www.newsandpromotions.com/special-offer/
35.227.209.77200 OK 14 kB URL HTTP/1.1 www.newsandpromotions.com/special-offer/
IP 35.227.209.77:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash ca7508fc4881e2ae1cfee60a63d9165d
74fb49b8c8d3a1bb46758e707b9f55b6d235c403
6793f112edd1c2487c59e0a4648fcc031755c9c72735f1fddc07e0a9e089659a
GET /special-offer/ HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 10:27:01 GMT
Server: Apache
Last-Modified: Sun, 05 Feb 2023 10:05:12 GMT
Pragma: public
ETag: "ca7508fc4881e2ae1cfee60a63d9165d"
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
Via: 1.1 google
Cache-Control: max-age=2291,public
Transfer-Encoding: chunked
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1cdc095521e9ee2606059be447d1fdd5
02b5d0a5b5823e2338daf7e144700babe2a213af
8bda3aabcf331c2bfcc4c7023cd797c760fd301dc353641bb95048e072f66c66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BDA3AABCF331C2BFCC4C7023CD797C760FD301DC353641BB95048E072F66C66"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13227
Expires: Sun, 05 Feb 2023 14:07:28 GMT
Date: Sun, 05 Feb 2023 10:27:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9277
Expires: Sun, 05 Feb 2023 13:01:38 GMT
Date: Sun, 05 Feb 2023 10:27:01 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 05 Feb 2023 09:33:54 GMT
content-type: application/json
age: 3187
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4617
Expires: Sun, 05 Feb 2023 11:43:58 GMT
Date: Sun, 05 Feb 2023 10:27:01 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: eNCjtkRXRdwYa7myiRBO0/ysWm2bL0QHAdxc3ZvtP91ZTGrBADleTMSxiY8xTB7U0i/8jpp318Y=
x-amz-request-id: Z3YYNWNS452N164V
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 05 Feb 2023 09:53:13 GMT
age: 2028
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
www.newsandpromotions.com/wp-content/themes/magazine-pro/style.css?ver=3.1
35.227.209.77200 OK 7.8 kB URL HTTP/1.1 www.newsandpromotions.com/wp-content/themes/magazine-pro/style.css?ver=3.1
IP 35.227.209.77:0
File type ASCII text, with very long lines (1783)
Hash 62788bc8b4ac3467cf8c92d16d3486ca
b4445f07319e971698c8c599e28a386cbcf536e1
3b83991a52832d324831f4b49cf3c3a784a2da599063cb474e5312b71b11f846
GET /wp-content/themes/magazine-pro/style.css?ver=3.1 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/
HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Pragma: public
Content-Length: 7771
Via: 1.1 google
Date: Sun, 05 Feb 2023 09:05:34 GMT
Age: 4887
Last-Modified: Mon, 29 Aug 2022 12:36:58 GMT
ETag: "aa26-5e76085030e80-gzip"
Content-Type: text/css
Cache-Control: public,max-age=3600
www.newsandpromotions.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.1
35.227.209.77200 OK 12 kB URL HTTP/1.1 www.newsandpromotions.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.1
IP 35.227.209.77:0
File type ASCII text, with very long lines (43771)
Hash e5548800176e913a9084f47a3e1e04f6
eff4604acc5c26ae82a19188de2f98bf5b79d80c
a2569c768eaca09f2483b971fcebb97badd57c9a16b5ae3e16b8cdcd8c688b07
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.1 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/
HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Pragma: public
Content-Length: 11681
Via: 1.1 google
Date: Sun, 05 Feb 2023 09:31:20 GMT
Last-Modified: Wed, 17 Aug 2022 12:20:12 GMT
ETag: "15b64-5e66ee2f43700-gzip"
Content-Type: text/css
Age: 3341
Cache-Control: public,max-age=3600
www.newsandpromotions.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.2
35.227.209.77200 OK 972 B URL HTTP/1.1 www.newsandpromotions.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.2
IP 35.227.209.77:0
Hash 8bf268dfcca7cb20719b7ea14373ef4a
58bd839bbf0e8cc082f0a488b538b4ec71bebd2e
eece4a14939273c7af07bce8bab3a6cfc2c9de44c0eea82cc886abac13cb3870
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.2 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/
HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Pragma: public
Content-Length: 972
Via: 1.1 google
Date: Sun, 05 Feb 2023 07:48:31 GMT
Last-Modified: Mon, 29 Aug 2022 13:14:18 GMT
ETag: "aab-5e7610a86be80-gzip"
Content-Type: text/css
Age: 9510
Cache-Control: public,max-age=3600
www.newsandpromotions.com/wp-content/plugins/ultimate-social-media-plus/css/disable_sfsi.css?ver=6.0.1
35.227.209.77200 OK 93 B URL HTTP/1.1 www.newsandpromotions.com/wp-content/plugins/ultimate-social-media-plus/css/disable_sfsi.css?ver=6.0.1
IP 35.227.209.77:0
File type ASCII text, with CRLF line terminators
Hash 8544c5733382fa68cb14455d8ad0a3ff
22220e847e614e2405975a7f65732ea8ec478633
9284dea1753fc3f5c5a46cfdacbad17087df6e179cf2a40d96df454d5cd5f74d
GET /wp-content/plugins/ultimate-social-media-plus/css/disable_sfsi.css?ver=6.0.1 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/
HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Pragma: public
Content-Length: 93
Via: 1.1 google
Date: Sun, 05 Feb 2023 08:45:03 GMT
Age: 6118
Last-Modified: Mon, 29 Aug 2022 13:11:11 GMT
ETag: "4e-5e760ff6159c0-gzip"
Content-Type: text/css
Cache-Control: public,max-age=3600
www.newsandpromotions.com/wp-content/plugins/genesis-responsive-slider/assets/style.css?ver=1.0.1
35.227.209.77200 OK 1.5 kB URL HTTP/1.1 www.newsandpromotions.com/wp-content/plugins/genesis-responsive-slider/assets/style.css?ver=1.0.1
IP 35.227.209.77:0
Hash baa280ba652ff315f49d25fde759ce8c
60bdf95b25ba644119f8c8c0bd507e83d18fe313
db6c7ba05ae612626911da903629b251115127d8c413ab9f7b7f9b8e49c254da
GET /wp-content/plugins/genesis-responsive-slider/assets/style.css?ver=1.0.1 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/
HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Pragma: public
Content-Length: 1470
Via: 1.1 google
Date: Sun, 05 Feb 2023 08:40:03 GMT
Age: 6418
Last-Modified: Mon, 29 Aug 2022 13:18:47 GMT
ETag: "1066-5e7611a8f5bc0-gzip"
Content-Type: text/css
Cache-Control: public,max-age=3600
www.newsandpromotions.com/wp-content/plugins/m-wp-popup/css/popup-styles.css?ver=1.0
35.227.209.77200 OK 1.9 kB URL HTTP/1.1 www.newsandpromotions.com/wp-content/plugins/m-wp-popup/css/popup-styles.css?ver=1.0
IP 35.227.209.77:0
Hash e8959c24dbe5a45744af288f9ff0f7e0
91fa49535c770697985e06a2ade004977b578c2c
7444568ab19d9d35b8876eff1fb3818b8d21634e764738204bee2ca0bb81eea9
GET /wp-content/plugins/m-wp-popup/css/popup-styles.css?ver=1.0 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/
HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Pragma: public
Content-Length: 1875
Via: 1.1 google
Date: Sun, 05 Feb 2023 08:55:08 GMT
Age: 5513
Last-Modified: Mon, 29 Aug 2022 12:36:58 GMT
ETag: "1bdc-5e76085030e80-gzip"
Content-Type: text/css
Cache-Control: public,max-age=3600
www.newsandpromotions.com/wp-content/plugins/ultimate-social-media-plus/css/sfsi-style.css?ver=3.5.1
35.227.209.77200 OK 15 kB URL HTTP/1.1 www.newsandpromotions.com/wp-content/plugins/ultimate-social-media-plus/css/sfsi-style.css?ver=3.5.1
IP 35.227.209.77:0
File type ASCII text, with CRLF line terminators
Hash a8f50bce699e88944d946862d94fd5cf
156fca342a4be8e956bb1d0ada646146c4631a0d
65a5423ebde85b72a97a1bacff94b6f375a96dd95039b98e7a534dae20a67271
GET /wp-content/plugins/ultimate-social-media-plus/css/sfsi-style.css?ver=3.5.1 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/
HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Pragma: public
Content-Length: 14652
Via: 1.1 google
Date: Sun, 05 Feb 2023 09:15:32 GMT
Age: 4289
Last-Modified: Mon, 29 Aug 2022 13:11:11 GMT
ETag: "19115-5e760ff6159c0-gzip"
Content-Type: text/css
Cache-Control: public,max-age=3600
www.newsandpromotions.com/wp-includes/css/dashicons.min.css?ver=6.0.1
35.227.209.77200 OK 36 kB URL HTTP/1.1 www.newsandpromotions.com/wp-includes/css/dashicons.min.css?ver=6.0.1
IP 35.227.209.77:0
File type ASCII text, with very long lines (58981)
Hash 00492d322e5572c7abc3e8701b6c52c1
0802ac2c8280ce7c98af881b1d49ec682acbf314
8bc01632cbc3ab834e04141d444ff82b05a4691444d70a9860477710e330b824
GET /wp-includes/css/dashicons.min.css?ver=6.0.1 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/
HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Pragma: public
Content-Length: 35730
Via: 1.1 google
Date: Sun, 05 Feb 2023 08:50:00 GMT
Age: 5821
Last-Modified: Wed, 17 Aug 2022 12:20:12 GMT
ETag: "e688-5e66ee2f43700-gzip"
Content-Type: text/css
Cache-Control: public,max-age=3600
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 10:27:01 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A300%2C400%7CRaleway%3A400%2C500%2C900&ver=3.1
142.250.74.74200 OK 729 B URL HTTP/1.1 fonts.googleapis.com/css?family=Roboto%3A300%2C400%7CRaleway%3A400%2C500%2C900&ver=3.1
IP 142.250.74.74:0
Hash b79489dd57e93c021e1d65fde195f080
6a8f970d42b5932c5001ab9b155317cabb6b30ef
dbba7e3c612104f334b16d8e1ca1a904bd7c797c8157945187f719f3e0abc1bb
GET /css?family=Roboto%3A300%2C400%7CRaleway%3A400%2C500%2C900&ver=3.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.newsandpromotions.com
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sun, 05 Feb 2023 10:27:01 GMT
Date: Sun, 05 Feb 2023 10:27:01 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
tags.clickagy.com/data.js?rnd=5a7223b9ea03d
104.18.2.235301 Moved Permanently 0 B URL HTTP/1.1 tags.clickagy.com/data.js?rnd=5a7223b9ea03d
IP 104.18.2.235:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /data.js?rnd=5a7223b9ea03d HTTP/1.1
Host: tags.clickagy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
HTTP/1.1 301 Moved Permanently
Date: Sun, 05 Feb 2023 10:27:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 05 Feb 2023 11:27:01 GMT
Location: https://tags.clickagy.com/data.js?rnd=5a7223b9ea03d
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794af3815d261bfe-OSL
alt-svc: h2=":443"; ma=60
www.newsandpromotions.com/wp-content/plugins/m-wp-popup/js/wpp-popup-frontend.js?ver=1.0
35.227.209.77200 OK 11 kB URL HTTP/1.1 www.newsandpromotions.com/wp-content/plugins/m-wp-popup/js/wpp-popup-frontend.js?ver=1.0
IP 35.227.209.77:0
File type Unicode text, UTF-8 text, with very long lines (20087)
Hash 74e85f4cfdbc29304a9da2382ecf19cc
f8ba9ce2a03d96b79da158910cec16db6071aa25
b84b53a1237aa2aa9bc6c9310b1e918b4c188d8669cbc8eda279d1a94b7cb588
GET /wp-content/plugins/m-wp-popup/js/wpp-popup-frontend.js?ver=1.0 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 10:27:01 GMT
Server: Apache
Last-Modified: Mon, 29 Aug 2022 12:36:58 GMT
ETag: "8cd5-5e76085030e80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Pragma: public
Cache-Control: public
Content-Length: 11107
Content-Type: application/x-javascript
Via: 1.1 google
www.newsandpromotions.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
35.227.209.77200 OK 4.2 kB URL HTTP/1.1 www.newsandpromotions.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 35.227.209.77:0
File type ASCII text, with very long lines (11126)
Hash 5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 10:27:01 GMT
Server: Apache
Last-Modified: Wed, 17 Aug 2022 12:20:12 GMT
ETag: "2bd8-5e66ee2f43700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Pragma: public
Cache-Control: public
Content-Length: 4169
Content-Type: application/x-javascript
Via: 1.1 google
www.newsandpromotions.com/wp-content/plugins/advanced-ads/public/assets/js/advanced.min.js?ver=1.35.1
35.227.209.77200 OK 2.5 kB URL HTTP/1.1 www.newsandpromotions.com/wp-content/plugins/advanced-ads/public/assets/js/advanced.min.js?ver=1.35.1
IP 35.227.209.77:0
File type ASCII text, with very long lines (7187), with no line terminators
Hash 2f3ef429b9c2572bbbcaebc51c08f773
8fc6e050cf13b0f60fe950843b3abdedc35f62c8
d6617f504d115075b9944e9d939fa2df521f40036f77d825567b43740fa8fd0c
GET /wp-content/plugins/advanced-ads/public/assets/js/advanced.min.js?ver=1.35.1 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 10:27:01 GMT
Server: Apache
Last-Modified: Mon, 29 Aug 2022 13:13:19 GMT
ETag: "1c13-5e761070279c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Pragma: public
Cache-Control: public
Content-Length: 2547
Content-Type: application/x-javascript
Via: 1.1 google
www.newsandpromotions.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
35.227.209.77200 OK 31 kB URL HTTP/1.1 www.newsandpromotions.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 35.227.209.77:0
File type ASCII text, with very long lines (65447)
Hash 9640915738503451aa21181699feab5b
c053eaf36ef0da96619706b3abda326305063bd6
f8834e669ad1f4039442c26aaa373ec39c35a233b9786d374fc3f670f16b0adc
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 10:27:01 GMT
Server: Apache
Last-Modified: Wed, 17 Aug 2022 12:20:12 GMT
ETag: "15db1-5e66ee2f43700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Pragma: public
Cache-Control: public
Content-Length: 30908
Content-Type: application/x-javascript
Via: 1.1 google
www.newsandpromotions.com/wp-content/themes/magazine-pro/js/entry-date.js?ver=1.0.0
35.227.209.77200 OK 238 B URL HTTP/1.1 www.newsandpromotions.com/wp-content/themes/magazine-pro/js/entry-date.js?ver=1.0.0
IP 35.227.209.77:0
File type ASCII text, with CRLF, CR line terminators
Hash 9189d2cd8683d69ebfcc54ded48b0290
814efa08db55b511c39343d87a645144ba918725
35e0e8422be99faaa330f6906a9af741de840c3b9da85203906f0f251d4391eb
GET /wp-content/themes/magazine-pro/js/entry-date.js?ver=1.0.0 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 10:27:01 GMT
Server: Apache
Last-Modified: Mon, 29 Aug 2022 12:36:58 GMT
ETag: "17c-5e76085030e80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Pragma: public
Cache-Control: public
Content-Length: 238
Content-Type: application/x-javascript
Via: 1.1 google
www.newsandpromotions.com/wp-content/themes/magazine-pro/js/responsive-menu.js?ver=1.0.0
35.227.209.77200 OK 339 B URL HTTP/1.1 www.newsandpromotions.com/wp-content/themes/magazine-pro/js/responsive-menu.js?ver=1.0.0
IP 35.227.209.77:0
Hash 5e6c107b2464d43a3477b1ed9c5c5708
e637405a68c69ee5ba2fc959532f3c8478567b56
678eb59f05f37b3098442f3e6723bf8a8bb884583d35d113c62a1c0dc801653c
GET /wp-content/themes/magazine-pro/js/responsive-menu.js?ver=1.0.0 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 10:27:01 GMT
Server: Apache
Last-Modified: Mon, 29 Aug 2022 12:36:58 GMT
ETag: "363-5e76085030e80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Pragma: public
Cache-Control: public
Content-Length: 339
Content-Type: application/x-javascript
Via: 1.1 google
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2a9100f5c215b1617d38f2f9f94316f7
49ad50c9c8eee4c65007002aa3ee200e0b89c112
cf128a94a521f81087692b3d692b6c0d9ca22831b6149651cca4fc16750ea095
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4439
Cache-Control: max-age=116248
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 10:27:02 GMT
Etag: "63de9637-117"
Expires: Mon, 06 Feb 2023 18:44:30 GMT
Last-Modified: Sat, 04 Feb 2023 17:30:31 GMT
Server: ECS (amb/6BBB)
X-Cache: HIT
Content-Length: 279
www.newsandpromotions.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.1
35.227.209.77200 OK 5.0 kB URL HTTP/1.1 www.newsandpromotions.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.1
IP 35.227.209.77:0
File type ASCII text, with very long lines (15660)
Hash e6624e0b978e6ddba476be41aaaa82df
822e920d8233072110ed7c8a7f379e5b13209b18
dac86a9ce08e4d8cded47b4fa900a664b0c997d8910c2a1be54a423678925a41
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.1 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 10:27:02 GMT
Server: Apache
Last-Modified: Wed, 17 Aug 2022 12:20:12 GMT
ETag: "48b9-5e66ee2f43700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Pragma: public
Cache-Control: public
Content-Length: 5009
Content-Type: application/x-javascript
Via: 1.1 google
www.newsandpromotions.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
35.227.209.77200 OK 2.5 kB URL HTTP/1.1 www.newsandpromotions.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 35.227.209.77:0
File type ASCII text, with very long lines (6475), with no line terminators
Hash 27cbbd0a9d7c5ad9402118c4afc36035
7659d08a005f5ecfa6c779e3cda45c30007fd059
ebc771d0af626966e38535357861fab0090e0bd7ff346cbe3c7ffdde1683809f
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 10:27:02 GMT
Server: Apache
Last-Modified: Wed, 17 Aug 2022 12:20:12 GMT
ETag: "194b-5e66ee2f43700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Pragma: public
Cache-Control: public
Content-Length: 2457
Content-Type: application/x-javascript
Via: 1.1 google
www.newsandpromotions.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
35.227.209.77200 OK 6.9 kB URL HTTP/1.1 www.newsandpromotions.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP 35.227.209.77:0
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 7e2b78a6e8a9b90385330755ee1cf3e5
684c325f39d45e42ae44a9e42f5e9fe4fb0b909c
43f124dabb4bc663cc1cc8d3161c1e6365cf8445d873ed5d69bbfdb507cf24a9
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 10:27:02 GMT
Server: Apache
Last-Modified: Wed, 17 Aug 2022 12:20:12 GMT
ETag: "50eb-5e66ee2f43700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Pragma: public
Cache-Control: public
Content-Length: 6914
Content-Type: application/x-javascript
Via: 1.1 google
www.newsandpromotions.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.2
35.227.209.77200 OK 6.6 kB URL HTTP/1.1 www.newsandpromotions.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.2
IP 35.227.209.77:0
File type ASCII text, with very long lines (21905), with no line terminators
Hash 38b247e8125da1a0dd504e02d8b6d2b7
2fbec20b65e15f0fa6355281036f00374dc9a1c2
52b2b12cee3c2999c8f2af3664c060144e0f8dba790602846584a1bd42442c82
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.2 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 10:27:02 GMT
Server: Apache
Last-Modified: Mon, 29 Aug 2022 13:14:18 GMT
ETag: "5591-5e7610a86be80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Pragma: public
Cache-Control: public
Content-Length: 6564
Content-Type: application/x-javascript
Via: 1.1 google
www.newsandpromotions.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
35.227.209.77200 OK 7.1 kB URL HTTP/1.1 www.newsandpromotions.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 35.227.209.77:0
File type Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Hash 2f4fcc5a628b379672d76b7e91cbdf07
9d72f2c9cbc1e9b036360acfce8c8ccc8b832b8c
a360f715a418026d2e1acd81c02c83233d0c0b60fdf4ce0b4d33562925d6a0b5
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 10:27:02 GMT
Server: Apache
Last-Modified: Wed, 17 Aug 2022 12:20:12 GMT
ETag: "4ac6-5e66ee2f43700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Pragma: public
Cache-Control: public
Content-Length: 7095
Content-Type: application/x-javascript
Via: 1.1 google
tags.clickagy.com/data.js?rnd=5a7223b9ea03d
104.18.2.235200 OK 14 kB URL HTTP/2 tags.clickagy.com/data.js?rnd=5a7223b9ea03d
IP 104.18.2.235:0
Hash fdd24dc788ee81b1ac0d4bb8f376bb73
2c179bb77d907c529bffe349f3b04676fc4f5b8a
e7db87e7d85fe5d47ba1d38f35248425466d3261b2c7f83657d6ff32af3aa6c4
GET /data.js?rnd=5a7223b9ea03d HTTP/1.1
Host: tags.clickagy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.newsandpromotions.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 10:27:02 GMT
content-type: application/javascript
last-modified: Wed, 11 Jan 2023 20:57:47 GMT
x-amz-version-id: swy_aEi2mFevUnIx1k7ucq8H7V0abBgM
content-encoding: gzip
etag: W/"7dc7bc84811d5ae6527d61d30e0e1f4d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: fkg0OpGDeYkUfoNpVyx0ibH7ExK_kNPNbo3wdyV9yJKbrb8DdiYvGA==
age: 82317
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 794af3822c72b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.newsandpromotions.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15740
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 02 Feb 2023 00:41:03 GMT
Expires: Fri, 02 Feb 2024 00:41:03 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Wed, 11 May 2022 19:24:56 GMT
Content-Type: font/woff2
Age: 294359
www.newsandpromotions.com/wp-content/uploads/2016/12/newspromotions-1.png
35.227.209.77200 OK 4.5 kB URL HTTP/1.1 www.newsandpromotions.com/wp-content/uploads/2016/12/newspromotions-1.png
IP 35.227.209.77:0
File type PNG image data, 380 x 90, 8-bit colormap, non-interlaced\012- data
Hash f5ead7ade67fa940b01008f1f2df4ce2
479e6ebdf0ce7e3345f70ca3e78c0c9398f76e64
5c61ddd4f7ab45d1ca4f263ae05f6814284e8e13d39f7acd4df221a2c1202d90
GET /wp-content/uploads/2016/12/newspromotions-1.png HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/
HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Content-Length: 4511
Vary: Accept-Encoding
Pragma: public
Via: 1.1 google
Date: Sun, 05 Feb 2023 09:31:20 GMT
Age: 3342
Last-Modified: Fri, 02 Dec 2016 16:33:23 GMT
ETag: "119f-542af7f1efac0"
Content-Type: image/png
Cache-Control: public,max-age=3600
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 16 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.newsandpromotions.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15744
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 03 Feb 2023 18:19:39 GMT
Expires: Sat, 03 Feb 2024 18:19:39 GMT
Cache-Control: public, max-age=31536000
Age: 144443
Last-Modified: Wed, 11 May 2022 19:24:48 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
142.250.74.35200 OK 46 kB URL HTTP/1.1 fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 46524, version 1.0\012- data
Hash c1fd378f54921c75e4ae1821e7b8fff6
2ce96e97783b2f154d07f4464ca6f8eb2469f2c1
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
GET /s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.newsandpromotions.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 46524
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 02 Feb 2023 00:35:17 GMT
Expires: Fri, 02 Feb 2024 00:35:17 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Mon, 18 Jul 2022 19:58:01 GMT
Content-Type: font/woff2
Age: 294705
www.newsandpromotions.com/wp-content/plugins/ultimate-social-media-plus/js/shuffle/modernizr.custom.min.js?ver=6.0.1
35.227.209.77200 OK 1.5 kB URL HTTP/1.1 www.newsandpromotions.com/wp-content/plugins/ultimate-social-media-plus/js/shuffle/modernizr.custom.min.js?ver=6.0.1
IP 35.227.209.77:0
File type HTML document, ASCII text, with very long lines (2861), with CRLF line terminators
Hash 89b09e7949c84785295ba10ec9a7b221
07d9364fab4325c9aa57dcb34a13e1fc257fda70
7e28285d9ee6c93786cb59bf8a7e21f6af82fa04ec4d45dd220807b374ffce7f
GET /wp-content/plugins/ultimate-social-media-plus/js/shuffle/modernizr.custom.min.js?ver=6.0.1 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 10:27:02 GMT
Server: Apache
Last-Modified: Mon, 29 Aug 2022 13:11:11 GMT
ETag: "c07-5e760ff6159c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Pragma: public
Cache-Control: public
Content-Length: 1493
Content-Type: application/x-javascript
Via: 1.1 google
c.fqtag.com/tag/implement-r.js?org=9Xf4JS6qIDnMDOaZ0z86&fmt=banner&rt=click&sl=1&fq=1&p=&a=&cmp=nap
35.190.72.161200 OK 2.6 kB URL HTTP/1.1 c.fqtag.com/tag/implement-r.js?org=9Xf4JS6qIDnMDOaZ0z86&fmt=banner&rt=click&sl=1&fq=1&p=&a=&cmp=nap
IP 35.190.72.161:0
File type ASCII text, with very long lines (2644), with no line terminators
Hash 6ac7a7394b4beeff527c6814b87a1add
ff5c7adc84fb2888e39cbd1920e2a5b08fe08ab4
5f10f3bfdffa369ecc7e6a8968ab2bc21a0f2c7ee446d0aa689709f0d9af2da6
GET /tag/implement-r.js?org=9Xf4JS6qIDnMDOaZ0z86&fmt=banner&rt=click&sl=1&fq=1&p=&a=&cmp=nap HTTP/1.1
Host: c.fqtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
HTTP/1.1 200 OK
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
X-XSS-Protection: 0
Pragma: no-cache
Date: Sun, 05 Feb 2023 10:27:02 GMT
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Content-Length: 2644
Via: 1.1 google
www.newsandpromotions.com/wp-content/uploads/2021/05/image1-2-150x150.png
35.227.209.77200 OK 16 kB URL HTTP/1.1 www.newsandpromotions.com/wp-content/uploads/2021/05/image1-2-150x150.png
IP 35.227.209.77:0
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash fd7d2f80645a97b79561ace685e068cb
8c25f1757eabff5f3f2bc58f2479fd35903687d6
4f7166cc360d114d3279967bae732d3eab578ad1f4ea9cedd9c349e9a5eaed37
GET /wp-content/uploads/2021/05/image1-2-150x150.png HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/
HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Content-Length: 15807
Vary: Accept-Encoding
Pragma: public
Via: 1.1 google
Date: Sun, 05 Feb 2023 08:59:57 GMT
Age: 5225
Last-Modified: Thu, 13 May 2021 20:32:29 GMT
ETag: "3dbf-5c23c06a73140"
Content-Type: image/png
Cache-Control: public,max-age=3600
www.newsandpromotions.com/wp-content/uploads/2021/05/5f457a9389aff80028ab7e63-150x150.jpeg
35.227.209.77200 OK 7.0 kB URL HTTP/1.1 www.newsandpromotions.com/wp-content/uploads/2021/05/5f457a9389aff80028ab7e63-150x150.jpeg
IP 35.227.209.77:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Hash 2163bbe8ee8cf486e780d0b9f56ab3c1
9afd37dcd58ffc0b1d1f0af5d1aede8d0df772c8
98978ca510c9861cfdd523c3f518a6d4f0706c75394f006bc6fe0d58c3334fbe
GET /wp-content/uploads/2021/05/5f457a9389aff80028ab7e63-150x150.jpeg HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/
HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Content-Length: 7011
Vary: Accept-Encoding
Pragma: public
Via: 1.1 google
Date: Sun, 05 Feb 2023 09:15:34 GMT
Age: 4288
Last-Modified: Thu, 13 May 2021 20:09:23 GMT
ETag: "1b63-5c23bb40a82c0"
Content-Type: image/jpeg
Cache-Control: public,max-age=3600
www.newsandpromotions.com/wp-content/uploads/2021/05/lead-img-colonial-pipeline-paid-bitcoin-ransomware-150x150.jpg
35.227.209.77200 OK 7.4 kB URL HTTP/1.1 www.newsandpromotions.com/wp-content/uploads/2021/05/lead-img-colonial-pipeline-paid-bitcoin-ransomware-150x150.jpg
IP 35.227.209.77:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Hash 06414e2c01a026af4c01ecfe2a452f4f
fd87ad283df65c69bc9a8228c01bdb6485b161c9
05cbe0eb63271667225aa3f633752f33320920a81377672462140256ff8f9c8a
GET /wp-content/uploads/2021/05/lead-img-colonial-pipeline-paid-bitcoin-ransomware-150x150.jpg HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/
HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Content-Length: 7382
Vary: Accept-Encoding
Pragma: public
Via: 1.1 google
Date: Sun, 05 Feb 2023 09:31:20 GMT
Age: 3342
Last-Modified: Thu, 13 May 2021 20:32:39 GMT
ETag: "1cd6-5c23c073fc7c0"
Content-Type: image/jpeg
Cache-Control: public,max-age=3600
www.newsandpromotions.com/wp-content/plugins/ultimate-social-media-plus/js/custom.js?ver=3.5.1
35.227.209.77200 OK 7.1 kB URL HTTP/1.1 www.newsandpromotions.com/wp-content/plugins/ultimate-social-media-plus/js/custom.js?ver=3.5.1
IP 35.227.209.77:0
File type Unicode text, UTF-8 text, with very long lines (993), with CRLF line terminators
Hash c9cfd412b9c84cf23747249ea9109dce
ddaf50581f707a2ebcd62e572575ba5fe85f55db
9da8dbeda92938db9def60a11b037c10b99ed20bcf7bc90136767e7bfd3c2632
GET /wp-content/plugins/ultimate-social-media-plus/js/custom.js?ver=3.5.1 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 10:27:02 GMT
Server: Apache
Last-Modified: Mon, 29 Aug 2022 13:11:11 GMT
ETag: "90a8-5e760ff6159c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Pragma: public
Cache-Control: public
Content-Length: 7101
Content-Type: application/x-javascript
Via: 1.1 google
www.newsandpromotions.com/wp-content/plugins/genesis-responsive-slider/assets/js/jquery.flexslider.js?ver=1.0.1
35.227.209.77200 OK 5.7 kB URL HTTP/1.1 www.newsandpromotions.com/wp-content/plugins/genesis-responsive-slider/assets/js/jquery.flexslider.js?ver=1.0.1
IP 35.227.209.77:0
Hash 866f7386c0588b123ee6800c3e37f3a4
3dab827923bdb93cc34313dc23644e6716dbc371
81d6ef03dbd667964728549b04cc93daa8c59e3f7546c2e1696c08a13d8a5ad8
GET /wp-content/plugins/genesis-responsive-slider/assets/js/jquery.flexslider.js?ver=1.0.1 HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 10:27:02 GMT
Server: Apache
Last-Modified: Mon, 29 Aug 2022 13:18:47 GMT
ETag: "6a6d-5e7611a8f5bc0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Pragma: public
Cache-Control: public
Content-Length: 5652
Content-Type: application/x-javascript
Via: 1.1 google
cdn.fqtag.com/1.27.339-ccfb11a/pixel.js
35.190.36.172200 OK 90 kB URL HTTP/1.1 cdn.fqtag.com/1.27.339-ccfb11a/pixel.js
IP 35.190.36.172:0
File type ASCII text, with very long lines (31986)
Hash e0eff30579598f76147c9ea12f490d21
f0bf2ef576db440b275bdae3d6abac35e59a33b2
e70a34c5f232fa80328a361630a994cf847c54deb926f13d40be4807291b657b
GET /1.27.339-ccfb11a/pixel.js HTTP/1.1
Host: cdn.fqtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
HTTP/1.1 200 OK
X-GUploader-UploadID: ADPycdsC_p1xWy2CxGYwJr7OR1zZuAbdbPQos1-THZE4U5c8T-b7ZpAyTgoRltm6qmgcd99RVFfpyLFaiOqnsDbBV6lXotkIVefQ
Vary: X-Goog-Allowed-Resources
x-goog-generation: 1611776924905378
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 89647
Content-Language: en
x-goog-hash: crc32c=YwE4YA==, md5=4O/zBXlZj3YUfJ6hL0kNIQ==
x-goog-expiration: Sun, 11 Nov 2294 19:48:44 GMT
x-goog-storage-class: MULTI_REGIONAL
Accept-Ranges: bytes
Content-Length: 89647
Server: UploadServer
Date: Sun, 05 Feb 2023 09:44:36 GMT
Expires: Sun, 05 Feb 2023 10:44:36 GMT
Cache-Control: public, max-age=3600
Age: 2546
Last-Modified: Wed, 27 Jan 2021 19:48:44 GMT
ETag: "e0eff30579598f76147c9ea12f490d21"
Content-Type: application/javascript
www.newsandpromotions.com/wp-content/uploads/2021/05/1620912671_blueprint-api-production.s3.amazonaws-150x150.com
35.227.209.77200 OK 7.1 kB URL HTTP/1.1 www.newsandpromotions.com/wp-content/uploads/2021/05/1620912671_blueprint-api-production.s3.amazonaws-150x150.com
IP 35.227.209.77:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Hash de072c04a4f89d081fb5aba294842f6b
542e7574d8202ef6fd157fc7050c053f32814d04
f08dccdc1054a4c83e6fafa075bde0ac227e6fc5c56d7b9e981039ab8032409a
GET /wp-content/uploads/2021/05/1620912671_blueprint-api-production.s3.amazonaws-150x150.com HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 10:27:02 GMT
Server: Apache
Last-Modified: Thu, 13 May 2021 13:31:10 GMT
ETag: "1bae-5c23623e84380"
Accept-Ranges: bytes
Content-Length: 7086
Vary: User-Agent
Content-Type: application/x-msdownload
Via: 1.1 google
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 05 Feb 2023 10:07:20 GMT
age: 1182
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
c.fqtag.com/pixel
35.190.72.161204 No Content 0 B IP 35.190.72.161:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /pixel HTTP/1.1
Host: c.fqtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: text/plain; charset=utf-8
Content-Length: 2354
Origin: http://www.newsandpromotions.com
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
HTTP/1.1 204 No Content
Access-Control-Allow-Origin: *
Date: Sun, 05 Feb 2023 10:27:02 GMT
Via: 1.1 google
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 34509c11567c3232dad785974e54490b
9c5ae36dc944551d0cfa5f1ac58cdaedc54bde3f
8f0980eb7520451ff8a9beb42a764cec6d3ee4839608b931b8c70a8554e9a825
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=104134
Date: Sun, 05 Feb 2023 10:27:02 GMT
Etag: "63de5f88-1d7"
Expires: Mon, 06 Feb 2023 15:22:36 GMT
Last-Modified: Sat, 04 Feb 2023 13:37:12 GMT
Server: ECS (nyb/1D27)
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: GOHZDiUWTZ-q_tbDwgb5JQA7mT0Xb9coaC6Mh4LLz5qlN8faxhsAhQ==
Age: 6324
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 34509c11567c3232dad785974e54490b
9c5ae36dc944551d0cfa5f1ac58cdaedc54bde3f
8f0980eb7520451ff8a9beb42a764cec6d3ee4839608b931b8c70a8554e9a825
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=103445
Date: Sun, 05 Feb 2023 10:27:02 GMT
Etag: "63de5f88-1d7"
Expires: Mon, 06 Feb 2023 15:11:07 GMT
Last-Modified: Sat, 04 Feb 2023 13:37:12 GMT
Server: ECS (nyb/1D28)
X-Cache: Miss from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: -0H7BvMVdT_imdkdlMhys1z4sL6PAnn_tkBeMUaHx2wwTsyLA3lwzQ==
Age: 5635
aorta.clickagy.com/pixel.gif?clkgypv=jstag
184.72.95.45302 Found 0 B URL HTTP/2 aorta.clickagy.com/pixel.gif?clkgypv=jstag
IP 184.72.95.45:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel.gif?clkgypv=jstag HTTP/1.1
Host: aorta.clickagy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 05 Feb 2023 10:27:02 GMT
content-type: application/json
content-length: 0
location: https://sync.crwdcntrl.net/map/c=8545/tp=CKGY/tpid=c:a59f007fbf3384ccc33cc586d5d348f0/gdpr=0/gdpr_consent=false/?https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D120%26cm%3D%24%7Bprofile_id%7D
server: Aorta/20230131.88c800859
x-aorta-host: 597b397e0c79
x-aorta-region: us-east-1
access-control-allow-credentials: true
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
access-control-expose-headers: Set-Cookie
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin:
access-control-max-age: 31536000
cache-control: no-cache, no-store, must-revalidate
expect: 0
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12402
Expires: Sun, 05 Feb 2023 13:53:44 GMT
Date: Sun, 05 Feb 2023 10:27:02 GMT
Connection: keep-alive
aorta.clickagy.com/data
184.72.95.45200 OK 82 B IP 184.72.95.45:0
File type JSON data\012- , ASCII text, with no line terminators
Hash a8653a916713e224e5c4604f0c7fdc51
52019ddeaa1c1442f4ee137d94874eb36a49b1df
3e7b654c54f990a92b805cf1c1a10108f2f016f96ff5f965fe138c32eff9c1de
POST /data HTTP/1.1
Host: aorta.clickagy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 189
Origin: http://www.newsandpromotions.com
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 10:27:02 GMT
content-type: application/json
content-length: 82
server: Aorta/20230131.88c800859
x-aorta-host: de1953ee45ad
x-aorta-region: us-east-1
access-control-allow-credentials: true
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
access-control-expose-headers: Set-Cookie
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://www.newsandpromotions.com
access-control-max-age: 31536000
cache-control: no-cache, no-store, must-revalidate
expect: 0
content-encoding: gzip
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-31899.js?sv=5
54.230.111.113301 Moved Permanently 167 B URL HTTP/1.1 static.hotjar.com/c/hotjar-31899.js?sv=5
IP 54.230.111.113:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /c/hotjar-31899.js?sv=5 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Sun, 05 Feb 2023 10:27:02 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://static.hotjar.com/c/hotjar-31899.js?sv=5
X-Cache: Redirect from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: xBtO1sIHKZrpEGh4e-Og9u16aanwRvi6Z4s04j4MsKtQd6zyjiIsWQ==
cdn.luckyorange.com/w.js
172.67.70.238301 Moved Permanently 0 B IP 172.67.70.238:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /w.js HTTP/1.1
Host: cdn.luckyorange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
HTTP/1.1 301 Moved Permanently
Date: Sun, 05 Feb 2023 10:27:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 05 Feb 2023 11:27:02 GMT
Location: https://cdn.luckyorange.com/w.js
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QI7c1WjA8%2FXo6tlhVEYcapgvdstTCTiyb0f%2BiXnwKWDrAlzwjSbUcYBzK8ShwnpCVf0XsNlWIy1LuMsLAR6CJydm51WJ3gbi%2FOeVAu7qjWBxiAOJiNlfpUy5rixeJ7ABs%2B85nq4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794af38659b5b4f1-OSL
alt-svc: h2=":443"; ma=60
www.newsandpromotions.com/wp-content/plugins/genesis-favicon-uploader/favicons/favicon.ico
35.227.209.77200 OK 370 B URL HTTP/1.1 www.newsandpromotions.com/wp-content/plugins/genesis-favicon-uploader/favicons/favicon.ico
IP 35.227.209.77:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 1f398bbf1c2563bab04033939d969ef9
fe8decbaad3b46bca9756a0c424c24b70b8c8f24
338f006ae8db3202c7f93467d19acab859a85b0204be887cb527df381d4257f5
GET /wp-content/plugins/genesis-favicon-uploader/favicons/favicon.ico HTTP/1.1
Host: www.newsandpromotions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/special-offer/
HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Pragma: public
Content-Length: 370
Via: 1.1 google
Date: Sun, 05 Feb 2023 09:31:22 GMT
Last-Modified: Mon, 29 Aug 2022 12:36:58 GMT
ETag: "47c-5e76085030e80-gzip"
Content-Type: image/x-icon
Age: 3340
Cache-Control: public,max-age=3600
connect.facebook.net/en_US/sdk.js
31.13.72.12301 Moved Permanently 0 B URL HTTP/1.1 connect.facebook.net/en_US/sdk.js
IP 31.13.72.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
HTTP/1.1 301 Moved Permanently
Location: https://connect.facebook.net/en_US/sdk.js
Content-Type: text/plain
Server: proxygen-bolt
Date: Sun, 05 Feb 2023 10:27:02 GMT
Connection: keep-alive
Content-Length: 0
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/1.1 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 20085
Date: Sun, 05 Feb 2023 09:43:22 GMT
Expires: Sun, 05 Feb 2023 11:43:22 GMT
Cache-Control: public, max-age=7200
Age: 2620
Last-Modified: Tue, 10 Jan 2023 21:29:14 GMT
Content-Type: text/javascript
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ac85d3e0a8ec2827b2e3f0eca3336919
4b630e134dcb05e77c44e313f22f2214b51841a2
d1747dfa46c4ca2dcc3239bd1376ae7401b4b3e7b8d260dc4162b9b8208cd6f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4854
Cache-Control: max-age=86779
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 10:27:02 GMT
Etag: "63de217b-1d7"
Expires: Mon, 06 Feb 2023 10:33:21 GMT
Last-Modified: Sat, 04 Feb 2023 09:12:27 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
fo-api.omnitagjs.com/fo-api/ot.js
185.255.84.150200 OK 1.0 kB URL HTTP/1.1 fo-api.omnitagjs.com/fo-api/ot.js
IP 185.255.84.150:0
ASN #200271 Iguane Solutions SAS
Hash 63583d3a4bb296028a3ff7106c9a924f
ba5034c54206f432cd6d1ee8a61dbddb62a7b809
ed57410b6d3577ae079759ca23479e4b44f02b6e0042fb56cf08b3904dc3fa70
GET /fo-api/ot.js HTTP/1.1
Host: fo-api.omnitagjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
HTTP/1.1 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding
access-control-allow-methods: OPTIONS, GET
access-control-allow-origin: *
access-control-max-age: 3600
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=utf-8
expires: 0
p3p: CP="CAO PSA OUR"
pragma: no-cache
set-cookie: ayl_visitor=503ec3bfae74b4c77dff459a3adef8ec; Path=/; Domain=omnitagjs.com; Max-Age=2592000; Secure; SameSite=None
vary: Accept-Encoding
x-content-type-options: nosniff
date: Sun, 05 Feb 2023 10:27:02 GMT
content-length: 1009
x-envoy-upstream-service-time: 28
server: ayl-lb-fra02
connect.facebook.net/en_US/sdk.js
31.13.72.12200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1957)
Hash a64e7bc809fceb5e87d20b89bac5954b
2ab62ee80290fea389450ed5d6b7d19c20c9f30e
d65264ec2bfeac21727abcd49d2c1e4c66efdc5ca07717ebeee1b31ce5daecc6
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.newsandpromotions.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: c822e585a7ab6ea7873dcce915d6b846
etag: "5e6a75c7fb6b07a9f131d7f97253cf9c"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sun, 05 Feb 2023 10:43:15 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: pk57yAn8616H0guJusWVSw==
x-fb-debug: CGcojRq0P4fNykyyVP4I9DmCOeJ3UKbhQD3Wu40rhyf2wIEiexNoT4RWZlPZnpO9z5j/5nW5UiqvXnMwnd2HGQ==
content-length: 1687
x-fb-trip-id: 1904183273
date: Sun, 05 Feb 2023 10:27:02 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ac85d3e0a8ec2827b2e3f0eca3336919
4b630e134dcb05e77c44e313f22f2214b51841a2
d1747dfa46c4ca2dcc3239bd1376ae7401b4b3e7b8d260dc4162b9b8208cd6f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4854
Cache-Control: max-age=86779
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 10:27:02 GMT
Etag: "63de217b-1d7"
Expires: Mon, 06 Feb 2023 10:33:21 GMT
Last-Modified: Sat, 04 Feb 2023 09:12:27 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
hemsync.clickagy.com/external/hasHashes?clkgypv=jstag&cb=null
54.144.51.81200 OK 28 B URL HTTP/2 hemsync.clickagy.com/external/hasHashes?clkgypv=jstag&cb=null
IP 54.144.51.81:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 830cb026fae1a13104725d2b3100ec10
40188da405f4a93c90f0b5e060e0ccca8e483eba
4d32822dd4fd4e7b58950d7c693e301eaa19b29305077afaebc12852df7f4ee0
GET /external/hasHashes?clkgypv=jstag&cb=null HTTP/1.1
Host: hemsync.clickagy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.newsandpromotions.com
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 10:27:02 GMT
content-type: text/plain; charset=utf-8
content-length: 28
access-control-allow-origin: http://www.newsandpromotions.com
vary: origin
access-control-allow-credentials: true
access-control-expose-headers: content-length, last-modified, expires, content-type
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 153d0de36959c722c00df71ba86daca2
305f56a3134879ebf0828e169e903e560540c070
0cf533a798d42d1e97fb6619a411afadf9a68c92302ba852869b0c0555a47987
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 10:27:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/collect?v=1&_v=j99&a=1271588895&t=pageview&_s=2&dl=http%3A%2F%2Fwww.newsandpromotions.com%2Fspecial-offer%2F&ul=en-us&de=UTF-8&dt=Special%20Offer&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=1692561319.1675592863&tid=UA-47081731-1&_gid=762843489.1675592863&z=1738488325
142.250.74.110200 OK 35 B URL HTTP/1.1 www.google-analytics.com/collect?v=1&_v=j99&a=1271588895&t=pageview&_s=2&dl=http%3A%2F%2Fwww.newsandpromotions.com%2Fspecial-offer%2F&ul=en-us&de=UTF-8&dt=Special%20Offer&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=1692561319.1675592863&tid=UA-47081731-1&_gid=762843489.1675592863&z=1738488325
IP 142.250.74.110:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /collect?v=1&_v=j99&a=1271588895&t=pageview&_s=2&dl=http%3A%2F%2Fwww.newsandpromotions.com%2Fspecial-offer%2F&ul=en-us&de=UTF-8&dt=Special%20Offer&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=1692561319.1675592863&tid=UA-47081731-1&_gid=762843489.1675592863&z=1738488325 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Pragma: no-cache
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
Date: Sun, 05 Feb 2023 06:59:09 GMT
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Age: 12473
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Content-Type: image/gif
cdn.luckyorange.com/w.js
172.67.70.238200 OK 2.3 kB IP 172.67.70.238:0
File type ASCII text, with very long lines (5349), with no line terminators
Hash a27123d254468dc30eec047da90237ea
87f8c59c1162e61451c4f7f53bea30f55e05a117
b4717ae3f5425b7473de5e409adf0be0fba6b6b7275d8650c3945101890086ed
GET /w.js HTTP/1.1
Host: cdn.luckyorange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.newsandpromotions.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 10:27:02 GMT
content-type: application/javascript
cache-control: max-age=14400
cf-bgj: minify
age: 2336
etag: W/"dc0bbcecf2e632d9beb92f4d88b21c2b"
last-modified: Fri, 02 Sep 2022 19:59:48 GMT
vary: Accept-Encoding
via: 1.1 0edd9f6bc061f9d64e77285b1cac290c.cloudfront.net (CloudFront)
x-amz-cf-id: 0yP80Kwu6VmuiW59BSApHBwge5qQ1mFCBjs1KXNGIJdpMefgqoAQ6Q==
x-amz-cf-pop: ARN54-C1
x-cache: Hit from cloudfront
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7G1iLqed4oji4Hcevpfv1Dj%2BqdXuIpkzZHI96q9kZQsSOgNh%2FDc%2BZVC7izsB86XLqf8CmrXffWVfTXapDjAvyATLTndTfO1EQIRI1qkaFfjhyx7L74MgShYW5i9cTTLt1FsAjv0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794af386af7bb4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
connect.facebook.net/en_US/sdk.js?hash=06c79ff834f3cf8b0c4379bf160d8fc0
31.13.72.12200 OK 87 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=06c79ff834f3cf8b0c4379bf160d8fc0
IP 31.13.72.12:0
File type ASCII text, with very long lines (13192)
Hash 783f15e1a306953acd7dd6cf2c4aca6b
8c3e5d0e572cb91dc85a8a0011c790b58bd50b8c
b6f1d96499f80d9a5f4d4498c3e6f9ce68696260cddec71737311b47b23b6fca
GET /en_US/sdk.js?hash=06c79ff834f3cf8b0c4379bf160d8fc0 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.newsandpromotions.com
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: b705f12d2be703d1c8ce6c1abee4f01e
etag: "d4317a805c679f17d11090c1159cb307"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Mon, 05 Feb 2024 09:29:53 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: eD8V4aMGlTrNfdbPLErKaw==
x-fb-debug: jtMOI3pinKjzgMcRAReB8oEL65xyV3/vrB59blQvIdfwuG8K3u7bzSIMrLMxr6quugowdMztpgV73T7IO6+blg==
priority: u=3,i
content-length: 86989
x-fb-trip-id: 1904183273
date: Sun, 05 Feb 2023 10:27:02 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash 576c8fabdd68051f49093c7e3079aa4b
235c853cea8edb570752d38ad342617b31d2aaaa
cfce4ad4916d5e2fe7a4177ad3d47b21b111d42451eb54af1f75c6d279e59c29
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 05 Feb 2023 10:27:02 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 04 Feb 2023 23:06:34 GMT
Expires: Sun, 05 Feb 2023 23:06:34 GMT
ETag: "235c853cea8edb570752d38ad342617b31d2aaaa"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
push.services.mozilla.com/
54.201.77.8101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.201.77.8:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: VT5rQRTMG5oEU8QiIALRlQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: X/KJzoZF88H77MCXE2stSbVlEdE=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5ac5aaa2dd1a2ab697244f3c0fe3b5b5
bb8a9aeb28cc645435760f3a9a57d85e295de419
d42327bb295e41a2b04efa1c2ad6094a3480d0010de10bb32600f4d17fe9f0d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 10:27:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sync.crwdcntrl.net/map/c=8545/tp=CKGY/tpid=c:a59f007fbf3384ccc33cc586d5d348f0/gdpr=0/gdpr_consent=false/?https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D120%26cm%3D%24%7Bprofile_id%7D
54.72.237.23404 Not Found 49 B URL HTTP/2 sync.crwdcntrl.net/map/c=8545/tp=CKGY/tpid=c:a59f007fbf3384ccc33cc586d5d348f0/gdpr=0/gdpr_consent=false/?https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D120%26cm%3D%24%7Bprofile_id%7D
IP 54.72.237.23:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 56398e76be6355ad5999b262208a17c9
a1fdee122b95748d81cee426d717c05b5174fe96
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
GET /map/c=8545/tp=CKGY/tpid=c:a59f007fbf3384ccc33cc586d5d348f0/gdpr=0/gdpr_consent=false/?https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D120%26cm%3D%24%7Bprofile_id%7D HTTP/1.1
Host: sync.crwdcntrl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.newsandpromotions.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Sun, 05 Feb 2023 10:27:02 GMT
content-type: image/gif
content-length: 49
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.9.186
access-control-allow-origin: *
server: Jetty(9.4.38.v20210224)
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-47081731-1&cid=1692561319.1675592863&jid=1307597536&gjid=287570592&_gid=762843489.1675592863&_u=IEBAAEAAAAAAACAAI~&z=865811100
64.233.165.154200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-47081731-1&cid=1692561319.1675592863&jid=1307597536&gjid=287570592&_gid=762843489.1675592863&_u=IEBAAEAAAAAAACAAI~&z=865811100
IP 64.233.165.154:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-47081731-1&cid=1692561319.1675592863&jid=1307597536&gjid=287570592&_gid=762843489.1675592863&_u=IEBAAEAAAAAAACAAI~&z=865811100 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://www.newsandpromotions.com
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://www.newsandpromotions.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 05 Feb 2023 10:27:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a78b06ca527ce7542b24b349e0485d8b
6f5e5126c1c9d40c9ba09d58e1755d2ca39d02ab
bc7dc156ab8b2b33422fff0922e219246eb1d12469d10ac8007416fed41ac473
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 10:27:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8077210062c315b98902cb06c74d485b
808e94ac31f1b45185103ce25c1bc2afd056b17a
78871f45de0c58bffa6a86b50f6bd0db61932bf6a2b7d8191dba0f0eaab628b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 10:27:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5ac5aaa2dd1a2ab697244f3c0fe3b5b5
bb8a9aeb28cc645435760f3a9a57d85e295de419
d42327bb295e41a2b04efa1c2ad6094a3480d0010de10bb32600f4d17fe9f0d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 10:27:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-47081731-1&cid=1692561319.1675592863&jid=1307597536&_u=IEBAAEAAAAAAACAAI~&z=835060721
216.58.211.4200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-47081731-1&cid=1692561319.1675592863&jid=1307597536&_u=IEBAAEAAAAAAACAAI~&z=835060721
IP 216.58.211.4:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-47081731-1&cid=1692561319.1675592863&jid=1307597536&_u=IEBAAEAAAAAAACAAI~&z=835060721 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 05 Feb 2023 10:27:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-47081731-1&cid=1692561319.1675592863&jid=1307597536&_u=IEBAAEAAAAAAACAAI~&z=835060721
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-47081731-1&cid=1692561319.1675592863&jid=1307597536&_u=IEBAAEAAAAAAACAAI~&z=835060721
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-47081731-1&cid=1692561319.1675592863&jid=1307597536&_u=IEBAAEAAAAAAACAAI~&z=835060721 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 05 Feb 2023 10:27:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c7d887fc3e3b7a68b7872c76802085c0
eb26f820776e7d87a00489eb14f918e5f6945835
915e873e95d8f0276f4763e5596b03cac487f6f8a36c65577c6622fc8560d929
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 10:27:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8077210062c315b98902cb06c74d485b
808e94ac31f1b45185103ce25c1bc2afd056b17a
78871f45de0c58bffa6a86b50f6bd0db61932bf6a2b7d8191dba0f0eaab628b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 10:27:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fo-ssp.omnitagjs.com/fo-ssp/sync?attempt=local-o5w5uxx1ic
185.255.84.151200 OK 752 B URL HTTP/1.1 fo-ssp.omnitagjs.com/fo-ssp/sync?attempt=local-o5w5uxx1ic
IP 185.255.84.151:0
ASN #200271 Iguane Solutions SAS
File type ASCII text, with very long lines (558)
Hash b2e5cac937b76939541b3e4cd265cadd
4a7858e07867ecf2dcd5b73f2e4786bb171151f0
66d9c9fb43ff43229b711d00115ba5f0a4ce4eb15a596f1c15718b78402781d9
GET /fo-ssp/sync?attempt=local-o5w5uxx1ic HTTP/1.1
Host: fo-ssp.omnitagjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
HTTP/1.1 200 OK
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
expires: 0
p3p: CP="CAO PSA OUR"
pragma: no-cache
set-cookie: ayl_visitor=b5648c003bd06360fa1513d90bae7f85; Path=/; Domain=omnitagjs.com; Max-Age=2592000; Secure; SameSite=None
vary: Accept-Encoding
x-content-type-options: nosniff
date: Sun, 05 Feb 2023 10:27:02 GMT
content-length: 752
x-envoy-upstream-service-time: 2
server: ayl-lb-fra02
cdn.taboola.com/libtrc/newsandpromotions/loader.js
151.101.65.44200 OK 14 kB URL HTTP/1.1 cdn.taboola.com/libtrc/newsandpromotions/loader.js
IP 151.101.65.44:0
File type ASCII text, with very long lines (32016)
Hash b059d489918fb33e248673a72ed8d7b5
22325ae69925a59c51c0fe4af0551c40431615dc
a4140fb94f3077ec71647d5617bf87e84928557738d8889d1b0da8b3e032edd0
GET /libtrc/newsandpromotions/loader.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 13717
x-amz-id-2: GSVEEENlKWbdHL0+kL3+EQpYsn6OprwMYsTQHLvkqRmFlvO8zxMkWirDB2xXfPzFVbCQaZ1NbRk=
x-amz-request-id: 7DSAWGPBCBHWMD19
x-amz-replication-status: COMPLETED
Last-Modified: Sun, 17 Apr 2016 12:00:52 GMT
ETag: "b6297b83e8345e890ff1c5b8f1a1ee9d"
x-amz-version-id: 1.vZczLY5A5Fi2f8g6dyocx9EAdIVCZy
Content-Type: application/javascript; charset=utf-8
Server: AmazonS3
Fastly-Restarts: 2
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Sun, 05 Feb 2023 10:27:03 GMT
Via: 1.1 varnish
Age: 0
X-Served-By: cache-bma1624-BMA
X-Cache: HIT
X-Cache-Hits: 0
X-Timer: S1675592823.787347,VS0,VE427
Cache-Control: private,max-age=14401
Vary: Accept-Encoding
abp: 9
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2b7809e9767b229a3f03b4edf7a0d9bf
be1cbc9231b659c78ac08af47205391dd400de90
c1fb51c2ddb50176dd8070e4820a0508dff37428b4aee895d8b4f4e3c2f9763a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C1FB51C2DDB50176DD8070E4820A0508DFF37428B4AEE895D8B4F4E3C2F9763A"
Last-Modified: Fri, 03 Feb 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16963
Expires: Sun, 05 Feb 2023 15:09:46 GMT
Date: Sun, 05 Feb 2023 10:27:03 GMT
Connection: keep-alive
matching.ivitrack.com/sync?realm=ayl&uid=000000000000000000000000b00b1337
34.117.157.22200 OK 42 B URL HTTP/2 matching.ivitrack.com/sync?realm=ayl&uid=000000000000000000000000b00b1337
IP 34.117.157.22:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /sync?realm=ayl&uid=000000000000000000000000b00b1337 HTTP/1.1
Host: matching.ivitrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: istio-envoy
date: Sun, 05 Feb 2023 10:27:02 GMT
content-type: image/gif
content-length: 42
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2b7809e9767b229a3f03b4edf7a0d9bf
be1cbc9231b659c78ac08af47205391dd400de90
c1fb51c2ddb50176dd8070e4820a0508dff37428b4aee895d8b4f4e3c2f9763a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C1FB51C2DDB50176DD8070E4820A0508DFF37428B4AEE895D8B4F4E3C2F9763A"
Last-Modified: Fri, 03 Feb 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16963
Expires: Sun, 05 Feb 2023 15:09:46 GMT
Date: Sun, 05 Feb 2023 10:27:03 GMT
Connection: keep-alive
settings.luckyorange.net/?u=http%3A%2F%2Fwww.newsandpromotions.com%2Fspecial-offer%2F&s=49801
104.26.10.16200 OK 104 B URL HTTP/2 settings.luckyorange.net/?u=http%3A%2F%2Fwww.newsandpromotions.com%2Fspecial-offer%2F&s=49801
IP 104.26.10.16:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d42f27c7f6b523d1aa23b3a4ed997f2b
e25e66986b01e0d55759613a3c0938a096112bc9
2dd4ef949dcc15c1edcba465cc16fb6eba0760522020b00d100caa0a1d81e68a
GET /?u=http%3A%2F%2Fwww.newsandpromotions.com%2Fspecial-offer%2F&s=49801 HTTP/1.1
Host: settings.luckyorange.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.newsandpromotions.com/
Origin: http://www.newsandpromotions.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 10:27:03 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Keep-Alive,X-Requested-With,If-Modified-Since
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: http://www.newsandpromotions.com
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZzWCyF8xeW%2BfbN84LfjMHmp7ZseoAsb2WP8WxyZJobMrlUyTOyPk%2FMYcJ2nyOdnpBVASTNQTYd5WR%2FkCJZV4pVS66hgzS98teetIh88IvWSHerKvWDTsYBFPM%2Brl16Kv8%2FR6yAU2r5s4vA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794af3875f390afa-OSL
content-encoding: br
X-Firefox-Spdy: h2
b.scorecardresearch.com/beacon.js
143.204.55.96200 OK 1.9 kB URL HTTP/1.1 b.scorecardresearch.com/beacon.js
IP 143.204.55.96:0
File type ASCII text, with very long lines (3936)
Hash ccbe1595614949962ea0f4c9ec84e783
65525e8918223db782724d28fce74efb513a0fb0
f422f26d9197a10abf1a13a13a87a5fcc4b98ad57aae11fadfddf2df02b591f5
GET /beacon.js HTTP/1.1
Host: b.scorecardresearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 28 Jun 2022 13:19:23 GMT
x-amz-server-side-encryption: AES256
Server: AmazonS3
Content-Encoding: gzip
Date: Sun, 05 Feb 2023 03:12:45 GMT
Cache-Control: max-age=86400
ETag: W/"eaf85c1c6758e84acfe134efd70e9373"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: G7GxRQ9ZCv4MNCwNALlFIdSGtUXuxrzV_C6ksh43OFugxUHPEZXG2Q==
Age: 26060
contextual.media.net/cksync.php?cs=3&type=ayl&ovsid=000000000000000000000000b00b1337
2.18.172.23200 OK 236 B URL HTTP/2 contextual.media.net/cksync.php?cs=3&type=ayl&ovsid=000000000000000000000000b00b1337
IP 2.18.172.23:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash a5ddbf3903d9758bafce9e15fd7eb5f7
e26bbbc8d54cc3923796855a8d28a405939dde95
ec3a21a491af4587bee1627d1283c4ec4b36021a7e281dea2ea6e20fd827ce71
GET /cksync.php?cs=3&type=ayl&ovsid=000000000000000000000000b00b1337 HTTP/1.1
Host: contextual.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
content-length: 236
content-type: image/gif
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
strict-transport-security: max-age=31536000
x-mnet-hl2: E
expires: Sun, 05 Feb 2023 10:27:03 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 05 Feb 2023 10:27:03 GMT
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 085a2ec5437d0f0e37cf3aae2678ed4a
945bd96f97be79468e9c0e3d3c0e0eff518dcdad
ea076434ef6f13c4c16a06257925b0d49425271019b7e8a9e7b3eb6d154b5ab0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 05 Feb 2023 10:27:03 GMT
Last-Modified: Sun, 05 Feb 2023 08:52:40 GMT
Server: ECS (nyb/1D0C)
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: cb0iMgwQ3Cy63FBpCNoq3DJ8a5DiYZrJ3NFYxiS3Vv-u9U8EtceVDg==
Age: 5663
cdn.taboola.com/libtrc/impl.205-RELEASE.js
151.101.65.44200 OK 82 kB URL HTTP/1.1 cdn.taboola.com/libtrc/impl.205-RELEASE.js
IP 151.101.65.44:0
File type ASCII text, with very long lines (32045)
Hash 63208f5a0c6dda005c182f71acd99cb5
964b90563c30fb6eec6567fc9b84b84dc0fb5a86
928a0653cad2a2cfa68c616d499a15d12a642d22025a017e1efe15f5e798be61
GET /libtrc/impl.205-RELEASE.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 82427
x-amz-id-2: KWJZgL4FkH7wBz6EAvjj7sbuw0UnIBwnRLuD1SclK7FbNW1/ikwhH4WYYU7ivGLFDtvxaBIYCyk=
x-amz-request-id: AB9TYXSZSP3Q82QP
x-amz-replication-status: COMPLETED
Last-Modified: Thu, 21 Apr 2016 11:01:32 GMT
ETag: "b271ab15d80778ccf730076dd2fa7bf8"
x-amz-version-id: G4.vYuMpf.hwuBE9LrHkwGh9fDb2BZUS
Content-Type: application/javascript; charset=utf-8
Server: AmazonS3
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Sun, 05 Feb 2023 10:27:03 GMT
Via: 1.1 varnish
Age: 0
X-Served-By: cache-bma1624-BMA
X-Cache: HIT
X-Cache-Hits: 1
X-Timer: S1675592824.533649,VS0,VE101
Cache-Control: private,max-age=31536000
Vary: Accept-Encoding
abp: 80
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 6556f64df784b54abb99f2cd4aa0bf39
1e1b0aa7889bc334a05cceb7c81e2e84fd5bb01b
f2db3aca82b1d971a515a5d0e6ba50a0d4fb7249ad449969d42d90c874a34e38
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 10:27:03 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 05 Feb 2023 08:41:15 GMT
Expires: Sun, 12 Feb 2023 08:41:14 GMT
Etag: "1e1b0aa7889bc334a05cceb7c81e2e84fd5bb01b"
Cache-Control: max-age=597850,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 794af3893af40b06-OSL
csmetrics.hotjar.com/
52.209.24.136204 No Content 0 B IP 52.209.24.136:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: csmetrics.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 81
Origin: http://www.newsandpromotions.com
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 05 Feb 2023 10:27:03 GMT
vary: Origin
access-control-allow-origin: *
X-Firefox-Spdy: h2
sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&cs_it=b3&cv=3.8.0.210223&ns__t=1675592863364&ns_c=UTF-8&c7=http%3A%2F%2Fwww.newsandpromotions.com%2Fspecial-offer%2F&c8=Special%20Offer&c9=
143.204.55.8204 No Content 0 B URL HTTP/2 sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&cs_it=b3&cv=3.8.0.210223&ns__t=1675592863364&ns_c=UTF-8&c7=http%3A%2F%2Fwww.newsandpromotions.com%2Fspecial-offer%2F&c8=Special%20Offer&c9=
IP 143.204.55.8:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b?c1=7&c2=13739933&c3=20121515121&cs_it=b3&cv=3.8.0.210223&ns__t=1675592863364&ns_c=UTF-8&c7=http%3A%2F%2Fwww.newsandpromotions.com%2Fspecial-offer%2F&c8=Special%20Offer&c9= HTTP/1.1
Host: sb.scorecardresearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 05 Feb 2023 10:27:03 GMT
set-cookie: UID=1BC00dc8ff9b91ff3e143151675592823; domain=.scorecardresearch.com; path=/; max-age=62208000
x-cache: Miss from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: WWdckFr_nPtfrJetKJtxtaW9Piar6KhjZAbJL0fv5Jv6msepICwSxA==
X-Firefox-Spdy: h2
s.seedtag.com/cs/cookiesync/adyoulike?channeluid=000000000000000000000000b00b1337&gdpr=0&gdpr_consent=
34.149.50.64204 No Content 0 B URL HTTP/2 s.seedtag.com/cs/cookiesync/adyoulike?channeluid=000000000000000000000000b00b1337&gdpr=0&gdpr_consent=
IP 34.149.50.64:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cs/cookiesync/adyoulike?channeluid=000000000000000000000000b00b1337&gdpr=0&gdpr_consent= HTTP/1.1
Host: s.seedtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sun, 05 Feb 2023 10:27:03 GMT
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
trc.taboola.com/newsandpromotions/log/2/debug?tim=10%3A27%3A43.536&type=map&msg=trcrboxui%20page_management%20parseXML&id=224&cv=205-RELEASE-${version}
151.101.129.44204 No Content 0 B URL HTTP/1.1 trc.taboola.com/newsandpromotions/log/2/debug?tim=10%3A27%3A43.536&type=map&msg=trcrboxui%20page_management%20parseXML&id=224&cv=205-RELEASE-${version}
IP 151.101.129.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /newsandpromotions/log/2/debug?tim=10%3A27%3A43.536&type=map&msg=trcrboxui%20page_management%20parseXML&id=224&cv=205-RELEASE-${version} HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
HTTP/1.1 204 No Content
Connection: close
Server: Varnish
Retry-After: 0
Cache-Control: no-store
X-sy: true
Content-Type:
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Date: Sun, 05 Feb 2023 10:27:03 GMT
Via: 1.1 varnish
X-Served-By: cache-bma1631-BMA
X-Cache: HIT
X-Cache-Hits: 0
X-Timer: S1675592824.740093,VS0,VE0
X-vcl-time-ms: 0
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 6556f64df784b54abb99f2cd4aa0bf39
1e1b0aa7889bc334a05cceb7c81e2e84fd5bb01b
f2db3aca82b1d971a515a5d0e6ba50a0d4fb7249ad449969d42d90c874a34e38
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 10:27:03 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 05 Feb 2023 08:41:15 GMT
Expires: Sun, 12 Feb 2023 08:41:14 GMT
Etag: "1e1b0aa7889bc334a05cceb7c81e2e84fd5bb01b"
Cache-Control: max-age=597850,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 794af38c3d590b06-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7595
Expires: Sun, 05 Feb 2023 12:33:39 GMT
Date: Sun, 05 Feb 2023 10:27:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7595
Expires: Sun, 05 Feb 2023 12:33:39 GMT
Date: Sun, 05 Feb 2023 10:27:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7595
Expires: Sun, 05 Feb 2023 12:33:39 GMT
Date: Sun, 05 Feb 2023 10:27:04 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5b6c30ad03669b66bf2f63b3edd69882
e630bd132b52b965a5ade646ea8a165d1abf6d7b
f8233d879ec17fd91909655ff8881f2ebfad84272fde3ed5e5be37580378a989
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5014
x-amzn-requestid: a434aae4-fe4b-4fc7-9b7e-eeb552484e8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3bIE0aoAMF6YQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c47-5556d14757190c842bbc6b06;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k6YqagXr3Wr-u1uDKojEnIGW0CxU5yvWPtlzNpzoIvmg9F-rJb9uFQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 11:30:27 GMT
age: 82597
etag: "e630bd132b52b965a5ade646ea8a165d1abf6d7b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad342374-789b-497a-b212-29d0b2aaced0.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad342374-789b-497a-b212-29d0b2aaced0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 75caf9549ac23c827c10d6baabb84884
e8391e4046acb91cd4a6113974fda1c44dcd3865
a01e3a9aaa0b0fa156303bcbf38c1c45ea6abe8d0a052734b05ea4da82f176c4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad342374-789b-497a-b212-29d0b2aaced0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7060
x-amzn-requestid: 9379b64e-3a3f-4b8d-aba2-bc3cd7dab98f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3cgFCkIAMFrhA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c4f-6ac6da215407497043249929;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:51 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 75uKxGlJDSXzIUgR5Rm4f13SClTT1UIDLgbkTrFDEDvKmGmViQ3Djg==
via: 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:25:50 GMT
age: 43274
etag: "e8391e4046acb91cd4a6113974fda1c44dcd3865"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d53279-1206-40a7-be9b-b504e0748218.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d53279-1206-40a7-be9b-b504e0748218.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7fff69db25a1c7a3fbe154a3c80ac5aa
638e08807f73b70ab87b804816f9eb3e8dd2aa74
be96b347ba90dda9c39975077d963ff875831a14a4269e28edc0d2f80928bba6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d53279-1206-40a7-be9b-b504e0748218.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5356
x-amzn-requestid: af4c4533-48b8-4b02-951a-3e61933fb126
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3fyFrMoAMFr_w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c64-0346b30d0ded67912070f671;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:06:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: IJBXK8DSlmaj48MVSTo-8A69jOe3x2cvnZYRLfyXZ7jZWqsMbTZsEg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 21:43:26 GMT
age: 45818
etag: "638e08807f73b70ab87b804816f9eb3e8dd2aa74"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8e0be7db14d930d6227443314bcd1747
4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d
baedfbdb08a67f9ff4c698f7e65b08d7e4c5078d0a4233e6bff529b44812735a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12967
x-amzn-requestid: 013fa296-a431-410b-b3fb-7417b3e877eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fpIQAFCMIAMF0Sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9ed99-2e1daa8b75977de07c48b8fc;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 04:42:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: UzQGDCYe_8AuYYLaLSAWzHQhwJMpzpXWbjE5AwukevW6G6SLDxDjmA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 03:42:59 GMT
age: 24245
etag: "4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0def934-b27d-4612-bab8-84bfb73a9960.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0def934-b27d-4612-bab8-84bfb73a9960.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5beaead015b2b4fb6d36009926ba0378
67e7c49ea7648fc6d1dffc22588862c993b785b7
6ae0cec9ade23fd53e9c1407b0324a8060892a65a6b675ccffa4a4c82b66f1ff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0def934-b27d-4612-bab8-84bfb73a9960.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7589
x-amzn-requestid: 280f7003-2696-4a82-bd50-82b0a2b66faf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fsSpoEA0oAMFSBg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63db3170-35dcb9513c891af201b973d1;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 03:43:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: IxfTibTq6T_wq9a5YCIBZLBb70BI7AOLEAYMYYuMZPhvVKjDbFfrvA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 21:52:08 GMT
etag: "67e7c49ea7648fc6d1dffc22588862c993b785b7"
content-type: image/jpeg
age: 45296
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1a4eed23b240d04a3cd6b085cfa93375
f29b9dc3f6bbd2ba76a5a4570ce044d5f240fd00
93e8371f80c12d3753842e36001dbb8d3dc2223b10a594639752cd816c492d4e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10905
x-amzn-requestid: 093778fc-231c-452f-a6fc-15f4eb41ade0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmNJCEDzIAMFmxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8c239-7f56d6e56392f373541db219;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:24:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WVfpilnwhnRXBhJkHBWjxxoP09f7SqlRk8CdWRWOubIIwe0CX89bUA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:09:58 GMT
age: 44226
etag: "f29b9dc3f6bbd2ba76a5a4570ce044d5f240fd00"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
sync.taboola.com/sg/adyoulikertb-network/1/rtb-h/?GDPR=0&GDPR_CONSENT=&taboola_hm=000000000000000000000000b00b1337
141.226.228.48200 OK 0 B URL HTTP/2 sync.taboola.com/sg/adyoulikertb-network/1/rtb-h/?GDPR=0&GDPR_CONSENT=&taboola_hm=000000000000000000000000b00b1337
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
GET /sg/adyoulikertb-network/1/rtb-h/?GDPR=0&GDPR_CONSENT=&taboola_hm=000000000000000000000000b00b1337 HTTP/1.1
Host: sync.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 10:27:03 GMT
x-fastly-to-nlb-rtt: 21869
access-control-allow-credentials: true
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-31899.js?sv=5
54.230.111.113200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-31899.js?sv=5
IP 54.230.111.113:0
GET /c/hotjar-31899.js?sv=5 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.newsandpromotions.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Sun, 05 Feb 2023 10:27:02 GMT
cache-control: max-age=60
etag: W/a49833b797e0df0a75d2a83d30f947bd
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4adjNDAp974q21zuTAhd-z-OVFmQ8V942GGNOYelBkjq4ZCTWG5GzA==
X-Firefox-Spdy: h2
fo-static.omnitagjs.com/ot_multi.js
95.101.10.10200 OK 0 B URL HTTP/2 fo-static.omnitagjs.com/ot_multi.js
IP 95.101.10.10:0
ASN #20940 Akamai International B.V.
GET /ot_multi.js HTTP/1.1
Host: fo-static.omnitagjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.newsandpromotions.com
Connection: keep-alive
Referer: http://www.newsandpromotions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: ayl-lb-fra02
content-type: application/javascript; charset=UTF-8
last-modified: Wed, 01 Feb 2023 14:59:44 GMT
etag: "63da7e60-7d14d"
pragma: public
access-control-max-age: 86400
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: OPTIONS, GET
access-control-allow-credentials: false
access-control-allow-headers: X-Requested-With, Content-Type
accept-ranges: bytes
x-envoy-upstream-service-time: 0
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=946
expires: Sun, 05 Feb 2023 10:42:48 GMT
date: Sun, 05 Feb 2023 10:27:02 GMT
X-Firefox-Spdy: h2