Overview

URL email.postonline.co.uk/c/1iTAIdLae3OKa6DM6b59STV8zhRfo
IP46.236.37.8
ASNAS24931 DediPower Managed Hosting Limited
Location United Kingdom
Report completed2017-12-05 15:50:08 CET
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 46.236.37.8

Date UQ / IDS / BL URL IP
2017-12-08 13:55:02 +0100
0 - 0 - 0 email.nomoresends.com/u/1G7Ue005FY52mBvbxDdNwL 46.236.37.8
2017-12-08 13:52:53 +0100
0 - 0 - 0 email.nomoresends.com/t/18nYSHFFWA14XVtk.png 46.236.37.8
2017-12-06 16:00:27 +0100
0 - 0 - 0 email.nomoresends.com/u/11Y5cA4GIy2ygQnUqrf0g 46.236.37.8
2017-12-04 17:51:32 +0100
0 - 0 - 0 corinium-intelligence.msgfocus.com/c/17MMrS50 (...) 46.236.37.8
2017-11-30 12:49:33 +0100
0 - 0 - 0 ukmm.msgfocus.com/c/14VpVxImnsRBPD8v8ixt2iiJ 46.236.37.8
2017-11-30 12:46:51 +0100
0 - 0 - 0 ukmm.msgfocus.com/c/14VpVmc14nxmYr2lmcpZW3mM 46.236.37.8
2017-11-30 00:45:18 +0100
0 - 0 - 0 gen.msgfocus.com/c/197ywwuxoH54TOIAvhHkgeqxi 46.236.37.8
2017-11-29 17:25:05 +0100
0 - 0 - 0 email.mailcrossroads.com/u/1Gay95fsxmZ5nr39glggf0 46.236.37.8
2017-11-27 22:38:14 +0100
0 - 0 - 0 futurum-media.msgfocus.com/c/11nvFXb4N40c1mVl (...) 46.236.37.8
2017-11-27 19:18:16 +0100
0 - 0 - 0 email.lloydsbankcommercial.com/c/1nSZ1FddiiRC (...) 46.236.37.8

Last 10 reports on ASN: AS24931 DediPower Managed Hosting Limited

Date UQ / IDS / BL URL IP
2017-12-11 22:36:53 +0100
0 - 0 - 0 email.mailcrossroads.com/c/1C8hxESVTThq25dqzq (...) 46.236.37.4
2017-12-08 13:55:02 +0100
0 - 0 - 0 email.nomoresends.com/u/1G7Ue005FY52mBvbxDdNwL 46.236.37.8
2017-12-08 13:52:53 +0100
0 - 0 - 0 email.nomoresends.com/t/18nYSHFFWA14XVtk.png 46.236.37.8
2017-12-08 03:21:09 +0100
0 - 0 - 0 email.nomoresends.com/u/1lEVKRanRXe0aNQHfY1bj 46.236.37.4
2017-12-07 23:51:54 +0100
0 - 0 - 0 email.franchiseguidepro.com/u/1GgX2jooyc3y3HK (...) 46.236.37.16
2017-12-07 19:41:36 +0100
0 - 0 - 0 sut4.co.uk/l/srK_Zn-2I_25umT_uL4uOZrBgJSpo7A. 89.151.123.94
2017-12-07 19:39:11 +0100
0 - 0 - 0 sut4.co.uk/l/c.php?c=17812&ct=345055&si=56359 (...) 89.151.123.84
2017-12-07 18:48:08 +0100
0 - 0 - 1 knowall.it/linkm88671357 81.29.76.92
2017-12-07 11:18:51 +0100
0 - 0 - 0 sut4.co.uk 89.151.123.85
2017-12-06 16:00:27 +0100
0 - 0 - 0 email.nomoresends.com/u/11Y5cA4GIy2ygQnUqrf0g 46.236.37.8

No other reports on domain: postonline.co.uk



JavaScript

Executed Scripts (36)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (71)


Request Response
                                        
                                            GET /c/1iTAIdLae3OKa6DM6b59STV8zhRfo HTTP/1.1 
Host: email.postonline.co.uk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         46.236.37.4
HTTP/1.1 302 Found
                                        
Location: https://payments.incisivemedia.com/post/subsformstandard-p11/webstandard/?tc=subscribe20-2&utm_medium=email&utm_campaign=Auto%2020%25%20Discount%20Offer%20EM2&utm_source=O2O%20Lead%20Generation
P3P: policyref="http://www.adestra.com/w3c/p3p.xml",CP="NON DSP COR CURo ADMo DEVo TAIo IVAo IVDo OUR DELo IND UNI NAV"
Set-Cookie: adestra_ctrk=1iTAIdLae3OKa6DM6b59STV8zhRfo; path=/; expires=Tue, 02-Jan-2018 14:56:09 GMT
Transfer-Encoding: chunked
Date: Tue, 05 Dec 2017 14:56:09 GMT
Connection: keep-alive


--- Additional Info ---
                                        
                                            POST / HTTP/1.1 
Host: gn.symcd.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         23.43.139.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx/1.10.2
Content-Length: 1419
Content-Transfer-Encoding: binary
Cache-Control: max-age=326083, public, no-transform, must-revalidate
Last-Modified: Sat, 2 Dec 2017 09:30:52 GMT
Expires: Sat, 9 Dec 2017 09:30:52 GMT
Date: Tue, 05 Dec 2017 14:56:09 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1419
Md5:    2cda8aa3c63c5f124ffa50b66eafebac
Sha1:   61c97e3db66386ddd8b415797c6cbefcc9981f7f
Sha256: 1689d4665191482b269f7103518a36eb15a064bcd708f9114ad386cb31a193c9
                                        
                                            GET /post/subsformstandard-p11/webstandard/?tc=subscribe20-2&utm_medium=email&utm_campaign=Auto%2020%25%20Discount%20Offer%20EM2&utm_source=O2O%20Lead%20Generation HTTP/1.1 
Host: payments.incisivemedia.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         104.25.150.97
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 05 Dec 2017 14:56:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d139907234d4b3e869df4df429dbd64271512485769; expires=Wed, 05-Dec-18 14:56:09 GMT; path=/; domain=.incisivemedia.com; HttpOnly PHPSESSID=uj5cpqd8hrfb8r61rds7e6k4k7; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Link: <https://payments.incisivemedia.com/post/wp-json/>; rel="https://api.w.org/", <https://payments.incisivemedia.com/post/?p=2098>; rel=shortlink
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
Strict-Transport-Security: max-age=157680000; includeSubDomains
Server: cloudflare-nginx
CF-RAY: 3c87d9bbcc934291-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   15583
Md5:    8665bdca6c6c6697ef7f35d11177a70f
Sha1:   013c3c511d2baeca9f62b8f02d61a2b1b67f6aba
Sha256: 53be9605237f214d7cb4624e64b49dafd68923784d492740b7276a07988b9f17
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca4.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 116
Content-Type: application/ocsp-request

                                         
                                         178.255.83.1
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 05 Dec 2017 14:56:10 GMT
Server: Apache
Last-Modified: Mon, 04 Dec 2017 18:05:46 GMT
Expires: Mon, 11 Dec 2017 18:05:46 GMT
Etag: 9A7F687A4778EE91CF78216EC38BCB6DA3CF9009
Cache-Control: max-age=529175,public,no-transform,must-revalidate
X-OCSP-Reponder-ID: rmdccaocsp32
Content-Length: 472
Connection: close


--- Additional Info ---
Magic:  data
Size:   472
Md5:    7c5a4a01d059d94f173196a2797ff978
Sha1:   9a7f687a4778ee91cf78216ec38bcb6da3cf9009
Sha256: 013d5edab609f424bf99b2448a94b9ea75d52e09cb9185dc51899c726b941d88
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca4.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         178.255.83.1
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 05 Dec 2017 14:56:10 GMT
Server: Apache
Last-Modified: Sun, 03 Dec 2017 10:16:14 GMT
Expires: Sun, 10 Dec 2017 10:16:14 GMT
Etag: 8ACA553C140ED2525B767CC603FBF9E2357BB174
Cache-Control: max-age=414603,public,no-transform,must-revalidate
X-OCSP-Reponder-ID: rmdccaocsp23
Content-Length: 727
Connection: close


--- Additional Info ---
Magic:  data
Size:   727
Md5:    08f3bc37b957fc82a2af151f0b3c9d54
Sha1:   8aca553c140ed2525b767cc603fbf9e2357bb174
Sha256: ff13740d393875d112e3ce0f13a9a84ae075e9d0cd199d8bdef23d32c92a700f
                                        
                                            POST / HTTP/1.1 
Host: ocsp.usertrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         178.255.83.1
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 05 Dec 2017 14:56:10 GMT
Server: Apache
Last-Modified: Sun, 03 Dec 2017 10:16:14 GMT
Expires: Sun, 10 Dec 2017 10:16:14 GMT
Etag: 7DEFD7AE058C9FA5E93D758ED2B274FD8FD7E348
Cache-Control: max-age=414603,public,no-transform,must-revalidate
X-OCSP-Reponder-ID: rmdccaocsp23
Content-Length: 471
Connection: close


--- Additional Info ---
Magic:  data
Size:   471
Md5:    baa2492cb8a205d549febea37749ffba
Sha1:   7defd7ae058c9fa5e93d758ed2b274fd8fd7e348
Sha256: 3aa1bd19f533806dd413a35410ef2d415546ed5375b6aa5247bf3a7d6b87f7c8
                                        
                                            GET /post/wp-includes/js/wp-emoji-release.min.js?ver=4.7.2 HTTP/1.1 
Host: payments.incisivemedia.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://payments.incisivemedia.com/post/subsformstandard-p11/webstandard/?tc=subscribe20-2&utm_medium=email&utm_campaign=Auto%2020%25%20Discount%20Offer%20EM2&utm_source=O2O%20Lead%20Generation
Cookie: __cfduid=d139907234d4b3e869df4df429dbd64271512485769; PHPSESSID=uj5cpqd8hrfb8r61rds7e6k4k7

                                         
                                         104.25.150.97
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 05 Dec 2017 14:56:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 13 Feb 2017 09:23:36 GMT
Etag: W/"2c96-548660082f600"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
Strict-Transport-Security: max-age=157680000; includeSubDomains
CF-Cache-Status: MISS
Vary: Accept-Encoding
Expires: Tue, 05 Dec 2017 18:56:10 GMT
Cache-Control: public, max-age=14400
Server: cloudflare-nginx
CF-RAY: 3c87d9c0a86e4291-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   4249
Md5:    d38b573d014c98932d0f4566bee6c26e
Sha1:   17744f16d1e8d7f92355f6093c5673b721f96380
Sha256: 83a4041b68b1593d8cd82d50486802eb4420138f2e4df45100fec911b3641c13
                                        
                                            GET /post/wp-content/plugins/incisive/templates/incisive.css?ver=4.7.2 HTTP/1.1 
Host: payments.incisivemedia.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://payments.incisivemedia.com/post/subsformstandard-p11/webstandard/?tc=subscribe20-2&utm_medium=email&utm_campaign=Auto%2020%25%20Discount%20Offer%20EM2&utm_source=O2O%20Lead%20Generation
Cookie: __cfduid=d139907234d4b3e869df4df429dbd64271512485769; PHPSESSID=uj5cpqd8hrfb8r61rds7e6k4k7

                                         
                                         104.25.150.97
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 05 Dec 2017 14:56:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 12 Jan 2017 11:00:57 GMT
Etag: W/"3e1a-545e3a1bd8c40"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
Strict-Transport-Security: max-age=157680000; includeSubDomains
CF-Cache-Status: MISS
Vary: Accept-Encoding
Expires: Tue, 05 Dec 2017 18:56:10 GMT
Cache-Control: public, max-age=14400
Server: cloudflare-nginx
CF-RAY: 3c87d9c0fe854255-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   3229
Md5:    26f2203efb26efe95066c826914915ca
Sha1:   dfdb90452443f6cfa528a5d2cb20b23aeec2e0da
Sha256: f3f985ee653f6508e2bb938bacc9345a8c009b3ceb72ab9ddd69d2aaeaba329a
                                        
                                            POST /ocsp HTTP/1.1 
Host: clients1.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         172.217.22.174
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 05 Dec 2017 14:56:10 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    1b978ce0ec478a592416ae8785ebffc0
Sha1:   324fa0cf59ee447969f051d8ae5c8a749e189479
Sha256: 9ea71e44a92efa342d9533a4e082d6192fd0b156536ef0532114a1befb7133b9
                                        
                                            POST / HTTP/1.1 
Host: g.symcd.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         23.43.139.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx/1.10.2
Content-Length: 1390
Content-Transfer-Encoding: binary
Cache-Control: max-age=547731, public, no-transform, must-revalidate
Last-Modified: Mon, 4 Dec 2017 23:00:41 GMT
Expires: Mon, 11 Dec 2017 23:00:41 GMT
Date: Tue, 05 Dec 2017 14:56:10 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1390
Md5:    f34e592a7b8c6407bf4d7130d27a2058
Sha1:   773f83149c758cfbe1ee34f5562dbab80f167f6a
Sha256: d6dea0b79b9602ccb5f9f6ec257eef00e024d0a1ee1a7000251905204b78a983
                                        
                                            GET /ajax/libs/jqueryui/1.9.0/themes/base/jquery-ui.css?ver=4.7.2 HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://payments.incisivemedia.com/post/subsformstandard-p11/webstandard/?tc=subscribe20-2&utm_medium=email&utm_campaign=Auto%2020%25%20Discount%20Offer%20EM2&utm_source=O2O%20Lead%20Generation

                                         
                                         173.194.73.95
HTTP/1.1 200 OK
Content-Type: text/css; charset=UTF-8
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 6020
Date: Tue, 05 Dec 2017 14:56:10 GMT
Expires: Wed, 05 Dec 2018 14:56:10 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
x-content-type-options: nosniff
Server: sffe
x-xss-protection: 1; mode=block
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   6020
Md5:    437a8194f58572089f29c4c7ae9382f9
Sha1:   82431f3db4a9744977890f593249cc31acf019b3
Sha256: 2066e116a7a61f5e2239f8e8c2560e33c952fb747450361151c816226464db0f
                                        
                                            GET /post/wp-content/themes/Divi-child/style.css?ver=2.2 HTTP/1.1 
Host: payments.incisivemedia.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://payments.incisivemedia.com/post/subsformstandard-p11/webstandard/?tc=subscribe20-2&utm_medium=email&utm_campaign=Auto%2020%25%20Discount%20Offer%20EM2&utm_source=O2O%20Lead%20Generation
Cookie: __cfduid=d139907234d4b3e869df4df429dbd64271512485769; PHPSESSID=uj5cpqd8hrfb8r61rds7e6k4k7

                                         
                                         104.25.150.97
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 05 Dec 2017 14:56:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 11 Apr 2017 08:35:08 GMT
Etag: W/"af3-54cdff822c700"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
Strict-Transport-Security: max-age=157680000; includeSubDomains
CF-Cache-Status: MISS
Vary: Accept-Encoding
Expires: Tue, 05 Dec 2017 18:56:10 GMT
Cache-Control: public, max-age=14400
Server: cloudflare-nginx
CF-RAY: 3c87d9c108974267-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1018
Md5:    1e0d5cb072dd96e414d1ca2444460d67
Sha1:   9d00bcfc839c13b85a6d6dd7ec9fd9aaebefa043
Sha256: 62833b11396890e578effed59c9afb4f8aa260857d8223c3a27285fd2e52807b
                                        
                                            GET /post/wp-content/themes/Divi/epanel/shortcodes/css/shortcodes.css?ver=3.0 HTTP/1.1 
Host: payments.incisivemedia.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://payments.incisivemedia.com/post/subsformstandard-p11/webstandard/?tc=subscribe20-2&utm_medium=email&utm_campaign=Auto%2020%25%20Discount%20Offer%20EM2&utm_source=O2O%20Lead%20Generation
Cookie: __cfduid=d139907234d4b3e869df4df429dbd64271512485769; PHPSESSID=uj5cpqd8hrfb8r61rds7e6k4k7

                                         
                                         104.25.150.97
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 05 Dec 2017 14:56:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 05 Oct 2015 14:36:21 GMT
Etag: W/"8d9d-5215c6fdcc340"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
Strict-Transport-Security: max-age=157680000; includeSubDomains
CF-Cache-Status: MISS
Vary: Accept-Encoding
Expires: Tue, 05 Dec 2017 18:56:10 GMT
Cache-Control: public, max-age=14400
Server: cloudflare-nginx
CF-RAY: 3c87d9c109bb429d-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   5766
Md5:    4d751a9c21f96de2dc5cb61b70a165b4
Sha1:   a2b1f50a3b75a04b58162e1693b1bcc2200c3674
Sha256: 5910890e8faeb427ebdb6091bd69e98f4560d168c0209e8c8aa6b496643bfdac
                                        
                                            GET /css?family=Open+Sans:300italic,400italic,700italic,800italic,400,300,700,800&subset=latin,latin-ext HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://payments.incisivemedia.com/post/subsformstandard-p11/webstandard/?tc=subscribe20-2&utm_medium=email&utm_campaign=Auto%2020%25%20Discount%20Offer%20EM2&utm_source=O2O%20Lead%20Generation

                                         
                                         64.233.165.95
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Tue, 05 Dec 2017 14:56:10 GMT
Date: Tue, 05 Dec 2017 14:56:10 GMT
Cache-Control: private, max-age=86400
Content-Encoding: gzip
Server: ESF
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   513
Md5:    6027389d22bc8e96356d8c8f6bd04d70
Sha1:   ba1d9d089d42495676fc872a917526e5fad1f79a
Sha256: 89d927835634b2b115410b5f964f1fe846b199bfd58adcffc7a6797e91fe9f4c
                                        
                                            GET /css?family=Droid+Sans:400,700&subset=latin HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://payments.incisivemedia.com/post/subsformstandard-p11/webstandard/?tc=subscribe20-2&utm_medium=email&utm_campaign=Auto%2020%25%20Discount%20Offer%20EM2&utm_source=O2O%20Lead%20Generation

                                         
                                         64.233.165.95
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Tue, 05 Dec 2017 14:56:10 GMT
Date: Tue, 05 Dec 2017 14:56:10 GMT
Cache-Control: private, max-age=86400
Content-Encoding: gzip
Server: ESF
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   279
Md5:    271725813f00056725c2830704de848f
Sha1:   d02d03fab3ba03d7d58b3ae151de7c4f71aff0eb
Sha256: 5e1d848bc9d1c710a50d6064661d13c0525278f45e92cfb6fdb90b22bf0b6d1a
                                        
                                            GET /post/wp-content/themes/Divi/epanel/shortcodes/css/shortcodes_responsive.css?ver=3.0 HTTP/1.1 
Host: payments.incisivemedia.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://payments.incisivemedia.com/post/subsformstandard-p11/webstandard/?tc=subscribe20-2&utm_medium=email&utm_campaign=Auto%2020%25%20Discount%20Offer%20EM2&utm_source=O2O%20Lead%20Generation
Cookie: __cfduid=d139907234d4b3e869df4df429dbd64271512485769; PHPSESSID=uj5cpqd8hrfb8r61rds7e6k4k7

                                         
                                         104.25.150.97
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 05 Dec 2017 14:56:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 05 Oct 2015 14:36:21 GMT
Etag: W/"d3d-5215c6fdcc340"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
Strict-Transport-Security: max-age=157680000; includeSubDomains
CF-Cache-Status: MISS
Vary: Accept-Encoding
Expires: Tue, 05 Dec 2017 18:56:10 GMT
Cache-Control: public, max-age=14400
Server: cloudflare-nginx
CF-RAY: 3c87d9c1082842b5-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   760
Md5:    7ba4ccaed7a6091bae5b2e515c634b3a
Sha1:   e8d87a67ca7cde906b188a66ac796f7cb458f2e7
Sha256: 623365ada9e00ec58dcb2761b0bff940c4401b06103af0c0f5cb89e525fc8498
                                        
                                            GET /css?family=Arimo:400,400italic,700,700italic HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://payments.incisivemedia.com/post/wp-content/themes/Divi-child/style.css?ver=2.2

                                         
                                         64.233.165.95
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Tue, 05 Dec 2017 14:56:10 GMT
Date: Tue, 05 Dec 2017 14:56:10 GMT
Cache-Control: private, max-age=86400
Content-Encoding: gzip
Server: ESF
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   338
Md5:    052ef63173aada5b9f6d8fe11105204b
Sha1:   f5c4008bf4dd583cb0e006a8b333ae601c18d64d
Sha256: a31cbcbed1023862840d048c2de4ae3b9a8dd8897991fafa76127900fef4e116
                                        
                                            GET /post/wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1 
Host: payments.incisivemedia.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://payments.incisivemedia.com/post/subsformstandard-p11/webstandard/?tc=subscribe20-2&utm_medium=email&utm_campaign=Auto%2020%25%20Discount%20Offer%20EM2&utm_source=O2O%20Lead%20Generation
Cookie: __cfduid=d139907234d4b3e869df4df429dbd64271512485769; PHPSESSID=uj5cpqd8hrfb8r61rds7e6k4k7

                                         
                                         104.25.150.97
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 05 Dec 2017 14:56:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 13 Feb 2017 09:23:36 GMT
Etag: W/"17ba0-548660082f600"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
Strict-Transport-Security: max-age=157680000; includeSubDomains
CF-Cache-Status: MISS
Vary: Accept-Encoding
Expires: Tue, 05 Dec 2017 18:56:10 GMT
Cache-Control: public, max-age=14400
Server: cloudflare-nginx
CF-RAY: 3c87d9c2c8594255-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   33789
Md5:    3a80fc6d5f853164f2f53a98659c0c21
Sha1:   3327cc9fd1e64d96894c1322e3ef52dea7fe4cf1
Sha256: c390de9d0d8953f70b165680d6122a3fc871006c67a676030596a4c36e882674
                                        
                                            GET /post/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1 
Host: payments.incisivemedia.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://payments.incisivemedia.com/post/subsformstandard-p11/webstandard/?tc=subscribe20-2&utm_medium=email&utm_campaign=Auto%2020%25%20Discount%20Offer%20EM2&utm_source=O2O%20Lead%20Generation
Cookie: __cfduid=d139907234d4b3e869df4df429dbd64271512485769; PHPSESSID=uj5cpqd8hrfb8r61rds7e6k4k7

                                         
                                         104.25.150.97
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 05 Dec 2017 14:56:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 13 Feb 2017 09:23:36 GMT
Etag: W/"2748-548660082f600"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
Strict-Transport-Security: max-age=157680000; includeSubDomains
CF-Cache-Status: MISS
Vary: Accept-Encoding
Expires: Tue, 05 Dec 2017 18:56:11 GMT
Cache-Control: public, max-age=14400
Server: cloudflare-nginx
CF-RAY: 3c87d9c3eb104267-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   4034
Md5:    2f89b08855471c7476435ce0bec33ba7
Sha1:   970533f152623df03b5fc6fb793b21889e4e0349
Sha256: d200586b6dd1ff779b6c30947361ff736e076d8c7d502505ab3174ca33455ea0
                                        
                                            GET /post/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=4.11.2.1 HTTP/1.1 
Host: payments.incisivemedia.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://payments.incisivemedia.com/post/subsformstandard-p11/webstandard/?tc=subscribe20-2&utm_medium=email&utm_campaign=Auto%2020%25%20Discount%20Offer%20EM2&utm_source=O2O%20Lead%20Generation
Cookie: __cfduid=d139907234d4b3e869df4df429dbd64271512485769; PHPSESSID=uj5cpqd8hrfb8r61rds7e6k4k7

                                         
                                         104.25.150.97
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 05 Dec 2017 14:56:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 15 Apr 2016 14:08:05 GMT
Etag: W/"b1c11-530868a253b40"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
Strict-Transport-Security: max-age=157680000; includeSubDomains
CF-Cache-Status: MISS
Vary: Accept-Encoding
Expires: Tue, 05 Dec 2017 18:56:10 GMT
Cache-Control: public, max-age=14400
Server: cloudflare-nginx
CF-RAY: 3c87d9c108004273-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   57334
Md5:    98bb7e825d2be7ac169711928b2803f9
Sha1:   f76da85f275e785ee3242b03531843a81df1b1c8
Sha256: aefe313f66da87b02d74624875fe89c7ffd9ab4f51c1bbca7355f289b1dd3133
                                        
                                            GET /post/wp-content/plugins/incisive/templates/incisive-univar.php?ver=1 HTTP/1.1 
Host: payments.incisivemedia.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://payments.incisivemedia.com/post/subsformstandard-p11/webstandard/?tc=subscribe20-2&utm_medium=email&utm_campaign=Auto%2020%25%20Discount%20Offer%20EM2&utm_source=O2O%20Lead%20Generation
Cookie: __cfduid=d139907234d4b3e869df4df429dbd64271512485769; PHPSESSID=uj5cpqd8hrfb8r61rds7e6k4k7

                                         
                                         104.25.150.97
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 05 Dec 2017 14:56:11 GMT
Content-Length: 1
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
Strict-Transport-Security: max-age=157680000; includeSubDomains
Server: cloudflare-nginx
CF-RAY: 3c87d9c2ca7d4291-OSL


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    68b329da9893e34099c7d8ad5cb9c940
Sha1:   adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
Sha256: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
                                        
                                            GET /post/wp-content/themes/Divi/style.css HTTP/1.1 
Host: payments.incisivemedia.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://payments.incisivemedia.com/post/wp-content/themes/Divi-child/style.css?ver=2.2
Cookie: __cfduid=d139907234d4b3e869df4df429dbd64271512485769; PHPSESSID=uj5cpqd8hrfb8r61rds7e6k4k7

                                         
                                         104.25.150.97
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 05 Dec 2017 14:56:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 05 Oct 2015 14:36:21 GMT
Etag: W/"48d74-5215c6fdcc340"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
Strict-Transport-Security: max-age=157680000; includeSubDomains
CF-Cache-Status: MISS
Vary: Accept-Encoding
Expires: Tue, 05 Dec 2017 18:56:11 GMT
Cache-Control: public, max-age=14400
Server: cloudflare-nginx
CF-RAY: 3c87d9c40bd5429d-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   35969
Md5:    5d9f6ed63fd31c4b7a9f377d2dcb1b64
Sha1:   3bd996328ecbb82981a6768643c105f87dad06fc
Sha256: 0b911aea0034d1bb35ee069e83f6da77dc15f735aed47a1e06b4f55ace37ab64
                                        
                                            GET /assets_js/live/post/javascript-post.head.min.js?ver=1 HTTP/1.1 
Host: assets.infopro-insight.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://payments.incisivemedia.com/post/subsformstandard-p11/webstandard/?tc=subscribe20-2&utm_medium=email&utm_campaign=Auto%2020%25%20Discount%20Offer%20EM2&utm_source=O2O%20Lead%20Generation

                                         
                                         104.17.186.72
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Date: Tue, 05 Dec 2017 14:56:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d5c7256c5f142f9dcce5b76cb6f447f021512485770; expires=Wed, 05-Dec-18 14:56:10 GMT; path=/; domain=.infopro-insight.com; HttpOnly
Last-Modified: Mon, 30 Oct 2017 15:37:11 GMT
Etag: W/"8632e-55cc56972d7c0"
CF-Cache-Status: MISS
Vary: Accept-Encoding
Server: cloudflare-nginx
CF-RAY: 3c87d9c3ddd6426d-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   140865
Md5:    ab48c884791fba4c1adeb908e8b1bbc8
Sha1:   839de7c2c85a77aa40f0a5102936306c18775b1d
Sha256: 71c05c5306a53e4131c6fe69a961f0c5c6b39f56c05417221d59458324432a88
                                        
                                            GET /cdn-cgi/scripts/ddc5a536/cloudflare-static/email-decode.min.js HTTP/1.1 
Host: payments.incisivemedia.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://payments.incisivemedia.com/post/subsformstandard-p11/webstandard/?tc=subscribe20-2&utm_medium=email&utm_campaign=Auto%2020%25%20Discount%20Offer%20EM2&utm_source=O2O%20Lead%20Generation
Cookie: __cfduid=d139907234d4b3e869df4df429dbd64271512485769; PHPSESSID=uj5cpqd8hrfb8r61rds7e6k4k7

                                         
                                         104.25.150.97
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 05 Dec 2017 14:56:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 30 Nov 2017 14:01:20 GMT
Etag: W/"5a200f30-36e"
Server: cloudflare-nginx
CF-RAY: 3c87d9c98d6b4255-OSL
Expires: Thu, 07 Dec 2017 14:56:11 GMT
Cache-Control: max-age=172800, public
x-frame-options: SAMEORIGIN
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   513
Md5:    e9068848385f999090d25693b61abf54
Sha1:   95ae9683fadfb4fc76442a2351d436eef8283b3b
Sha256: 809d24267142c5ea211422deb7c9b07e603affb60fb3b7218aa93d480b7f8f1a
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         64.233.165.113
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 05 Dec 2017 14:56:11 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    8d910cdd340780baaf1a7fb3c6acaa39
Sha1:   401520fade7e2c26dfa0a53ae878553b59bb6cad
Sha256: 063f882d86f39372f1dcd556e7505c12f7f96b2a62ac68a1d7fada6ec58b790e
                                        
                                            POST /gsr2 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 112
Content-Type: application/ocsp-request

                                         
                                         64.233.165.113
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 05 Dec 2017 14:56:12 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 468
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   468
Md5:    6bf50ec404fb4a8b4a94be8390d11938
Sha1:   0caaab7704d6221abc5e0342909a4928cee50b1c
Sha256: 63b592179b1e9a528344ce1d430b9479fc55f43420a468ec35aaeaa9dff911cf
                                        
                                            GET /post/wp-content/uploads/2016/10/Insurance-post-web-logo-blue.png HTTP/1.1 
Host: payments.incisivemedia.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://payments.incisivemedia.com/post/subsformstandard-p11/webstandard/?tc=subscribe20-2&utm_medium=email&utm_campaign=Auto%2020%25%20Discount%20Offer%20EM2&utm_source=O2O%20Lead%20Generation
Cookie: __cfduid=d139907234d4b3e869df4df429dbd64271512485769; PHPSESSID=uj5cpqd8hrfb8r61rds7e6k4k7

                                         
                                         104.25.150.97
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 05 Dec 2017 14:56:11 GMT
Content-Length: 9499
Connection: keep-alive
Last-Modified: Thu, 20 Oct 2016 11:53:14 GMT
Etag: "251b-53f4a920cde80"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
Strict-Transport-Security: max-age=157680000; includeSubDomains
CF-Cache-Status: MISS
Vary: Accept-Encoding
Expires: Tue, 05 Dec 2017 18:56:11 GMT
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
Server: cloudflare-nginx
CF-RAY: 3c87d9c98f9f42b5-OSL


--- Additional Info ---
Magic:  PNG image, 632 x 80, 8-bit/color RGBA, non-interlaced
Size:   9499
Md5:    408c1d3a7fbf2669dc23bb52cc682a1e
Sha1:   ec38380ab373ffd7f1e265c192e0e7af9a9c6182
Sha256: 2518065165d09bebd514e434128925b11be48808ec20bde36b60af075631c3b8
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://payments.incisivemedia.com/post/subsformstandard-p11/webstandard/?tc=subscribe20-2&utm_medium=email&utm_campaign=Auto%2020%25%20Discount%20Offer%20EM2&utm_source=O2O%20Lead%20Generation

                                         
                                         172.217.22.174
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Timing-Allow-Origin: *
Date: Tue, 05 Dec 2017 13:50:40 GMT
Expires: Tue, 05 Dec 2017 15:50:40 GMT
Last-Modified: Mon, 13 Nov 2017 20:19:12 GMT
x-content-type-options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Server: Golfe2
Content-Length: 14597
Cache-Control: public, max-age=7200
Age: 3932
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   14597
Md5:    6199bd5ef36ff16dd8c35a2abdb5991c
Sha1:   beb16561dd55ab5896b230c5a116a5d819e86b34
Sha256: a3d61ef9e80a01a794fd7c2769720f2fd0e15d0458236e8e0edd411560171879
                                        
                                            GET /ajax/libs/jqueryui/1.12.1/jquery-ui.min.js?ver=1 HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://payments.incisivemedia.com/post/subsformstandard-p11/webstandard/?tc=subscribe20-2&utm_medium=email&utm_campaign=Auto%2020%25%20Discount%20Offer%20EM2&utm_source=O2O%20Lead%20Generation

                                         
                                         173.194.73.95
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 67948
Date: Tue, 05 Dec 2017 14:56:12 GMT
Expires: Wed, 05 Dec 2018 14:56:12 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
x-content-type-options: nosniff
Server: sffe
x-xss-protection: 1; mode=block
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   67948
Md5:    9afca4b98069740a902e6135bb4ce7de
Sha1:   6c0eb20e908fb4d4f131d7cec37a2a28827318a4
Sha256: e99c8005dcc0f0765d4202b8e4ab2ea671febe2cf7c90b2bcffd43909192397d
                                        
                                            POST /ocsp HTTP/1.1 
Host: clients1.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         172.217.22.174
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 05 Dec 2017 14:56:12 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    93607860091ae6091976689e4f06f3d6
Sha1:   c012940971de127ad0e644b2811736167c5d56bd
Sha256: 9a0a581d423138f76eed2db1d23121e25802e903a7d7858fe0da9bbaf05e8c30
                                        
                                            GET /post/wp-content/plugins/incisive/templates/incisive-blockui.js?ver=1 HTTP/1.1 
Host: payments.incisivemedia.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://payments.incisivemedia.com/post/subsformstandard-p11/webstandard/?tc=subscribe20-2&utm_medium=email&utm_campaign=Auto%2020%25%20Discount%20Offer%20EM2&utm_source=O2O%20Lead%20Generation
Cookie: __cfduid=d139907234d4b3e869df4df429dbd64271512485769; PHPSESSID=uj5cpqd8hrfb8r61rds7e6k4k7

                                         
                                         104.25.150.97
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 05 Dec 2017 14:56:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 07 Oct 2015 09:16:50 GMT
Etag: W/"4dfd-5218034dd4480"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
Strict-Transport-Security: max-age=157680000; includeSubDomains
CF-Cache-Status: MISS
Vary: Accept-Encoding
Expires: Tue, 05 Dec 2017 18:56:12 GMT
Cache-Control: public, max-age=14400
Server: cloudflare-nginx
CF-RAY: 3c87d9cc1a2c42b5-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   6590
Md5:    cf341f8bfef68795cbb3f7aee3fd5eca
Sha1:   ecbb3e80226c88bb67fde4727a19edd3983c98c6
Sha256: 4615c8c19c0158e79524c83ac06b35969de1db6329346be58a70bd7ae4b5e9ff
                                        
                                            GET /post/wp-content/plugins/incisive/templates/incisive-steps.js?ver=1 HTTP/1.1 
Host: payments.incisivemedia.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://payments.incisivemedia.com/post/subsformstandard-p11/webstandard/?tc=subscribe20-2&utm_medium=email&utm_campaign=Auto%2020%25%20Discount%20Offer%20EM2&utm_source=O2O%20Lead%20Generation
Cookie: __cfduid=d139907234d4b3e869df4df429dbd64271512485769; PHPSESSID=uj5cpqd8hrfb8r61rds7e6k4k7

                                         
                                         104.25.150.97
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 05 Dec 2017 14:56:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 11 May 2017 13:49:36 GMT
Etag: W/"5190-54f3fdc05a063"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
Strict-Transport-Security: max-age=157680000; includeSubDomains
CF-Cache-Status: MISS
Vary: Accept-Encoding
Expires: Tue, 05 Dec 2017 18:56:13 GMT
Cache-Control: public, max-age=14400
Server: cloudflare-nginx
CF-RAY: 3c87d9d0cdde42b5-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   4899
Md5:    32b9c1294555fa2fdec8be239e1fb8f4
Sha1:   1e4ba05391f0786528f25b1f9bbba16d5ef96e24
Sha256: 2384e710329463520c3b3b96be9306ec07f829e7fd193e0424178548f091fea3
                                        
                                            GET /s/arimo/v11/wZLYhRRxZWGToTRP78bqJQ.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://fonts.googleapis.com/css?family=Arimo:400,400italic,700,700italic
Origin: https://payments.incisivemedia.com

                                         
                                         172.217.22.163
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 29372
Date: Thu, 16 Nov 2017 20:18:20 GMT
Expires: Fri, 16 Nov 2018 20:18:20 GMT
Last-Modified: Wed, 11 Oct 2017 18:26:43 GMT
x-content-type-options: nosniff
Server: sffe
x-xss-protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 1622273
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  data
Size:   29372
Md5:    2d888d6b96230fffdcb4763976c99ac0
Sha1:   7dff1d81e75e07b7bc09f75c34fce7e7d40a8d63
Sha256: 34b43003fd1fe13bbfc18117160f50801a41ccb5aca5f9de3bc24fe38421ec8b
                                        
                                            GET /r/collect?v=1&_v=j66&a=203172338&t=pageview&_s=1&dl=https%3A%2F%2Fpayments.incisivemedia.com%2Fpost%2Fsubsformstandard-p11%2Fwebstandard%2F%3Ftc%3Dsubscribe20-2%26utm_medium%3Demail%26utm_campaign%3DAuto%252020%2525%2520Discount%2520Offer%2520EM2%26utm_source%3DO2O%2520Lead%2520Generation&ul=en-us&de=UTF-8&dt=2017%20Subscribe%20to%20POST%20(subsformstandard)%20Save%2020%25%20%7C%20Subscribe%20to%20Post%20Online&sd=24-bit&sr=1176x885&vp=1159x737&je=1&fl=10.0%20r45&_u=YGDACEQAD~&jid=1592934616&gjid=1645640641&cid=1884804102.1512485773&tid=UA-5890171-73&_gid=1769273971.1512485773&_r=1&cd1=Anonymous&cd20=No&cd3=null&cd14=Other&cd13=null&cd4=None&z=990747136 HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://payments.incisivemedia.com/post/subsformstandard-p11/webstandard/?tc=subscribe20-2&utm_medium=email&utm_campaign=Auto%2020%25%20Discount%20Offer%20EM2&utm_source=O2O%20Lead%20Generation

                                         
                                         172.217.22.174
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Allow-Origin: *
Date: Tue, 05 Dec 2017 14:56:13 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
Server: Golfe2
Content-Length: 35
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            GET /post/wp-content/plugins/incisive/images/down-arrow.png HTTP/1.1 
Host: payments.incisivemedia.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://payments.incisivemedia.com/post/subsformstandard-p11/webstandard/?tc=subscribe20-2&utm_medium=email&utm_campaign=Auto%2020%25%20Discount%20Offer%20EM2&utm_source=O2O%20Lead%20Generation
Cookie: __cfduid=d139907234d4b3e869df4df429dbd64271512485769; PHPSESSID=uj5cpqd8hrfb8r61rds7e6k4k7

                                         
                                         104.25.150.97
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 05 Dec 2017 14:56:12 GMT
Content-Length: 1009
Connection: keep-alive
Last-Modified: Fri, 27 Nov 2015 16:24:41 GMT
Etag: "3f1-5258820e1c440"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
Strict-Transport-Security: max-age=157680000; includeSubDomains
CF-Cache-Status: MISS
Vary: Accept-Encoding
Expires: Tue, 05 Dec 2017 18:56:12 GMT
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
Server: cloudflare-nginx
CF-RAY: 3c87d9cc2f1b4255-OSL


--- Additional Info ---
Magic:  PNG image, 15 x 20, 8-bit/color RGBA, non-interlaced
Size:   1009
Md5:    e7b45bcc7dfe455fa960fce838898982
Sha1:   c80580fd958da944df91fe25045f1b061c3854d3
Sha256: 7a2f0ecca55b26403dbb952ac56fbc6eb3f49cdf25507525609ebbbcb9da7b7b
                                        
                                            GET /s/arimo/v11/UnXpojilM3XslYxUnWuVe_esZW2xOQ-xsNqO47m55DA.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://fonts.googleapis.com/css?family=Arimo:400,400italic,700,700italic
Origin: https://payments.incisivemedia.com

                                         
                                         172.217.22.163
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 28596
Date: Thu, 16 Nov 2017 19:47:51 GMT
Expires: Fri, 16 Nov 2018 19:47:51 GMT
Last-Modified: Wed, 11 Oct 2017 18:31:20 GMT
x-content-type-options: nosniff
Server: sffe
x-xss-protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 1624102
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  data
Size:   28596
Md5:    4d3e206a690061abf25d823a44ab5e1d
Sha1:   8e13aa8a62637b304477c0342b152f23071bb9b5
Sha256: f233ae8f837d8a4fd4e3f052f718fdb1cba0f43134d17cc7579c670ddae71414
                                        
                                            GET /post/wp-content/plugins/incisive/images/error.png HTTP/1.1 
Host: payments.incisivemedia.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://payments.incisivemedia.com/post/subsformstandard-p11/webstandard/?tc=subscribe20-2&utm_medium=email&utm_campaign=Auto%2020%25%20Discount%20Offer%20EM2&utm_source=O2O%20Lead%20Generation
Cookie: __cfduid=d139907234d4b3e869df4df429dbd64271512485769; PHPSESSID=uj5cpqd8hrfb8r61rds7e6k4k7

                                         
                                         104.25.150.97
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 05 Dec 2017 14:56:12 GMT
Content-Length: 20436
Connection: keep-alive
Last-Modified: Mon, 05 Oct 2015 14:36:22 GMT
Etag: "4fd4-5215c6fec0580"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
Strict-Transport-Security: max-age=157680000; includeSubDomains
CF-Cache-Status: MISS
Vary: Accept-Encoding
Expires: Tue, 05 Dec 2017 18:56:12 GMT
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
Server: cloudflare-nginx
CF-RAY: 3c87d9cc18e9429d-OSL


--- Additional Info ---
Magic:  PNG image, 30 x 30, 8-bit/color RGBA, non-interlaced
Size:   20436
Md5:    65649e403bd1b479414f2121ad4c4f51
Sha1:   9cb4215a2ba3dbae06f16aad80aee717fa965b80
Sha256: e97802a79ada7a07bfbe09c01ac9182bba7d19f0d64bdb5ea9568f26fc53f249
                                        
                                            GET /r/collect?v=1&_v=j66&a=203172338&t=pageview&_s=1&dl=https%3A%2F%2Fpayments.incisivemedia.com%2Fpost%2Fsubsformstandard-p11%2Fwebstandard%2F%3Ftc%3Dsubscribe20-2%26utm_medium%3Demail%26utm_campaign%3DAuto%252020%2525%2520Discount%2520Offer%2520EM2%26utm_source%3DO2O%2520Lead%2520Generation&ul=en-us&de=UTF-8&dt=2017%20Subscribe%20to%20POST%20(subsformstandard)%20Save%2020%25%20%7C%20Subscribe%20to%20Post%20Online&sd=24-bit&sr=1176x885&vp=1159x737&je=1&fl=10.0%20r45&_u=YGDACEQAD~&jid=1002061805&gjid=69648192&cid=1884804102.1512485773&tid=UA-5946652-1&_gid=1769273971.1512485773&_r=1&cd1=Anonymous&cd20=No&cd3=null&cd14=Other&cd13=null&cd4=None&z=1482112228 HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://payments.incisivemedia.com/post/subsformstandard-p11/webstandard/?tc=subscribe20-2&utm_medium=email&utm_campaign=Auto%2020%25%20Discount%20Offer%20EM2&utm_source=O2O%20Lead%20Generation

                                         
                                         172.217.22.174
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-5946652-1&cid=1884804102.1512485773&jid=1002061805&_gid=1769273971.1512485773&gjid=69648192&_v=j66&z=1482112228
Access-Control-Allow-Origin: *
Date: Tue, 05 Dec 2017 14:56:14 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Server: Golfe2
Content-Length: 417
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  HTML document text
Size:   417
Md5:    36782443b357326e0fb18e63b6e744f7
Sha1:   ce9729507f258661253ea8c3de79420747759de2
Sha256: 5d7341875a8899faacfe3458cdd1b9ddfd22dfdb50b475680f6e7f7f85b5afd5
                                        
                                            GET /post/wp-content/plugins/incisive/images/complete.png HTTP/1.1 
Host: payments.incisivemedia.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://payments.incisivemedia.com/post/subsformstandard-p11/webstandard/?tc=subscribe20-2&utm_medium=email&utm_campaign=Auto%2020%25%20Discount%20Offer%20EM2&utm_source=O2O%20Lead%20Generation
Cookie: __cfduid=d139907234d4b3e869df4df429dbd64271512485769; PHPSESSID=uj5cpqd8hrfb8r61rds7e6k4k7

                                         
                                         104.25.150.97
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 05 Dec 2017 14:56:12 GMT
Content-Length: 18457
Connection: keep-alive
Last-Modified: Mon, 05 Oct 2015 14:36:22 GMT
Etag: "4819-5215c6fec0580"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
Strict-Transport-Security: max-age=157680000; includeSubDomains
CF-Cache-Status: MISS
Vary: Accept-Encoding
Expires: Tue, 05 Dec 2017 18:56:12 GMT
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
Server: cloudflare-nginx
CF-RAY: 3c87d9cc196b4291-OSL


--- Additional Info ---
Magic:  PNG image, 30 x 30, 8-bit/color RGBA, non-interlaced
Size:   18457
Md5:    e2ae98f6a4875d7c51b73cbc0017fa79
Sha1:   cefefbf3c9a304aeb98a2be939874893b4eaecfc
Sha256: aa5363106ca66df5e03888e97c16c055b71841c8fd09bf7a14e5789214657627
                                        
                                            GET /post/wp-content/plugins/incisive/templates/incisive-rates.js?ver=1 HTTP/1.1 
Host: payments.incisivemedia.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://payments.incisivemedia.com/post/subsformstandard-p11/webstandard/?tc=subscribe20-2&utm_medium=email&utm_campaign=Auto%2020%25%20Discount%20Offer%20EM2&utm_source=O2O%20Lead%20Generation
Cookie: __cfduid=d139907234d4b3e869df4df429dbd64271512485769; PHPSESSID=uj5cpqd8hrfb8r61rds7e6k4k7

                                         
                                         104.25.150.97
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 05 Dec 2017 14:56:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 11 May 2017 13:49:36 GMT
Etag: W/"2715-54f3fdc04d543"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
Strict-Transport-Security: max-age=157680000; includeSubDomains
CF-Cache-Status: MISS
Vary: Accept-Encoding
Expires: Tue, 05 Dec 2017 18:56:14 GMT
Cache-Control: public, max-age=14400
Server: cloudflare-nginx
CF-RAY: 3c87d9d778084255-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2667
Md5:    e1849b907a680f586c5f5adc3c157967
Sha1:   c970b5fb3f4b72cc35f72544a3fbd1d30c8940a1
Sha256: 623ebec0683bfaadc70a49e53313c989289373ad75aa931d05f14688500652e2
                                        
                                            GET /post/wp-content/uploads/2016/05/IMMSRMTT16-ScreensV2-InsurancePost1.png HTTP/1.1 
Host: payments.incisivemedia.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://payments.incisivemedia.com/post/subsformstandard-p11/webstandard/?tc=subscribe20-2&utm_medium=email&utm_campaign=Auto%2020%25%20Discount%20Offer%20EM2&utm_source=O2O%20Lead%20Generation
Cookie: __cfduid=d139907234d4b3e869df4df429dbd64271512485769; PHPSESSID=uj5cpqd8hrfb8r61rds7e6k4k7

                                         
                                         104.25.150.97
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 05 Dec 2017 14:56:12 GMT
Content-Length: 73934
Connection: keep-alive
Last-Modified: Mon, 11 Jul 2016 10:21:39 GMT
Etag: "120ce-53759848cf2c0"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
Strict-Transport-Security: max-age=157680000; includeSubDomains
CF-Cache-Status: MISS
Vary: Accept-Encoding
Expires: Tue, 05 Dec 2017 18:56:12 GMT
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
Server: cloudflare-nginx
CF-RAY: 3c87d9cc1a9d4267-OSL


--- Additional Info ---
Magic:  PNG image, 480 x 391, 8-bit/color RGB, non-interlaced
Size:   73934
Md5:    a9bb841f31e76279a1580f0804b092a2
Sha1:   6bc869fb9ac1f1883551f50c0d92fb4036458db8
Sha256: 03ff30f7c3a95c00b7311aae071e5fd41c6aa92b2bb4fab68c1b4f447d23ca1b
                                        
                                            GET /post/wp-content/plugins/incisive/templates/incisive-payment.js?ver=1 HTTP/1.1 
Host: payments.incisivemedia.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://payments.incisivemedia.com/post/subsformstandard-p11/webstandard/?tc=subscribe20-2&utm_medium=email&utm_campaign=Auto%2020%25%20Discount%20Offer%20EM2&utm_source=O2O%20Lead%20Generation
Cookie: __cfduid=d139907234d4b3e869df4df429dbd64271512485769; PHPSESSID=uj5cpqd8hrfb8r61rds7e6k4k7

                                         
                                         104.25.150.97
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 05 Dec 2017 14:56:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 12 Jan 2017 11:02:59 GMT
Etag: W/"98e-545e3a9031ec0"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
Strict-Transport-Security: max-age=157680000; includeSubDomains
CF-Cache-Status: MISS
Vary: Accept-Encoding
Expires: Tue, 05 Dec 2017 18:56:14 GMT
Cache-Control: public, max-age=14400
Server: cloudflare-nginx
CF-RAY: 3c87d9d73b7442b5-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   909
Md5:    f44f8720a93a4b0570b9868b1d210af7
Sha1:   9d8223a02f260f428824140001a3956b8635ecb4
Sha256: a7595af3b77890682ec58032c1ad459a84f09fdc7a8dc0edd4f23e87bb67fea7
                                        
                                            GET /post/wp-content/themes/Divi/js/jquery.fitvids.js?ver=2.2 HTTP/1.1 
Host: payments.incisivemedia.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://payments.incisivemedia.com/post/subsformstandard-p11/webstandard/?tc=subscribe20-2&utm_medium=email&utm_campaign=Auto%2020%25%20Discount%20Offer%20EM2&utm_source=O2O%20Lead%20Generation
Cookie: __cfduid=d139907234d4b3e869df4df429dbd64271512485769; PHPSESSID=uj5cpqd8hrfb8r61rds7e6k4k7

                                         
                                         104.25.150.97
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 05 Dec 2017 14:56:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 05 Oct 2015 14:36:21 GMT
Etag: W/"b7f-5215c6fdcc340"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
Strict-Transport-Security: max-age=157680000; includeSubDomains
CF-Cache-Status: MISS
Vary: Accept-Encoding
Expires: Tue, 05 Dec 2017 18:56:14 GMT
Cache-Control: public, max-age=14400
Server: cloudflare-nginx
CF-RAY: 3c87d9d7d8884255-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1188
Md5:    7b2bab921b3798916013b6ab9010cef9
Sha1:   a131f98d3d1647eb468ba65d3cd94236acce53f7
Sha256: 2537fe3dcede950613611f932eae51fd2af7bed5aa4e9e73cd8bb0a58c8fe29a
                                        
                                            GET /post/wp-includes/js/comment-reply.min.js?ver=4.7.2 HTTP/1.1 
Host: payments.incisivemedia.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://payments.incisivemedia.com/post/subsformstandard-p11/webstandard/?tc=subscribe20-2&utm_medium=email&utm_campaign=Auto%2020%25%20Discount%20Offer%20EM2&utm_source=O2O%20Lead%20Generation
Cookie: __cfduid=d139907234d4b3e869df4df429dbd64271512485769; PHPSESSID=uj5cpqd8hrfb8r61rds7e6k4k7

                                         
                                         104.25.150.97
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 05 Dec 2017 14:56:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 13 Feb 2017 09:23:36 GMT
Etag: W/"436-548660082f600"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
Strict-Transport-Security: max-age=157680000; includeSubDomains
CF-Cache-Status: MISS
Vary: Accept-Encoding
Expires: Tue, 05 Dec 2017 18:56:14 GMT
Cache-Control: public, max-age=14400
Server: cloudflare-nginx
CF-RAY: 3c87d9d7dae04291-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   591
Md5:    9947b6c24339804df910477e0ee3446b
Sha1:   ca3348c530a1918ba71890fc433e6164bbb3d8ca
Sha256: d307ab8cca655de683d8809fc4a3f740bc03068f0a189fe94320d8eee5510a9b
                                        
                                            GET /post/wp-content/plugins/js_composer/assets/lib/waypoints/waypoints.min.js?ver=4.11.2.1 HTTP/1.1 
Host: payments.incisivemedia.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://payments.incisivemedia.com/post/subsformstandard-p11/webstandard/?tc=subscribe20-2&utm_medium=email&utm_campaign=Auto%2020%25%20Discount%20Offer%20EM2&utm_source=O2O%20Lead%20Generation
Cookie: __cfduid=d139907234d4b3e869df4df429dbd64271512485769; PHPSESSID=uj5cpqd8hrfb8r61rds7e6k4k7

                                         
                                         104.25.150.97
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 05 Dec 2017 14:56:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 22 May 2015 08:40:29 GMT
Etag: W/"1f6c-516a79cc41940"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
Strict-Transport-Security: max-age=157680000; includeSubDomains
CF-Cache-Status: MISS
Vary: Accept-Encoding
Expires: Tue, 05 Dec 2017 18:56:14 GMT
Cache-Control: public, max-age=14400
Server: cloudflare-nginx
CF-RAY: 3c87d9d80b474267-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2608
Md5:    e8799071487dc8a031024391a7ad89f8
Sha1:   b2cdca60c2622955e00ca9ee825be3d62bd52eae
Sha256: 5f86bc0b64d14673044a2798db3307c8524aa4c01c81dd4884ec3f6ec8c255a2
                                        
                                            GET /post/wp-content/uploads/2016/05/IMMSRMTT16-Screens-InsurancePost.png HTTP/1.1 
Host: payments.incisivemedia.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://payments.incisivemedia.com/post/subsformstandard-p11/webstandard/?tc=subscribe20-2&utm_medium=email&utm_campaign=Auto%2020%25%20Discount%20Offer%20EM2&utm_source=O2O%20Lead%20Generation
Cookie: __cfduid=d139907234d4b3e869df4df429dbd64271512485769; PHPSESSID=uj5cpqd8hrfb8r61rds7e6k4k7

                                         
                                         104.25.150.97
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 05 Dec 2017 14:56:12 GMT
Content-Length: 116544
Connection: keep-alive
Last-Modified: Mon, 11 Jul 2016 09:19:27 GMT
Etag: "1c740-53758a61b25c0"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
Strict-Transport-Security: max-age=157680000; includeSubDomains
CF-Cache-Status: MISS
Vary: Accept-Encoding
Expires: Tue, 05 Dec 2017 18:56:12 GMT
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
Server: cloudflare-nginx
CF-RAY: 3c87d9cc19294273-OSL


--- Additional Info ---
Magic:  PNG image, 480 x 391, 8-bit/color RGBA, non-interlaced
Size:   116544
Md5:    4a90f5e5b20e7d4f516c4fcc7ea7cd15
Sha1:   cd7336ac5156cd9c92984217776e4b7296f8e4c9
Sha256: ea60aec90df7f51e782705f2e07293f01c0802506ea38202be4b743fd117b119
                                        
                                            GET /post/wp-content/themes/Divi/js/jquery.magnific-popup.js?ver=2.2 HTTP/1.1 
Host: payments.incisivemedia.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://payments.incisivemedia.com/post/subsformstandard-p11/webstandard/?tc=subscribe20-2&utm_medium=email&utm_campaign=Auto%2020%25%20Discount%20Offer%20EM2&utm_source=O2O%20Lead%20Generation
Cookie: __cfduid=d139907234d4b3e869df4df429dbd64271512485769; PHPSESSID=uj5cpqd8hrfb8r61rds7e6k4k7

                                         
                                         104.25.150.97
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 05 Dec 2017 14:56:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 05 Oct 2015 14:36:21 GMT
Etag: W/"ba66-5215c6fdcc340"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
Strict-Transport-Security: max-age=157680000; includeSubDomains
CF-Cache-Status: MISS
Vary: Accept-Encoding
Expires: Tue, 05 Dec 2017 18:56:14 GMT
Cache-Control: public, max-age=14400
Server: cloudflare-nginx
CF-RAY: 3c87d9d86c5942b5-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   13784
Md5:    9bd14075ab0d0360997507156bb055bd
Sha1:   369b9748524706bc09f9ff68906e225cc8bdac46
Sha256: 3c38f4faca08d654e64f70d432e691ab724ddfe4765056f35dd7e9504f44a2ab
                                        
                                            GET /post/wp-content/themes/Divi/js/smoothscroll.js?ver=2.2 HTTP/1.1 
Host: payments.incisivemedia.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://payments.incisivemedia.com/post/subsformstandard-p11/webstandard/?tc=subscribe20-2&utm_medium=email&utm_campaign=Auto%2020%25%20Discount%20Offer%20EM2&utm_source=O2O%20Lead%20Generation
Cookie: __cfduid=d139907234d4b3e869df4df429dbd64271512485769; PHPSESSID=uj5cpqd8hrfb8r61rds7e6k4k7

                                         
                                         104.25.150.97
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 05 Dec 2017 14:56:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 05 Oct 2015 14:36:21 GMT
Etag: W/"3888-5215c6fdcc340"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
Strict-Transport-Security: max-age=157680000; includeSubDomains
CF-Cache-Status: MISS
Vary: Accept-Encoding
Expires: Tue, 05 Dec 2017 18:56:14 GMT
Cache-Control: public, max-age=14400
Server: cloudflare-nginx
CF-RAY: 3c87d9d90bca4291-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   4392
Md5:    f4ef65564892642579126931aa4dfe86
Sha1:   caa0efd6e353f32d7b1764242d49c3ca1a09f5ba
Sha256: d48f4f75df43c82b64f801f262f9bd5a46734fcedf9c840ff4526959ce6663b9
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         64.233.165.113
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 05 Dec 2017 14:56:14 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    f304d6d368f855376ea02e1b710a3f4c
Sha1:   c3954ef94942362adc5bf249c8f5bf472b78d42f
Sha256: 90f516c03de5d46ad47df5dbfdccc74ce04eacf8b33e294109bb370dd21f636b
                                        
                                            GET /post/wp-content/themes/Divi/js/custom.js?ver=2.2 HTTP/1.1 
Host: payments.incisivemedia.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://payments.incisivemedia.com/post/subsformstandard-p11/webstandard/?tc=subscribe20-2&utm_medium=email&utm_campaign=Auto%2020%25%20Discount%20Offer%20EM2&utm_source=O2O%20Lead%20Generation
Cookie: __cfduid=d139907234d4b3e869df4df429dbd64271512485769; PHPSESSID=uj5cpqd8hrfb8r61rds7e6k4k7

                                         
                                         104.25.150.97
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 05 Dec 2017 14:56:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 05 Oct 2015 14:36:21 GMT
Etag: W/"184bb-5215c6fe96237"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
Strict-Transport-Security: max-age=157680000; includeSubDomains
CF-Cache-Status: MISS
Vary: Accept-Encoding
Expires: Tue, 05 Dec 2017 18:56:14 GMT
Cache-Control: public, max-age=14400
Server: cloudflare-nginx
CF-RAY: 3c87d9d8f95b4255-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   17376
Md5:    be981ccb3b3472d787712bbe1fb26f3b
Sha1:   361a766091c786214c0134cbafb557fd600107d2
Sha256: 2b5581187193404081c028c407bcbc9bee3297c730c2115512b8b6c73a855c3d
                                        
                                            GET /post/wp-includes/js/wp-embed.min.js?ver=4.7.2 HTTP/1.1 
Host: payments.incisivemedia.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://payments.incisivemedia.com/post/subsformstandard-p11/webstandard/?tc=subscribe20-2&utm_medium=email&utm_campaign=Auto%2020%25%20Discount%20Offer%20EM2&utm_source=O2O%20Lead%20Generation
Cookie: __cfduid=d139907234d4b3e869df4df429dbd64271512485769; PHPSESSID=uj5cpqd8hrfb8r61rds7e6k4k7

                                         
                                         104.25.150.97
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 05 Dec 2017 14:56:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 13 Feb 2017 09:23:36 GMT
Etag: W/"576-548660082f600"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
Strict-Transport-Security: max-age=157680000; includeSubDomains
CF-Cache-Status: MISS
Vary: Accept-Encoding
Expires: Tue, 05 Dec 2017 18:56:14 GMT
Cache-Control: public, max-age=14400
Server: cloudflare-nginx
CF-RAY: 3c87d9d9bca34267-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   756
Md5:    77ce65aa27658b26944312e742e1d204
Sha1:   952f595220a39db2f6c8e65c648fa6b1ecf92024
Sha256: 277851a5b1d095133da0244edd6952c2f6fe5ec1b25633812001abb796681616
                                        
                                            GET /r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-5946652-1&cid=1884804102.1512485773&jid=1002061805&_gid=1769273971.1512485773&gjid=69648192&_v=j66&z=1482112228 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://payments.incisivemedia.com/post/subsformstandard-p11/webstandard/?tc=subscribe20-2&utm_medium=email&utm_campaign=Auto%2020%25%20Discount%20Offer%20EM2&utm_source=O2O%20Lead%20Generation

                                         
                                         64.233.165.156
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Location: https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5946652-1&cid=1884804102.1512485773&jid=1002061805&_v=j66&z=1482112228
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Date: Tue, 05 Dec 2017 14:56:14 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Server: Golfe2
Content-Length: 366
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  HTML document text
Size:   366
Md5:    f541888b53f1fa6fbed72bdcb43f4936
Sha1:   b61c5176f250f2b4631e1d5b9bd4bace427dc230
Sha256: f3b8021e34777f94375c9d0fccb2088efd109e1df8d36b29f6c271273880c980
                                        
                                            POST /ocsp HTTP/1.1 
Host: clients1.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         172.217.22.174
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 05 Dec 2017 14:56:14 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    fefc73d2cc0960a4e5f81d55cbff2b58
Sha1:   7a0c818c96413007f4b1e9a7a52604337d59af20
Sha256: 7ab900093b8485003f3888452489ca59ea56a05a040bd0a76ffb6d634646afc9
                                        
                                            GET /risk/wp-content/plugins/incisive/images/bankcard.gif HTTP/1.1 
Host: payments.incisivemedia.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://payments.incisivemedia.com/post/subsformstandard-p11/webstandard/?tc=subscribe20-2&utm_medium=email&utm_campaign=Auto%2020%25%20Discount%20Offer%20EM2&utm_source=O2O%20Lead%20Generation
Cookie: __cfduid=d139907234d4b3e869df4df429dbd64271512485769; PHPSESSID=uj5cpqd8hrfb8r61rds7e6k4k7

                                         
                                         104.25.150.97
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 05 Dec 2017 14:56:14 GMT
Content-Length: 3867
Connection: keep-alive
Last-Modified: Mon, 19 Dec 2016 13:27:41 GMT
Etag: "f1b-54402e24eed40"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
Strict-Transport-Security: max-age=157680000; includeSubDomains
CF-Cache-Status: REVALIDATED
Vary: Accept-Encoding
Expires: Tue, 05 Dec 2017 18:56:14 GMT
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
Server: cloudflare-nginx
CF-RAY: 3c87d9da6ddb42b5-OSL


--- Additional Info ---
Magic:  GIF image data, version 87a, 200 x 37
Size:   3867
Md5:    7870b1daa68c4f9b062b7e9a1eca12ae
Sha1:   ef774f94e979edf3874c9bdd668607ef01b3a989
Sha256: 269a3b83d7fa33ee228e21c3c5492d5ea3565e2b5ed49f35c5e92e2b1ac49e66
                                        
                                            GET /risk/wp-content/uploads/2015/07/error.png HTTP/1.1 
Host: payments.incisivemedia.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://payments.incisivemedia.com/post/subsformstandard-p11/webstandard/?tc=subscribe20-2&utm_medium=email&utm_campaign=Auto%2020%25%20Discount%20Offer%20EM2&utm_source=O2O%20Lead%20Generation
Cookie: __cfduid=d139907234d4b3e869df4df429dbd64271512485769; PHPSESSID=uj5cpqd8hrfb8r61rds7e6k4k7

                                         
                                         104.25.150.97
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 05 Dec 2017 14:56:14 GMT
Content-Length: 20436
Connection: keep-alive
Last-Modified: Wed, 14 Oct 2015 17:42:04 GMT
Etag: "4fd4-52214149bd300"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
Strict-Transport-Security: max-age=157680000; includeSubDomains
CF-Cache-Status: REVALIDATED
Vary: Accept-Encoding
Expires: Tue, 05 Dec 2017 18:56:14 GMT
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
Server: cloudflare-nginx
CF-RAY: 3c87d9da8ce24291-OSL


--- Additional Info ---
Magic:  PNG image, 30 x 30, 8-bit/color RGBA, non-interlaced
Size:   20436
Md5:    65649e403bd1b479414f2121ad4c4f51
Sha1:   9cb4215a2ba3dbae06f16aad80aee717fa965b80
Sha256: e97802a79ada7a07bfbe09c01ac9182bba7d19f0d64bdb5ea9568f26fc53f249
                                        
                                            GET /ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5946652-1&cid=1884804102.1512485773&jid=1002061805&_v=j66&z=1482112228 HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://payments.incisivemedia.com/post/subsformstandard-p11/webstandard/?tc=subscribe20-2&utm_medium=email&utm_campaign=Auto%2020%25%20Discount%20Offer%20EM2&utm_source=O2O%20Lead%20Generation

                                         
                                         64.233.165.106
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Date: Tue, 05 Dec 2017 14:56:14 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Location: https://www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5946652-1&cid=1884804102.1512485773&jid=1002061805&_v=j66&z=1482112228&slf_rd=1&random=4277757775
x-content-type-options: nosniff
Server: cafe
Content-Length: 0
x-xss-protection: 1; mode=block
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
                                        
                                            GET /post/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=4.11.2.1 HTTP/1.1 
Host: payments.incisivemedia.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://payments.incisivemedia.com/post/subsformstandard-p11/webstandard/?tc=subscribe20-2&utm_medium=email&utm_campaign=Auto%2020%25%20Discount%20Offer%20EM2&utm_source=O2O%20Lead%20Generation
Cookie: __cfduid=d139907234d4b3e869df4df429dbd64271512485769; PHPSESSID=uj5cpqd8hrfb8r61rds7e6k4k7

                                         
                                         104.25.150.97
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 05 Dec 2017 14:56:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 15 Apr 2016 14:08:09 GMT
Etag: W/"4a83-530868a624440"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
Strict-Transport-Security: max-age=157680000; includeSubDomains
CF-Cache-Status: MISS
Vary: Accept-Encoding
Expires: Tue, 05 Dec 2017 18:56:14 GMT
Cache-Control: public, max-age=14400
Server: cloudflare-nginx
CF-RAY: 3c87d9da6c5f4273-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   5590
Md5:    00b76fcb833fb5f9edecd0801285b2de
Sha1:   49e63e16b88cf11dd8c8b9ffc931bb0c171b0ef1
Sha256: f3c4fd8d6b4227c977f00f33f405c9546081a461a3f861bd847a73e62c732ff8
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         64.233.165.113
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 05 Dec 2017 14:56:14 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    378279fd6b6dca1d471750c43b2e2a15
Sha1:   7f26b652e48116c51a568f5f4f0c1371261e4454
Sha256: 9c5b5a11f908b1715200b8ecf3ee14e0c410b4b15a114e2709eca24d8d3242df
                                        
                                            GET /risk/wp-content/plugins/incisive/images/down-arrow.png HTTP/1.1 
Host: payments.incisivemedia.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://payments.incisivemedia.com/post/wp-content/plugins/incisive/templates/incisive.css?ver=4.7.2
Cookie: __cfduid=d139907234d4b3e869df4df429dbd64271512485769; PHPSESSID=uj5cpqd8hrfb8r61rds7e6k4k7

                                         
                                         104.25.150.97
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 05 Dec 2017 14:56:14 GMT
Content-Length: 1009
Connection: keep-alive
Last-Modified: Wed, 25 Nov 2015 11:24:41 GMT
Etag: "3f1-5255bb45930fb"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
Strict-Transport-Security: max-age=157680000; includeSubDomains
CF-Cache-Status: EXPIRED
Vary: Accept-Encoding
Expires: Tue, 05 Dec 2017 18:56:14 GMT
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
Server: cloudflare-nginx
CF-RAY: 3c87d9db0ad04255-OSL


--- Additional Info ---
Magic:  PNG image, 15 x 20, 8-bit/color RGBA, non-interlaced
Size:   1009
Md5:    e7b45bcc7dfe455fa960fce838898982
Sha1:   c80580fd958da944df91fe25045f1b061c3854d3
Sha256: 7a2f0ecca55b26403dbb952ac56fbc6eb3f49cdf25507525609ebbbcb9da7b7b
                                        
                                            GET /post/wp-content/plugins/incisive/templates/incisive-demos.js?ver=1 HTTP/1.1 
Host: payments.incisivemedia.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://payments.incisivemedia.com/post/subsformstandard-p11/webstandard/?tc=subscribe20-2&utm_medium=email&utm_campaign=Auto%2020%25%20Discount%20Offer%20EM2&utm_source=O2O%20Lead%20Generation
Cookie: __cfduid=d139907234d4b3e869df4df429dbd64271512485769; PHPSESSID=uj5cpqd8hrfb8r61rds7e6k4k7

                                         
                                         104.25.150.97
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 05 Dec 2017 14:56:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 08 Jan 2016 10:34:43 GMT
Etag: W/"279-528d022a376c0"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
Strict-Transport-Security: max-age=157680000; includeSubDomains
CF-Cache-Status: MISS
Vary: Accept-Encoding
Expires: Tue, 05 Dec 2017 18:56:14 GMT
Cache-Control: public, max-age=14400
Server: cloudflare-nginx
CF-RAY: 3c87d9d7d93e429d-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   307
Md5:    61bb87f68a5c5dd402bd072e6fc774b8
Sha1:   5400e61977cbad365ae2e231c460fbb9cf11c0a0
Sha256: 1a9b161563bd1a3c9c3d6634e59e13b45bc0adb41ab9c7d7b545d8db17e5c56c
                                        
                                            GET /ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5946652-1&cid=1884804102.1512485773&jid=1002061805&_v=j66&z=1482112228&slf_rd=1&random=4277757775 HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://payments.incisivemedia.com/post/subsformstandard-p11/webstandard/?tc=subscribe20-2&utm_medium=email&utm_campaign=Auto%2020%25%20Discount%20Offer%20EM2&utm_source=O2O%20Lead%20Generation

                                         
                                         64.233.165.94
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Date: Tue, 05 Dec 2017 14:56:15 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
x-content-type-options: nosniff
Server: cafe
Content-Length: 42
x-xss-protection: 1; mode=block
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            POST / HTTP/1.1 
Host: ocsp.usertrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 116
Content-Type: application/ocsp-request

                                         
                                         178.255.83.1
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 05 Dec 2017 14:56:20 GMT
Server: Apache
Last-Modified: Mon, 04 Dec 2017 20:07:10 GMT
Expires: Mon, 11 Dec 2017 20:07:10 GMT
Etag: 8BD8B0B67E37B87FD7C02FE390ED1D3F936EB4CE
Cache-Control: max-age=536449,public,no-transform,must-revalidate
X-OCSP-Reponder-ID: rmdccaocsp23
Content-Length: 472
Connection: close


--- Additional Info ---
Magic:  data
Size:   472
Md5:    99b606b7dcf296af00dd6184a93e258a
Sha1:   8bd8b0b67e37b87fd7c02fe390ed1d3f936eb4ce
Sha256: 8b425399c5ca4f646f78f310ae41143c11215f58e0878ad25145c96da0669555
                                        
                                            POST / HTTP/1.1 
Host: ocsp.usertrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         178.255.83.1
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 05 Dec 2017 14:56:21 GMT
Server: Apache
Last-Modified: Sun, 03 Dec 2017 10:16:14 GMT
Expires: Sun, 10 Dec 2017 10:16:14 GMT
Etag: 4B67C9A3545482D312BDD801B6F2F3A0ACDB5CDF
Cache-Control: max-age=414592,public,no-transform,must-revalidate
X-OCSP-Reponder-ID: rmdccaocsp32
Content-Length: 727
Connection: close


--- Additional Info ---
Magic:  data
Size:   727
Md5:    6fecaca64fd677aca83e1d77875782c9
Sha1:   4b67c9a3545482d312bdd801b6f2f3a0acdb5cdf
Sha256: f1e0d5cd0ebff69780835bf32e9f961f062026c409b64c7dbcb4e58bcf570363
                                        
                                            POST / HTTP/1.1 
Host: ocsp.usertrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         178.255.83.1
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 05 Dec 2017 14:56:21 GMT
Server: Apache
Last-Modified: Sun, 03 Dec 2017 10:16:14 GMT
Expires: Sun, 10 Dec 2017 10:16:14 GMT
Etag: 4C3AAC050F1E57F739760772C4B2686D93321101
Cache-Control: max-age=414592,public,no-transform,must-revalidate
X-OCSP-Reponder-ID: rmdccaocsp23
Content-Length: 471
Connection: close


--- Additional Info ---
Magic:  data
Size:   471
Md5:    fe290515abfd37f9f9c551493c65337a
Sha1:   4c3aac050f1e57f739760772c4b2686d93321101
Sha256: 06de4ab5a327425f068dfae33069f07e2da5c7913aadf919efcb68a1e997cdf5
                                        
                                            GET /c/hotjar-215818.js?sv=5 HTTP/1.1 
Host: static.hotjar.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://payments.incisivemedia.com/post/subsformstandard-p11/webstandard/?tc=subscribe20-2&utm_medium=email&utm_campaign=Auto%2020%25%20Discount%20Offer%20EM2&utm_source=O2O%20Lead%20Generation

                                         
                                         151.139.236.194
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 05 Dec 2017 14:56:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Etag: W/80c900b9ea5a1c6b3c64bcae9866e0b2
X-Cache-Hit: 1
Cache-Control: max-age=60
x-frame-options: SAMEORIGIN
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: content-type
Server: NetDNA-cache/2.2
X-Cache: HIT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1835
Md5:    caa93511d3b66b2c523d61dee1265ea0
Sha1:   514c16d195f60f7c94e8a4d4edf9775fd77ebfd4
Sha256: 35c5047ae5ec3c2a04933e41facb6d7ce68a99f519f7600c8c267a7f1678440b
                                        
                                            GET /rcj-99d43ead6bdf30da8ed5ffcb4f17100c.html HTTP/1.1 
Host: vars.hotjar.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://payments.incisivemedia.com/post/subsformstandard-p11/webstandard/?tc=subscribe20-2&utm_medium=email&utm_campaign=Auto%2020%25%20Discount%20Offer%20EM2&utm_source=O2O%20Lead%20Generation

                                         
                                         94.31.29.64
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Tue, 05 Dec 2017 14:56:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: Db0ty5SlQWV8QozlSs1H6VU+jU/8Rd4P5D3gGjmE6DGK7C9fgMcU3ilQ7/bAeZXaG2cUFKIl2s0=
x-amz-request-id: 9F5BF3C33E98F44D
Last-Modified: Tue, 07 Mar 2017 10:35:33 GMT
Etag: W/"99d43ead6bdf30da8ed5ffcb4f17100c"
Cache-Control: max-age=31536000
Server: NetDNA-cache/2.2
X-Cache: HIT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   869
Md5:    39312037cb450ff8520c458463e5ce54
Sha1:   c82dc86bcbbd07d266fe8a562c81fc8385efdbf5
Sha256: a8c1861553e2da5f34307fa096c6e3d2d8cd0948112a39490041736b0e212331
                                        
                                            GET /modules-ffdb204a4169e25a964a8d9a4db41061.js HTTP/1.1 
Host: script.hotjar.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://payments.incisivemedia.com/post/subsformstandard-p11/webstandard/?tc=subscribe20-2&utm_medium=email&utm_campaign=Auto%2020%25%20Discount%20Offer%20EM2&utm_source=O2O%20Lead%20Generation

                                         
                                         94.31.29.249
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 05 Dec 2017 14:56:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: Cw3tju+LfutUQ/wUmsyowZ6KftNrnkO8cyqBxUkIAg0EOX9oEoMBZoaoqXvmclVD6k5DbH2D5jY=
x-amz-request-id: D90A8130033C85A0
Last-Modified: Tue, 05 Dec 2017 13:29:27 GMT
Etag: W/"ffdb204a4169e25a964a8d9a4db41061"
Cache-Control: max-age=31536000
Server: NetDNA-cache/2.2
X-Cache: HIT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   70348
Md5:    26b91afdba392bc565ff5d957b4a274f
Sha1:   9d0b50e09078049eaa573cdfad8ce468b71b3a2a
Sha256: 2c2bc76dac27e51635511cae7c191f597c229af387190ddcbc460be31fc030a3
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: payments.incisivemedia.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __cfduid=d139907234d4b3e869df4df429dbd64271512485769; PHPSESSID=uj5cpqd8hrfb8r61rds7e6k4k7; _ga=GA1.2.1884804102.1512485773; _gid=GA1.2.1769273971.1512485773; _gat_uni=1; _gat_globalTracker=1

                                         
                                         104.25.150.97
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Tue, 05 Dec 2017 14:56:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
Strict-Transport-Security: max-age=157680000; includeSubDomains
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Tue, 12 Dec 2017 14:56:22 GMT
Cache-Control: public, max-age=604800
Server: cloudflare-nginx
CF-RAY: 3c87da0d3b164267-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   182
Md5:    e26918a572d6566f76fa74f901c866cb
Sha1:   a5dcfbfb5b613f5c482a27f230d771d5d4e22d29
Sha256: ac2206af41d4c590352b689e8c4a82a77fe82a1f27df3298b9fab1dd6572a5db
                                        
                                            GET /static/vendor/stacktrace.js/1.0.1/stacktrace-with-polyfills.min.js HTTP/1.1 
Host: static.hotjar.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://payments.incisivemedia.com/post/subsformstandard-p11/webstandard/?tc=subscribe20-2&utm_medium=email&utm_campaign=Auto%2020%25%20Discount%20Offer%20EM2&utm_source=O2O%20Lead%20Generation

                                         
                                         151.139.236.194
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 05 Dec 2017 14:56:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 09 May 2017 13:38:03 GMT
Vary: Accept-Encoding
Etag: W/"5911c63b-a51b"
Expires: Mon, 18 Dec 2017 02:29:35 GMT
Cache-Control: max-age=2592000
Access-Control-Allow-Origin: *
Server: NetDNA-cache/2.2
X-Cache: HIT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   13879
Md5:    fe7e8b0616ae909b2019bacf6b17ab63
Sha1:   b9268ded9b3dc5584fd2e3e98bd01e9018f64bf8
Sha256: 4169e48ce1fec7aae5fec066a79def883e1504da6a3660c35b4d25d7dc1a9a0a
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: payments.incisivemedia.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __cfduid=d139907234d4b3e869df4df429dbd64271512485769; PHPSESSID=uj5cpqd8hrfb8r61rds7e6k4k7; _ga=GA1.2.1884804102.1512485773; _gid=GA1.2.1769273971.1512485773; _gat_uni=1; _gat_globalTracker=1; _hjIncludedInSample=1

                                         
                                         104.25.150.97
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Tue, 05 Dec 2017 14:56:25 GMT
Transfer-Encoding: chunked
Connection: keep-alive
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
Strict-Transport-Security: max-age=157680000; includeSubDomains
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Tue, 12 Dec 2017 14:56:25 GMT
Cache-Control: public, max-age=604800
Server: cloudflare-nginx
CF-RAY: 3c87da1fe91e42b5-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   182
Md5:    e26918a572d6566f76fa74f901c866cb
Sha1:   a5dcfbfb5b613f5c482a27f230d771d5d4e22d29
Sha256: ac2206af41d4c590352b689e8c4a82a77fe82a1f27df3298b9fab1dd6572a5db
                                        
                                            GET /getgeotrustsslseal?host_name=payments.incisivemedia.com&size=S&lang=en HTTP/1.1 
Host: seal.geotrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://payments.incisivemedia.com/post/subsformstandard-p11/webstandard/?tc=subscribe20-2&utm_medium=email&utm_campaign=Auto%2020%25%20Discount%20Offer%20EM2&utm_source=O2O%20Lead%20Generation

                                         
                                         0.0.0.0
                                        


--- Additional Info ---