r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash bea3185dd820a31c1981317f37c3456d
1a548a5d27270fc11df9011837a7149571cedd78
469b97bf9f57401b3c9571039483589f2815f4794212b75c7c85cfefe0ae71e9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "469B97BF9F57401B3C9571039483589F2815F4794212B75C7C85CFEFE0AE71E9"
Last-Modified: Wed, 22 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13675
Expires: Fri, 24 Mar 2023 11:25:05 GMT
Date: Fri, 24 Mar 2023 07:37:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 210a2a42cfc4f4aced144f5de9babcc6
ece6ecfb2db8d036c3bfc7f02f8ea387e3f965db
59553a312d3fb34f1f0aea469f7e7cc810ff9993481ddbd73ea5d461cf97ed51
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "59553A312D3FB34F1F0AEA469F7E7CC810FF9993481DDBD73EA5D461CF97ED51"
Last-Modified: Wed, 22 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7496
Expires: Fri, 24 Mar 2023 09:42:06 GMT
Date: Fri, 24 Mar 2023 07:37:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash dc2752d83fbed82852248898a132467a
b27a6b4af2e07663a58cafb641513f7224c7a7c3
ea7838393d83805a7b8a2b01bd09e4423617c4da285b983a11e9ba36266810d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EA7838393D83805A7B8A2B01BD09E4423617C4DA285B983A11E9BA36266810D5"
Last-Modified: Wed, 22 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8238
Expires: Fri, 24 Mar 2023 09:54:28 GMT
Date: Fri, 24 Mar 2023 07:37:10 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 24 Mar 2023 07:15:12 GMT
content-type: application/json
age: 1318
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: XLavfWaYptQPJw3eb0aemF0hhqLzbEFY0D2oFCmwRKUvvKnCHUGfn6Sj3eO2e3jD4A5/p0SVrTc=
x-amz-request-id: 1HWNSVMS3RP06QM6
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 24 Mar 2023 06:54:23 GMT
age: 2567
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
track.ecampaignstats.com/scr/btr.php
209.148.95.13302 Found 0 B URL HTTP/1.1 track.ecampaignstats.com/scr/btr.php
IP 209.148.95.13:0
ASN #394844 ROOT-LEVEL-TECHNOLOGY
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /scr/btr.php HTTP/1.1
Host: track.ecampaignstats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Fri, 24 Mar 2023 07:37:10 GMT
Server: Apache/2.4.52 (Debian)
Location: http://www.newsandpromotions.com/special-offer/?TID=0&SID=0
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 24 Mar 2023 07:37:10 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.newsandpromotions.com/special-offer/?TID=0&SID=0
35.227.209.77200 OK 14 kB URL HTTP/1.1 www.newsandpromotions.com/special-offer/?TID=0&SID=0
IP 35.227.209.77:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash 3f1b351a479ac817ff223a573b33d9d2
91470403ee0729b3840dbe16a8f00a7ab8c5d412
84ed82d9c92c202bd699a19e2f121e760d649729dbc7cc638c947c4ab1d66f33
GET /special-offer/?TID=0&SID=0 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 07:37:11 GMT
Server: Apache
Last-Modified: Fri, 24 Mar 2023 07:32:22 GMT
Pragma: public
ETag: "3f1b351a479ac817ff223a573b33d9d2"
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
Via: 1.1 google
Cache-Control: max-age=3311,public
Transfer-Encoding: chunked
www.newsandpromotions.com/wp-content/themes/magazine-pro/style.css?ver=3.1
35.227.209.77200 OK 7.8 kB URL HTTP/1.1 www.newsandpromotions.com/wp-content/themes/magazine-pro/style.css?ver=3.1
IP 35.227.209.77:0
File type ASCII text, with very long lines (1783)
Hash 62788bc8b4ac3467cf8c92d16d3486ca
b4445f07319e971698c8c599e28a386cbcf536e1
3b83991a52832d324831f4b49cf3c3a784a2da599063cb474e5312b71b11f846
GET /wp-content/themes/magazine-pro/style.css?ver=3.1 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/?TID=0&SID=0
HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Content-Encoding: gzip
Pragma: public
Content-Length: 7771
Via: 1.1 google
Date: Fri, 24 Mar 2023 06:18:07 GMT
Age: 4744
Last-Modified: Mon, 29 Aug 2022 12:36:58 GMT
ETag: "aa26-5e76085030e80-gzip"
Content-Type: text/css
Vary: Accept-Encoding
Cache-Control: public,max-age=3600
www.newsandpromotions.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.1
35.227.209.77200 OK 12 kB URL HTTP/1.1 www.newsandpromotions.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.1
IP 35.227.209.77:0
File type ASCII text, with very long lines (43771)
Hash e5548800176e913a9084f47a3e1e04f6
eff4604acc5c26ae82a19188de2f98bf5b79d80c
a2569c768eaca09f2483b971fcebb97badd57c9a16b5ae3e16b8cdcd8c688b07
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.1 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/?TID=0&SID=0
HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Content-Encoding: gzip
Pragma: public
Content-Length: 11681
Via: 1.1 google
Date: Fri, 24 Mar 2023 06:21:02 GMT
Age: 4569
Last-Modified: Wed, 17 Aug 2022 12:20:12 GMT
ETag: "15b64-5e66ee2f43700-gzip"
Content-Type: text/css
Vary: Accept-Encoding
Cache-Control: public,max-age=3600
www.newsandpromotions.com/wp-content/plugins/ultimate-social-media-plus/css/disable_sfsi.css?ver=6.0.1
35.227.209.77200 OK 93 B URL HTTP/1.1 www.newsandpromotions.com/wp-content/plugins/ultimate-social-media-plus/css/disable_sfsi.css?ver=6.0.1
IP 35.227.209.77:0
File type ASCII text, with CRLF line terminators
Hash 8544c5733382fa68cb14455d8ad0a3ff
22220e847e614e2405975a7f65732ea8ec478633
9284dea1753fc3f5c5a46cfdacbad17087df6e179cf2a40d96df454d5cd5f74d
GET /wp-content/plugins/ultimate-social-media-plus/css/disable_sfsi.css?ver=6.0.1 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/?TID=0&SID=0
HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Content-Encoding: gzip
Pragma: public
Content-Length: 93
Via: 1.1 google
Date: Fri, 24 Mar 2023 05:54:45 GMT
Age: 6146
Last-Modified: Mon, 29 Aug 2022 13:11:11 GMT
ETag: "4e-5e760ff6159c0-gzip"
Content-Type: text/css
Vary: Accept-Encoding
Cache-Control: public,max-age=3600
www.newsandpromotions.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.2
35.227.209.77200 OK 972 B URL HTTP/1.1 www.newsandpromotions.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.2
IP 35.227.209.77:0
Hash 8bf268dfcca7cb20719b7ea14373ef4a
58bd839bbf0e8cc082f0a488b538b4ec71bebd2e
eece4a14939273c7af07bce8bab3a6cfc2c9de44c0eea82cc886abac13cb3870
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.2 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/?TID=0&SID=0
HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Content-Encoding: gzip
Pragma: public
Content-Length: 972
Via: 1.1 google
Date: Fri, 24 Mar 2023 05:47:51 GMT
Last-Modified: Mon, 29 Aug 2022 13:14:18 GMT
ETag: "aab-5e7610a86be80-gzip"
Content-Type: text/css
Vary: Accept-Encoding
Age: 6560
Cache-Control: public,max-age=3600
www.newsandpromotions.com/wp-content/plugins/ultimate-social-media-plus/css/sfsi-style.css?ver=3.5.1
35.227.209.77200 OK 15 kB URL HTTP/1.1 www.newsandpromotions.com/wp-content/plugins/ultimate-social-media-plus/css/sfsi-style.css?ver=3.5.1
IP 35.227.209.77:0
File type ASCII text, with CRLF line terminators
Hash a8f50bce699e88944d946862d94fd5cf
156fca342a4be8e956bb1d0ada646146c4631a0d
65a5423ebde85b72a97a1bacff94b6f375a96dd95039b98e7a534dae20a67271
GET /wp-content/plugins/ultimate-social-media-plus/css/sfsi-style.css?ver=3.5.1 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/?TID=0&SID=0
HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Content-Encoding: gzip
Pragma: public
Content-Length: 14652
Via: 1.1 google
Date: Fri, 24 Mar 2023 05:47:48 GMT
Last-Modified: Mon, 29 Aug 2022 13:11:11 GMT
ETag: "19115-5e760ff6159c0-gzip"
Content-Type: text/css
Vary: Accept-Encoding
Age: 6563
Cache-Control: public,max-age=3600
www.newsandpromotions.com/wp-content/plugins/m-wp-popup/css/popup-styles.css?ver=1.0
35.227.209.77200 OK 1.9 kB URL HTTP/1.1 www.newsandpromotions.com/wp-content/plugins/m-wp-popup/css/popup-styles.css?ver=1.0
IP 35.227.209.77:0
Hash e8959c24dbe5a45744af288f9ff0f7e0
91fa49535c770697985e06a2ade004977b578c2c
7444568ab19d9d35b8876eff1fb3818b8d21634e764738204bee2ca0bb81eea9
GET /wp-content/plugins/m-wp-popup/css/popup-styles.css?ver=1.0 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/?TID=0&SID=0
HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Content-Encoding: gzip
Pragma: public
Content-Length: 1875
Via: 1.1 google
Date: Fri, 24 Mar 2023 05:47:48 GMT
Last-Modified: Mon, 29 Aug 2022 12:36:58 GMT
ETag: "1bdc-5e76085030e80-gzip"
Content-Type: text/css
Vary: Accept-Encoding
Age: 6563
Cache-Control: public,max-age=3600
www.newsandpromotions.com/wp-content/plugins/genesis-responsive-slider/assets/style.css?ver=1.0.1
35.227.209.77200 OK 1.5 kB URL HTTP/1.1 www.newsandpromotions.com/wp-content/plugins/genesis-responsive-slider/assets/style.css?ver=1.0.1
IP 35.227.209.77:0
Hash baa280ba652ff315f49d25fde759ce8c
60bdf95b25ba644119f8c8c0bd507e83d18fe313
db6c7ba05ae612626911da903629b251115127d8c413ab9f7b7f9b8e49c254da
GET /wp-content/plugins/genesis-responsive-slider/assets/style.css?ver=1.0.1 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/?TID=0&SID=0
HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Content-Encoding: gzip
Pragma: public
Content-Length: 1470
Via: 1.1 google
Date: Fri, 24 Mar 2023 06:02:55 GMT
Last-Modified: Mon, 29 Aug 2022 13:18:47 GMT
ETag: "1066-5e7611a8f5bc0-gzip"
Content-Type: text/css
Vary: Accept-Encoding
Age: 5656
Cache-Control: public,max-age=3600
www.newsandpromotions.com/wp-includes/css/dashicons.min.css?ver=6.0.1
35.227.209.77200 OK 36 kB URL HTTP/1.1 www.newsandpromotions.com/wp-includes/css/dashicons.min.css?ver=6.0.1
IP 35.227.209.77:0
File type ASCII text, with very long lines (58981)
Hash 00492d322e5572c7abc3e8701b6c52c1
0802ac2c8280ce7c98af881b1d49ec682acbf314
8bc01632cbc3ab834e04141d444ff82b05a4691444d70a9860477710e330b824
GET /wp-includes/css/dashicons.min.css?ver=6.0.1 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/?TID=0&SID=0
HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Content-Encoding: gzip
Pragma: public
Content-Length: 35730
Via: 1.1 google
Date: Fri, 24 Mar 2023 05:46:33 GMT
Age: 6638
Last-Modified: Wed, 17 Aug 2022 12:20:12 GMT
ETag: "e688-5e66ee2f43700-gzip"
Content-Type: text/css
Vary: Accept-Encoding
Cache-Control: public,max-age=3600
tags.clickagy.com/data.js?rnd=5a7223b9ea03d
104.18.3.235301 Moved Permanently 0 B URL HTTP/1.1 tags.clickagy.com/data.js?rnd=5a7223b9ea03d
IP 104.18.3.235:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /data.js?rnd=5a7223b9ea03d HTTP/1.1
Host: tags.clickagy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
HTTP/1.1 301 Moved Permanently
Date: Fri, 24 Mar 2023 07:37:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 24 Mar 2023 08:37:11 GMT
Location: https://tags.clickagy.com/data.js?rnd=5a7223b9ea03d
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7acd3f55983fb4f3-OSL
alt-svc: h2=":443"; ma=60
fonts.googleapis.com/css?family=Roboto%3A300%2C400%7CRaleway%3A400%2C500%2C900&ver=3.1
172.217.21.170200 OK 729 B URL HTTP/1.1 fonts.googleapis.com/css?family=Roboto%3A300%2C400%7CRaleway%3A400%2C500%2C900&ver=3.1
IP 172.217.21.170:0
Hash b79489dd57e93c021e1d65fde195f080
6a8f970d42b5932c5001ab9b155317cabb6b30ef
dbba7e3c612104f334b16d8e1ca1a904bd7c797c8157945187f719f3e0abc1bb
GET /css?family=Roboto%3A300%2C400%7CRaleway%3A400%2C500%2C900&ver=3.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.newsandpromotions.com
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Fri, 24 Mar 2023 07:37:11 GMT
Date: Fri, 24 Mar 2023 07:37:11 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
www.newsandpromotions.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
35.227.209.77200 OK 4.2 kB URL HTTP/1.1 www.newsandpromotions.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 35.227.209.77:0
File type ASCII text, with very long lines (11126)
Hash 5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/?TID=0&SID=0
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 07:37:11 GMT
Server: Apache
Last-Modified: Wed, 17 Aug 2022 12:20:12 GMT
ETag: "2bd8-5e66ee2f43700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Pragma: public
Cache-Control: public
Content-Length: 4169
Content-Type: application/x-javascript
Via: 1.1 google
www.newsandpromotions.com/wp-content/themes/magazine-pro/js/entry-date.js?ver=1.0.0
35.227.209.77200 OK 238 B URL HTTP/1.1 www.newsandpromotions.com/wp-content/themes/magazine-pro/js/entry-date.js?ver=1.0.0
IP 35.227.209.77:0
File type ASCII text, with CRLF, CR line terminators
Hash 9189d2cd8683d69ebfcc54ded48b0290
814efa08db55b511c39343d87a645144ba918725
35e0e8422be99faaa330f6906a9af741de840c3b9da85203906f0f251d4391eb
GET /wp-content/themes/magazine-pro/js/entry-date.js?ver=1.0.0 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/?TID=0&SID=0
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 07:37:11 GMT
Server: Apache
Last-Modified: Mon, 29 Aug 2022 12:36:58 GMT
ETag: "17c-5e76085030e80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Pragma: public
Cache-Control: public
Content-Length: 238
Content-Type: application/x-javascript
Via: 1.1 google
www.newsandpromotions.com/wp-content/plugins/advanced-ads/public/assets/js/advanced.min.js?ver=1.35.1
35.227.209.77200 OK 2.5 kB URL HTTP/1.1 www.newsandpromotions.com/wp-content/plugins/advanced-ads/public/assets/js/advanced.min.js?ver=1.35.1
IP 35.227.209.77:0
File type ASCII text, with very long lines (7187), with no line terminators
Hash 2f3ef429b9c2572bbbcaebc51c08f773
8fc6e050cf13b0f60fe950843b3abdedc35f62c8
d6617f504d115075b9944e9d939fa2df521f40036f77d825567b43740fa8fd0c
GET /wp-content/plugins/advanced-ads/public/assets/js/advanced.min.js?ver=1.35.1 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/?TID=0&SID=0
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 07:37:11 GMT
Server: Apache
Last-Modified: Mon, 29 Aug 2022 13:13:19 GMT
ETag: "1c13-5e761070279c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Pragma: public
Cache-Control: public
Content-Length: 2547
Content-Type: application/x-javascript
Via: 1.1 google
www.newsandpromotions.com/wp-content/plugins/m-wp-popup/js/wpp-popup-frontend.js?ver=1.0
35.227.209.77200 OK 11 kB URL HTTP/1.1 www.newsandpromotions.com/wp-content/plugins/m-wp-popup/js/wpp-popup-frontend.js?ver=1.0
IP 35.227.209.77:0
File type Unicode text, UTF-8 text, with very long lines (20087)
Hash 74e85f4cfdbc29304a9da2382ecf19cc
f8ba9ce2a03d96b79da158910cec16db6071aa25
b84b53a1237aa2aa9bc6c9310b1e918b4c188d8669cbc8eda279d1a94b7cb588
GET /wp-content/plugins/m-wp-popup/js/wpp-popup-frontend.js?ver=1.0 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/?TID=0&SID=0
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 07:37:11 GMT
Server: Apache
Last-Modified: Mon, 29 Aug 2022 12:36:58 GMT
ETag: "8cd5-5e76085030e80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Pragma: public
Cache-Control: public
Content-Length: 11107
Content-Type: application/x-javascript
Via: 1.1 google
www.newsandpromotions.com/wp-content/themes/magazine-pro/js/responsive-menu.js?ver=1.0.0
35.227.209.77200 OK 339 B URL HTTP/1.1 www.newsandpromotions.com/wp-content/themes/magazine-pro/js/responsive-menu.js?ver=1.0.0
IP 35.227.209.77:0
Hash 5e6c107b2464d43a3477b1ed9c5c5708
e637405a68c69ee5ba2fc959532f3c8478567b56
678eb59f05f37b3098442f3e6723bf8a8bb884583d35d113c62a1c0dc801653c
GET /wp-content/themes/magazine-pro/js/responsive-menu.js?ver=1.0.0 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/?TID=0&SID=0
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 07:37:11 GMT
Server: Apache
Last-Modified: Mon, 29 Aug 2022 12:36:58 GMT
ETag: "363-5e76085030e80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Pragma: public
Cache-Control: public
Content-Length: 339
Content-Type: application/x-javascript
Via: 1.1 google
www.newsandpromotions.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
35.227.209.77200 OK 31 kB URL HTTP/1.1 www.newsandpromotions.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 35.227.209.77:0
File type ASCII text, with very long lines (65447)
Hash 9640915738503451aa21181699feab5b
c053eaf36ef0da96619706b3abda326305063bd6
f8834e669ad1f4039442c26aaa373ec39c35a233b9786d374fc3f670f16b0adc
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/?TID=0&SID=0
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 07:37:11 GMT
Server: Apache
Last-Modified: Wed, 17 Aug 2022 12:20:12 GMT
ETag: "15db1-5e66ee2f43700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Pragma: public
Cache-Control: public
Content-Length: 30908
Content-Type: application/x-javascript
Via: 1.1 google
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Last-Modified, Retry-After, Content-Length, Alert, Cache-Control, Expires, Content-Type, Backoff, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 24 Mar 2023 07:17:23 GMT
age: 1188
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.newsandpromotions.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
35.227.209.77200 OK 2.5 kB URL HTTP/1.1 www.newsandpromotions.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 35.227.209.77:0
File type ASCII text, with very long lines (6475), with no line terminators
Hash 27cbbd0a9d7c5ad9402118c4afc36035
7659d08a005f5ecfa6c779e3cda45c30007fd059
ebc771d0af626966e38535357861fab0090e0bd7ff346cbe3c7ffdde1683809f
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/?TID=0&SID=0
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 07:37:11 GMT
Server: Apache
Last-Modified: Wed, 17 Aug 2022 12:20:12 GMT
ETag: "194b-5e66ee2f43700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Pragma: public
Cache-Control: public
Content-Length: 2457
Content-Type: application/x-javascript
Via: 1.1 google
www.newsandpromotions.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
35.227.209.77200 OK 7.1 kB URL HTTP/1.1 www.newsandpromotions.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 35.227.209.77:0
File type Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Hash 2f4fcc5a628b379672d76b7e91cbdf07
9d72f2c9cbc1e9b036360acfce8c8ccc8b832b8c
a360f715a418026d2e1acd81c02c83233d0c0b60fdf4ce0b4d33562925d6a0b5
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/?TID=0&SID=0
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 07:37:11 GMT
Server: Apache
Last-Modified: Wed, 17 Aug 2022 12:20:12 GMT
ETag: "4ac6-5e66ee2f43700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Pragma: public
Cache-Control: public
Content-Length: 7095
Content-Type: application/x-javascript
Via: 1.1 google
www.newsandpromotions.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
35.227.209.77200 OK 6.9 kB URL HTTP/1.1 www.newsandpromotions.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP 35.227.209.77:0
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 7e2b78a6e8a9b90385330755ee1cf3e5
684c325f39d45e42ae44a9e42f5e9fe4fb0b909c
43f124dabb4bc663cc1cc8d3161c1e6365cf8445d873ed5d69bbfdb507cf24a9
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/?TID=0&SID=0
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 07:37:11 GMT
Server: Apache
Last-Modified: Wed, 17 Aug 2022 12:20:12 GMT
ETag: "50eb-5e66ee2f43700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Pragma: public
Cache-Control: public
Content-Length: 6914
Content-Type: application/x-javascript
Via: 1.1 google
www.newsandpromotions.com/wp-content/plugins/ultimate-social-media-plus/js/shuffle/modernizr.custom.min.js?ver=6.0.1
35.227.209.77200 OK 1.5 kB URL HTTP/1.1 www.newsandpromotions.com/wp-content/plugins/ultimate-social-media-plus/js/shuffle/modernizr.custom.min.js?ver=6.0.1
IP 35.227.209.77:0
File type HTML document, ASCII text, with very long lines (2861), with CRLF line terminators
Hash 89b09e7949c84785295ba10ec9a7b221
07d9364fab4325c9aa57dcb34a13e1fc257fda70
7e28285d9ee6c93786cb59bf8a7e21f6af82fa04ec4d45dd220807b374ffce7f
GET /wp-content/plugins/ultimate-social-media-plus/js/shuffle/modernizr.custom.min.js?ver=6.0.1 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/?TID=0&SID=0
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 07:37:11 GMT
Server: Apache
Last-Modified: Mon, 29 Aug 2022 13:11:11 GMT
ETag: "c07-5e760ff6159c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Pragma: public
Cache-Control: public
Content-Length: 1493
Content-Type: application/x-javascript
Via: 1.1 google
www.newsandpromotions.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.2
35.227.209.77200 OK 6.6 kB URL HTTP/1.1 www.newsandpromotions.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.2
IP 35.227.209.77:0
File type ASCII text, with very long lines (21905), with no line terminators
Hash 38b247e8125da1a0dd504e02d8b6d2b7
2fbec20b65e15f0fa6355281036f00374dc9a1c2
52b2b12cee3c2999c8f2af3664c060144e0f8dba790602846584a1bd42442c82
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.2 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/?TID=0&SID=0
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 07:37:11 GMT
Server: Apache
Last-Modified: Mon, 29 Aug 2022 13:14:18 GMT
ETag: "5591-5e7610a86be80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Pragma: public
Cache-Control: public
Content-Length: 6564
Content-Type: application/x-javascript
Via: 1.1 google
www.newsandpromotions.com/wp-content/plugins/ultimate-social-media-plus/js/custom.js?ver=3.5.1
35.227.209.77200 OK 7.1 kB URL HTTP/1.1 www.newsandpromotions.com/wp-content/plugins/ultimate-social-media-plus/js/custom.js?ver=3.5.1
IP 35.227.209.77:0
File type Unicode text, UTF-8 text, with very long lines (993), with CRLF line terminators
Hash c9cfd412b9c84cf23747249ea9109dce
ddaf50581f707a2ebcd62e572575ba5fe85f55db
9da8dbeda92938db9def60a11b037c10b99ed20bcf7bc90136767e7bfd3c2632
GET /wp-content/plugins/ultimate-social-media-plus/js/custom.js?ver=3.5.1 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/?TID=0&SID=0
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 07:37:11 GMT
Server: Apache
Last-Modified: Mon, 29 Aug 2022 13:11:11 GMT
ETag: "90a8-5e760ff6159c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Pragma: public
Cache-Control: public
Content-Length: 7101
Content-Type: application/x-javascript
Via: 1.1 google
www.newsandpromotions.com/wp-content/uploads/2016/12/newspromotions-1.png
35.227.209.77200 OK 4.5 kB URL HTTP/1.1 www.newsandpromotions.com/wp-content/uploads/2016/12/newspromotions-1.png
IP 35.227.209.77:0
File type PNG image data, 380 x 90, 8-bit colormap, non-interlaced\012- data
Hash f5ead7ade67fa940b01008f1f2df4ce2
479e6ebdf0ce7e3345f70ca3e78c0c9398f76e64
5c61ddd4f7ab45d1ca4f263ae05f6814284e8e13d39f7acd4df221a2c1202d90
GET /wp-content/uploads/2016/12/newspromotions-1.png HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/?TID=0&SID=0
HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Content-Length: 4511
Pragma: public
Via: 1.1 google
Date: Fri, 24 Mar 2023 06:02:55 GMT
Age: 5656
Last-Modified: Fri, 02 Dec 2016 16:33:23 GMT
ETag: "119f-542af7f1efac0"
Content-Type: image/png
Vary: Accept-Encoding
Cache-Control: public,max-age=3600
www.newsandpromotions.com/wp-content/plugins/genesis-responsive-slider/assets/js/jquery.flexslider.js?ver=1.0.1
35.227.209.77200 OK 5.7 kB URL HTTP/1.1 www.newsandpromotions.com/wp-content/plugins/genesis-responsive-slider/assets/js/jquery.flexslider.js?ver=1.0.1
IP 35.227.209.77:0
Hash 866f7386c0588b123ee6800c3e37f3a4
3dab827923bdb93cc34313dc23644e6716dbc371
81d6ef03dbd667964728549b04cc93daa8c59e3f7546c2e1696c08a13d8a5ad8
GET /wp-content/plugins/genesis-responsive-slider/assets/js/jquery.flexslider.js?ver=1.0.1 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/?TID=0&SID=0
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 07:37:11 GMT
Server: Apache
Last-Modified: Mon, 29 Aug 2022 13:18:47 GMT
ETag: "6a6d-5e7611a8f5bc0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Pragma: public
Cache-Control: public
Content-Length: 5652
Content-Type: application/x-javascript
Via: 1.1 google
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.newsandpromotions.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15744
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 22 Mar 2023 18:05:14 GMT
Expires: Thu, 21 Mar 2024 18:05:14 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Wed, 11 May 2022 19:24:48 GMT
Content-Type: font/woff2
Age: 135117
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.newsandpromotions.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15740
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 22 Mar 2023 18:05:31 GMT
Expires: Thu, 21 Mar 2024 18:05:31 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Wed, 11 May 2022 19:24:56 GMT
Content-Type: font/woff2
Age: 135100
www.newsandpromotions.com/wp-content/uploads/2021/05/lead-img-colonial-pipeline-paid-bitcoin-ransomware-150x150.jpg
35.227.209.77200 OK 7.4 kB URL HTTP/1.1 www.newsandpromotions.com/wp-content/uploads/2021/05/lead-img-colonial-pipeline-paid-bitcoin-ransomware-150x150.jpg
IP 35.227.209.77:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Hash 06414e2c01a026af4c01ecfe2a452f4f
fd87ad283df65c69bc9a8228c01bdb6485b161c9
05cbe0eb63271667225aa3f633752f33320920a81377672462140256ff8f9c8a
GET /wp-content/uploads/2021/05/lead-img-colonial-pipeline-paid-bitcoin-ransomware-150x150.jpg HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/?TID=0&SID=0
HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Content-Length: 7382
Pragma: public
Via: 1.1 google
Date: Fri, 24 Mar 2023 06:43:02 GMT
Age: 3249
Last-Modified: Thu, 13 May 2021 20:32:39 GMT
ETag: "1cd6-5c23c073fc7c0"
Content-Type: image/jpeg
Vary: Accept-Encoding
Cache-Control: public,max-age=3600
www.newsandpromotions.com/wp-content/uploads/2021/05/image1-2-150x150.png
35.227.209.77200 OK 16 kB URL HTTP/1.1 www.newsandpromotions.com/wp-content/uploads/2021/05/image1-2-150x150.png
IP 35.227.209.77:0
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash fd7d2f80645a97b79561ace685e068cb
8c25f1757eabff5f3f2bc58f2479fd35903687d6
4f7166cc360d114d3279967bae732d3eab578ad1f4ea9cedd9c349e9a5eaed37
GET /wp-content/uploads/2021/05/image1-2-150x150.png HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/?TID=0&SID=0
HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Content-Length: 15807
Pragma: public
Via: 1.1 google
Date: Fri, 24 Mar 2023 05:47:51 GMT
Age: 6560
Last-Modified: Thu, 13 May 2021 20:32:29 GMT
ETag: "3dbf-5c23c06a73140"
Content-Type: image/png
Vary: Accept-Encoding
Cache-Control: public,max-age=3600
fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
216.58.207.227200 OK 46 kB URL HTTP/1.1 fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 46524, version 1.0\012- data
Hash c1fd378f54921c75e4ae1821e7b8fff6
2ce96e97783b2f154d07f4464ca6f8eb2469f2c1
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
GET /s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.newsandpromotions.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 46524
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 22 Mar 2023 17:34:44 GMT
Expires: Thu, 21 Mar 2024 17:34:44 GMT
Cache-Control: public, max-age=31536000
Age: 136947
Last-Modified: Mon, 18 Jul 2022 19:58:01 GMT
Content-Type: font/woff2
www.newsandpromotions.com/wp-content/uploads/2021/05/5f457a9389aff80028ab7e63-150x150.jpeg
35.227.209.77200 OK 7.0 kB URL HTTP/1.1 www.newsandpromotions.com/wp-content/uploads/2021/05/5f457a9389aff80028ab7e63-150x150.jpeg
IP 35.227.209.77:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Hash 2163bbe8ee8cf486e780d0b9f56ab3c1
9afd37dcd58ffc0b1d1f0af5d1aede8d0df772c8
98978ca510c9861cfdd523c3f518a6d4f0706c75394f006bc6fe0d58c3334fbe
GET /wp-content/uploads/2021/05/5f457a9389aff80028ab7e63-150x150.jpeg HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/?TID=0&SID=0
HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Content-Length: 7011
Pragma: public
Via: 1.1 google
Date: Fri, 24 Mar 2023 06:02:55 GMT
Age: 5656
Last-Modified: Thu, 13 May 2021 20:09:23 GMT
ETag: "1b63-5c23bb40a82c0"
Content-Type: image/jpeg
Vary: Accept-Encoding
Cache-Control: public,max-age=3600
www.newsandpromotions.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.1
35.227.209.77200 OK 5.0 kB URL HTTP/1.1 www.newsandpromotions.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.1
IP 35.227.209.77:0
File type ASCII text, with very long lines (15660)
Hash e6624e0b978e6ddba476be41aaaa82df
822e920d8233072110ed7c8a7f379e5b13209b18
dac86a9ce08e4d8cded47b4fa900a664b0c997d8910c2a1be54a423678925a41
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.1 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/?TID=0&SID=0
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 07:37:11 GMT
Server: Apache
Last-Modified: Wed, 17 Aug 2022 12:20:12 GMT
ETag: "48b9-5e66ee2f43700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Pragma: public
Cache-Control: public
Content-Length: 5009
Content-Type: application/x-javascript
Via: 1.1 google
tags.clickagy.com/data.js?rnd=5a7223b9ea03d
104.18.3.235200 OK 16 kB URL HTTP/2 tags.clickagy.com/data.js?rnd=5a7223b9ea03d
IP 104.18.3.235:0
Hash 4b3d4f4aea4c7310e5eabd7f0607c08e
cb970941c577001fac133113a218afaabf8a7f1d
d0beae5d10a2449fb68925054a382fb8f2b862b0765bfbc5e648224dc344bf8d
GET /data.js?rnd=5a7223b9ea03d HTTP/1.1
Host: tags.clickagy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.newsandpromotions.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 24 Mar 2023 07:37:11 GMT
content-type: application/javascript
last-modified: Wed, 11 Jan 2023 20:57:47 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: swy_aEi2mFevUnIx1k7ucq8H7V0abBgM
content-encoding: gzip
etag: W/"7dc7bc84811d5ae6527d61d30e0e1f4d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ba761cfda8bfa6cbda2b6c433d6201f6.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: a-s9xZKXXuE7cTj9UtouKfe95_kCVIRb1Pz9xy5isg-oIQlIJbaeBQ==
age: 46626
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7acd3f5618f8fac0-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 18b877ebbad1529e4bd91e12220d91c4
a3d64fb3d9cc1fe3a29b261c4ec9acfe134dfedc
7001d3ef847c7002ac15155f0dfcc0a369f19860e85c8e90530f1e7b2dd88f09
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7001D3EF847C7002AC15155F0DFCC0A369F19860E85C8E90530F1E7B2DD88F09"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21064
Expires: Fri, 24 Mar 2023 13:28:15 GMT
Date: Fri, 24 Mar 2023 07:37:11 GMT
Connection: keep-alive
cdn.fqtag.com/1.27.339-ccfb11a/pixel.js
35.190.36.172200 OK 90 kB URL HTTP/1.1 cdn.fqtag.com/1.27.339-ccfb11a/pixel.js
IP 35.190.36.172:0
File type ASCII text, with very long lines (31986)
Hash e0eff30579598f76147c9ea12f490d21
f0bf2ef576db440b275bdae3d6abac35e59a33b2
e70a34c5f232fa80328a361630a994cf847c54deb926f13d40be4807291b657b
GET /1.27.339-ccfb11a/pixel.js HTTP/1.1
Host: cdn.fqtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
HTTP/1.1 200 OK
X-GUploader-UploadID: ADPycdv6g8Pjhf2OAu4MAcbQ9asrlDaGndvj4-C57NRVeInfptlnXxrJ7Yup1AD9Zg3xVFQX876AM-eq7QbotjbFxSmOeWn_X2ev
x-goog-generation: 1611776924905378
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 89647
Content-Language: en
x-goog-hash: crc32c=YwE4YA==, md5=4O/zBXlZj3YUfJ6hL0kNIQ==
x-goog-expiration: Sun, 11 Nov 2294 19:48:44 GMT
x-goog-storage-class: MULTI_REGIONAL
Accept-Ranges: bytes
Content-Length: 89647
Server: UploadServer
Date: Fri, 24 Mar 2023 07:21:32 GMT
Expires: Fri, 24 Mar 2023 08:21:32 GMT
Cache-Control: public, max-age=3600
Age: 939
Last-Modified: Wed, 27 Jan 2021 19:48:44 GMT
ETag: "e0eff30579598f76147c9ea12f490d21"
Content-Type: application/javascript
Vary: X-Goog-Allowed-Resources
www.newsandpromotions.com/wp-content/uploads/2021/05/1620912671_blueprint-api-production.s3.amazonaws-150x150.com
35.227.209.77200 OK 7.1 kB URL HTTP/1.1 www.newsandpromotions.com/wp-content/uploads/2021/05/1620912671_blueprint-api-production.s3.amazonaws-150x150.com
IP 35.227.209.77:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Hash de072c04a4f89d081fb5aba294842f6b
542e7574d8202ef6fd157fc7050c053f32814d04
f08dccdc1054a4c83e6fafa075bde0ac227e6fc5c56d7b9e981039ab8032409a
GET /wp-content/uploads/2021/05/1620912671_blueprint-api-production.s3.amazonaws-150x150.com HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/?TID=0&SID=0
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 07:37:11 GMT
Server: Apache
Last-Modified: Thu, 13 May 2021 13:31:10 GMT
ETag: "1bae-5c23623e84380"
Accept-Ranges: bytes
Content-Length: 7086
Vary: User-Agent
Content-Type: application/x-msdownload
Via: 1.1 google
c.fqtag.com/pixel
35.190.72.161204 No Content 0 B IP 35.190.72.161:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /pixel HTTP/1.1
Host: c.fqtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: text/plain; charset=utf-8
Content-Length: 2366
Origin: http://www.newsandpromotions.com
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
HTTP/1.1 204 No Content
Access-Control-Allow-Origin: *
Date: Fri, 24 Mar 2023 07:37:11 GMT
Via: 1.1 google
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 9de3fd7f207174b33061ffdbf194b64b
d904dac019eaee11713018388d37162d88c4e2b3
f62edab59450b55c4ff78fcdb1f4ab2073fd060a09a517c8fba0d784eb1ce64b
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 24 Mar 2023 07:37:11 GMT
Last-Modified: Fri, 24 Mar 2023 06:01:13 GMT
Server: ECAcc (nya/7919)
X-Cache: Miss from cloudfront
Via: 1.1 3bff78035f818b6a3185b0f5f4586410.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: vkWokxzqXTo9yt6yS6VH9vm6gZcwsfhuAosh8sKOuzgMABUDZ7t_Wg==
Age: 5758
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 9de3fd7f207174b33061ffdbf194b64b
d904dac019eaee11713018388d37162d88c4e2b3
f62edab59450b55c4ff78fcdb1f4ab2073fd060a09a517c8fba0d784eb1ce64b
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 24 Mar 2023 07:37:11 GMT
Last-Modified: Fri, 24 Mar 2023 06:00:11 GMT
Server: ECAcc (bsa/EB2E)
X-Cache: Miss from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: wv2aQ5RMSO1-hE4KgIGYsQKV9HBPcNnnRe3sIejXAdwyLgiJvpxP8g==
Age: 5820
push.services.mozilla.com/
35.81.224.51101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.81.224.51:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: x3VA8CygasP7/ZLlXrRwAg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Ije4+sWkPtqawKIiAXEroLq0UVo=
aorta.clickagy.com/data
34.202.66.243200 OK 82 B IP 34.202.66.243:0
File type JSON data\012- , ASCII text, with no line terminators
Hash a8653a916713e224e5c4604f0c7fdc51
52019ddeaa1c1442f4ee137d94874eb36a49b1df
3e7b654c54f990a92b805cf1c1a10108f2f016f96ff5f965fe138c32eff9c1de
POST /data HTTP/1.1
Host: aorta.clickagy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 209
Origin: http://www.newsandpromotions.com
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 24 Mar 2023 07:37:12 GMT
content-type: application/json
content-length: 82
server: Aorta/20230321.b911db394
x-aorta-host: 346ba51376ae
x-aorta-region: us-east-1
access-control-allow-credentials: true
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
access-control-expose-headers: Set-Cookie
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://www.newsandpromotions.com
access-control-max-age: 31536000
cache-control: no-cache, no-store, must-revalidate
expect: 0
content-encoding: gzip
X-Firefox-Spdy: h2
aorta.clickagy.com/pixel.gif?clkgypv=jstag
34.202.66.243302 Found 0 B URL HTTP/2 aorta.clickagy.com/pixel.gif?clkgypv=jstag
IP 34.202.66.243:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel.gif?clkgypv=jstag HTTP/1.1
Host: aorta.clickagy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 24 Mar 2023 07:37:12 GMT
content-type: application/json
content-length: 0
location: https://idsync.rlcdn.com/420246.gif?partner_uid=c:a59f007fbf3384ccc33cc586d5d348f0
server: Aorta/20230321.b911db394
x-aorta-host: d051b86bd2fc
x-aorta-region: us-east-1
access-control-allow-credentials: true
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
access-control-expose-headers: Set-Cookie
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 31536000
cache-control: no-cache, no-store, must-revalidate
expect: 0
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-31899.js?sv=5
54.230.111.113301 Moved Permanently 167 B URL HTTP/1.1 static.hotjar.com/c/hotjar-31899.js?sv=5
IP 54.230.111.113:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /c/hotjar-31899.js?sv=5 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Fri, 24 Mar 2023 07:37:12 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://static.hotjar.com/c/hotjar-31899.js?sv=5
X-Cache: Redirect from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: c2WITXIBIenNk_v2Nng8eWalaQN-Izbake0boh9UtzO-Mde2zTEd3g==
cdn.luckyorange.com/w.js
104.26.4.244301 Moved Permanently 0 B IP 104.26.4.244:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /w.js HTTP/1.1
Host: cdn.luckyorange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
HTTP/1.1 301 Moved Permanently
Date: Fri, 24 Mar 2023 07:37:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 24 Mar 2023 08:37:12 GMT
Location: https://cdn.luckyorange.com/w.js
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zyd2y%2FK4RKKmXFUeBAbdrWvdhSFqhtJ%2FJqjxIwenOcW6X6PoUekkL2LWrgDkNhTS4JRfMysrC1Exmp5BU5v%2Bsz%2FiffyV5Y%2FIBSHtBAbzuKpZbUaHRiBvOBMNYTccUjuP0CFr2qo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7acd3f5b6fd50b51-OSL
alt-svc: h2=":443"; ma=60
www.newsandpromotions.com/wp-content/plugins/genesis-favicon-uploader/favicons/favicon.ico
35.227.209.77200 OK 370 B URL HTTP/1.1 www.newsandpromotions.com/wp-content/plugins/genesis-favicon-uploader/favicons/favicon.ico
IP 35.227.209.77:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 1f398bbf1c2563bab04033939d969ef9
fe8decbaad3b46bca9756a0c424c24b70b8c8f24
338f006ae8db3202c7f93467d19acab859a85b0204be887cb527df381d4257f5
GET /wp-content/plugins/genesis-favicon-uploader/favicons/favicon.ico HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/?TID=0&SID=0
HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Content-Encoding: gzip
Pragma: public
Content-Length: 370
Via: 1.1 google
Date: Fri, 24 Mar 2023 06:43:11 GMT
Last-Modified: Mon, 29 Aug 2022 12:36:58 GMT
ETag: "47c-5e76085030e80-gzip"
Content-Type: image/x-icon
Vary: Accept-Encoding
Age: 3241
Cache-Control: public,max-age=3600
cdn.taboola.com/libtrc/newsandpromotions/loader.js
151.101.129.44200 OK 14 kB URL HTTP/1.1 cdn.taboola.com/libtrc/newsandpromotions/loader.js
IP 151.101.129.44:0
File type ASCII text, with very long lines (32016)
Hash b059d489918fb33e248673a72ed8d7b5
22325ae69925a59c51c0fe4af0551c40431615dc
a4140fb94f3077ec71647d5617bf87e84928557738d8889d1b0da8b3e032edd0
GET /libtrc/newsandpromotions/loader.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 13717
x-amz-id-2: icP4gaxJ3IPKEy5ZEpjttGfvr5JmnxGCg7dURsXMk16HfiS/b/jrnpddJ0Wyi6p02M45IoZ30F8=
x-amz-request-id: SBAYHVJ5C1ZYS5T6
x-amz-replication-status: COMPLETED
Last-Modified: Sun, 17 Apr 2016 12:00:52 GMT
ETag: "b6297b83e8345e890ff1c5b8f1a1ee9d"
x-amz-version-id: 1.vZczLY5A5Fi2f8g6dyocx9EAdIVCZy
Content-Type: application/javascript; charset=utf-8
Server: AmazonS3
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Fri, 24 Mar 2023 07:37:12 GMT
Via: 1.1 varnish
Age: 18
X-Served-By: cache-bma1656-BMA
X-Cache: HIT
X-Cache-Hits: 1
X-Timer: S1679643432.234501,VS0,VE1
Cache-Control: private,max-age=14401
Vary: Accept-Encoding
abp: 84
Access-Control-Allow-Origin: *
connect.facebook.net/en_US/sdk.js
31.13.72.12301 Moved Permanently 0 B URL HTTP/1.1 connect.facebook.net/en_US/sdk.js
IP 31.13.72.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
HTTP/1.1 301 Moved Permanently
Location: https://connect.facebook.net/en_US/sdk.js
Content-Type: text/plain
Server: proxygen-bolt
Date: Fri, 24 Mar 2023 07:37:12 GMT
Connection: keep-alive
Content-Length: 0
www.google-analytics.com/analytics.js
142.250.74.78200 OK 20 kB URL HTTP/1.1 www.google-analytics.com/analytics.js
IP 142.250.74.78:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 20085
Date: Fri, 24 Mar 2023 05:46:38 GMT
Expires: Fri, 24 Mar 2023 07:46:38 GMT
Cache-Control: public, max-age=7200
Age: 6634
Last-Modified: Tue, 10 Jan 2023 21:29:14 GMT
Content-Type: text/javascript
Vary: Accept-Encoding
fo-api.omnitagjs.com/fo-api/ot.js
185.255.84.150200 OK 1.0 kB URL HTTP/1.1 fo-api.omnitagjs.com/fo-api/ot.js
IP 185.255.84.150:0
ASN #200271 Iguane Solutions SAS
Hash 63583d3a4bb296028a3ff7106c9a924f
ba5034c54206f432cd6d1ee8a61dbddb62a7b809
ed57410b6d3577ae079759ca23479e4b44f02b6e0042fb56cf08b3904dc3fa70
GET /fo-api/ot.js HTTP/1.1
Host: fo-api.omnitagjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
HTTP/1.1 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding
access-control-allow-methods: OPTIONS, GET
access-control-allow-origin: *
access-control-max-age: 3600
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=utf-8
expires: 0
p3p: CP="CAO PSA OUR"
pragma: no-cache
set-cookie: ayl_visitor=fea47b6dd3a8068e7bfb19ba3e481d7c; Path=/; Domain=omnitagjs.com; Max-Age=2592000; Secure; SameSite=None
vary: Accept-Encoding
x-content-type-options: nosniff
date: Fri, 24 Mar 2023 07:37:11 GMT
content-length: 1009
x-envoy-upstream-service-time: 1
server: ayl-lb-fra02
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 8ed3047ee91d173a374a1a85ae52a7a8
4b6029b31d616b6ce4510bbebfa3d19727830cb4
97397600ff0e83eabe0185e5d326aa997f8cec6ea2ae7d0af7d08015b11a6c4e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 07:37:12 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 23 Mar 2023 08:38:01 GMT
Expires: Thu, 30 Mar 2023 08:38:00 GMT
Etag: "4b6029b31d616b6ce4510bbebfa3d19727830cb4"
Cache-Control: max-age=521447,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7acd3f5bdf65b4ee-OSL
idsync.rlcdn.com/420246.gif?partner_uid=c:a59f007fbf3384ccc33cc586d5d348f0
35.244.174.68451 Unavailable For Legal Reasons 0 B URL HTTP/2 idsync.rlcdn.com/420246.gif?partner_uid=c:a59f007fbf3384ccc33cc586d5d348f0
IP 35.244.174.68:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /420246.gif?partner_uid=c:a59f007fbf3384ccc33cc586d5d348f0 HTTP/1.1
Host: idsync.rlcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.newsandpromotions.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 451 Unavailable For Legal Reasons
date: Fri, 24 Mar 2023 07:37:12 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
hemsync.clickagy.com/external/hasHashes?clkgypv=jstag&cb=null
3.217.100.61200 OK 28 B URL HTTP/2 hemsync.clickagy.com/external/hasHashes?clkgypv=jstag&cb=null
IP 3.217.100.61:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 830cb026fae1a13104725d2b3100ec10
40188da405f4a93c90f0b5e060e0ccca8e483eba
4d32822dd4fd4e7b58950d7c693e301eaa19b29305077afaebc12852df7f4ee0
GET /external/hasHashes?clkgypv=jstag&cb=null HTTP/1.1
Host: hemsync.clickagy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.newsandpromotions.com
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 24 Mar 2023 07:37:12 GMT
content-type: text/plain; charset=utf-8
content-length: 28
access-control-allow-origin: http://www.newsandpromotions.com
vary: origin
access-control-allow-credentials: true
access-control-expose-headers: content-length, last-modified, expires, content-type
content-encoding: gzip
X-Firefox-Spdy: h2
www.google-analytics.com/collect?v=1&_v=j99&a=945514547&t=pageview&_s=2&dl=http%3A%2F%2Fwww.newsandpromotions.com%2Fspecial-offer%2F%3FTID%3D0%26SID%3D0&ul=en-us&de=UTF-8&dt=Special%20Offer&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=1802515528.1679643442&tid=UA-47081731-1&_gid=838698274.1679643442&z=1372030825
142.250.74.78200 OK 35 B URL HTTP/1.1 www.google-analytics.com/collect?v=1&_v=j99&a=945514547&t=pageview&_s=2&dl=http%3A%2F%2Fwww.newsandpromotions.com%2Fspecial-offer%2F%3FTID%3D0%26SID%3D0&ul=en-us&de=UTF-8&dt=Special%20Offer&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=1802515528.1679643442&tid=UA-47081731-1&_gid=838698274.1679643442&z=1372030825
IP 142.250.74.78:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /collect?v=1&_v=j99&a=945514547&t=pageview&_s=2&dl=http%3A%2F%2Fwww.newsandpromotions.com%2Fspecial-offer%2F%3FTID%3D0%26SID%3D0&ul=en-us&de=UTF-8&dt=Special%20Offer&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=1802515528.1679643442&tid=UA-47081731-1&_gid=838698274.1679643442&z=1372030825 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Pragma: no-cache
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
Date: Thu, 23 Mar 2023 18:05:12 GMT
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Age: 48720
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Content-Type: image/gif
cdn.taboola.com/libtrc/impl.205-RELEASE.js
151.101.129.44200 OK 82 kB URL HTTP/1.1 cdn.taboola.com/libtrc/impl.205-RELEASE.js
IP 151.101.129.44:0
File type ASCII text, with very long lines (32045)
Hash 63208f5a0c6dda005c182f71acd99cb5
964b90563c30fb6eec6567fc9b84b84dc0fb5a86
928a0653cad2a2cfa68c616d499a15d12a642d22025a017e1efe15f5e798be61
GET /libtrc/impl.205-RELEASE.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 82427
x-amz-id-2: Qm5fLFjoytGXfFwW/vFB3oBoCppmVAsQnkcBXcS3Z3aq4J56GRwUf1QqyhHAI5dqI0EFsnulmv8=
x-amz-request-id: VH7M5WF3WAQ7A0B2
x-amz-replication-status: COMPLETED
Last-Modified: Thu, 21 Apr 2016 11:01:32 GMT
ETag: "b271ab15d80778ccf730076dd2fa7bf8"
x-amz-version-id: G4.vYuMpf.hwuBE9LrHkwGh9fDb2BZUS
Content-Type: application/javascript; charset=utf-8
Server: AmazonS3
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Fri, 24 Mar 2023 07:37:12 GMT
Via: 1.1 varnish
Age: 17
X-Served-By: cache-bma1656-BMA
X-Cache: HIT
X-Cache-Hits: 1
X-Timer: S1679643432.421558,VS0,VE1
Cache-Control: private,max-age=31536000
Vary: Accept-Encoding
abp: 55
Access-Control-Allow-Origin: *
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 8ed3047ee91d173a374a1a85ae52a7a8
4b6029b31d616b6ce4510bbebfa3d19727830cb4
97397600ff0e83eabe0185e5d326aa997f8cec6ea2ae7d0af7d08015b11a6c4e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 07:37:12 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 23 Mar 2023 08:38:01 GMT
Expires: Thu, 30 Mar 2023 08:38:00 GMT
Etag: "4b6029b31d616b6ce4510bbebfa3d19727830cb4"
Cache-Control: max-age=521447,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7acd3f5c9838b4ee-OSL
b.scorecardresearch.com/beacon.js
143.204.55.25200 OK 2.2 kB URL HTTP/1.1 b.scorecardresearch.com/beacon.js
IP 143.204.55.25:0
File type ASCII text, with very long lines (4514)
Hash 29a10271b1a7cf0b77efb86107b24c24
2f6d66327475133019ad72712d240bb013b683be
8a95d45365241b5731ee7c33cd5a45184256105313d291af860fa4cfb670bed3
GET /beacon.js HTTP/1.1
Host: b.scorecardresearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 09 Mar 2023 09:22:40 GMT
x-amz-server-side-encryption: AES256
Server: AmazonS3
Content-Encoding: gzip
Date: Fri, 24 Mar 2023 02:37:07 GMT
Cache-Control: max-age=86400
ETag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Q1lQvmH_UseF1Lg0-PRTnclpzelEij_UyrHicmXCHqcSUOYCa-IaEw==
Age: 18006
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 89447eb689782162ac5e4dca438e65c0
e1e8cde045a5eae9fbf1b20707fb8935b0418598
cfe3261f46a5fbe4f73fd16259b7c96480912874097ffea3b6bcb6149367a615
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2877
Cache-Control: max-age=128875
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 07:37:12 GMT
Etag: "641c9c56-1d7"
Expires: Sat, 25 Mar 2023 19:25:07 GMT
Last-Modified: Thu, 23 Mar 2023 18:37:10 GMT
Server: ECAcc (ska/F7A3)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash a563513e8fb14fb6796ff13a072cd3db
3e1d51e451b3c450c1213d3fce208e84522b1511
78ecd87f634efd2b5b6644a9d97285807cb26452571be0cef89f6d84dd3b32c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 07:37:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/sdk.js
31.13.72.12200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1957)
Hash 2fe155126ea3361ce149e2c1fe9c5cf5
d0a6cc7b7eab88c204f19ef226058232c10b8b38
1b14e3410569d4fa4737047cf7a1e5ef0d33c06e3dd1c70a9c4099ac9d9c6c44
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.newsandpromotions.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 3c5b6d06d2f7ebd6c1459e4359020e0a
etag: "aad156e877c253f7c15c946089ddc328"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Fri, 24 Mar 2023 07:47:45 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: L+FVEm6jNhzhSeLB/pxc9Q==
x-fb-debug: AFOKOkFWZvvdZ72AQ3jcMJgKI8rhJMJw/4QSpujCyyUTqhQUYKWSFRQUGrXVcunHrTmdAWseXTjYVb5KXmJNqQ==
content-length: 1689
x-fb-trip-id: 1904183273
date: Fri, 24 Mar 2023 07:37:12 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j99&a=945514547&t=pageview&_s=1&dl=http%3A%2F%2Fwww.newsandpromotions.com%2Fspecial-offer%2F%3FTID%3D0%26SID%3D0&ul=en-us&de=UTF-8&dt=Special%20Offer&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=465513491&gjid=2037392327&cid=1802515528.1679643442&tid=UA-47081731-1&_gid=838698274.1679643442&_r=1&_slc=1&z=327083360
142.250.74.78200 OK 4 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j99&a=945514547&t=pageview&_s=1&dl=http%3A%2F%2Fwww.newsandpromotions.com%2Fspecial-offer%2F%3FTID%3D0%26SID%3D0&ul=en-us&de=UTF-8&dt=Special%20Offer&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=465513491&gjid=2037392327&cid=1802515528.1679643442&tid=UA-47081731-1&_gid=838698274.1679643442&_r=1&_slc=1&z=327083360
IP 142.250.74.78:0
File type ASCII text, with no line terminators
Hash 9e92e190700c1af4539b40c2171320a9
209bcdb79e6067b51091ce8586d4b977f25b67d8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
POST /j/collect?v=1&_v=j99&a=945514547&t=pageview&_s=1&dl=http%3A%2F%2Fwww.newsandpromotions.com%2Fspecial-offer%2F%3FTID%3D0%26SID%3D0&ul=en-us&de=UTF-8&dt=Special%20Offer&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=465513491&gjid=2037392327&cid=1802515528.1679643442&tid=UA-47081731-1&_gid=838698274.1679643442&_r=1&_slc=1&z=327083360 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://www.newsandpromotions.com
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://www.newsandpromotions.com
date: Fri, 24 Mar 2023 07:37:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
sb.scorecardresearch.com/b?c1=7&c2=13739933&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1679643442460&ns_c=UTF-8&c3=20121515121&c7=http%3A%2F%2Fwww.newsandpromotions.com%2Fspecial-offer%2F%3FTID%3D0%26SID%3D0&c8=Special%20Offer&c9=
143.204.55.25204 No Content 0 B URL HTTP/2 sb.scorecardresearch.com/b?c1=7&c2=13739933&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1679643442460&ns_c=UTF-8&c3=20121515121&c7=http%3A%2F%2Fwww.newsandpromotions.com%2Fspecial-offer%2F%3FTID%3D0%26SID%3D0&c8=Special%20Offer&c9=
IP 143.204.55.25:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b?c1=7&c2=13739933&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1679643442460&ns_c=UTF-8&c3=20121515121&c7=http%3A%2F%2Fwww.newsandpromotions.com%2Fspecial-offer%2F%3FTID%3D0%26SID%3D0&c8=Special%20Offer&c9= HTTP/1.1
Host: sb.scorecardresearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 24 Mar 2023 07:37:12 GMT
set-cookie: UID=191ebc55591a39a95b700f31679643432; domain=.scorecardresearch.com; path=/; max-age=62208000
accept-ch: UA, Platform, Arch, Model, Mobile
x-cache: Miss from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: qRc55hP1QZlmlLR7s0f3LwQ4ePxYUKqhnPngwbIYOc-hJLBO4H0AkQ==
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 89447eb689782162ac5e4dca438e65c0
e1e8cde045a5eae9fbf1b20707fb8935b0418598
cfe3261f46a5fbe4f73fd16259b7c96480912874097ffea3b6bcb6149367a615
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3858
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 07:37:12 GMT
Last-Modified: Fri, 24 Mar 2023 06:32:54 GMT
Server: ECAcc (ska/F757)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash a563513e8fb14fb6796ff13a072cd3db
3e1d51e451b3c450c1213d3fce208e84522b1511
78ecd87f634efd2b5b6644a9d97285807cb26452571be0cef89f6d84dd3b32c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 07:37:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
trc.taboola.com/newsandpromotions/log/2/debug?tim=07%3A37%3A22.525&type=map&msg=trcrboxui%20page_management%20parseXML&id=1094&cv=205-RELEASE-${version}
151.101.129.44204 No Content 0 B URL HTTP/1.1 trc.taboola.com/newsandpromotions/log/2/debug?tim=07%3A37%3A22.525&type=map&msg=trcrboxui%20page_management%20parseXML&id=1094&cv=205-RELEASE-${version}
IP 151.101.129.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /newsandpromotions/log/2/debug?tim=07%3A37%3A22.525&type=map&msg=trcrboxui%20page_management%20parseXML&id=1094&cv=205-RELEASE-${version} HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
HTTP/1.1 204 No Content
Connection: close
Server: Varnish
Retry-After: 0
Cache-Control: no-store
X-sy: true
Content-Type:
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Date: Fri, 24 Mar 2023 07:37:12 GMT
Via: 1.1 varnish
X-Served-By: cache-bma1670-BMA
X-Cache: HIT
X-Cache-Hits: 0
X-Timer: S1679643433.589634,VS0,VE0
X-vcl-time-ms: 0
static.hotjar.com/c/hotjar-31899.js?sv=5
54.230.111.113200 OK 91 kB URL HTTP/2 static.hotjar.com/c/hotjar-31899.js?sv=5
IP 54.230.111.113:0
File type ASCII text, with very long lines (7813)
Hash 613f78987fa36d2521260d33eb0fedf3
17d985a989473f2e5d19cb0c586f9757a2e7ae55
cbb973cd688b16495b27c76bbbb92669e56cff014766229bfa426d9b02b8b545
GET /c/hotjar-31899.js?sv=5 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.newsandpromotions.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Fri, 24 Mar 2023 07:37:12 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: W/457baf7846afbfd7379b24800a8789c5
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8Ap9ZzLMUPxOhNsdNhGIi3WzAtAnokmZVdI06GUlE-sTSV2Bx8lxmQ==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash af767a0f38aa932dc23106c403e9b5f3
5a5662e147f43d1561ba78517738f6be86eb2cde
359fea0fbdd5740a613795d4491c534ebf14e2ffb55edf78c80dc0dde78c42e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 07:37:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-47081731-1&cid=1802515528.1679643442&jid=465513491&gjid=2037392327&_gid=838698274.1679643442&_u=IEBAAEAAAAAAACAAI~&z=1747876565
64.233.165.156200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-47081731-1&cid=1802515528.1679643442&jid=465513491&gjid=2037392327&_gid=838698274.1679643442&_u=IEBAAEAAAAAAACAAI~&z=1747876565
IP 64.233.165.156:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-47081731-1&cid=1802515528.1679643442&jid=465513491&gjid=2037392327&_gid=838698274.1679643442&_u=IEBAAEAAAAAAACAAI~&z=1747876565 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://www.newsandpromotions.com
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://www.newsandpromotions.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 24 Mar 2023 07:37:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fo-ssp.omnitagjs.com/fo-ssp/sync?attempt=local-ow2db8y7w3d
185.255.84.151200 OK 752 B URL HTTP/1.1 fo-ssp.omnitagjs.com/fo-ssp/sync?attempt=local-ow2db8y7w3d
IP 185.255.84.151:0
ASN #200271 Iguane Solutions SAS
File type ASCII text, with very long lines (562)
Hash 7d1d60f75abdfffa1da316c45c645004
48eb7d2569e9d0ad47b6bc1944236c73b676bb0f
5336792ad7ea6dbde02ffd9ac8d359febf16f621d8a592ae34d6a9f929fc79e3
GET /fo-ssp/sync?attempt=local-ow2db8y7w3d HTTP/1.1
Host: fo-ssp.omnitagjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
HTTP/1.1 200 OK
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
expires: 0
p3p: CP="CAO PSA OUR"
pragma: no-cache
set-cookie: ayl_visitor=62ee64f4ea0ad8c11237cbea620d3fd5; Path=/; Domain=omnitagjs.com; Max-Age=2592000; Secure; SameSite=None
vary: Accept-Encoding
x-content-type-options: nosniff
date: Fri, 24 Mar 2023 07:37:12 GMT
content-length: 752
x-envoy-upstream-service-time: 3
server: ayl-lb-fra02
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash af767a0f38aa932dc23106c403e9b5f3
5a5662e147f43d1561ba78517738f6be86eb2cde
359fea0fbdd5740a613795d4491c534ebf14e2ffb55edf78c80dc0dde78c42e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 07:37:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash a6cad75209fdd6f267646b8382348c4b
35d993c683277cba55a4a86e15afa0c378d9a1d8
f3490031d4088f3580570dd096c1daf3780b76da85039fa904a35a9f0d6298be
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 07:37:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 9e622642fc8a3e1ffc2bf8369d3479cc
129c4dc93736b884986e07c748bdbf037c952483
ff4a2c4be50227dc51dc87a03a9e2e17701d951a6140c5f097d1ad145354daf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF4A2C4BE50227DC51DC87A03A9E2E17701D951A6140C5F097D1AD145354DAF3"
Last-Modified: Wed, 22 Mar 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19880
Expires: Fri, 24 Mar 2023 13:08:32 GMT
Date: Fri, 24 Mar 2023 07:37:12 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash a37ccb2b0d2b6bd75ea76a9535478b74
282cdfc85b1bc6e7b8741fb82ea37844ba831a53
6f9eded96973ad739947a784fddd57298bd3bc8abb3d71eff5c5492826cf254a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 07:37:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-47081731-1&cid=1802515528.1679643442&jid=465513491&_u=IEBAAEAAAAAAACAAI~&z=1511617882
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-47081731-1&cid=1802515528.1679643442&jid=465513491&_u=IEBAAEAAAAAAACAAI~&z=1511617882
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-47081731-1&cid=1802515528.1679643442&jid=465513491&_u=IEBAAEAAAAAAACAAI~&z=1511617882 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 07:37:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
matching.ivitrack.com/sync?realm=ayl&uid=000000000000000000000000b00b1337
34.117.157.22200 OK 42 B URL HTTP/2 matching.ivitrack.com/sync?realm=ayl&uid=000000000000000000000000b00b1337
IP 34.117.157.22:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /sync?realm=ayl&uid=000000000000000000000000b00b1337 HTTP/1.1
Host: matching.ivitrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: istio-envoy
date: Fri, 24 Mar 2023 07:37:12 GMT
content-type: image/gif
content-length: 42
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fo-static.omnitagjs.com/ot_multi.js
23.36.76.98200 OK 124 kB URL HTTP/2 fo-static.omnitagjs.com/ot_multi.js
IP 23.36.76.98:0
ASN #20940 Akamai International B.V.
Size 124 kB (123795 bytes)
Hash 2b387cecb37af1fb36f0a304f43b1449
898d59b807a3360570836f48810cbe6803452aca
1db3e73f073c53562fc357166020d14629b0d549ad5ea1a0187be28b23123289
GET /ot_multi.js HTTP/1.1
Host: fo-static.omnitagjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.newsandpromotions.com
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 16 Mar 2023 11:26:34 GMT
etag: "6412fcea-7d441"
server: ayl-lb-fra02
pragma: public
access-control-max-age: 86400
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: OPTIONS, GET
access-control-allow-credentials: false
access-control-allow-headers: X-Requested-With, Content-Type
x-envoy-upstream-service-time: 0
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=1230
expires: Fri, 24 Mar 2023 07:57:42 GMT
date: Fri, 24 Mar 2023 07:37:12 GMT
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 977f498642939e2b16b38a63a9d3826d
d8ff6e75eac2182b7d0db039923d1bd52b604ede
c3ea9093d2035606cbca1dab33f87b0a3c402f98169d7ccda4778bdbd76ff40b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 07:37:12 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 22 Mar 2023 20:41:15 GMT
Expires: Wed, 29 Mar 2023 20:41:14 GMT
Etag: "d8ff6e75eac2182b7d0db039923d1bd52b604ede"
Cache-Control: max-age=478441,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7acd3f5f9be9b4ee-OSL
aux.fqtag.com/aux/p
35.190.13.203204 No Content 0 B IP 35.190.13.203:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /aux/p HTTP/1.1
Host: aux.fqtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: text/plain; charset=utf-8
Content-Length: 218
Origin: http://www.newsandpromotions.com
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
HTTP/1.1 204 No Content
Access-Control-Allow-Origin: *
Date: Fri, 24 Mar 2023 07:37:12 GMT
Via: 1.1 google
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 9e622642fc8a3e1ffc2bf8369d3479cc
129c4dc93736b884986e07c748bdbf037c952483
ff4a2c4be50227dc51dc87a03a9e2e17701d951a6140c5f097d1ad145354daf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF4A2C4BE50227DC51DC87A03A9E2E17701D951A6140C5F097D1AD145354DAF3"
Last-Modified: Wed, 22 Mar 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19880
Expires: Fri, 24 Mar 2023 13:08:32 GMT
Date: Fri, 24 Mar 2023 07:37:12 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash a6cad75209fdd6f267646b8382348c4b
35d993c683277cba55a4a86e15afa0c378d9a1d8
f3490031d4088f3580570dd096c1daf3780b76da85039fa904a35a9f0d6298be
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 07:37:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s.seedtag.com/cs/cookiesync/adyoulike?channeluid=000000000000000000000000b00b1337&gdpr=0&gdpr_consent=
34.149.50.64204 No Content 0 B URL HTTP/2 s.seedtag.com/cs/cookiesync/adyoulike?channeluid=000000000000000000000000b00b1337&gdpr=0&gdpr_consent=
IP 34.149.50.64:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cs/cookiesync/adyoulike?channeluid=000000000000000000000000b00b1337&gdpr=0&gdpr_consent= HTTP/1.1
Host: s.seedtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Fri, 24 Mar 2023 07:37:12 GMT
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash c1bec9941c82e2a75f433a9989ff131d
f362aafde39e53e6c85aed88514e7d9272d8b099
693fe25761b15b3f663bb491a3cad382f1bb0a60083375b6aec21af2fdddb58e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 07:37:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contextual.media.net/cksync.php?cs=3&type=ayl&ovsid=000000000000000000000000b00b1337
23.38.200.22200 OK 64 B URL HTTP/2 contextual.media.net/cksync.php?cs=3&type=ayl&ovsid=000000000000000000000000b00b1337
IP 23.38.200.22:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash 95b0ebd247bbceafed7ac37d6044c4d8
f5606d77b9a1148caed63e3ff5887ca900a9dd5e
451ce14915b0633b4e373405ffbe80bc6e707fa5edb0923401fd283fc4dd5398
GET /cksync.php?cs=3&type=ayl&ovsid=000000000000000000000000b00b1337 HTTP/1.1
Host: contextual.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
content-length: 64
content-type: image/gif
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
strict-transport-security: max-age=31536000
x-mnet-hl2: E
expires: Fri, 24 Mar 2023 07:37:13 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 24 Mar 2023 07:37:13 GMT
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 977f498642939e2b16b38a63a9d3826d
d8ff6e75eac2182b7d0db039923d1bd52b604ede
c3ea9093d2035606cbca1dab33f87b0a3c402f98169d7ccda4778bdbd76ff40b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 07:37:13 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 22 Mar 2023 20:41:15 GMT
Expires: Wed, 29 Mar 2023 20:41:14 GMT
Etag: "d8ff6e75eac2182b7d0db039923d1bd52b604ede"
Cache-Control: max-age=478440,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7acd3f604c99b4ee-OSL
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14495
Expires: Fri, 24 Mar 2023 11:38:48 GMT
Date: Fri, 24 Mar 2023 07:37:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14495
Expires: Fri, 24 Mar 2023 11:38:48 GMT
Date: Fri, 24 Mar 2023 07:37:13 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19993
Expires: Fri, 24 Mar 2023 13:10:26 GMT
Date: Fri, 24 Mar 2023 07:37:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14495
Expires: Fri, 24 Mar 2023 11:38:48 GMT
Date: Fri, 24 Mar 2023 07:37:13 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fced2b6fc-bd10-4ea8-bf1d-03a29da081f6.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fced2b6fc-bd10-4ea8-bf1d-03a29da081f6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 09021529f311448e284f6b65ef322bf9
f9aecb6f69fb068c5b2bb660d21338ab6cff3ae9
2bc6b1fd474101cbbc6100f2afab3973552ff71d3fd73e9970efd6c67e71cd38
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fced2b6fc-bd10-4ea8-bf1d-03a29da081f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8001
x-amzn-requestid: c128e071-673c-4e31-96a8-049a6eb48660
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CQQjsHlXIAMFX3g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641cc7b0-3efff85e1cdbe08118fe7dce;Sampled=0
x-amzn-remapped-date: Thu, 23 Mar 2023 21:42:08 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: v7KEGlR20iqqB8TdFVFtCMW3nFYRdDfw5taf_1VfKHKlfvyWtgq3mg==
via: 1.1 288c777a01e22425da9494dad7a69734.cloudfront.net (CloudFront), 1.1 f313d3df80c4dab8f5399614116801cc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 21:56:50 GMT
age: 34823
etag: "f9aecb6f69fb068c5b2bb660d21338ab6cff3ae9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6bf7d96-8563-4612-89c2-6d00db18f9f6.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6bf7d96-8563-4612-89c2-6d00db18f9f6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d733019c5326d4617096c74ae22fdffd
72bc0b2a19ca257ac974460f81af47fcfa2fee24
6746fcedbf4aad5c94582162e343d160fdc7d127bae807d1a97a9d7a231c9a70
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6bf7d96-8563-4612-89c2-6d00db18f9f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6721
x-amzn-requestid: bf32e1c8-cac1-4f04-abe6-fba2e9e824f3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CK89vHbyoAMFc7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641aa857-5d84ed861375c4ba04a2ae30;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 07:03:51 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 60VbucTVJnuo0rLzrTvbdbQOIMQmhDMQT8st-Y49_plnM_akqw_V4w==
via: 1.1 59456abf79b201034ab5c9cfef7355e2.cloudfront.net (CloudFront), 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 04:01:18 GMT
age: 12955
etag: "72bc0b2a19ca257ac974460f81af47fcfa2fee24"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e6fd060-2d96-4a61-881d-85e205f198c2.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e6fd060-2d96-4a61-881d-85e205f198c2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a5302ee71fa3e150cdb8c7349c03efd9
f4bd3fafd333c5a4e376cf2f4231c665f4d3d9d3
cc7cdde20f7140802d5404b9c374fb7aa50d551e37ab9b560e48a8c476c5b2ee
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e6fd060-2d96-4a61-881d-85e205f198c2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11443
x-amzn-requestid: ba7e025c-6706-41da-8013-90552bfa7107
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CQPt6GklIAMFo5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641cc658-3d2b7a661e1ef3bd4b8c9731;Sampled=0
x-amzn-remapped-date: Thu, 23 Mar 2023 21:36:24 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: 4ZQ6XXgp3PcvhKluwA3vv9iq0brjkmdHOEjVkEYOj00Ebq_3VjAkWA==
via: 1.1 185f4b03b711932fc7e735c08fdc5abe.cloudfront.net (CloudFront), 1.1 d90109c5a0c30f43223e0db85921c5c2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 21:43:19 GMT
etag: "f4bd3fafd333c5a4e376cf2f4231c665f4d3d9d3"
content-type: image/jpeg
age: 35634
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c831201ad81f55c63c1b101ce854a810
0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5
c854489720d2ca4a95eef00addda0fcdaf481402d044df7725282654a97eb54a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5556
x-amzn-requestid: 6b050645-14aa-47f7-b4a5-2e27abbe5115
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM69eHE3IAMF0Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b71ef-6ab2948e2bf2578f29798372;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:23:59 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: U1WnpJASpWxPY-8kq-3g3_dKqm5l6UqhA0xUYijO5FDLGAxI2mLthg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 adc2002956acc4d61bfbf3b973fdf246.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 05:35:57 GMT
age: 7276
etag: "0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d9f0256-f2a3-48d2-9cbe-230433c09812.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d9f0256-f2a3-48d2-9cbe-230433c09812.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9bb55b1044454d0db2324a4af956cd51
5aa34545aa2274453b301c74a083034273177cbd
fb7fa8b91ff7374ac6be2df05e1e98194f2adf3ce728b02a66323993145975ef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d9f0256-f2a3-48d2-9cbe-230433c09812.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7405
x-amzn-requestid: 9865b715-ff9b-498d-95b3-c728fd3430be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CQPt7E46oAMF1Fg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641cc658-78b66faf317a7aaf689de782;Sampled=0
x-amzn-remapped-date: Thu, 23 Mar 2023 21:36:24 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: EI1picNm6z4XmZxnCmqbdZv4ok9AqXNvYGy8CtENrRkWLuuLUuETlg==
via: 1.1 e39f48cc8f516dc1072afdb086c71f32.cloudfront.net (CloudFront), 1.1 b838ef1ff22a4a994af82d5178c30e1c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 21:43:19 GMT
etag: "5aa34545aa2274453b301c74a083034273177cbd"
content-type: image/jpeg
age: 35634
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4aeb81c-baed-41b0-91c6-0a3439c6f3aa.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4aeb81c-baed-41b0-91c6-0a3439c6f3aa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6cdbc190c56cfc889845d881cf88fed4
106075aa275beeaa40d4fa0587c3cee93b763bcf
5959109c9d987617bdcbb6e1ca8553d970b365390140906d41ff9a84462f1b2b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4aeb81c-baed-41b0-91c6-0a3439c6f3aa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4970
x-amzn-requestid: d55dee06-0562-4a17-8109-595ec62cc440
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CQPHzHu2IAMFgfQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641cc564-2f3b14aa47db00ba68b963b8;Sampled=0
x-amzn-remapped-date: Thu, 23 Mar 2023 21:32:20 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: Dzf09PcQ1jc16E3V0kY1OcG4BipVgcvIVi3jtrv2rkllCed-6QnxFg==
via: 1.1 ec27e2bbc77d9805bead471453d2094c.cloudfront.net (CloudFront), 1.1 d16c3f15bd14953a9d4109eaaa991de2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 22:15:05 GMT
etag: "106075aa275beeaa40d4fa0587c3cee93b763bcf"
content-type: image/jpeg
age: 33728
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.luckyorange.com/w.js
104.26.4.244200 OK 0 B IP 104.26.4.244:0
GET /w.js HTTP/1.1
Host: cdn.luckyorange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.newsandpromotions.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 24 Mar 2023 07:37:12 GMT
content-type: application/javascript
cache-control: max-age=14400
cf-bgj: minify
age: 504
etag: W/"dc0bbcecf2e632d9beb92f4d88b21c2b"
last-modified: Fri, 02 Sep 2022 19:59:48 GMT
vary: Accept-Encoding
via: 1.1 0edd9f6bc061f9d64e77285b1cac290c.cloudfront.net (CloudFront)
x-amz-cf-id: 0yP80Kwu6VmuiW59BSApHBwge5qQ1mFCBjs1KXNGIJdpMefgqoAQ6Q==
x-amz-cf-pop: ARN54-C1
x-cache: Hit from cloudfront
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FeNVrO%2F1j1ij5aSuXRpB0ye13T6AePeTNTVMjisb8x8Zfqmh8%2Fa8BybuVkvWSiRBifob7mf5nxfH%2ByiszksWTJfuozVKLqVZTwu7WyjZ9EFxkJmtAFI7JUVcjP7BQHHHPYTlOD4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7acd3f5bd8dfb51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
sync.taboola.com/sg/adyoulikertb-network/1/rtb-h/?GDPR=0&GDPR_CONSENT=&taboola_hm=000000000000000000000000b00b1337
141.226.228.48200 OK 0 B URL HTTP/2 sync.taboola.com/sg/adyoulikertb-network/1/rtb-h/?GDPR=0&GDPR_CONSENT=&taboola_hm=000000000000000000000000b00b1337
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
GET /sg/adyoulikertb-network/1/rtb-h/?GDPR=0&GDPR_CONSENT=&taboola_hm=000000000000000000000000b00b1337 HTTP/1.1
Host: sync.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 24 Mar 2023 07:37:13 GMT
x-fastly-to-nlb-rtt: 22017
access-control-allow-credentials: true
X-Firefox-Spdy: h2
settings.luckyorange.net/?u=http%3A%2F%2Fwww.newsandpromotions.com%2Fspecial-offer%2F%3FTID%3D0%26SID%3D0&s=49801
104.26.10.16200 OK 0 B URL HTTP/2 settings.luckyorange.net/?u=http%3A%2F%2Fwww.newsandpromotions.com%2Fspecial-offer%2F%3FTID%3D0%26SID%3D0&s=49801
IP 104.26.10.16:0
GET /?u=http%3A%2F%2Fwww.newsandpromotions.com%2Fspecial-offer%2F%3FTID%3D0%26SID%3D0&s=49801 HTTP/1.1
Host: settings.luckyorange.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.newsandpromotions.com/
Origin: http://www.newsandpromotions.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 24 Mar 2023 07:37:13 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Keep-Alive,X-Requested-With,If-Modified-Since
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: http://www.newsandpromotions.com
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ut%2Bn3qDHmw6kXdv4YPu8mfKHEusJZKJDtIWsnrsdTBowdrVcQbFCMKflDxRTrgSMzXOIuKQTmNZjIKhjZsvqpFJiTgyLIsJtdtit5Lo8ZMJdYbaIVcWqOz8tzghSuqBpVvZ%2BGoncKNIVYg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7acd3f5d0e25b512-OSL
content-encoding: br
X-Firefox-Spdy: h2