www.newsandpromotions.com/special-offer/
200 OK 14 kB URL HTTP/1.1 www.newsandpromotions.com/special-offer/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash 14829a067b780de170d9c2fdf87c6f74
5e78fdd98602cdd923da79a88f4a86913e80a51a
ea5352bea09016e46ee07dd36dabc740cb46800778199926ef2e9cd064ead8a7
GET /special-offer/ HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 08:59:57 GMT
Server: Apache
Last-Modified: Sun, 05 Feb 2023 08:59:49 GMT
Pragma: public
ETag: "14829a067b780de170d9c2fdf87c6f74"
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
Via: 1.1 google
Cache-Control: max-age=3592,public
Transfer-Encoding: chunked
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1cdc095521e9ee2606059be447d1fdd5
02b5d0a5b5823e2338daf7e144700babe2a213af
8bda3aabcf331c2bfcc4c7023cd797c760fd301dc353641bb95048e072f66c66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BDA3AABCF331C2BFCC4C7023CD797C760FD301DC353641BB95048E072F66C66"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18451
Expires: Sun, 05 Feb 2023 14:07:28 GMT
Date: Sun, 05 Feb 2023 08:59:57 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2160
Expires: Sun, 05 Feb 2023 09:35:57 GMT
Date: Sun, 05 Feb 2023 08:59:57 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 05 Feb 2023 08:36:17 GMT
content-type: application/json
age: 1420
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9841
Expires: Sun, 05 Feb 2023 11:43:58 GMT
Date: Sun, 05 Feb 2023 08:59:57 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: FyvR4mc3Zz11mu7SlsTjiVkAj8DoB2Tzv1mAKVbRLiVI4nZHKlFWsNGSK6CnNXV6g6XMoApBHK8=
x-amz-request-id: RTAY8GPEQDM98W58
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 05 Feb 2023 08:53:12 GMT
age: 405
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
www.newsandpromotions.com/wp-content/themes/magazine-pro/style.css?ver=3.1
200 OK 7.8 kB URL HTTP/1.1 www.newsandpromotions.com/wp-content/themes/magazine-pro/style.css?ver=3.1
IP
File type ASCII text, with very long lines (1783)
Hash 62788bc8b4ac3467cf8c92d16d3486ca
b4445f07319e971698c8c599e28a386cbcf536e1
3b83991a52832d324831f4b49cf3c3a784a2da599063cb474e5312b71b11f846
GET /wp-content/themes/magazine-pro/style.css?ver=3.1 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/
HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Pragma: public
Content-Length: 7771
Via: 1.1 google
Date: Sun, 05 Feb 2023 07:36:56 GMT
Age: 4981
Last-Modified: Mon, 29 Aug 2022 12:36:58 GMT
ETag: "aa26-5e76085030e80-gzip"
Content-Type: text/css
Cache-Control: public,max-age=3600
www.newsandpromotions.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.1
200 OK 12 kB URL HTTP/1.1 www.newsandpromotions.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.1
IP
File type ASCII text, with very long lines (43771)
Hash e5548800176e913a9084f47a3e1e04f6
eff4604acc5c26ae82a19188de2f98bf5b79d80c
a2569c768eaca09f2483b971fcebb97badd57c9a16b5ae3e16b8cdcd8c688b07
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.1 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/
HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Pragma: public
Content-Length: 11681
Via: 1.1 google
Date: Sun, 05 Feb 2023 07:48:31 GMT
Last-Modified: Wed, 17 Aug 2022 12:20:12 GMT
ETag: "15b64-5e66ee2f43700-gzip"
Content-Type: text/css
Age: 4286
Cache-Control: public,max-age=3600
www.newsandpromotions.com/wp-content/plugins/ultimate-social-media-plus/css/disable_sfsi.css?ver=6.0.1
200 OK 93 B URL HTTP/1.1 www.newsandpromotions.com/wp-content/plugins/ultimate-social-media-plus/css/disable_sfsi.css?ver=6.0.1
IP
File type ASCII text, with CRLF line terminators
Hash 8544c5733382fa68cb14455d8ad0a3ff
22220e847e614e2405975a7f65732ea8ec478633
9284dea1753fc3f5c5a46cfdacbad17087df6e179cf2a40d96df454d5cd5f74d
GET /wp-content/plugins/ultimate-social-media-plus/css/disable_sfsi.css?ver=6.0.1 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/
HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Pragma: public
Content-Length: 93
Via: 1.1 google
Date: Sun, 05 Feb 2023 05:03:12 GMT
Age: 14205
Last-Modified: Mon, 29 Aug 2022 13:11:11 GMT
ETag: "4e-5e760ff6159c0-gzip"
Content-Type: text/css
Cache-Control: public,max-age=3600
www.newsandpromotions.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.2
200 OK 972 B URL HTTP/1.1 www.newsandpromotions.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.2
IP
Hash 8bf268dfcca7cb20719b7ea14373ef4a
58bd839bbf0e8cc082f0a488b538b4ec71bebd2e
eece4a14939273c7af07bce8bab3a6cfc2c9de44c0eea82cc886abac13cb3870
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.2 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/
HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Pragma: public
Content-Length: 972
Via: 1.1 google
Date: Sun, 05 Feb 2023 05:03:15 GMT
Last-Modified: Mon, 29 Aug 2022 13:14:18 GMT
ETag: "aab-5e7610a86be80-gzip"
Content-Type: text/css
Age: 14202
Cache-Control: public,max-age=3600
www.newsandpromotions.com/wp-content/plugins/m-wp-popup/css/popup-styles.css?ver=1.0
200 OK 1.9 kB URL HTTP/1.1 www.newsandpromotions.com/wp-content/plugins/m-wp-popup/css/popup-styles.css?ver=1.0
IP
Hash e8959c24dbe5a45744af288f9ff0f7e0
91fa49535c770697985e06a2ade004977b578c2c
7444568ab19d9d35b8876eff1fb3818b8d21634e764738204bee2ca0bb81eea9
GET /wp-content/plugins/m-wp-popup/css/popup-styles.css?ver=1.0 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/
HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Pragma: public
Content-Length: 1875
Via: 1.1 google
Date: Sun, 05 Feb 2023 07:45:00 GMT
Age: 4497
Last-Modified: Mon, 29 Aug 2022 12:36:58 GMT
ETag: "1bdc-5e76085030e80-gzip"
Content-Type: text/css
Cache-Control: public,max-age=3600
www.newsandpromotions.com/wp-content/plugins/ultimate-social-media-plus/css/sfsi-style.css?ver=3.5.1
200 OK 15 kB URL HTTP/1.1 www.newsandpromotions.com/wp-content/plugins/ultimate-social-media-plus/css/sfsi-style.css?ver=3.5.1
IP
File type ASCII text, with CRLF line terminators
Hash a8f50bce699e88944d946862d94fd5cf
156fca342a4be8e956bb1d0ada646146c4631a0d
65a5423ebde85b72a97a1bacff94b6f375a96dd95039b98e7a534dae20a67271
GET /wp-content/plugins/ultimate-social-media-plus/css/sfsi-style.css?ver=3.5.1 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/
HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Pragma: public
Content-Length: 14652
Via: 1.1 google
Date: Sun, 05 Feb 2023 05:03:15 GMT
Last-Modified: Mon, 29 Aug 2022 13:11:11 GMT
ETag: "19115-5e760ff6159c0-gzip"
Content-Type: text/css
Age: 14202
Cache-Control: public,max-age=3600
www.newsandpromotions.com/wp-content/plugins/genesis-responsive-slider/assets/style.css?ver=1.0.1
200 OK 1.5 kB URL HTTP/1.1 www.newsandpromotions.com/wp-content/plugins/genesis-responsive-slider/assets/style.css?ver=1.0.1
IP
Hash baa280ba652ff315f49d25fde759ce8c
60bdf95b25ba644119f8c8c0bd507e83d18fe313
db6c7ba05ae612626911da903629b251115127d8c413ab9f7b7f9b8e49c254da
GET /wp-content/plugins/genesis-responsive-slider/assets/style.css?ver=1.0.1 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/
HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Pragma: public
Content-Length: 1470
Via: 1.1 google
Date: Sun, 05 Feb 2023 07:48:32 GMT
Last-Modified: Mon, 29 Aug 2022 13:18:47 GMT
ETag: "1066-5e7611a8f5bc0-gzip"
Content-Type: text/css
Age: 4285
Cache-Control: public,max-age=3600
www.newsandpromotions.com/wp-includes/css/dashicons.min.css?ver=6.0.1
200 OK 36 kB URL HTTP/1.1 www.newsandpromotions.com/wp-includes/css/dashicons.min.css?ver=6.0.1
IP
File type ASCII text, with very long lines (58981)
Hash 00492d322e5572c7abc3e8701b6c52c1
0802ac2c8280ce7c98af881b1d49ec682acbf314
8bc01632cbc3ab834e04141d444ff82b05a4691444d70a9860477710e330b824
GET /wp-includes/css/dashicons.min.css?ver=6.0.1 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/
HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Pragma: public
Content-Length: 35730
Via: 1.1 google
Date: Sun, 05 Feb 2023 07:48:31 GMT
Last-Modified: Wed, 17 Aug 2022 12:20:12 GMT
ETag: "e688-5e66ee2f43700-gzip"
Content-Type: text/css
Age: 4286
Cache-Control: public,max-age=3600
fonts.googleapis.com/css?family=Roboto%3A300%2C400%7CRaleway%3A400%2C500%2C900&ver=3.1
200 OK 729 B URL HTTP/1.1 fonts.googleapis.com/css?family=Roboto%3A300%2C400%7CRaleway%3A400%2C500%2C900&ver=3.1
IP
Hash b79489dd57e93c021e1d65fde195f080
6a8f970d42b5932c5001ab9b155317cabb6b30ef
dbba7e3c612104f334b16d8e1ca1a904bd7c797c8157945187f719f3e0abc1bb
GET /css?family=Roboto%3A300%2C400%7CRaleway%3A400%2C500%2C900&ver=3.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.newsandpromotions.com
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sun, 05 Feb 2023 08:59:57 GMT
Date: Sun, 05 Feb 2023 08:59:57 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 08:59:57 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
tags.clickagy.com/data.js?rnd=5a7223b9ea03d
301 Moved Permanently 0 B URL HTTP/1.1 tags.clickagy.com/data.js?rnd=5a7223b9ea03d
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /data.js?rnd=5a7223b9ea03d HTTP/1.1
Host: tags.clickagy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
HTTP/1.1 301 Moved Permanently
Date: Sun, 05 Feb 2023 08:59:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 05 Feb 2023 09:59:57 GMT
Location: https://tags.clickagy.com/data.js?rnd=5a7223b9ea03d
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794a73f5fb3eb4f3-OSL
alt-svc: h2=":443"; ma=60
www.newsandpromotions.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
200 OK 4.2 kB URL HTTP/1.1 www.newsandpromotions.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
File type ASCII text, with very long lines (11126)
Hash 5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 08:59:57 GMT
Server: Apache
Last-Modified: Wed, 17 Aug 2022 12:20:12 GMT
ETag: "2bd8-5e66ee2f43700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Pragma: public
Cache-Control: public
Content-Length: 4169
Content-Type: application/x-javascript
Via: 1.1 google
www.newsandpromotions.com/wp-content/plugins/advanced-ads/public/assets/js/advanced.min.js?ver=1.35.1
200 OK 2.5 kB URL HTTP/1.1 www.newsandpromotions.com/wp-content/plugins/advanced-ads/public/assets/js/advanced.min.js?ver=1.35.1
IP
File type ASCII text, with very long lines (7187), with no line terminators
Hash 2f3ef429b9c2572bbbcaebc51c08f773
8fc6e050cf13b0f60fe950843b3abdedc35f62c8
d6617f504d115075b9944e9d939fa2df521f40036f77d825567b43740fa8fd0c
GET /wp-content/plugins/advanced-ads/public/assets/js/advanced.min.js?ver=1.35.1 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 08:59:57 GMT
Server: Apache
Last-Modified: Mon, 29 Aug 2022 13:13:19 GMT
ETag: "1c13-5e761070279c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Pragma: public
Cache-Control: public
Content-Length: 2547
Content-Type: application/x-javascript
Via: 1.1 google
www.newsandpromotions.com/wp-content/themes/magazine-pro/js/entry-date.js?ver=1.0.0
200 OK 238 B URL HTTP/1.1 www.newsandpromotions.com/wp-content/themes/magazine-pro/js/entry-date.js?ver=1.0.0
IP
File type ASCII text, with CRLF, CR line terminators
Hash 9189d2cd8683d69ebfcc54ded48b0290
814efa08db55b511c39343d87a645144ba918725
35e0e8422be99faaa330f6906a9af741de840c3b9da85203906f0f251d4391eb
GET /wp-content/themes/magazine-pro/js/entry-date.js?ver=1.0.0 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 08:59:57 GMT
Server: Apache
Last-Modified: Mon, 29 Aug 2022 12:36:58 GMT
ETag: "17c-5e76085030e80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Pragma: public
Cache-Control: public
Content-Length: 238
Content-Type: application/x-javascript
Via: 1.1 google
www.newsandpromotions.com/wp-content/themes/magazine-pro/js/responsive-menu.js?ver=1.0.0
200 OK 339 B URL HTTP/1.1 www.newsandpromotions.com/wp-content/themes/magazine-pro/js/responsive-menu.js?ver=1.0.0
IP
Hash 5e6c107b2464d43a3477b1ed9c5c5708
e637405a68c69ee5ba2fc959532f3c8478567b56
678eb59f05f37b3098442f3e6723bf8a8bb884583d35d113c62a1c0dc801653c
GET /wp-content/themes/magazine-pro/js/responsive-menu.js?ver=1.0.0 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 08:59:57 GMT
Server: Apache
Last-Modified: Mon, 29 Aug 2022 12:36:58 GMT
ETag: "363-5e76085030e80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Pragma: public
Cache-Control: public
Content-Length: 339
Content-Type: application/x-javascript
Via: 1.1 google
www.newsandpromotions.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
200 OK 31 kB URL HTTP/1.1 www.newsandpromotions.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP
File type ASCII text, with very long lines (65447)
Hash 9640915738503451aa21181699feab5b
c053eaf36ef0da96619706b3abda326305063bd6
f8834e669ad1f4039442c26aaa373ec39c35a233b9786d374fc3f670f16b0adc
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 08:59:57 GMT
Server: Apache
Last-Modified: Wed, 17 Aug 2022 12:20:12 GMT
ETag: "15db1-5e66ee2f43700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Pragma: public
Cache-Control: public
Content-Length: 30908
Content-Type: application/x-javascript
Via: 1.1 google
ocsp.digicert.com/
200 OK 279 B IP
Hash 2a9100f5c215b1617d38f2f9f94316f7
49ad50c9c8eee4c65007002aa3ee200e0b89c112
cf128a94a521f81087692b3d692b6c0d9ca22831b6149651cca4fc16750ea095
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5000
Cache-Control: max-age=122034
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 08:59:57 GMT
Etag: "63de9637-117"
Expires: Mon, 06 Feb 2023 18:53:51 GMT
Last-Modified: Sat, 04 Feb 2023 17:30:31 GMT
Server: ECS (amb/6B89)
X-Cache: HIT
Content-Length: 279
www.newsandpromotions.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.1
200 OK 5.0 kB URL HTTP/1.1 www.newsandpromotions.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.1
IP
File type ASCII text, with very long lines (15660)
Hash e6624e0b978e6ddba476be41aaaa82df
822e920d8233072110ed7c8a7f379e5b13209b18
dac86a9ce08e4d8cded47b4fa900a664b0c997d8910c2a1be54a423678925a41
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.1 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 08:59:57 GMT
Server: Apache
Last-Modified: Wed, 17 Aug 2022 12:20:12 GMT
ETag: "48b9-5e66ee2f43700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Pragma: public
Cache-Control: public
Content-Length: 5009
Content-Type: application/x-javascript
Via: 1.1 google
www.newsandpromotions.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
200 OK 7.1 kB URL HTTP/1.1 www.newsandpromotions.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP
File type Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Hash 2f4fcc5a628b379672d76b7e91cbdf07
9d72f2c9cbc1e9b036360acfce8c8ccc8b832b8c
a360f715a418026d2e1acd81c02c83233d0c0b60fdf4ce0b4d33562925d6a0b5
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 08:59:57 GMT
Server: Apache
Last-Modified: Wed, 17 Aug 2022 12:20:12 GMT
ETag: "4ac6-5e66ee2f43700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Pragma: public
Cache-Control: public
Content-Length: 7095
Content-Type: application/x-javascript
Via: 1.1 google
www.newsandpromotions.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
200 OK 2.5 kB URL HTTP/1.1 www.newsandpromotions.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP
File type ASCII text, with very long lines (6475), with no line terminators
Hash 27cbbd0a9d7c5ad9402118c4afc36035
7659d08a005f5ecfa6c779e3cda45c30007fd059
ebc771d0af626966e38535357861fab0090e0bd7ff346cbe3c7ffdde1683809f
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 08:59:57 GMT
Server: Apache
Last-Modified: Wed, 17 Aug 2022 12:20:12 GMT
ETag: "194b-5e66ee2f43700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Pragma: public
Cache-Control: public
Content-Length: 2457
Content-Type: application/x-javascript
Via: 1.1 google
www.newsandpromotions.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.2
200 OK 6.6 kB URL HTTP/1.1 www.newsandpromotions.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.2
IP
File type ASCII text, with very long lines (21905), with no line terminators
Hash 38b247e8125da1a0dd504e02d8b6d2b7
2fbec20b65e15f0fa6355281036f00374dc9a1c2
52b2b12cee3c2999c8f2af3664c060144e0f8dba790602846584a1bd42442c82
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.2 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 08:59:57 GMT
Server: Apache
Last-Modified: Mon, 29 Aug 2022 13:14:18 GMT
ETag: "5591-5e7610a86be80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Pragma: public
Cache-Control: public
Content-Length: 6564
Content-Type: application/x-javascript
Via: 1.1 google
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
200 OK 16 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.newsandpromotions.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15740
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 02 Feb 2023 00:41:03 GMT
Expires: Fri, 02 Feb 2024 00:41:03 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Wed, 11 May 2022 19:24:56 GMT
Content-Type: font/woff2
Age: 289134
www.newsandpromotions.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
200 OK 6.9 kB URL HTTP/1.1 www.newsandpromotions.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 7e2b78a6e8a9b90385330755ee1cf3e5
684c325f39d45e42ae44a9e42f5e9fe4fb0b909c
43f124dabb4bc663cc1cc8d3161c1e6365cf8445d873ed5d69bbfdb507cf24a9
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 08:59:57 GMT
Server: Apache
Last-Modified: Wed, 17 Aug 2022 12:20:12 GMT
ETag: "50eb-5e66ee2f43700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Pragma: public
Cache-Control: public
Content-Length: 6914
Content-Type: application/x-javascript
Via: 1.1 google
www.newsandpromotions.com/wp-content/plugins/ultimate-social-media-plus/js/shuffle/modernizr.custom.min.js?ver=6.0.1
200 OK 1.5 kB URL HTTP/1.1 www.newsandpromotions.com/wp-content/plugins/ultimate-social-media-plus/js/shuffle/modernizr.custom.min.js?ver=6.0.1
IP
File type HTML document, ASCII text, with very long lines (2861), with CRLF line terminators
Hash 89b09e7949c84785295ba10ec9a7b221
07d9364fab4325c9aa57dcb34a13e1fc257fda70
7e28285d9ee6c93786cb59bf8a7e21f6af82fa04ec4d45dd220807b374ffce7f
GET /wp-content/plugins/ultimate-social-media-plus/js/shuffle/modernizr.custom.min.js?ver=6.0.1 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 08:59:57 GMT
Server: Apache
Last-Modified: Mon, 29 Aug 2022 13:11:11 GMT
ETag: "c07-5e760ff6159c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Pragma: public
Cache-Control: public
Content-Length: 1493
Content-Type: application/x-javascript
Via: 1.1 google
www.newsandpromotions.com/wp-content/uploads/2016/12/newspromotions-1.png
200 OK 4.5 kB URL HTTP/1.1 www.newsandpromotions.com/wp-content/uploads/2016/12/newspromotions-1.png
IP
File type PNG image data, 380 x 90, 8-bit colormap, non-interlaced\012- data
Hash f5ead7ade67fa940b01008f1f2df4ce2
479e6ebdf0ce7e3345f70ca3e78c0c9398f76e64
5c61ddd4f7ab45d1ca4f263ae05f6814284e8e13d39f7acd4df221a2c1202d90
GET /wp-content/uploads/2016/12/newspromotions-1.png HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/
HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Content-Length: 4511
Vary: Accept-Encoding
Pragma: public
Via: 1.1 google
Date: Sat, 04 Feb 2023 18:39:39 GMT
Age: 51618
Last-Modified: Fri, 02 Dec 2016 16:33:23 GMT
ETag: "119f-542af7f1efac0"
Content-Type: image/png
Cache-Control: public,max-age=3600
c.fqtag.com/tag/implement-r.js?org=9Xf4JS6qIDnMDOaZ0z86&fmt=banner&rt=click&sl=1&fq=1&p=&a=&cmp=nap
200 OK 2.6 kB URL HTTP/1.1 c.fqtag.com/tag/implement-r.js?org=9Xf4JS6qIDnMDOaZ0z86&fmt=banner&rt=click&sl=1&fq=1&p=&a=&cmp=nap
IP
File type ASCII text, with very long lines (2644), with no line terminators
Hash b3898640abd1e0307084bb6fac480da2
c36322312540c18dc60ec1cb8a0253f0d314cbca
9cbf5c16043c4169bf7c58046b0a4e37450ff5deeae2a9e7285afe001002e157
GET /tag/implement-r.js?org=9Xf4JS6qIDnMDOaZ0z86&fmt=banner&rt=click&sl=1&fq=1&p=&a=&cmp=nap HTTP/1.1
Host: c.fqtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
HTTP/1.1 200 OK
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
X-XSS-Protection: 0
Pragma: no-cache
Date: Sun, 05 Feb 2023 08:59:57 GMT
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Content-Length: 2644
Via: 1.1 google
fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
200 OK 46 kB URL HTTP/1.1 fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 46524, version 1.0\012- data
Hash c1fd378f54921c75e4ae1821e7b8fff6
2ce96e97783b2f154d07f4464ca6f8eb2469f2c1
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
GET /s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.newsandpromotions.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 46524
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 02 Feb 2023 00:35:17 GMT
Expires: Fri, 02 Feb 2024 00:35:17 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Mon, 18 Jul 2022 19:58:01 GMT
Content-Type: font/woff2
Age: 289480
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.newsandpromotions.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15744
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 03 Feb 2023 18:19:39 GMT
Expires: Sat, 03 Feb 2024 18:19:39 GMT
Cache-Control: public, max-age=31536000
Age: 139218
Last-Modified: Wed, 11 May 2022 19:24:48 GMT
Content-Type: font/woff2
www.newsandpromotions.com/wp-content/uploads/2021/05/lead-img-colonial-pipeline-paid-bitcoin-ransomware-150x150.jpg
200 OK 7.4 kB URL HTTP/1.1 www.newsandpromotions.com/wp-content/uploads/2021/05/lead-img-colonial-pipeline-paid-bitcoin-ransomware-150x150.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Hash 06414e2c01a026af4c01ecfe2a452f4f
fd87ad283df65c69bc9a8228c01bdb6485b161c9
05cbe0eb63271667225aa3f633752f33320920a81377672462140256ff8f9c8a
GET /wp-content/uploads/2021/05/lead-img-colonial-pipeline-paid-bitcoin-ransomware-150x150.jpg HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/
HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Content-Length: 7382
Vary: Accept-Encoding
Pragma: public
Via: 1.1 google
Date: Sat, 04 Feb 2023 18:40:24 GMT
Last-Modified: Thu, 13 May 2021 20:32:39 GMT
ETag: "1cd6-5c23c073fc7c0"
Content-Type: image/jpeg
Age: 51573
Cache-Control: public,max-age=3600
www.newsandpromotions.com/wp-content/uploads/2021/05/image1-2-150x150.png
200 OK 16 kB URL HTTP/1.1 www.newsandpromotions.com/wp-content/uploads/2021/05/image1-2-150x150.png
IP
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash fd7d2f80645a97b79561ace685e068cb
8c25f1757eabff5f3f2bc58f2479fd35903687d6
4f7166cc360d114d3279967bae732d3eab578ad1f4ea9cedd9c349e9a5eaed37
GET /wp-content/uploads/2021/05/image1-2-150x150.png HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/
HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Content-Length: 15807
Vary: Accept-Encoding
Pragma: public
Via: 1.1 google
Date: Sun, 05 Feb 2023 05:04:31 GMT
Age: 14126
Last-Modified: Thu, 13 May 2021 20:32:29 GMT
ETag: "3dbf-5c23c06a73140"
Content-Type: image/png
Cache-Control: public,max-age=3600
www.newsandpromotions.com/wp-content/uploads/2021/05/5f457a9389aff80028ab7e63-150x150.jpeg
200 OK 7.0 kB URL HTTP/1.1 www.newsandpromotions.com/wp-content/uploads/2021/05/5f457a9389aff80028ab7e63-150x150.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Hash 2163bbe8ee8cf486e780d0b9f56ab3c1
9afd37dcd58ffc0b1d1f0af5d1aede8d0df772c8
98978ca510c9861cfdd523c3f518a6d4f0706c75394f006bc6fe0d58c3334fbe
GET /wp-content/uploads/2021/05/5f457a9389aff80028ab7e63-150x150.jpeg HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/
HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Content-Length: 7011
Vary: Accept-Encoding
Pragma: public
Via: 1.1 google
Date: Sat, 04 Feb 2023 18:40:28 GMT
Last-Modified: Thu, 13 May 2021 20:09:23 GMT
ETag: "1b63-5c23bb40a82c0"
Content-Type: image/jpeg
Age: 51569
Cache-Control: public,max-age=3600
ocsp.digicert.com/
200 OK 279 B IP
Hash 2a9100f5c215b1617d38f2f9f94316f7
49ad50c9c8eee4c65007002aa3ee200e0b89c112
cf128a94a521f81087692b3d692b6c0d9ca22831b6149651cca4fc16750ea095
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5000
Cache-Control: max-age=122034
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 08:59:57 GMT
Etag: "63de9637-117"
Expires: Mon, 06 Feb 2023 18:53:51 GMT
Last-Modified: Sat, 04 Feb 2023 17:30:31 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
www.newsandpromotions.com/wp-content/plugins/ultimate-social-media-plus/js/custom.js?ver=3.5.1
200 OK 7.1 kB URL HTTP/1.1 www.newsandpromotions.com/wp-content/plugins/ultimate-social-media-plus/js/custom.js?ver=3.5.1
IP
File type Unicode text, UTF-8 text, with very long lines (993), with CRLF line terminators
Hash c9cfd412b9c84cf23747249ea9109dce
ddaf50581f707a2ebcd62e572575ba5fe85f55db
9da8dbeda92938db9def60a11b037c10b99ed20bcf7bc90136767e7bfd3c2632
GET /wp-content/plugins/ultimate-social-media-plus/js/custom.js?ver=3.5.1 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 08:59:57 GMT
Server: Apache
Last-Modified: Mon, 29 Aug 2022 13:11:11 GMT
ETag: "90a8-5e760ff6159c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Pragma: public
Cache-Control: public
Content-Length: 7101
Content-Type: application/x-javascript
Via: 1.1 google
www.newsandpromotions.com/wp-content/plugins/genesis-responsive-slider/assets/js/jquery.flexslider.js?ver=1.0.1
200 OK 5.7 kB URL HTTP/1.1 www.newsandpromotions.com/wp-content/plugins/genesis-responsive-slider/assets/js/jquery.flexslider.js?ver=1.0.1
IP
Hash 866f7386c0588b123ee6800c3e37f3a4
3dab827923bdb93cc34313dc23644e6716dbc371
81d6ef03dbd667964728549b04cc93daa8c59e3f7546c2e1696c08a13d8a5ad8
GET /wp-content/plugins/genesis-responsive-slider/assets/js/jquery.flexslider.js?ver=1.0.1 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 08:59:57 GMT
Server: Apache
Last-Modified: Mon, 29 Aug 2022 13:18:47 GMT
ETag: "6a6d-5e7611a8f5bc0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Pragma: public
Cache-Control: public
Content-Length: 5652
Content-Type: application/x-javascript
Via: 1.1 google
cdn.fqtag.com/1.27.339-ccfb11a/pixel.js
200 OK 90 kB URL HTTP/1.1 cdn.fqtag.com/1.27.339-ccfb11a/pixel.js
IP
File type ASCII text, with very long lines (31986)
Hash e0eff30579598f76147c9ea12f490d21
f0bf2ef576db440b275bdae3d6abac35e59a33b2
e70a34c5f232fa80328a361630a994cf847c54deb926f13d40be4807291b657b
GET /1.27.339-ccfb11a/pixel.js HTTP/1.1
Host: cdn.fqtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
HTTP/1.1 200 OK
X-GUploader-UploadID: ADPycduXLR-brhlMkk4DZEO57_cljxQOV5zd2aJDcGun4qcY-Mbc8VbXRG9UzFJmxMfGintqB4JHbelgetpiW9-R-QQftA
Vary: X-Goog-Allowed-Resources
x-goog-generation: 1611776924905378
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 89647
Content-Language: en
x-goog-hash: crc32c=YwE4YA==, md5=4O/zBXlZj3YUfJ6hL0kNIQ==
x-goog-expiration: Sun, 11 Nov 2294 19:48:44 GMT
x-goog-storage-class: MULTI_REGIONAL
Accept-Ranges: bytes
Content-Length: 89647
Server: UploadServer
Date: Sun, 05 Feb 2023 08:50:21 GMT
Expires: Sun, 05 Feb 2023 09:50:21 GMT
Cache-Control: public, max-age=3600
Age: 577
Last-Modified: Wed, 27 Jan 2021 19:48:44 GMT
ETag: "e0eff30579598f76147c9ea12f490d21"
Content-Type: application/javascript
www.newsandpromotions.com/wp-content/uploads/2021/05/1620912671_blueprint-api-production.s3.amazonaws-150x150.com
200 OK 7.1 kB URL HTTP/1.1 www.newsandpromotions.com/wp-content/uploads/2021/05/1620912671_blueprint-api-production.s3.amazonaws-150x150.com
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Hash de072c04a4f89d081fb5aba294842f6b
542e7574d8202ef6fd157fc7050c053f32814d04
f08dccdc1054a4c83e6fafa075bde0ac227e6fc5c56d7b9e981039ab8032409a
GET /wp-content/uploads/2021/05/1620912671_blueprint-api-production.s3.amazonaws-150x150.com HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 08:59:58 GMT
Server: Apache
Last-Modified: Thu, 13 May 2021 13:31:10 GMT
ETag: "1bae-5c23623e84380"
Accept-Ranges: bytes
Content-Length: 7086
Vary: User-Agent
Content-Type: application/x-msdownload
Via: 1.1 google
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 05 Feb 2023 08:07:20 GMT
age: 3158
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
c.fqtag.com/pixel
204 No Content 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /pixel HTTP/1.1
Host: c.fqtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: text/plain; charset=utf-8
Content-Length: 2353
Origin: http://www.newsandpromotions.com
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
HTTP/1.1 204 No Content
Access-Control-Allow-Origin: *
Date: Sun, 05 Feb 2023 08:59:58 GMT
Via: 1.1 google
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 34509c11567c3232dad785974e54490b
9c5ae36dc944551d0cfa5f1ac58cdaedc54bde3f
8f0980eb7520451ff8a9beb42a764cec6d3ee4839608b931b8c70a8554e9a825
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=108860
Date: Sun, 05 Feb 2023 08:59:58 GMT
Etag: "63de5f88-1d7"
Expires: Mon, 06 Feb 2023 15:14:18 GMT
Last-Modified: Sat, 04 Feb 2023 13:37:12 GMT
Server: ECS (nyb/1D16)
X-Cache: Miss from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: EAteChjOqZK2jDNSEMr2HQeFPE0mGalodM5w7YilTvQDvF_A2FuApg==
Age: 5826
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 34509c11567c3232dad785974e54490b
9c5ae36dc944551d0cfa5f1ac58cdaedc54bde3f
8f0980eb7520451ff8a9beb42a764cec6d3ee4839608b931b8c70a8554e9a825
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=109365
Date: Sun, 05 Feb 2023 08:59:58 GMT
Etag: "63de5f88-1d7"
Expires: Mon, 06 Feb 2023 15:22:43 GMT
Last-Modified: Sat, 04 Feb 2023 13:37:12 GMT
Server: ECS (nyb/1D0B)
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: tMv2J0Bok2ua3plI06vnoTYrhrQZqPQ-RGp0e2_HAmmrdEGERM_WrQ==
Age: 6331
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17626
Expires: Sun, 05 Feb 2023 13:53:44 GMT
Date: Sun, 05 Feb 2023 08:59:58 GMT
Connection: keep-alive
aorta.clickagy.com/pixel.gif?clkgypv=jstag
302 Found 0 B URL HTTP/2 aorta.clickagy.com/pixel.gif?clkgypv=jstag
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel.gif?clkgypv=jstag HTTP/1.1
Host: aorta.clickagy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 05 Feb 2023 08:59:58 GMT
content-type: application/json
content-length: 0
location: https://cm.g.doubleclick.net/pixel?google_nid=clickagy&google_sc&google_cm&google_hm=YzphNTlmMDA3ZmJmMzM4NGNjYzMzY2M1ODZkNWQzNDhmMA
server: Aorta/20230131.88c800859
x-aorta-host: 0651bc44c0af
x-aorta-region: us-east-1
access-control-allow-credentials: true
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
access-control-expose-headers: Set-Cookie
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin:
access-control-max-age: 31536000
cache-control: no-cache, no-store, must-revalidate
expect: 0
X-Firefox-Spdy: h2
aorta.clickagy.com/data
200 OK 82 B IP
File type JSON data\012- , ASCII text, with no line terminators
Hash a8653a916713e224e5c4604f0c7fdc51
52019ddeaa1c1442f4ee137d94874eb36a49b1df
3e7b654c54f990a92b805cf1c1a10108f2f016f96ff5f965fe138c32eff9c1de
POST /data HTTP/1.1
Host: aorta.clickagy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 189
Origin: http://www.newsandpromotions.com
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 08:59:58 GMT
content-type: application/json
content-length: 82
server: Aorta/20230131.88c800859
x-aorta-host: de1953ee45ad
x-aorta-region: us-east-1
access-control-allow-credentials: true
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
access-control-expose-headers: Set-Cookie
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://www.newsandpromotions.com
access-control-max-age: 31536000
cache-control: no-cache, no-store, must-revalidate
expect: 0
content-encoding: gzip
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-31899.js?sv=5
301 Moved Permanently 167 B URL HTTP/1.1 static.hotjar.com/c/hotjar-31899.js?sv=5
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /c/hotjar-31899.js?sv=5 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Sun, 05 Feb 2023 08:59:58 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://static.hotjar.com/c/hotjar-31899.js?sv=5
X-Cache: Redirect from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: gSMfFXBwlZdUcoTRXDqlUXVOhthyfkspJX7ArFNsIZfadHZGSZHBCg==
cdn.luckyorange.com/w.js
301 Moved Permanently 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /w.js HTTP/1.1
Host: cdn.luckyorange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
HTTP/1.1 301 Moved Permanently
Date: Sun, 05 Feb 2023 08:59:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 05 Feb 2023 09:59:58 GMT
Location: https://cdn.luckyorange.com/w.js
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RDqCgs%2Bzn0sYJWOyCKMqgF7pBjVkPpCrIU2kAKNt45Sb%2FG14p2Boww%2BwLIhSE%2FFGnrkeLnjgwQWPGKwpUGukVwxBpWIw9kXxkEuo%2FIdu%2ByoA91OGIzHTPkqs5FAVd0NXLvWU9m0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794a73fafdfc1bfe-OSL
alt-svc: h2=":443"; ma=60
www.newsandpromotions.com/wp-content/plugins/genesis-favicon-uploader/favicons/favicon.ico
200 OK 370 B URL HTTP/1.1 www.newsandpromotions.com/wp-content/plugins/genesis-favicon-uploader/favicons/favicon.ico
IP
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 1f398bbf1c2563bab04033939d969ef9
fe8decbaad3b46bca9756a0c424c24b70b8c8f24
338f006ae8db3202c7f93467d19acab859a85b0204be887cb527df381d4257f5
GET /wp-content/plugins/genesis-favicon-uploader/favicons/favicon.ico HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/
HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Pragma: public
Content-Length: 370
Via: 1.1 google
Date: Sun, 05 Feb 2023 07:48:34 GMT
Last-Modified: Mon, 29 Aug 2022 12:36:58 GMT
ETag: "47c-5e76085030e80-gzip"
Content-Type: image/x-icon
Age: 4284
Cache-Control: public,max-age=3600
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/1.1 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 20085
Date: Sun, 05 Feb 2023 07:43:22 GMT
Expires: Sun, 05 Feb 2023 09:43:22 GMT
Cache-Control: public, max-age=7200
Age: 4596
Last-Modified: Tue, 10 Jan 2023 21:29:14 GMT
Content-Type: text/javascript
connect.facebook.net/en_US/sdk.js
301 Moved Permanently 0 B URL HTTP/1.1 connect.facebook.net/en_US/sdk.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
HTTP/1.1 301 Moved Permanently
Location: https://connect.facebook.net/en_US/sdk.js
Content-Type: text/plain
Server: proxygen-bolt
Date: Sun, 05 Feb 2023 08:59:58 GMT
Connection: keep-alive
Content-Length: 0
fo-api.omnitagjs.com/fo-api/ot.js
200 OK 1.0 kB URL HTTP/1.1 fo-api.omnitagjs.com/fo-api/ot.js
IP
ASN #200271 Iguane Solutions SAS
Hash 63583d3a4bb296028a3ff7106c9a924f
ba5034c54206f432cd6d1ee8a61dbddb62a7b809
ed57410b6d3577ae079759ca23479e4b44f02b6e0042fb56cf08b3904dc3fa70
GET /fo-api/ot.js HTTP/1.1
Host: fo-api.omnitagjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
HTTP/1.1 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding
access-control-allow-methods: OPTIONS, GET
access-control-allow-origin: *
access-control-max-age: 3600
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=utf-8
expires: 0
p3p: CP="CAO PSA OUR"
pragma: no-cache
set-cookie: ayl_visitor=e2d5c049a6b1a43ec599726f9eed96d2; Path=/; Domain=omnitagjs.com; Max-Age=2592000; Secure; SameSite=None
vary: Accept-Encoding
x-content-type-options: nosniff
date: Sun, 05 Feb 2023 08:59:58 GMT
content-length: 1009
x-envoy-upstream-service-time: 2
server: ayl-lb-fra02
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5ac5aaa2dd1a2ab697244f3c0fe3b5b5
bb8a9aeb28cc645435760f3a9a57d85e295de419
d42327bb295e41a2b04efa1c2ad6094a3480d0010de10bb32600f4d17fe9f0d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 08:59:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cm.g.doubleclick.net/pixel?google_nid=clickagy&google_sc&google_cm&google_hm=YzphNTlmMDA3ZmJmMzM4NGNjYzMzY2M1ODZkNWQzNDhmMA
302 Found 357 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=clickagy&google_sc&google_cm&google_hm=YzphNTlmMDA3ZmJmMzM4NGNjYzMzY2M1ODZkNWQzNDhmMA
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash e7250d4b48a6e24d25ec14794f975195
d094d1c88be0e78abd25f48b5706c3464e784a5f
3555f3d0a4ba899492258c2486e2c66896a70f6a30ed9e899e1f03bc93fb449d
GET /pixel?google_nid=clickagy&google_sc&google_cm&google_hm=YzphNTlmMDA3ZmJmMzM4NGNjYzMzY2M1ODZkNWQzNDhmMA HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.newsandpromotions.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=clickagy&google_sc=&google_cm=&google_hm=YzphNTlmMDA3ZmJmMzM4NGNjYzMzY2M1ODZkNWQzNDhmMA&google_tc=
date: Sun, 05 Feb 2023 08:59:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 357
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 05-Feb-2023 09:14:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 153d0de36959c722c00df71ba86daca2
305f56a3134879ebf0828e169e903e560540c070
0cf533a798d42d1e97fb6619a411afadf9a68c92302ba852869b0c0555a47987
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 08:59:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hemsync.clickagy.com/external/hasHashes?clkgypv=jstag&cb=null
200 OK 28 B URL HTTP/2 hemsync.clickagy.com/external/hasHashes?clkgypv=jstag&cb=null
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 830cb026fae1a13104725d2b3100ec10
40188da405f4a93c90f0b5e060e0ccca8e483eba
4d32822dd4fd4e7b58950d7c693e301eaa19b29305077afaebc12852df7f4ee0
GET /external/hasHashes?clkgypv=jstag&cb=null HTTP/1.1
Host: hemsync.clickagy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.newsandpromotions.com
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 08:59:58 GMT
content-type: text/plain; charset=utf-8
content-length: 28
access-control-allow-origin: http://www.newsandpromotions.com
vary: origin
access-control-allow-credentials: true
access-control-expose-headers: content-length, last-modified, expires, content-type
content-encoding: gzip
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j99&a=160585921&t=pageview&_s=1&dl=http%3A%2F%2Fwww.newsandpromotions.com%2Fspecial-offer%2F&ul=en-us&de=UTF-8&dt=Special%20Offer&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=309776715&gjid=1756663740&cid=1538406450.1675587638&tid=UA-47081731-1&_gid=240984451.1675587638&_r=1&_slc=1&z=538982715
200 OK 4 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j99&a=160585921&t=pageview&_s=1&dl=http%3A%2F%2Fwww.newsandpromotions.com%2Fspecial-offer%2F&ul=en-us&de=UTF-8&dt=Special%20Offer&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=309776715&gjid=1756663740&cid=1538406450.1675587638&tid=UA-47081731-1&_gid=240984451.1675587638&_r=1&_slc=1&z=538982715
IP
File type ASCII text, with no line terminators
Hash 9e92e190700c1af4539b40c2171320a9
209bcdb79e6067b51091ce8586d4b977f25b67d8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
POST /j/collect?v=1&_v=j99&a=160585921&t=pageview&_s=1&dl=http%3A%2F%2Fwww.newsandpromotions.com%2Fspecial-offer%2F&ul=en-us&de=UTF-8&dt=Special%20Offer&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=309776715&gjid=1756663740&cid=1538406450.1675587638&tid=UA-47081731-1&_gid=240984451.1675587638&_r=1&_slc=1&z=538982715 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://www.newsandpromotions.com
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://www.newsandpromotions.com
date: Sun, 05 Feb 2023 08:59:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google-analytics.com/collect?v=1&_v=j99&a=160585921&t=pageview&_s=2&dl=http%3A%2F%2Fwww.newsandpromotions.com%2Fspecial-offer%2F&ul=en-us&de=UTF-8&dt=Special%20Offer&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=1538406450.1675587638&tid=UA-47081731-1&_gid=240984451.1675587638&z=254667241
200 OK 35 B URL HTTP/1.1 www.google-analytics.com/collect?v=1&_v=j99&a=160585921&t=pageview&_s=2&dl=http%3A%2F%2Fwww.newsandpromotions.com%2Fspecial-offer%2F&ul=en-us&de=UTF-8&dt=Special%20Offer&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=1538406450.1675587638&tid=UA-47081731-1&_gid=240984451.1675587638&z=254667241
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /collect?v=1&_v=j99&a=160585921&t=pageview&_s=2&dl=http%3A%2F%2Fwww.newsandpromotions.com%2Fspecial-offer%2F&ul=en-us&de=UTF-8&dt=Special%20Offer&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=1538406450.1675587638&tid=UA-47081731-1&_gid=240984451.1675587638&z=254667241 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Pragma: no-cache
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
Date: Sat, 04 Feb 2023 13:08:04 GMT
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Age: 71514
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Content-Type: image/gif
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5ac5aaa2dd1a2ab697244f3c0fe3b5b5
bb8a9aeb28cc645435760f3a9a57d85e295de419
d42327bb295e41a2b04efa1c2ad6094a3480d0010de10bb32600f4d17fe9f0d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 08:59:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: R4dcPzGCCOYPJChnqij3tw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Mc6LXiHJKw9ihfKUYW3Wxu7hnjM=
cm.g.doubleclick.net/pixel?google_nid=clickagy&google_sc=&google_cm=&google_hm=YzphNTlmMDA3ZmJmMzM4NGNjYzMzY2M1ODZkNWQzNDhmMA&google_tc=
302 Found 265 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=clickagy&google_sc=&google_cm=&google_hm=YzphNTlmMDA3ZmJmMzM4NGNjYzMzY2M1ODZkNWQzNDhmMA&google_tc=
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 9f1fbfff37b680f152cc71b6eecdb9d1
068b67c14ee6a05b91435957019babb787d18212
d1678feba8438532e9c3cb5d3d41dbd316e8947604241a7954214a3bd599816b
GET /pixel?google_nid=clickagy&google_sc=&google_cm=&google_hm=YzphNTlmMDA3ZmJmMzM4NGNjYzMzY2M1ODZkNWQzNDhmMA&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.newsandpromotions.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://aorta.clickagy.com/pixel.gif?ch=8&cm=&google_error=3
date: Sun, 05 Feb 2023 08:59:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 265
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 153d0de36959c722c00df71ba86daca2
305f56a3134879ebf0828e169e903e560540c070
0cf533a798d42d1e97fb6619a411afadf9a68c92302ba852869b0c0555a47987
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 08:59:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash ac85d3e0a8ec2827b2e3f0eca3336919
4b630e134dcb05e77c44e313f22f2214b51841a2
d1747dfa46c4ca2dcc3239bd1376ae7401b4b3e7b8d260dc4162b9b8208cd6f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6225
Cache-Control: max-age=93374
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 08:59:58 GMT
Etag: "63de217b-1d7"
Expires: Mon, 06 Feb 2023 10:56:12 GMT
Last-Modified: Sat, 04 Feb 2023 09:12:27 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-47081731-1&cid=1538406450.1675587638&jid=309776715&gjid=1756663740&_gid=240984451.1675587638&_u=IEBAAEAAAAAAACAAI~&z=816780254
200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-47081731-1&cid=1538406450.1675587638&jid=309776715&gjid=1756663740&_gid=240984451.1675587638&_u=IEBAAEAAAAAAACAAI~&z=816780254
IP
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-47081731-1&cid=1538406450.1675587638&jid=309776715&gjid=1756663740&_gid=240984451.1675587638&_u=IEBAAEAAAAAAACAAI~&z=816780254 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://www.newsandpromotions.com
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://www.newsandpromotions.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 05 Feb 2023 08:59:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
connect.facebook.net/en_US/sdk.js
200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP
File type ASCII text, with very long lines (1957)
Hash efdb8d0cf9a357810bd1fbef4f99a1eb
2356e2a6457b1e9a9b40dee57b7a90a57c814e06
47a6cfbb41eb680c55038b4a7d58d14b6c69c9e714876e584ef963bed16949c5
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.newsandpromotions.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 2ef6f723b028bd2d88c57c344c1992b8
etag: "36c6b99d37972b6497e1702bedb8efd3"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sun, 05 Feb 2023 09:12:53 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: 79uNDPmjV4EL0fvvT5mh6w==
x-fb-debug: zdmsg6D7iYVQR1PHGwRUboPKs2owP97v/z5cRkXYpRqB5L2zOA3l14CkfLi2unK859UDBoePKEIVY67olq/k+g==
priority: u=3,i
content-length: 1688
x-fb-trip-id: 1679558926
date: Sun, 05 Feb 2023 08:59:58 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
aorta.clickagy.com/pixel.gif?ch=8&cm=&google_error=3
302 Found 0 B URL HTTP/2 aorta.clickagy.com/pixel.gif?ch=8&cm=&google_error=3
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel.gif?ch=8&cm=&google_error=3 HTTP/1.1
Host: aorta.clickagy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.newsandpromotions.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sun, 05 Feb 2023 08:59:58 GMT
content-type: application/json
content-length: 0
location: https://pixel-sync.sitescout.com/connectors/clickagy/usersync?redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D
server: Aorta/20230131.88c800859
x-aorta-host: 767adce2b57b
x-aorta-region: us-east-1
access-control-allow-credentials: true
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
access-control-expose-headers: Set-Cookie
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin:
access-control-max-age: 31536000
cache-control: no-cache, no-store, must-revalidate
expect: 0
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash ac85d3e0a8ec2827b2e3f0eca3336919
4b630e134dcb05e77c44e313f22f2214b51841a2
d1747dfa46c4ca2dcc3239bd1376ae7401b4b3e7b8d260dc4162b9b8208cd6f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6225
Cache-Control: max-age=93374
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 08:59:58 GMT
Etag: "63de217b-1d7"
Expires: Mon, 06 Feb 2023 10:56:12 GMT
Last-Modified: Sat, 04 Feb 2023 09:12:27 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash a78b06ca527ce7542b24b349e0485d8b
6f5e5126c1c9d40c9ba09d58e1755d2ca39d02ab
bc7dc156ab8b2b33422fff0922e219246eb1d12469d10ac8007416fed41ac473
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 08:59:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8077210062c315b98902cb06c74d485b
808e94ac31f1b45185103ce25c1bc2afd056b17a
78871f45de0c58bffa6a86b50f6bd0db61932bf6a2b7d8191dba0f0eaab628b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 08:59:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-47081731-1&cid=1538406450.1675587638&jid=309776715&_u=IEBAAEAAAAAAACAAI~&z=1251038497
200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-47081731-1&cid=1538406450.1675587638&jid=309776715&_u=IEBAAEAAAAAAACAAI~&z=1251038497
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-47081731-1&cid=1538406450.1675587638&jid=309776715&_u=IEBAAEAAAAAAACAAI~&z=1251038497 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 05 Feb 2023 08:59:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-47081731-1&cid=1538406450.1675587638&jid=309776715&_u=IEBAAEAAAAAAACAAI~&z=1251038497
200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-47081731-1&cid=1538406450.1675587638&jid=309776715&_u=IEBAAEAAAAAAACAAI~&z=1251038497
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-47081731-1&cid=1538406450.1675587638&jid=309776715&_u=IEBAAEAAAAAAACAAI~&z=1251038497 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 05 Feb 2023 08:59:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8077210062c315b98902cb06c74d485b
808e94ac31f1b45185103ce25c1bc2afd056b17a
78871f45de0c58bffa6a86b50f6bd0db61932bf6a2b7d8191dba0f0eaab628b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 08:59:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fo-static.omnitagjs.com/ot_multi.js
200 OK 124 kB URL HTTP/2 fo-static.omnitagjs.com/ot_multi.js
IP
ASN #20940 Akamai International B.V.
Size 124 kB (123941 bytes)
Hash 83d4e2a33ef70ae9db8712e4b1305fa0
89d17e5a3c18a036baa28be2d62bafe84f53872a
70bc6d4b668d5b532ba3a0927de73caa536bfc518f36eb9cba0c78cb93bb9e92
GET /ot_multi.js HTTP/1.1
Host: fo-static.omnitagjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.newsandpromotions.com
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: ayl-lb-fra02
content-type: application/javascript; charset=UTF-8
last-modified: Wed, 01 Feb 2023 14:59:44 GMT
etag: "63da7e60-7d14d"
pragma: public
access-control-max-age: 86400
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: OPTIONS, GET
access-control-allow-credentials: false
access-control-allow-headers: X-Requested-With, Content-Type
accept-ranges: bytes
x-envoy-upstream-service-time: 0
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=1173
expires: Sun, 05 Feb 2023 09:19:31 GMT
date: Sun, 05 Feb 2023 08:59:58 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 727 B IP
Hash bb7b244d63e1a69a91119cce50538547
128bcee4aeb712d68252fa41b5d405ab9a9927c5
485079c9c58e40d63dad1d5b88d245d52fb8cd8308b98a676a28b8270d3f80eb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5666
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 08:59:58 GMT
Etag: "63df1ed2-2d7"
Last-Modified: Sun, 05 Feb 2023 07:25:32 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 727
connect.facebook.net/en_US/sdk.js?hash=2b2c497307353d093948ed5c4bc5f180
200 OK 88 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=2b2c497307353d093948ed5c4bc5f180
IP
File type ASCII text, with very long lines (18530)
Hash daf8ef4ee61ba263f2310d43e463ea1a
03c8cab865b87abdbaff541aa091802eaac97c3c
610f2035e3d7c003766bb1a7ec04bf40bd363f20813a1650696c9887f8783e59
GET /en_US/sdk.js?hash=2b2c497307353d093948ed5c4bc5f180 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.newsandpromotions.com
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 4b59cc754c2fd597f07756ddaefc29ae
etag: "ddc706513b89e2fca2bd0746b91339f6"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Mon, 05 Feb 2024 07:20:18 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: 2vjvTuYbomPyMQ1D5GPqGg==
x-fb-debug: UxUn/oa9mec8PF1FsCHcak+g333tbuoded+/rOkMYx0MdObMk+r/C8UEZdpyp6PfR3I3PNIXD3Hg2BQbuZzN3A==
priority: u=3,i
content-length: 88450
x-fb-trip-id: 1679558926
date: Sun, 05 Feb 2023 08:59:58 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/newsandpromotions/loader.js
200 OK 14 kB URL HTTP/1.1 cdn.taboola.com/libtrc/newsandpromotions/loader.js
IP
File type ASCII text, with very long lines (32016)
Hash b059d489918fb33e248673a72ed8d7b5
22325ae69925a59c51c0fe4af0551c40431615dc
a4140fb94f3077ec71647d5617bf87e84928557738d8889d1b0da8b3e032edd0
GET /libtrc/newsandpromotions/loader.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 13717
x-amz-id-2: PkwA2Lcc2DMsnyIcb8FWZWWPMcDkSbxMRjVoTQTVYTXsWGKDqq+VnH/BOR4o3xuzO5Bs8QCZHwM=
x-amz-request-id: 3WEZ1VF42C0M88BG
x-amz-replication-status: COMPLETED
Last-Modified: Sun, 17 Apr 2016 12:00:52 GMT
ETag: "b6297b83e8345e890ff1c5b8f1a1ee9d"
x-amz-version-id: 1.vZczLY5A5Fi2f8g6dyocx9EAdIVCZy
Content-Type: application/javascript; charset=utf-8
Server: AmazonS3
Fastly-Restarts: 2
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Sun, 05 Feb 2023 08:59:59 GMT
Via: 1.1 varnish
Age: 0
X-Served-By: cache-bma1656-BMA
X-Cache: HIT
X-Cache-Hits: 1
X-Timer: S1675587599.566859,VS0,VE433
Cache-Control: private,max-age=14401
Vary: Accept-Encoding
abp: 75
pixel-sync.sitescout.com/connectors/clickagy/usersync?cookieQ=1&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D
204 No Content 0 B URL HTTP/2 pixel-sync.sitescout.com/connectors/clickagy/usersync?cookieQ=1&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /connectors/clickagy/usersync?cookieQ=1&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D HTTP/1.1
Host: pixel-sync.sitescout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.newsandpromotions.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: max-age=0,no-cache,no-store
pragma: no-cache
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
date: Sun, 05 Feb 2023 08:59:58 GMT
server: AC1.1
X-Firefox-Spdy: h2
b.scorecardresearch.com/beacon.js
200 OK 1.9 kB URL HTTP/1.1 b.scorecardresearch.com/beacon.js
IP
File type ASCII text, with very long lines (3936)
Hash ccbe1595614949962ea0f4c9ec84e783
65525e8918223db782724d28fce74efb513a0fb0
f422f26d9197a10abf1a13a13a87a5fcc4b98ad57aae11fadfddf2df02b591f5
GET /beacon.js HTTP/1.1
Host: b.scorecardresearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 28 Jun 2022 13:19:23 GMT
x-amz-server-side-encryption: AES256
Server: AmazonS3
Content-Encoding: gzip
Date: Sun, 05 Feb 2023 03:12:44 GMT
Cache-Control: max-age=86400
ETag: W/"eaf85c1c6758e84acfe134efd70e9373"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: FHPvIgAtEsboAxXrVSTNTPA2FnggF24Y1mkZtRoJ68pnCyNCgiwQvw==
Age: 20836
fo-ssp.omnitagjs.com/fo-ssp/sync?attempt=local-jkoylc2809i
200 OK 753 B URL HTTP/1.1 fo-ssp.omnitagjs.com/fo-ssp/sync?attempt=local-jkoylc2809i
IP
ASN #200271 Iguane Solutions SAS
File type ASCII text, with very long lines (562)
Hash a720c75977be338e69a6a838d07d32e9
7650ef8f8b0cc0d0a4e21ae9fe5c3d00c8803236
e9c8ce81a0da964010957aafa85e6283e2bbeb7d23f9a9a521f447a374e2ccc5
GET /fo-ssp/sync?attempt=local-jkoylc2809i HTTP/1.1
Host: fo-ssp.omnitagjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
HTTP/1.1 200 OK
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
expires: 0
p3p: CP="CAO PSA OUR"
pragma: no-cache
set-cookie: ayl_visitor=b952796c02ac68fa682eff234bb108db; Path=/; Domain=omnitagjs.com; Max-Age=2592000; Secure; SameSite=None
vary: Accept-Encoding
x-content-type-options: nosniff
date: Sun, 05 Feb 2023 08:59:58 GMT
content-length: 753
x-envoy-upstream-service-time: 1
server: ayl-lb-fra02
sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&cs_it=b3&cv=3.8.0.210223&ns__t=1675587638627&ns_c=UTF-8&c7=http%3A%2F%2Fwww.newsandpromotions.com%2Fspecial-offer%2F&c8=Special%20Offer&c9=
204 No Content 0 B URL HTTP/2 sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&cs_it=b3&cv=3.8.0.210223&ns__t=1675587638627&ns_c=UTF-8&c7=http%3A%2F%2Fwww.newsandpromotions.com%2Fspecial-offer%2F&c8=Special%20Offer&c9=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b?c1=7&c2=13739933&c3=20121515121&cs_it=b3&cv=3.8.0.210223&ns__t=1675587638627&ns_c=UTF-8&c7=http%3A%2F%2Fwww.newsandpromotions.com%2Fspecial-offer%2F&c8=Special%20Offer&c9= HTTP/1.1
Host: sb.scorecardresearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 05 Feb 2023 08:59:59 GMT
set-cookie: UID=175ac38dc7ab7d70101d4451675587599; domain=.scorecardresearch.com; path=/; max-age=62208000
x-cache: Miss from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: QoJOpCjaRjp701G1DKg57T-753AFVdm8AjKRyyvlmFIsdCgXp_E8DA==
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 78407ac1cb64f8eedeb697574509b417
2e2667c7cd3a397de8a75342fb51d4bbc2a53028
d8274c6af50031fb7a5c1ac7b69df880dc0c0024734469aba9f4558a42d850bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8274C6AF50031FB7A5C1AC7B69DF880DC0C0024734469ABA9F4558A42D850BB"
Last-Modified: Fri, 03 Feb 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2858
Expires: Sun, 05 Feb 2023 09:47:37 GMT
Date: Sun, 05 Feb 2023 08:59:59 GMT
Connection: keep-alive
cdn.taboola.com/libtrc/impl.205-RELEASE.js
200 OK 82 kB URL HTTP/1.1 cdn.taboola.com/libtrc/impl.205-RELEASE.js
IP
File type ASCII text, with very long lines (32045)
Hash 63208f5a0c6dda005c182f71acd99cb5
964b90563c30fb6eec6567fc9b84b84dc0fb5a86
928a0653cad2a2cfa68c616d499a15d12a642d22025a017e1efe15f5e798be61
GET /libtrc/impl.205-RELEASE.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 82427
x-amz-id-2: KWJZgL4FkH7wBz6EAvjj7sbuw0UnIBwnRLuD1SclK7FbNW1/ikwhH4WYYU7ivGLFDtvxaBIYCyk=
x-amz-request-id: AB9TYXSZSP3Q82QP
x-amz-replication-status: COMPLETED
Last-Modified: Thu, 21 Apr 2016 11:01:32 GMT
ETag: "b271ab15d80778ccf730076dd2fa7bf8"
x-amz-version-id: G4.vYuMpf.hwuBE9LrHkwGh9fDb2BZUS
Content-Type: application/javascript; charset=utf-8
Server: AmazonS3
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Sun, 05 Feb 2023 08:59:59 GMT
Via: 1.1 varnish
Age: 0
X-Served-By: cache-bma1656-BMA
X-Cache: HIT
X-Cache-Hits: 1
X-Timer: S1675587599.050378,VS0,VE101
Cache-Control: private,max-age=31536000
Vary: Accept-Encoding
abp: 47
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 78407ac1cb64f8eedeb697574509b417
2e2667c7cd3a397de8a75342fb51d4bbc2a53028
d8274c6af50031fb7a5c1ac7b69df880dc0c0024734469aba9f4558a42d850bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8274C6AF50031FB7A5C1AC7B69DF880DC0C0024734469ABA9F4558A42D850BB"
Last-Modified: Fri, 03 Feb 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2858
Expires: Sun, 05 Feb 2023 09:47:37 GMT
Date: Sun, 05 Feb 2023 08:59:59 GMT
Connection: keep-alive
aux.fqtag.com/aux/p
204 No Content 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /aux/p HTTP/1.1
Host: aux.fqtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: text/plain; charset=utf-8
Content-Length: 216
Origin: http://www.newsandpromotions.com
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
HTTP/1.1 204 No Content
Access-Control-Allow-Origin: *
Date: Sun, 05 Feb 2023 08:59:59 GMT
Via: 1.1 google
ocsp.sectigo.com/
200 OK 471 B IP
Hash 6556f64df784b54abb99f2cd4aa0bf39
1e1b0aa7889bc334a05cceb7c81e2e84fd5bb01b
f2db3aca82b1d971a515a5d0e6ba50a0d4fb7249ad449969d42d90c874a34e38
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 08:59:59 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 05 Feb 2023 08:41:15 GMT
Expires: Sun, 12 Feb 2023 08:41:14 GMT
Etag: "1e1b0aa7889bc334a05cceb7c81e2e84fd5bb01b"
Cache-Control: max-age=603074,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 794a73fe9fb8b4eb-OSL
trc.taboola.com/newsandpromotions/log/2/debug?tim=09%3A00%3A38.767&type=map&msg=trcrboxui%20page_management%20parseXML&id=4360&cv=205-RELEASE-${version}
204 No Content 0 B URL HTTP/1.1 trc.taboola.com/newsandpromotions/log/2/debug?tim=09%3A00%3A38.767&type=map&msg=trcrboxui%20page_management%20parseXML&id=4360&cv=205-RELEASE-${version}
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /newsandpromotions/log/2/debug?tim=09%3A00%3A38.767&type=map&msg=trcrboxui%20page_management%20parseXML&id=4360&cv=205-RELEASE-${version} HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
HTTP/1.1 204 No Content
Connection: close
Server: Varnish
Retry-After: 0
Cache-Control: no-store
X-sy: true
Content-Type:
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Date: Sun, 05 Feb 2023 08:59:59 GMT
Via: 1.1 varnish
X-Served-By: cache-bma1666-BMA
X-Cache: HIT
X-Cache-Hits: 0
X-Timer: S1675587599.343129,VS0,VE0
X-vcl-time-ms: 0
contextual.media.net/cksync.php?cs=3&type=ayl&ovsid=000000000000000000000000b00b1337
200 OK 236 B URL HTTP/2 contextual.media.net/cksync.php?cs=3&type=ayl&ovsid=000000000000000000000000b00b1337
IP
File type GIF image data, version 87a, 1 x 1\012- data
Hash a5ddbf3903d9758bafce9e15fd7eb5f7
e26bbbc8d54cc3923796855a8d28a405939dde95
ec3a21a491af4587bee1627d1283c4ec4b36021a7e281dea2ea6e20fd827ce71
GET /cksync.php?cs=3&type=ayl&ovsid=000000000000000000000000b00b1337 HTTP/1.1
Host: contextual.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
content-length: 236
content-type: image/gif
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
strict-transport-security: max-age=31536000
x-mnet-hl2: E
expires: Sun, 05 Feb 2023 08:59:59 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 05 Feb 2023 08:59:59 GMT
X-Firefox-Spdy: h2
s.seedtag.com/cs/cookiesync/adyoulike?channeluid=000000000000000000000000b00b1337&gdpr=0&gdpr_consent=
204 No Content 0 B URL HTTP/2 s.seedtag.com/cs/cookiesync/adyoulike?channeluid=000000000000000000000000b00b1337&gdpr=0&gdpr_consent=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cs/cookiesync/adyoulike?channeluid=000000000000000000000000b00b1337&gdpr=0&gdpr_consent= HTTP/1.1
Host: s.seedtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sun, 05 Feb 2023 08:59:59 GMT
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 6556f64df784b54abb99f2cd4aa0bf39
1e1b0aa7889bc334a05cceb7c81e2e84fd5bb01b
f2db3aca82b1d971a515a5d0e6ba50a0d4fb7249ad449969d42d90c874a34e38
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 08:59:59 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 05 Feb 2023 08:41:15 GMT
Expires: Sun, 12 Feb 2023 08:41:14 GMT
Etag: "1e1b0aa7889bc334a05cceb7c81e2e84fd5bb01b"
Cache-Control: max-age=603074,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 794a7400393fb4eb-OSL
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4201
Expires: Sun, 05 Feb 2023 10:10:00 GMT
Date: Sun, 05 Feb 2023 08:59:59 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4201
Expires: Sun, 05 Feb 2023 10:10:00 GMT
Date: Sun, 05 Feb 2023 08:59:59 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4201
Expires: Sun, 05 Feb 2023 10:10:00 GMT
Date: Sun, 05 Feb 2023 08:59:59 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg
200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5b6c30ad03669b66bf2f63b3edd69882
e630bd132b52b965a5ade646ea8a165d1abf6d7b
f8233d879ec17fd91909655ff8881f2ebfad84272fde3ed5e5be37580378a989
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5014
x-amzn-requestid: a434aae4-fe4b-4fc7-9b7e-eeb552484e8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3bIE0aoAMF6YQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c47-5556d14757190c842bbc6b06;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k6YqagXr3Wr-u1uDKojEnIGW0CxU5yvWPtlzNpzoIvmg9F-rJb9uFQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 14:53:45 GMT
age: 65174
etag: "e630bd132b52b965a5ade646ea8a165d1abf6d7b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8e0be7db14d930d6227443314bcd1747
4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d
baedfbdb08a67f9ff4c698f7e65b08d7e4c5078d0a4233e6bff529b44812735a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12967
x-amzn-requestid: 38c58626-f4ad-4e2b-ad71-a628519d2ea2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmEdHFwCoAMFhxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8b453-7da6d0c1093468d320caaa1e;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 06:25:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: t8dZTwod1-pZr8ACfp-6gfEu0TA3kGpfJrQeF8VgLg2tlrt03sa6Bg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 03:40:08 GMT
age: 19191
etag: "4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98423c35-aa11-41c0-8f4f-52bec4c9eaa8.jpeg
200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98423c35-aa11-41c0-8f4f-52bec4c9eaa8.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b3e7140400336984afc6093c1246f863
59e0b21cdf4cfdac3f1ea05badd007727939ac42
4d927e74922159db5d07b9947fa1021cff74bb7b55759960cb3941d05c1e8f11
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98423c35-aa11-41c0-8f4f-52bec4c9eaa8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9579
x-amzn-requestid: c474008d-a6a9-409b-88e2-c55062044575
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzQtnFGhoAMF5Zw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ddfb23-54dd67257ba25ad24e977a9c;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 06:28:51 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 0Of3BK3VqVMGQGDIODQthVmi7BC8Ney4zgGCpVuzYc1j6D8RRP-AxA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 11:55:41 GMT
age: 75858
etag: "59e0b21cdf4cfdac3f1ea05badd007727939ac42"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c8da623-73ab-4c2d-afaa-03d28de3a280.png
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c8da623-73ab-4c2d-afaa-03d28de3a280.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3e0c38abfcd86f8074d4182d49fc354f
1367bebb73fa652695242100b26c394f1bfe4457
e42d110060133ac05e6cdfafa6473c55473220fdc7eaf03e3a89f58aa3603670
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c8da623-73ab-4c2d-afaa-03d28de3a280.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11056
x-amzn-requestid: 4acc3364-4a33-4934-bdcb-41284d952113
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPFrwEW4IAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf8317-33872f461a2faab552322837;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:04:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XhPm-ZDoEjlgeiXUwMRQZ5pOMs4qJzXagWZg302DcrYpUm5X7O8ZZA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 21:46:47 GMT
age: 40392
etag: "1367bebb73fa652695242100b26c394f1bfe4457"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad342374-789b-497a-b212-29d0b2aaced0.jpeg
200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad342374-789b-497a-b212-29d0b2aaced0.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 75caf9549ac23c827c10d6baabb84884
e8391e4046acb91cd4a6113974fda1c44dcd3865
a01e3a9aaa0b0fa156303bcbf38c1c45ea6abe8d0a052734b05ea4da82f176c4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad342374-789b-497a-b212-29d0b2aaced0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7060
x-amzn-requestid: e3e457e7-b73a-4b5f-a7bb-9a643cde2760
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fwAv_GI1oAMFbIg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dcae66-6793e5e054a709881bb2d191;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 06:49:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6LeXkwyELIc_XykRxsfDIBu7Kda_3OHFDiteX0rKwDt-315catmvKw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:10:43 GMT
age: 38956
etag: "e8391e4046acb91cd4a6113974fda1c44dcd3865"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg
200 OK 3.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d7a466d89c75ff3459b7328591db52cf
c3f29f9c2fbdc1fa2aef7a9e79ca796b28394afb
e73243be3d01d12a224c4e9826c4f52610cf7722eee69f62755278d7550705f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3474
x-amzn-requestid: 5846c080-9f25-4590-863c-8af2126cdbe1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f1WXEEbnoAMFRdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ded0f9-1bd490125feadc14366e7ca0;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 21:41:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: d8aQmkW-aqLFpb79RynlJG2vY1GTDbjLNY0Qukgg_WIjdI6cmbVKFw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:10:58 GMT
etag: "c3f29f9c2fbdc1fa2aef7a9e79ca796b28394afb"
content-type: image/jpeg
age: 38941
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
sync.taboola.com/sg/adyoulikertb-network/1/rtb-h/?GDPR=0&GDPR_CONSENT=&taboola_hm=000000000000000000000000b00b1337
200 OK 0 B URL HTTP/2 sync.taboola.com/sg/adyoulikertb-network/1/rtb-h/?GDPR=0&GDPR_CONSENT=&taboola_hm=000000000000000000000000b00b1337
IP
ASN #200478 Taboola.com ltd
GET /sg/adyoulikertb-network/1/rtb-h/?GDPR=0&GDPR_CONSENT=&taboola_hm=000000000000000000000000b00b1337 HTTP/1.1
Host: sync.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 08:59:59 GMT
x-fastly-to-nlb-rtt: 22035
access-control-allow-credentials: true
X-Firefox-Spdy: h2
settings.luckyorange.net/?u=http%3A%2F%2Fwww.newsandpromotions.com%2Fspecial-offer%2F&s=49801
200 OK 0 B URL HTTP/2 settings.luckyorange.net/?u=http%3A%2F%2Fwww.newsandpromotions.com%2Fspecial-offer%2F&s=49801
IP
GET /?u=http%3A%2F%2Fwww.newsandpromotions.com%2Fspecial-offer%2F&s=49801 HTTP/1.1
Host: settings.luckyorange.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.newsandpromotions.com/
Origin: http://www.newsandpromotions.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 08:59:59 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Keep-Alive,X-Requested-With,If-Modified-Since
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: http://www.newsandpromotions.com
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hk53bsjrPs2tpdNRMD7BYA2Oyhdhp%2FTOkh%2BlV2mWQaxhcTEDHnD3uEEpBAFFbynDZsrRQtK5koTktLBV%2FuyKBUcp6JVPKnfCB%2BWUKQXhBjNgAOcJg8c%2F8het7bTWTpH8qjKkTRLWiOJ2uw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794a73fc1be8b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
tags.clickagy.com/data.js?rnd=5a7223b9ea03d
200 OK 0 B URL HTTP/2 tags.clickagy.com/data.js?rnd=5a7223b9ea03d
IP
GET /data.js?rnd=5a7223b9ea03d HTTP/1.1
Host: tags.clickagy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.newsandpromotions.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 08:59:57 GMT
content-type: application/javascript
last-modified: Wed, 11 Jan 2023 20:57:47 GMT
x-amz-version-id: swy_aEi2mFevUnIx1k7ucq8H7V0abBgM
content-encoding: gzip
etag: W/"7dc7bc84811d5ae6527d61d30e0e1f4d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: W28WwdGcwY6IvY8fh9Xigqq8yzgfAtoL7kEy_EJtFi0-gVb5LndBzA==
age: 77092
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 794a73f6b93b0b06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.newsandpromotions.com/wp-content/plugins/m-wp-popup/js/wpp-popup-frontend.js?ver=1.0
200 OK 0 B URL HTTP/1.1 www.newsandpromotions.com/wp-content/plugins/m-wp-popup/js/wpp-popup-frontend.js?ver=1.0
IP
GET /wp-content/plugins/m-wp-popup/js/wpp-popup-frontend.js?ver=1.0 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 08:59:57 GMT
Server: Apache
Last-Modified: Mon, 29 Aug 2022 12:36:58 GMT
ETag: "8cd5-5e76085030e80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Pragma: public
Cache-Control: public
Content-Length: 11107
Content-Type: application/x-javascript
Via: 1.1 google
cdn.luckyorange.com/w.js
200 OK 0 B IP
GET /w.js HTTP/1.1
Host: cdn.luckyorange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.newsandpromotions.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 08:59:58 GMT
content-type: application/javascript
cache-control: max-age=14400
cf-bgj: minify
age: 3035
etag: W/"dc0bbcecf2e632d9beb92f4d88b21c2b"
last-modified: Fri, 02 Sep 2022 19:59:48 GMT
vary: Accept-Encoding
via: 1.1 0edd9f6bc061f9d64e77285b1cac290c.cloudfront.net (CloudFront)
x-amz-cf-id: 0yP80Kwu6VmuiW59BSApHBwge5qQ1mFCBjs1KXNGIJdpMefgqoAQ6Q==
x-amz-cf-pop: ARN54-C1
x-cache: Hit from cloudfront
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ZVaIOuM1Zkao0hLO1dolrv1l1hhERbYWW7K6ootKWfu8D0Xo3R3N17C3NWi9yMaWQrXaLiQIbiaD3cbQuHa6QDdeF3MTwP5fKVqU2JtdLVyoOGCDY9HuTHCoXGB4kNEzH76xVs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794a73fb4cf2b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-31899.js?sv=5
200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-31899.js?sv=5
IP
GET /c/hotjar-31899.js?sv=5 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.newsandpromotions.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Sun, 05 Feb 2023 08:59:58 GMT
cache-control: max-age=60
etag: W/a49833b797e0df0a75d2a83d30f947bd
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 7qMEGzlg8f1uNjWJ-H-deeweYQUPtIBvqaYPCfRLy2np0Ojin9QdOw==
X-Firefox-Spdy: h2
35.227.209.77
157.240.221.16
104.18.3.235
185.255.84.151
141.226.228.48
23.36.77.32
27.111.12.93
216.145.109.98