGDmZMTEQYn5dxV2"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15552000; includeSubDomains; preload x-content-type-options: nosniff server: cloudflare cf-ray: 790965c7d81cb524-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	foclstatic.co.uk/1674128294362/js/pkg.frontend-focl.hbs.js	104.21.58.134	200 OK	0 B
URL HTTP/2 foclstatic.co.uk/1674128294362/js/pkg.frontend-focl.hbs.js IP 104.21.58.134:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /1674128294362/js/pkg.frontend-focl.hbs.js HTTP/1.1 Host: foclstatic.co.uk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www.fredolsencruises.com Connection: keep-alive Referer: https://www.fredolsencruises.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Sat, 28 Jan 2023 11:30:42 GMT content-type: application/javascript cache-control: public, immutable, max-age=31536000 last-modified: Thu, 19 Jan 2023 11:38:48 GMT etag: W/"0943b98fa2bd91:0" vary: Accept-Encoding access-control-max-age: 31536000 access-control-expose-headers: etag access-control-allow-headers: If-Modified-Since, If-None-Match access-control-allow-origin: * cf-cache-status: HIT age: 273376 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9iu3u17xqpWR4QZOoLXAq%2BavBAi6TiD9vVo1JtqmD405CgTDHrZszU%2FUcd1OD7QF0tJxmV0PC1p8YB%2FtwlE8brOzWqXPPGg7f2vvWSGeWRWOTfKe5kCENeHtWkoKIncVMa4u"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15552000; includeSubDomains; preload x-content-type-options: nosniff server: cloudflare cf-ray: 790965c7c818b524-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	foclstatic.co.uk/1674128294362/js/pkg.frontend-focl.lib.js	104.21.58.134	200 OK	0 B
URL HTTP/2 foclstatic.co.uk/1674128294362/js/pkg.frontend-focl.lib.js IP 104.21.58.134:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /1674128294362/js/pkg.frontend-focl.lib.js HTTP/1.1 Host: foclstatic.co.uk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www.fredolsencruises.com Connection: keep-alive Referer: https://www.fredolsencruises.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Sat, 28 Jan 2023 11:30:42 GMT content-type: application/javascript cache-control: public, immutable, max-age=31536000 last-modified: Thu, 19 Jan 2023 11:38:48 GMT etag: W/"0943b98fa2bd91:0" vary: Accept-Encoding access-control-max-age: 31536000 access-control-expose-headers: etag access-control-allow-headers: If-Modified-Since, If-None-Match access-control-allow-origin: * cf-cache-status: HIT age: 273380 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XkGj9XKsNQhvbhF%2BdHgIvQn%2BB5%2FVlxFBvsLIkEU9TmNt1l6MNYihf08cKACkzbl2iKUvp%2BNMVre7gojFY1GymaH54zYDplbQJ%2FY%2FFnm6ZdSttqTVzXcjOLWVIDGsQk9SbkXZ"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15552000; includeSubDomains; preload x-content-type-options: nosniff server: cloudflare cf-ray: 790965c7e82ab524-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	platform-api.sharethis.com/js/sharethis.js	54.230.111.115	200 OK	0 B
URL HTTP/2 platform-api.sharethis.com/js/sharethis.js IP 54.230.111.115:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash HTTP Headers `GET /js/sharethis.js HTTP/1.1 Host: platform-api.sharethis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.fredolsencruises.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: text/javascript; charset=utf-8 content-encoding: gzip edge-control: cache-maxage=60m,downstream-ttl=60m x-frame-options: SAMEORIGIN date: Sat, 28 Jan 2023 11:28:03 GMT cache-control: max-age=600, public etag: W/"302c1-EG4DNTzQnd49XZUQ/Gs3WyHzFo4" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: CfjBQKAMEmX6xtGyXucGZ272YsERI6Y-eytRCX0--0C_Z1l_YEfZ7g== age: 159 strict-transport-security: max-age=31536000; includeSubDomains X-Firefox-Spdy: h2

	foclstatic.co.uk/1674128294362/lib/jquery/dist/jquery.min.js	104.21.58.134	200 OK	0 B
URL HTTP/2 foclstatic.co.uk/1674128294362/lib/jquery/dist/jquery.min.js IP 104.21.58.134:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /1674128294362/lib/jquery/dist/jquery.min.js HTTP/1.1 Host: foclstatic.co.uk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www.fredolsencruises.com Connection: keep-alive Referer: https://www.fredolsencruises.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Sat, 28 Jan 2023 11:30:42 GMT content-type: application/javascript cache-control: public, immutable, max-age=31536000 last-modified: Thu, 19 Jan 2023 11:38:48 GMT etag: W/"0943b98fa2bd91:0" vary: Accept-Encoding x-host: web-03.fredolsencruises.com access-control-max-age: 31536000 access-control-expose-headers: etag access-control-allow-headers: If-Modified-Since, If-None-Match access-control-allow-origin: * x-powered-by: NA cf-cache-status: HIT age: 124951 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hi0DT6%2BKbMiUQ1XNKN81RDeCqrNU0D0VPYpjiQUox%2BUYPYMGYfFlGh9ymuHCn1cPUC2UmLhpsTPo9jBklGPv1q0J49nJI6Kl%2BV0bqTzIbFfhgWbCRgRRMvGHn2irEQKHHeuS"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15552000; includeSubDomains; preload x-content-type-options: nosniff server: cloudflare cf-ray: 790965c7c815b524-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (22)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML