r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 326898eb925368408f6f42ee173b9d89
b8b20ee34b7e7b139e7729b8e46a54ea25f54ac8
96c2c75f700ab55649882111713ca3cfb2eaf08e404c2bc245a641dc12ae168a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96C2C75F700AB55649882111713CA3CFB2EAF08E404C2BC245A641DC12AE168A"
Last-Modified: Wed, 04 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9945
Expires: Fri, 06 Jan 2023 14:59:57 GMT
Date: Fri, 06 Jan 2023 12:14:12 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ce8af3d72e7e9af609039abee59c8b87
8e1b16591fbc632df35f15e23da55ee86af31bc3
52edddbda4a3a3b778f61a491b21e6ea439e9d8024189e636b1f37b2dd7226fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "52EDDDBDA4A3A3B778F61A491B21E6EA439E9D8024189E636B1F37B2DD7226FC"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8956
Expires: Fri, 06 Jan 2023 14:43:28 GMT
Date: Fri, 06 Jan 2023 12:14:12 GMT
Connection: keep-alive
premoconsultants.com/ceo-joanna-doven-joins-the-kdka-radio-morning-show-with-larry-richert-and-kevin-battle-to-discuss-the-covid-19-crisis/
161.35.61.73200 OK 42 kB URL HTTP/1.1 premoconsultants.com/ceo-joanna-doven-joins-the-kdka-radio-morning-show-with-larry-richert-and-kevin-battle-to-discuss-the-covid-19-crisis/
IP 161.35.61.73:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (21302)
Hash a20ac72534589b5ad7132bc81e9ad6ca
0f5a6efd44172f4bd513bde3908d3ed6292852c1
68bc6540a566821cdfedf0e64986f2c61cbf577c1418ce49f1b10a8ac0d84b5c
NIDS Severity Alert suricata medium ET HUNTING Suspicious GET Request with Possible COVID-19 URI M1
GET /ceo-joanna-doven-joins-the-kdka-radio-morning-show-with-larry-richert-and-kevin-battle-to-discuss-the-covid-19-crisis/ HTTP/1.1
Host: premoconsultants.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 06 Jan 2023 12:14:12 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 42482
Connection: keep-alive
Cache-Provider: CLOUDWAYS-CACHE-DE
Last-Modified: Sat, 24 Dec 2022 09:35:53 GMT
Cache-Control: max-age=0
Expires: Fri, 06 Jan 2023 12:14:12 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Age: 0
X-Cache: MISS
Accept-Ranges: bytes
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 06 Jan 2023 11:48:00 GMT
content-type: application/json
age: 1572
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash da484f5e9c6805745e063b236fb81473
ae454bf4a7ae0e96935afc81ee0f89c049097b15
068d0da23acbe7f6b600c4e7dbe9c81d3ad78c8afd122255bbf3550e8a290686
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "068D0DA23ACBE7F6B600C4E7DBE9C81D3AD78C8AFD122255BBF3550E8A290686"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3622
Expires: Fri, 06 Jan 2023 13:14:34 GMT
Date: Fri, 06 Jan 2023 12:14:12 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: mY/YCupDlSxVZq22d9Ju9BkQ6JnISksddbxl6MUyliimRRGed3gYKL0IH5RWMz6r3xLK8vaaW6E=
x-amz-request-id: R4TV61QCGV8E9Z1X
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 06 Jan 2023 12:02:09 GMT
age: 723
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 06 Jan 2023 12:14:12 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-172699249-1
142.250.74.168302 Found 255 B URL HTTP/1.1 www.googletagmanager.com/gtag/js?id=UA-172699249-1
IP 142.250.74.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash ff95cb46b453361ebfc301f5676d1349
95b013f08de4c79f244f5401daebf5133252765e
752a7e4a4d0cf1aff2c34ebee7613e932b43bed6925e8293de9b9577e05c17f3
GET /gtag/js?id=UA-172699249-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://premoconsultants.com/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=UA-172699249-1
Cross-Origin-Resource-Policy: cross-origin
Date: Fri, 06 Jan 2023 12:14:12 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 255
X-XSS-Protection: 0
premoconsultants.com/wp-content/plugins/wpforms-lite/assets/css/wpforms-full.min.css?ver=1.7.4.2
161.35.61.73200 OK 5.5 kB URL HTTP/1.1 premoconsultants.com/wp-content/plugins/wpforms-lite/assets/css/wpforms-full.min.css?ver=1.7.4.2
IP 161.35.61.73:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (39912)
Hash ecfecb25d0d4fc81b6c880494a8e514c
bc12168bb4eacf24ff45f0164a8a2871026a42ef
53ac665480e89ebf40f5a84f492a8aa74326cb0e652df36b815e11172d9da532
GET /wp-content/plugins/wpforms-lite/assets/css/wpforms-full.min.css?ver=1.7.4.2 HTTP/1.1
Host: premoconsultants.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://premoconsultants.com/ceo-joanna-doven-joins-the-kdka-radio-morning-show-with-larry-richert-and-kevin-battle-to-discuss-the-covid-19-crisis/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 06 Jan 2023 12:14:12 GMT
Content-Type: text/css
Last-Modified: Mon, 12 Dec 2022 17:19:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"639762b9-9be9"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
premoconsultants.com/wp-content/uploads/wtfdivi/wp_head.css?ver=1611777105
161.35.61.73200 OK 0 B URL HTTP/1.1 premoconsultants.com/wp-content/uploads/wtfdivi/wp_head.css?ver=1611777105
IP 161.35.61.73:0
ASN #14061 DIGITALOCEAN-ASN
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/uploads/wtfdivi/wp_head.css?ver=1611777105 HTTP/1.1
Host: premoconsultants.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://premoconsultants.com/ceo-joanna-doven-joins-the-kdka-radio-morning-show-with-larry-richert-and-kevin-battle-to-discuss-the-covid-19-crisis/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 06 Jan 2023 12:14:12 GMT
Content-Type: text/css
Content-Length: 0
Last-Modified: Mon, 12 Dec 2022 17:19:54 GMT
Connection: keep-alive
ETag: "639762ba-0"
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
polyfill.io/v3/polyfill.min.js?version=3.109.0&features=Array.prototype.find%2CCustomEvent%2CElement.prototype.closest%2CElement.prototype.dataset%2CEvent%2CMutationObserver%2CNodeList.prototype.forEach%2CObject.assign%2CObject.keys%2CString.prototype.endsWith%2CURL%2CURLSearchParams%2CXMLHttpRequest&flags=gated&ver=5.9.5
151.101.65.26200 OK 101 B URL HTTP/2 polyfill.io/v3/polyfill.min.js?version=3.109.0&features=Array.prototype.find%2CCustomEvent%2CElement.prototype.closest%2CElement.prototype.dataset%2CEvent%2CMutationObserver%2CNodeList.prototype.forEach%2CObject.assign%2CObject.keys%2CString.prototype.endsWith%2CURL%2CURLSearchParams%2CXMLHttpRequest&flags=gated&ver=5.9.5
IP 151.101.65.26:0
Hash 62d93342fdf65b194cf154a43e2b61d8
d4bb66f3550b32e864e0acaaa0195cf6ba752f04
e457929cb4608cdef3c3e180d8e71dad05da40d045e84d70e31ed8601bb4f5ec
GET /v3/polyfill.min.js?version=3.109.0&features=Array.prototype.find%2CCustomEvent%2CElement.prototype.closest%2CElement.prototype.dataset%2CEvent%2CMutationObserver%2CNodeList.prototype.forEach%2CObject.assign%2CObject.keys%2CString.prototype.endsWith%2CURL%2CURLSearchParams%2CXMLHttpRequest&flags=gated&ver=5.9.5 HTTP/1.1
Host: polyfill.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://premoconsultants.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
content-type: text/javascript; charset=utf-8
last-modified: Thu, 05 Jan 2023 14:56:01 GMT
content-encoding: br
age: 0
accept-ranges: bytes
useragent_normaliser: firefox/105.0.0
date: Fri, 06 Jan 2023 12:14:13 GMT
vary: User-Agent, Accept-Encoding
server-timing: cache-bma1656, PASS, fastly;desc="Edge time";dur=11
content-length: 101
X-Firefox-Spdy: h2
premoconsultants.com/wp-content/plugins/post-carousel-for-dv-builder//assets/css/owl.carousel.min.css?ver=5.9.5
161.35.61.73200 OK 1.1 kB URL HTTP/1.1 premoconsultants.com/wp-content/plugins/post-carousel-for-dv-builder//assets/css/owl.carousel.min.css?ver=5.9.5
IP 161.35.61.73:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (3184)
Hash 8864ff6a1198eecf45821c602593ff9a
c6097cea47ac44fcec94781f2af0110cb677ab0a
19eaae3fdfe574cd1b1cfd78d30633a4527bde9711dde88b467fe43ca854cda5
GET /wp-content/plugins/post-carousel-for-dv-builder//assets/css/owl.carousel.min.css?ver=5.9.5 HTTP/1.1
Host: premoconsultants.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://premoconsultants.com/ceo-joanna-doven-joins-the-kdka-radio-morning-show-with-larry-richert-and-kevin-battle-to-discuss-the-covid-19-crisis/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 06 Jan 2023 12:14:13 GMT
Content-Type: text/css
Last-Modified: Mon, 12 Dec 2022 17:19:51 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"639762b7-d17"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
premoconsultants.com/wp-content/plugins/post-carousel-for-dv-builder//assets/css/fh-carousel.css?ver=1671874552
161.35.61.73200 OK 634 B URL HTTP/1.1 premoconsultants.com/wp-content/plugins/post-carousel-for-dv-builder//assets/css/fh-carousel.css?ver=1671874552
IP 161.35.61.73:0
ASN #14061 DIGITALOCEAN-ASN
Hash 3b2ff7e938b4a7b29a86cb5d64f2ef90
4154801e84fafc0d8ea0d58f8c158f37c5ea8607
b3f2abbabd7cff3a83357b2795e9f01211692d4a5759b930f75992bc91ef5090
GET /wp-content/plugins/post-carousel-for-dv-builder//assets/css/fh-carousel.css?ver=1671874552 HTTP/1.1
Host: premoconsultants.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://premoconsultants.com/ceo-joanna-doven-joins-the-kdka-radio-morning-show-with-larry-richert-and-kevin-battle-to-discuss-the-covid-19-crisis/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 06 Jan 2023 12:14:13 GMT
Content-Type: text/css
Last-Modified: Mon, 12 Dec 2022 17:19:51 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"639762b7-780"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
premoconsultants.com/wp-content/plugins/site-reviews/assets/styles/default.css?ver=5.23.6
161.35.61.73200 OK 4.3 kB URL HTTP/1.1 premoconsultants.com/wp-content/plugins/site-reviews/assets/styles/default.css?ver=5.23.6
IP 161.35.61.73:0
ASN #14061 DIGITALOCEAN-ASN
File type Unicode text, UTF-8 text, with very long lines (22903)
Hash c49a7852101e4b4508e5e9ed5a802405
6de033894dda73d4698d8bca8b58742be68ce907
8c2b1170ac7216f814f8b19233c88b1b39a7c0c00997a55e215c2cb2b4ecab5b
GET /wp-content/plugins/site-reviews/assets/styles/default.css?ver=5.23.6 HTTP/1.1
Host: premoconsultants.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://premoconsultants.com/ceo-joanna-doven-joins-the-kdka-radio-morning-show-with-larry-richert-and-kevin-battle-to-discuss-the-covid-19-crisis/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 06 Jan 2023 12:14:13 GMT
Content-Type: text/css
Last-Modified: Mon, 12 Dec 2022 17:19:51 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"639762b7-597c"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
premoconsultants.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
161.35.61.73200 OK 31 kB URL HTTP/1.1 premoconsultants.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 161.35.61.73:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (65447)
Hash 7a6e4a1e4a67fac0cd39ca1dd1982f47
a8bf880e5db17a703293d5a3c92623a97d5a1df1
daf4bcb15594deb268cc05f030ccaf8dfe4acab417758dd16a6f3b2d86d2908f
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: premoconsultants.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://premoconsultants.com/ceo-joanna-doven-joins-the-kdka-radio-morning-show-with-larry-richert-and-kevin-battle-to-discuss-the-covid-19-crisis/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 06 Jan 2023 12:14:13 GMT
Content-Type: application/javascript
Last-Modified: Mon, 12 Dec 2022 17:19:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"639762bb-15db1"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
premoconsultants.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
161.35.61.73200 OK 4.2 kB URL HTTP/1.1 premoconsultants.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 161.35.61.73:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (11126)
Hash 5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: premoconsultants.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://premoconsultants.com/ceo-joanna-doven-joins-the-kdka-radio-morning-show-with-larry-richert-and-kevin-battle-to-discuss-the-covid-19-crisis/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 06 Jan 2023 12:14:13 GMT
Content-Type: application/javascript
Last-Modified: Mon, 12 Dec 2022 17:19:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"639762bb-2bd8"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
premoconsultants.com/wp-content/plugins/cleantalk-spam-protect/js/apbct-public--functions.min.js?ver=5.176
161.35.61.73200 OK 1.2 kB URL HTTP/1.1 premoconsultants.com/wp-content/plugins/cleantalk-spam-protect/js/apbct-public--functions.min.js?ver=5.176
IP 161.35.61.73:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (2982)
Hash 44884a0d2bcd6150188216a0d1b231d7
0dd1f3339fae46c2d0212132b73c0859fd426da5
172a07bab50b5793f27600d20b515b88b86a74e41fb083da7da5b90ed074bdc7
GET /wp-content/plugins/cleantalk-spam-protect/js/apbct-public--functions.min.js?ver=5.176 HTTP/1.1
Host: premoconsultants.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://premoconsultants.com/ceo-joanna-doven-joins-the-kdka-radio-morning-show-with-larry-richert-and-kevin-battle-to-discuss-the-covid-19-crisis/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 06 Jan 2023 12:14:13 GMT
Content-Type: application/javascript
Last-Modified: Mon, 12 Dec 2022 17:19:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"639762b6-bdf"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
use.typekit.net/pwl2off.css
23.36.76.186200 OK 778 B URL HTTP/2 use.typekit.net/pwl2off.css
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (516)
Hash f8fb74ed9a9d82fac5f72477e86a7696
85b4034792361397e948aa05f692406cab2034c8
1cb881fd757310b7405f91ca06c1b84dc3335e90b461e17014ece18aebb2217b
GET /pwl2off.css HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://premoconsultants.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 778
date: Fri, 06 Jan 2023 12:14:13 GMT
X-Firefox-Spdy: h2
p.typekit.net/p.css?s=1&k=pwl2off&ht=tk&f=10294.10295.10296.10297.10302&a=4349736&app=typekit&e=css
23.36.76.186200 OK 5 B URL HTTP/2 p.typekit.net/p.css?s=1&k=pwl2off&ht=tk&f=10294.10295.10296.10297.10302&a=4349736&app=typekit&e=css
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
Hash 83d24d4b43cc7eef2b61e66c95f3d158
f0cafc285ee23bb6c28c5166f305493c4331c84d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
GET /p.css?s=1&k=pwl2off&ht=tk&f=10294.10295.10296.10297.10302&a=4349736&app=typekit&e=css HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/css
content-length: 5
last-modified: Thu, 28 Jul 2022 22:24:50 GMT
etag: "62e30cb2-5"
cache-control: public, max-age=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
date: Fri, 06 Jan 2023 12:14:13 GMT
X-Firefox-Spdy: h2
premoconsultants.com/wp-content/plugins/cleantalk-spam-protect/js/apbct-public.min.js?ver=5.176
161.35.61.73200 OK 2.3 kB URL HTTP/1.1 premoconsultants.com/wp-content/plugins/cleantalk-spam-protect/js/apbct-public.min.js?ver=5.176
IP 161.35.61.73:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (6310)
Hash e4c3e39555c63882e02d719a3f1c6c0d
dcbbf515f4f628b1a4eb2e04c9b2cc43748f3406
e6327fd7764662477ca330c195dcb713f73d87f3864175193b4cb2c71ebe2911
GET /wp-content/plugins/cleantalk-spam-protect/js/apbct-public.min.js?ver=5.176 HTTP/1.1
Host: premoconsultants.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://premoconsultants.com/ceo-joanna-doven-joins-the-kdka-radio-morning-show-with-larry-richert-and-kevin-battle-to-discuss-the-covid-19-crisis/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 06 Jan 2023 12:14:13 GMT
Content-Type: application/javascript
Last-Modified: Mon, 12 Dec 2022 17:19:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"639762b6-18d4"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
premoconsultants.com/wp-content/plugins/cleantalk-spam-protect/js/cleantalk-modal.min.js?ver=5.176
161.35.61.73200 OK 1.1 kB URL HTTP/1.1 premoconsultants.com/wp-content/plugins/cleantalk-spam-protect/js/cleantalk-modal.min.js?ver=5.176
IP 161.35.61.73:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (3073)
Hash 3764dcbd203705721c67f054ec6db9c0
4eb2cc1e8ac61bdca0b35d0469682f085e9d43af
d266e70c07ad8e3c6b417fc844168440f3d9bfea069138bbd0f8a308b11d264a
GET /wp-content/plugins/cleantalk-spam-protect/js/cleantalk-modal.min.js?ver=5.176 HTTP/1.1
Host: premoconsultants.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://premoconsultants.com/ceo-joanna-doven-joins-the-kdka-radio-morning-show-with-larry-richert-and-kevin-battle-to-discuss-the-covid-19-crisis/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 06 Jan 2023 12:14:13 GMT
Content-Type: application/javascript
Last-Modified: Mon, 12 Dec 2022 17:19:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"639762b6-c32"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
premoconsultants.com/wp-content/plugins/post-carousel-for-dv-builder//assets/js/owl.carousel.min.js?ver=5.9.5
161.35.61.73200 OK 11 kB URL HTTP/1.1 premoconsultants.com/wp-content/plugins/post-carousel-for-dv-builder//assets/js/owl.carousel.min.js?ver=5.9.5
IP 161.35.61.73:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (31997)
Hash 1c812c8963bcfa85147594a0eca1894b
ff1cb41d6506a730172deb054e45fed8b4107c5a
f65c1b5d11bd23c67cbb8c7bb0ad886a272f4b46c3af1352edc0d583c0b47ee6
GET /wp-content/plugins/post-carousel-for-dv-builder//assets/js/owl.carousel.min.js?ver=5.9.5 HTTP/1.1
Host: premoconsultants.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://premoconsultants.com/ceo-joanna-doven-joins-the-kdka-radio-morning-show-with-larry-richert-and-kevin-battle-to-discuss-the-covid-19-crisis/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 06 Jan 2023 12:14:13 GMT
Content-Type: application/javascript
Last-Modified: Mon, 12 Dec 2022 17:19:51 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"639762b7-ad36"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
premoconsultants.com/wp-content/plugins/post-carousel-for-dv-builder//assets/js/fh-carousel.js?ver=1671874552
161.35.61.73200 OK 602 B URL HTTP/1.1 premoconsultants.com/wp-content/plugins/post-carousel-for-dv-builder//assets/js/fh-carousel.js?ver=1671874552
IP 161.35.61.73:0
ASN #14061 DIGITALOCEAN-ASN
Hash 8ba0b25cfd151035adc13b1616b2e8da
7912eeebe66d7f84bf730b6f5936bec400d728cb
04cab44d943eb0fc348f927fa4887130a6e9cd586b2ca69ef2d409835a48daa2
GET /wp-content/plugins/post-carousel-for-dv-builder//assets/js/fh-carousel.js?ver=1671874552 HTTP/1.1
Host: premoconsultants.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://premoconsultants.com/ceo-joanna-doven-joins-the-kdka-radio-morning-show-with-larry-richert-and-kevin-battle-to-discuss-the-covid-19-crisis/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 06 Jan 2023 12:14:13 GMT
Content-Type: application/javascript
Last-Modified: Mon, 12 Dec 2022 17:19:51 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"639762b7-967"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
premoconsultants.com/wp-content/plugins/divi-next-texts/includes/modules/NextTextAnimation/dnxt-text-animation.js
161.35.61.73200 OK 1.5 kB URL HTTP/1.1 premoconsultants.com/wp-content/plugins/divi-next-texts/includes/modules/NextTextAnimation/dnxt-text-animation.js
IP 161.35.61.73:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with CRLF line terminators
Hash 7a45aad0dbe3ed05b0a900573cd18d75
f5e0c0ae335b40391d40a0305c08c17e0fea29f6
fceac3034c9d4869a6f247e9d6d9d0b2fe4bf9d5372745097991d47e486f50ba
GET /wp-content/plugins/divi-next-texts/includes/modules/NextTextAnimation/dnxt-text-animation.js HTTP/1.1
Host: premoconsultants.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://premoconsultants.com/ceo-joanna-doven-joins-the-kdka-radio-morning-show-with-larry-richert-and-kevin-battle-to-discuss-the-covid-19-crisis/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 06 Jan 2023 12:14:13 GMT
Content-Type: application/javascript
Last-Modified: Mon, 12 Dec 2022 17:19:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"639762b6-165d"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
premoconsultants.com/wp-content/plugins/divi-next-texts/scripts/wow.min.js
161.35.61.73200 OK 2.7 kB URL HTTP/1.1 premoconsultants.com/wp-content/plugins/divi-next-texts/scripts/wow.min.js
IP 161.35.61.73:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (8385), with CRLF line terminators
Hash 7e8ed9ad5aa4b9f3ae43087173041439
70af83adc492de148de081fbc7bc0241182cec34
c493d30ae43fe96478a90180d2d55747440b1d5973040561e17a0f68803cc877
GET /wp-content/plugins/divi-next-texts/scripts/wow.min.js HTTP/1.1
Host: premoconsultants.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://premoconsultants.com/ceo-joanna-doven-joins-the-kdka-radio-morning-show-with-larry-richert-and-kevin-battle-to-discuss-the-covid-19-crisis/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 06 Jan 2023 12:14:13 GMT
Content-Type: application/javascript
Last-Modified: Mon, 12 Dec 2022 17:19:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"639762b6-20e0"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e4fdd703d4ebb3209cd70c0ffd234da1
2e3a0a6fe0e63d2991e4b8726d5a2c21406a0dc1
ff40f371b1ebac1fbc0e809a0e85f500977372f25e8a72eda450083755fef11d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 12:14:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
premoconsultants.com/wp-content/plugins/divi-next-texts/scripts/scripts.js
161.35.61.73200 OK 109 B URL HTTP/1.1 premoconsultants.com/wp-content/plugins/divi-next-texts/scripts/scripts.js
IP 161.35.61.73:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with CRLF line terminators
Hash aeaeefbaa89e5cd8674fa8bef8964643
8e09a129835a50477ded55eacb70bd77fd1b99ec
8d8348362b8fc8c8423fa4730902b7f450a24bd602c645edb25f78b7952a1b47
GET /wp-content/plugins/divi-next-texts/scripts/scripts.js HTTP/1.1
Host: premoconsultants.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://premoconsultants.com/ceo-joanna-doven-joins-the-kdka-radio-morning-show-with-larry-richert-and-kevin-battle-to-discuss-the-covid-19-crisis/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 06 Jan 2023 12:14:13 GMT
Content-Type: application/javascript
Last-Modified: Mon, 12 Dec 2022 17:19:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"639762b6-63"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e4fdd703d4ebb3209cd70c0ffd234da1
2e3a0a6fe0e63d2991e4b8726d5a2c21406a0dc1
ff40f371b1ebac1fbc0e809a0e85f500977372f25e8a72eda450083755fef11d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 12:14:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
premoconsultants.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
161.35.61.73200 OK 2.6 kB URL HTTP/1.1 premoconsultants.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
IP 161.35.61.73:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (11256), with no line terminators
Hash 583529ff412cb2b255fa606024d1133e
8db4b0a0be402cc5e38488528791b73b0c7369d0
6fdf0933a8faf229b277740f401600834c00d0b204f7ed38293cd4abcdb3ea20
GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16 HTTP/1.1
Host: premoconsultants.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://premoconsultants.com/ceo-joanna-doven-joins-the-kdka-radio-morning-show-with-larry-richert-and-kevin-battle-to-discuss-the-covid-19-crisis/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 06 Jan 2023 12:14:13 GMT
Content-Type: text/css
Last-Modified: Mon, 12 Dec 2022 17:19:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"639762bb-2bf8"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
www.googletagmanager.com/gtag/js?id=UA-167753207-1
142.250.74.168200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-167753207-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1759)
Hash ed6daf72a9ff05e2c62b20e0e7843b94
0ccc18ce3b08411affe43bc6ada5e452deec4b39
31c01a422e31167a951b31e5de469b00574c5c4ad9a49306b13dc2e02a1e7089
GET /gtag/js?id=UA-167753207-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://premoconsultants.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 06 Jan 2023 12:14:13 GMT
expires: Fri, 06 Jan 2023 12:14:13 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45279
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
premoconsultants.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.9.5
161.35.61.73200 OK 1.2 kB URL HTTP/1.1 premoconsultants.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.9.5
IP 161.35.61.73:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (4186), with no line terminators
Hash 30d57d7aa11190e44974cce8621f22c7
59f516369877009cce06ca45b1c296944bb674a4
094ae87a3d4cee4a1ddc5cada149c2deacabd4cf2e377b97fe4ca641142258ee
GET /wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.9.5 HTTP/1.1
Host: premoconsultants.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://premoconsultants.com/ceo-joanna-doven-joins-the-kdka-radio-morning-show-with-larry-richert-and-kevin-battle-to-discuss-the-covid-19-crisis/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 06 Jan 2023 12:14:13 GMT
Content-Type: text/css
Last-Modified: Mon, 12 Dec 2022 17:19:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"639762bb-105a"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
www.googletagmanager.com/gtag/js?id=UA-172699249-1
142.250.74.168200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-172699249-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1759)
Hash 0f330d0925c2b99ceff579f05b60732a
cb88312ee8b1718498ddb03de880c0122ee6f670
e99e3afeca8771e1e9d40ecdc1e5fc2182f81fee3c651012baad03c29b51844b
GET /gtag/js?id=UA-172699249-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://premoconsultants.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 06 Jan 2023 12:14:13 GMT
expires: Fri, 06 Jan 2023 12:14:13 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
premoconsultants.com/wp-content/themes/Divi/js/smoothscroll.js?ver=4.17.4
161.35.61.73200 OK 2.6 kB URL HTTP/1.1 premoconsultants.com/wp-content/themes/Divi/js/smoothscroll.js?ver=4.17.4
IP 161.35.61.73:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (5644)
Hash 062e1255f1cb0d2f5b2badd2375ac0fd
c3c9772e967520006444fe8877b747a7155afc87
90164a05ed461227744513b44fbd7e0b0b2e4ea18de01c0da57df97039e93147
GET /wp-content/themes/Divi/js/smoothscroll.js?ver=4.17.4 HTTP/1.1
Host: premoconsultants.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://premoconsultants.com/ceo-joanna-doven-joins-the-kdka-radio-morning-show-with-larry-richert-and-kevin-battle-to-discuss-the-covid-19-crisis/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 06 Jan 2023 12:14:13 GMT
Content-Type: application/javascript
Last-Modified: Mon, 12 Dec 2022 17:19:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"639762ba-1652"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
premoconsultants.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=4.17.4
161.35.61.73200 OK 1.3 kB URL HTTP/1.1 premoconsultants.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=4.17.4
IP 161.35.61.73:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document, ASCII text
Hash 1ac5fd0d746d90e81bb4663d18a6d4c8
4566f66fbfc4cd3881967b31c39ba9299c5f4e6a
9e76b39ba632c5e8d0e3e91427ba4498cb4343394efbfb60fcc58dd0e8a09d3f
GET /wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=4.17.4 HTTP/1.1
Host: premoconsultants.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://premoconsultants.com/ceo-joanna-doven-joins-the-kdka-radio-morning-show-with-larry-richert-and-kevin-battle-to-discuss-the-covid-19-crisis/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 06 Jan 2023 12:14:13 GMT
Content-Type: application/javascript
Last-Modified: Mon, 12 Dec 2022 17:19:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"639762ba-d15"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e4fdd703d4ebb3209cd70c0ffd234da1
2e3a0a6fe0e63d2991e4b8726d5a2c21406a0dc1
ff40f371b1ebac1fbc0e809a0e85f500977372f25e8a72eda450083755fef11d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 12:14:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
premoconsultants.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/easypiechart.js?ver=4.17.4
161.35.61.73200 OK 3.1 kB URL HTTP/1.1 premoconsultants.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/easypiechart.js?ver=4.17.4
IP 161.35.61.73:0
ASN #14061 DIGITALOCEAN-ASN
Hash 7406ade9a9146b2dc07aa61b09322f8a
b34eabcff49affa7f58d5a780c5bfcf0d35ff65d
7b2c96e32dc476b187952ddb54912351c789ba6b41935b60c818278b92e64e4f
GET /wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/easypiechart.js?ver=4.17.4 HTTP/1.1
Host: premoconsultants.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://premoconsultants.com/ceo-joanna-doven-joins-the-kdka-radio-morning-show-with-larry-richert-and-kevin-battle-to-discuss-the-covid-19-crisis/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 06 Jan 2023 12:14:13 GMT
Content-Type: application/javascript
Last-Modified: Mon, 12 Dec 2022 17:19:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"639762ba-2466"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
premoconsultants.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/salvattore.js?ver=4.17.4
161.35.61.73200 OK 3.4 kB URL HTTP/1.1 premoconsultants.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/salvattore.js?ver=4.17.4
IP 161.35.61.73:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (6322)
Hash 1b5c71c55e7595d6077b747f5eb16e19
6189a3be66ea8d32b04b0407fc618df86e8151fd
8d79ef704cdba7f25c913a457d969ab10884fdf0a7f6bfca8bbcbc4cba069b32
GET /wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/salvattore.js?ver=4.17.4 HTTP/1.1
Host: premoconsultants.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://premoconsultants.com/ceo-joanna-doven-joins-the-kdka-radio-morning-show-with-larry-richert-and-kevin-battle-to-discuss-the-covid-19-crisis/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 06 Jan 2023 12:14:13 GMT
Content-Type: application/javascript
Last-Modified: Mon, 12 Dec 2022 17:19:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"639762ba-217e"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
premoconsultants.com/wp-content/plugins/divi-next-texts/scripts/frontend-bundle.min.js?ver=1.0.0
161.35.61.73200 OK 2.2 kB URL HTTP/1.1 premoconsultants.com/wp-content/plugins/divi-next-texts/scripts/frontend-bundle.min.js?ver=1.0.0
IP 161.35.61.73:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (6450), with no line terminators
Hash 3266e589d0ddc1065e117726e18cc24d
6a16bfa84efcb00d87d70c239ae9182eb6ecc900
f48d5a27f962c4cd0048da5a0df4cfaef1a29a1149217eb74068b2b204b5e2fc
GET /wp-content/plugins/divi-next-texts/scripts/frontend-bundle.min.js?ver=1.0.0 HTTP/1.1
Host: premoconsultants.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://premoconsultants.com/ceo-joanna-doven-joins-the-kdka-radio-morning-show-with-larry-richert-and-kevin-battle-to-discuss-the-covid-19-crisis/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 06 Jan 2023 12:14:13 GMT
Content-Type: application/javascript
Last-Modified: Mon, 12 Dec 2022 17:19:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"639762b6-1932"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
premoconsultants.com/wp-content/plugins/divi-next-texts/scripts/vanilla-tilt.min.js
161.35.61.73200 OK 2.5 kB URL HTTP/1.1 premoconsultants.com/wp-content/plugins/divi-next-texts/scripts/vanilla-tilt.min.js
IP 161.35.61.73:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (8938), with CRLF line terminators
Hash 0bf2fce67a7482640d145c0f3464773a
1e159f036b8db498a8640d8135f25269da860ccd
965547d3b3c88bfddb87ad0f4bcd37980a77922326c6a19b2e535ae2c3a12f8c
GET /wp-content/plugins/divi-next-texts/scripts/vanilla-tilt.min.js HTTP/1.1
Host: premoconsultants.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://premoconsultants.com/ceo-joanna-doven-joins-the-kdka-radio-morning-show-with-larry-richert-and-kevin-battle-to-discuss-the-covid-19-crisis/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 06 Jan 2023 12:14:13 GMT
Content-Type: application/javascript
Last-Modified: Mon, 12 Dec 2022 17:19:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"639762b6-22ec"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
premoconsultants.com/wp-content/themes/Divi/core/admin/js/common.js?ver=4.17.4
161.35.61.73200 OK 566 B URL HTTP/1.1 premoconsultants.com/wp-content/themes/Divi/core/admin/js/common.js?ver=4.17.4
IP 161.35.61.73:0
ASN #14061 DIGITALOCEAN-ASN
Hash c24ce4d2c7d7512601a6db3b24242297
ed36ea05d2e96b5706a803067c84206a8f7c3202
ce9cccfd1fbc822ac820d3ad47f5a3adabb312ac517a8c6473568bd2d2f98fb4
GET /wp-content/themes/Divi/core/admin/js/common.js?ver=4.17.4 HTTP/1.1
Host: premoconsultants.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://premoconsultants.com/ceo-joanna-doven-joins-the-kdka-radio-morning-show-with-larry-richert-and-kevin-battle-to-discuss-the-covid-19-crisis/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 06 Jan 2023 12:14:13 GMT
Content-Type: application/javascript
Last-Modified: Mon, 12 Dec 2022 17:19:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"639762ba-53f"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
www.googletagmanager.com/gtag/js?id=G-WL7NHCNYR9&l=dataLayer&cx=c
142.250.74.168302 Found 278 B URL HTTP/1.1 www.googletagmanager.com/gtag/js?id=G-WL7NHCNYR9&l=dataLayer&cx=c
IP 142.250.74.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 9413feddcfd7b4f8ff74188d0da0532e
f6e07d122d369ce6c678cd1edadf7da93f336bef
5489a2bd2d6564d95695a0e4bdbd4ab3b61409a46e13c9c998889a1115df2984
GET /gtag/js?id=G-WL7NHCNYR9&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://premoconsultants.com/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=G-WL7NHCNYR9&l=dataLayer&cx=c
Cross-Origin-Resource-Policy: cross-origin
Date: Fri, 06 Jan 2023 12:14:13 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 278
X-XSS-Protection: 0
premoconsultants.com/wp-content/plugins/site-reviews/assets/scripts/site-reviews.js?ver=5.23.6
161.35.61.73200 OK 11 kB URL HTTP/1.1 premoconsultants.com/wp-content/plugins/site-reviews/assets/scripts/site-reviews.js?ver=5.23.6
IP 161.35.61.73:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (38853)
Hash b5aa0f96757ef40f1c4ef74f59249125
b203b7a2555b1f5707fc6eaf4f6d582da0a325e2
50cafeaedd037d07a66288bfb15cf019d22317fac4ddbbd89cc646a04415c294
GET /wp-content/plugins/site-reviews/assets/scripts/site-reviews.js?ver=5.23.6 HTTP/1.1
Host: premoconsultants.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://premoconsultants.com/ceo-joanna-doven-joins-the-kdka-radio-morning-show-with-larry-richert-and-kevin-battle-to-discuss-the-covid-19-crisis/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 06 Jan 2023 12:14:13 GMT
Content-Type: application/javascript
Last-Modified: Mon, 12 Dec 2022 17:19:51 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"639762b7-980b"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 06 Jan 2023 12:08:12 GMT
age: 361
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
premoconsultants.com/wp-content/uploads/wtfdivi/wp_footer.js?ver=1611777105
161.35.61.73200 OK 326 B URL HTTP/1.1 premoconsultants.com/wp-content/uploads/wtfdivi/wp_footer.js?ver=1611777105
IP 161.35.61.73:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (482)
Hash 75055d629e8b2f79f85ef36bf3d321c8
10ee65740bf2c448813e62e68a12003e8361addc
2a040fbb5f591212e13d21824be870d63f0245ed7235bfaa3daed219a6c5979d
GET /wp-content/uploads/wtfdivi/wp_footer.js?ver=1611777105 HTTP/1.1
Host: premoconsultants.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://premoconsultants.com/ceo-joanna-doven-joins-the-kdka-radio-morning-show-with-larry-richert-and-kevin-battle-to-discuss-the-covid-19-crisis/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 06 Jan 2023 12:14:13 GMT
Content-Type: application/javascript
Last-Modified: Mon, 12 Dec 2022 17:19:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"639762ba-29b"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
premoconsultants.com/wp-content/themes/Divi/js/scripts.min.js?ver=4.17.4
161.35.61.73200 OK 70 kB URL HTTP/1.1 premoconsultants.com/wp-content/themes/Divi/js/scripts.min.js?ver=4.17.4
IP 161.35.61.73:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (65467)
Hash 9a738ee3f0898451d482176f989b77cd
4fa0eae442fd514700f3aba7654d825c5ffed2b5
d73a93bb3c306276f69e239b8a498acdc73837fa2a137c5f925ce8b647fda1f7
GET /wp-content/themes/Divi/js/scripts.min.js?ver=4.17.4 HTTP/1.1
Host: premoconsultants.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://premoconsultants.com/ceo-joanna-doven-joins-the-kdka-radio-morning-show-with-larry-richert-and-kevin-battle-to-discuss-the-covid-19-crisis/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 06 Jan 2023 12:14:13 GMT
Content-Type: application/javascript
Last-Modified: Mon, 12 Dec 2022 17:19:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"639762ba-42e3c"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
premoconsultants.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16
161.35.61.73200 OK 39 kB URL HTTP/1.1 premoconsultants.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16
IP 161.35.61.73:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (65266)
Hash 57a27066d663db3b5965d07507819057
6ad075a06f0fcdc7d1b7329976640856a60d2ded
0879abe690846f75efd0c89b6d7f16adc2d200c171800bbf00e2229040f756f5
GET /wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16 HTTP/1.1
Host: premoconsultants.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://premoconsultants.com/ceo-joanna-doven-joins-the-kdka-radio-morning-show-with-larry-richert-and-kevin-battle-to-discuss-the-covid-19-crisis/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 06 Jan 2023 12:14:13 GMT
Content-Type: application/javascript
Last-Modified: Mon, 12 Dec 2022 17:19:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"639762bb-267aa"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
premoconsultants.com/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=5.9.5
161.35.61.73200 OK 475 B URL HTTP/1.1 premoconsultants.com/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=5.9.5
IP 161.35.61.73:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document, ASCII text, with very long lines (906), with no line terminators
Hash c7aa8936938be0b65781455878aa2085
0066e0c5ed75b3ccd5bb01db5f373d995c217a29
a764eb4204428f671190ad2bc84bcbd86cd9a6bfd05a7ded46bceb651503c508
GET /wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=5.9.5 HTTP/1.1
Host: premoconsultants.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://premoconsultants.com/ceo-joanna-doven-joins-the-kdka-radio-morning-show-with-larry-richert-and-kevin-battle-to-discuss-the-covid-19-crisis/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 06 Jan 2023 12:14:13 GMT
Content-Type: application/javascript
Last-Modified: Mon, 12 Dec 2022 17:19:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"639762bb-38a"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
premoconsultants.com/wp-content/plugins/divi-next-texts/styles/animate.min.css
161.35.61.73200 OK 4.5 kB URL HTTP/1.1 premoconsultants.com/wp-content/plugins/divi-next-texts/styles/animate.min.css
IP 161.35.61.73:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (56733), with CRLF line terminators
Hash 5de4107ab1b70533ed02c700b16d7921
b8d15cb0e27108b30621b2a1c0a3296a65654914
3ca629d593c32228eb349b373f48efe24021f9582da88aef4e1d1d9b6f32f6c2
GET /wp-content/plugins/divi-next-texts/styles/animate.min.css HTTP/1.1
Host: premoconsultants.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://premoconsultants.com/ceo-joanna-doven-joins-the-kdka-radio-morning-show-with-larry-richert-and-kevin-battle-to-discuss-the-covid-19-crisis/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 06 Jan 2023 12:14:13 GMT
Content-Type: text/css
Last-Modified: Mon, 12 Dec 2022 17:19:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"639762b6-103d4"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
premoconsultants.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.11.0
161.35.61.73200 OK 3.2 kB URL HTTP/1.1 premoconsultants.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.11.0
IP 161.35.61.73:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (1577)
Hash c34cd9056898ce3e7925aadfcccde46a
9ce2c46a7477b6da5dd635e5692d260ee02b7415
0bfed6a25c6d1ef5549ef4fc25cee8a871fdd6b85235bf61e2eb2830dbbc1294
GET /wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.11.0 HTTP/1.1
Host: premoconsultants.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://premoconsultants.com/ceo-joanna-doven-joins-the-kdka-radio-morning-show-with-larry-richert-and-kevin-battle-to-discuss-the-covid-19-crisis/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 06 Jan 2023 12:14:13 GMT
Content-Type: application/javascript
Last-Modified: Tue, 13 Dec 2022 21:12:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6398eaa7-2e7a"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 43c8442b7447debab97b0f6bc973e23a
38a5f1869cff7f6ddbfd3a24e57a3da7851ba3b0
4eb7adc914570287dde1317395d1d95b07271c8fe20b97a8928025c292c47dba
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4217
Cache-Control: max-age=165772
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 12:14:13 GMT
Etag: "63b7e4a8-1d7"
Expires: Sun, 08 Jan 2023 10:17:05 GMT
Last-Modified: Fri, 06 Jan 2023 09:06:48 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
premoconsultants.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=5.9.5
161.35.61.73200 OK 280 B URL HTTP/1.1 premoconsultants.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=5.9.5
IP 161.35.61.73:0
ASN #14061 DIGITALOCEAN-ASN
Hash b21ce1be5fce91d30aa1e5606f680f75
c830089e80e8b40c9f0629dfbec8d23e1668473e
28be305c2d6bc9436f4735c2d9355b7ede8ffac2f2c122dbff54a90874355794
GET /wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=5.9.5 HTTP/1.1
Host: premoconsultants.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://premoconsultants.com/ceo-joanna-doven-joins-the-kdka-radio-morning-show-with-larry-richert-and-kevin-battle-to-discuss-the-covid-19-crisis/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 06 Jan 2023 12:14:13 GMT
Content-Type: application/javascript
Last-Modified: Mon, 12 Dec 2022 17:19:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"639762bb-4a9"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
use.typekit.net/af/1da05b/0000000000000000000132df/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
23.36.76.186200 OK 27 kB URL HTTP/2 use.typekit.net/af/1da05b/0000000000000000000132df/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 26888, version 1.0\012- data
Hash 6c288957e1ea69636d76b434a53c65ef
b8e0e2074136f3b167567d532312cc0f838bdf5f
c763917e443b5583abccb9674edfaf82deada941ad5894d28c672c632fcd64dc
GET /af/1da05b/0000000000000000000132df/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://premoconsultants.com
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 26888
etag: "49d80c15efa35e0c65ed7e265d2c0333b309aa4e"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Fri, 06 Jan 2023 12:14:13 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/d8f71f/0000000000000000000132e1/27/l?subset_id=2&fvd=n5&v=3
23.36.76.186200 OK 24 kB URL HTTP/2 use.typekit.net/af/d8f71f/0000000000000000000132e1/27/l?subset_id=2&fvd=n5&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 24232, version 1.0\012- data
Hash d15a67d97eab860d09ed8c9cbee6f81a
dac8406b87c4b29811fdfb5a7de6f3139828876d
57d6f6aef46e0ac469106d23a4e15b5d6472412c17df802bf843d5059b2c400d
GET /af/d8f71f/0000000000000000000132e1/27/l?subset_id=2&fvd=n5&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://premoconsultants.com
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 24232
etag: "f223cb489fa19ea4d858d1ddb316c22ccf45b3fe"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Fri, 06 Jan 2023 12:14:13 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/8f4e31/0000000000000000000132e3/27/l?subset_id=2&fvd=n7&v=3
23.36.76.186200 OK 23 kB URL HTTP/2 use.typekit.net/af/8f4e31/0000000000000000000132e3/27/l?subset_id=2&fvd=n7&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 23156, version 1.0\012- data
Hash 3ca6f93bc5c2cabe9221f4cc76f4fc50
6d4928fb8e53c0839e3c12a3c496edf5e341dbfd
5507b886b42fdb53545e45ff9b75efa26637ce8472f959d2b27ef6ca8d4154b7
GET /af/8f4e31/0000000000000000000132e3/27/l?subset_id=2&fvd=n7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://premoconsultants.com
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 23156
etag: "fcfb05abd2173276b8ad2ecd69df90a4c1b3852b"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Fri, 06 Jan 2023 12:14:13 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 75cfc8b3d7a22c317465a354b950897b
272651a02a8fa17067d9e4e9ff4878d2c1af75af
40dc9698f6d97aeada27973d1b096a149bb5bb299c38a6ed87e853e6d724d26b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 12:14:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 75cfc8b3d7a22c317465a354b950897b
272651a02a8fa17067d9e4e9ff4878d2c1af75af
40dc9698f6d97aeada27973d1b096a149bb5bb299c38a6ed87e853e6d724d26b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 12:14:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fChc4.woff2
216.58.207.227200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fChc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 22448, version 1.0\012- data
Hash 234e240352293e69cc0923e2ca2d198d
f3604c5fd070f212141a7d2608dd2fa2c8cc7625
e9744f3021edcf6c79de0fa23223b4c2fce58073e005462afa6448f42ba6c175
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fChc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://premoconsultants.com
Connection: keep-alive
Referer: http://premoconsultants.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22448
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 05 Jan 2023 15:16:11 GMT
expires: Fri, 05 Jan 2024 15:16:11 GMT
cache-control: public, max-age=31536000
age: 75482
last-modified: Wed, 11 May 2022 19:25:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 75cfc8b3d7a22c317465a354b950897b
272651a02a8fa17067d9e4e9ff4878d2c1af75af
40dc9698f6d97aeada27973d1b096a149bb5bb299c38a6ed87e853e6d724d26b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 12:14:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 75cfc8b3d7a22c317465a354b950897b
272651a02a8fa17067d9e4e9ff4878d2c1af75af
40dc9698f6d97aeada27973d1b096a149bb5bb299c38a6ed87e853e6d724d26b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 12:14:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4.woff2
216.58.207.227200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 22648, version 1.0\012- data
Hash 6cad9967814c821174259b5dfa364550
92d688d34e496a5717593bccc7f3a0df78f1be0c
f684d0da0d6fe90b95711213a5bc9431580b0ebecb864f8f8de30ad70eb64559
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://premoconsultants.com
Connection: keep-alive
Referer: http://premoconsultants.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22648
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 05 Jan 2023 11:27:25 GMT
expires: Fri, 05 Jan 2024 11:27:25 GMT
cache-control: public, max-age=31536000
age: 89208
last-modified: Wed, 11 May 2022 19:24:54 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc-.woff
216.58.207.227200 OK 29 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc-.woff
IP 216.58.207.227:0
File type Web Open Font Format, TrueType, length 28944, version 1.1\012- data
Hash f9bdf9b7f08ecd9c2484ca884b96acd7
0bc221b83468b1b6fc5ef05327135d6935813843
d6dbc44a1a982409179b0192e186eb43b0fb3be6e199c149684a767531bd996c
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc-.woff HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://premoconsultants.com
Connection: keep-alive
Referer: http://premoconsultants.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28944
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 03 Jan 2023 19:56:57 GMT
expires: Wed, 03 Jan 2024 19:56:57 GMT
cache-control: public, max-age=31536000
age: 231436
last-modified: Wed, 11 May 2022 19:24:58 GMT
content-type: font/woff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxK.woff2
216.58.207.227200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 22560, version 1.0\012- data
Hash 1dfb815c0e707ba03fb3486d94881ca4
26c19605a4ebf47cc1bbfa8223cc1d598a401f3c
8c445c283da9a171eb4841f32cb343627ef480ed8c80c6dca83ef8287687e62f
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7GxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://premoconsultants.com
Connection: keep-alive
Referer: http://premoconsultants.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22560
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 05 Jan 2023 14:35:35 GMT
expires: Fri, 05 Jan 2024 14:35:35 GMT
cache-control: public, max-age=31536000
age: 77918
last-modified: Wed, 11 May 2022 19:24:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
premoconsultants.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.5
161.35.61.73200 OK 11 kB URL HTTP/1.1 premoconsultants.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.5
IP 161.35.61.73:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (39791)
Hash eb93b59bc62e7706b629ec2cb35e07de
eded95e7d86fd952437f9e8e931fe65855688c54
8a76706b2b8298464bb9e328ba91c5b70e279df34fcc59e1b96eab825fef7987
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.9.5 HTTP/1.1
Host: premoconsultants.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://premoconsultants.com/ceo-joanna-doven-joins-the-kdka-radio-morning-show-with-larry-richert-and-kevin-battle-to-discuss-the-covid-19-crisis/
Cookie: _ga_WL7NHCNYR9=GS1.1.1673007242.1.0.1673007242.0.0.0; _ga=GA1.1.1011986160.1673007243
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 06 Jan 2023 12:14:13 GMT
Content-Type: text/css
Last-Modified: Mon, 12 Dec 2022 17:19:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"639762bb-145db"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4.woff2
216.58.207.227200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 22580, version 1.0\012- data
Hash 1c44e440b54050bdb9c8f4cf048163bc
285209cc8e5df99937d360909021a7501269f6ac
59fb185692872a1d0060ebdb9d6f8664b499b8812e80dc59755ec2f68887450f
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://premoconsultants.com
Connection: keep-alive
Referer: http://premoconsultants.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 05 Jan 2023 02:14:33 GMT
expires: Fri, 05 Jan 2024 02:14:33 GMT
cache-control: public, max-age=31536000
age: 122380
last-modified: Wed, 11 May 2022 19:24:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 75cfc8b3d7a22c317465a354b950897b
272651a02a8fa17067d9e4e9ff4878d2c1af75af
40dc9698f6d97aeada27973d1b096a149bb5bb299c38a6ed87e853e6d724d26b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 12:14:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
54.149.51.98101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.51.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4Q8ngRdoX1PaTIHHBfgiWQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 3ZCawl8qyeZ8CvHh9DXesdaAb1Q=
premoconsultants.com/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.ttf
161.35.61.73200 OK 92 kB URL HTTP/1.1 premoconsultants.com/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.ttf
IP 161.35.61.73:0
ASN #14061 DIGITALOCEAN-ASN
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, modules \012- data
Hash de27b3e66b2f8017e000aa9d8d24d60e
e6d716de8f35ba6daf55d57e7fe0ed8d8e50f1f7
d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09
GET /wp-content/themes/Divi/core/admin/fonts/modules/all/modules.ttf HTTP/1.1
Host: premoconsultants.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://premoconsultants.com/ceo-joanna-doven-joins-the-kdka-radio-morning-show-with-larry-richert-and-kevin-battle-to-discuss-the-covid-19-crisis/
Cookie: _ga_WL7NHCNYR9=GS1.1.1673007242.1.0.1673007242.0.0.0; _ga=GA1.1.1011986160.1673007243
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 06 Jan 2023 12:14:13 GMT
Content-Type: application/octet-stream
Content-Length: 92400
Last-Modified: Mon, 12 Dec 2022 17:18:12 GMT
Connection: keep-alive
ETag: "63976254-168f0"
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
www.google-analytics.com/analytics.js
142.250.74.46200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://premoconsultants.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 06 Jan 2023 11:43:41 GMT
expires: Fri, 06 Jan 2023 13:43:41 GMT
cache-control: public, max-age=7200
age: 1833
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/plugins/ua/linkid.js
142.250.74.46200 OK 859 B URL HTTP/2 www.google-analytics.com/plugins/ua/linkid.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1335)
Hash 904463ce35aee800847ab85ec948aaf6
904e4d2647466c7f7e0f7412019984e3b2ccfb24
057b4d29359dfe2536a2ec40243bdfa7b151222efcc1eb358608994a14c34237
GET /plugins/ua/linkid.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://premoconsultants.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 859
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 06 Jan 2023 11:24:01 GMT
expires: Fri, 06 Jan 2023 12:24:01 GMT
cache-control: public, max-age=3600
age: 3013
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 4324b0b78a362b807a13d3933539af8b
c714ffd81be834f92b2f9c7cff8101742503bef1
76e3663fd09db353388dabfa281a3cea765474a4fe55095e16a90cec66c55e46
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4472
Cache-Control: max-age=144453
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 12:14:14 GMT
Etag: "63b79063-117"
Expires: Sun, 08 Jan 2023 04:21:47 GMT
Last-Modified: Fri, 06 Jan 2023 03:07:15 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279
premoconsultants.com/wp-content/uploads/2019/06/cropped-PREMO-FAVICON-32x32.png
161.35.61.73200 OK 459 B URL HTTP/2 premoconsultants.com/wp-content/uploads/2019/06/cropped-PREMO-FAVICON-32x32.png
IP 161.35.61.73:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash b5277cb987396df5202091a6919c4e73
613a921476bb107c0ee54e70baf853e16b065ed4
2753aaf341b91dbe3b00f0c8480bff5db42ebdc73dd87baa973654287b0fd6b1
GET /wp-content/uploads/2019/06/cropped-PREMO-FAVICON-32x32.png HTTP/1.1
Host: premoconsultants.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://premoconsultants.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 06 Jan 2023 12:14:14 GMT
content-type: image/png
content-length: 459
last-modified: Mon, 12 Dec 2022 17:18:39 GMT
etag: "6397626f-1cb"
cache-control: public, max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-WL7NHCNYR9>m=2oe120&_p=2129744280&gdid=dZGIzZG&cid=1011986160.1673007243&ul=en-us&sr=1280x1024&_s=1&sid=1673007242&sct=1&seg=0&dl=http%3A%2F%2Fpremoconsultants.com%2Fceo-joanna-doven-joins-the-kdka-radio-morning-show-with-larry-richert-and-kevin-battle-to-discuss-the-covid-19-crisis%2F&dt=Joanna%20Doven%20Joins%20KDKA%20to%20Talk%20the%20COVID-19%20Crisis%20-%20PREMO&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-WL7NHCNYR9>m=2oe120&_p=2129744280&gdid=dZGIzZG&cid=1011986160.1673007243&ul=en-us&sr=1280x1024&_s=1&sid=1673007242&sct=1&seg=0&dl=http%3A%2F%2Fpremoconsultants.com%2Fceo-joanna-doven-joins-the-kdka-radio-morning-show-with-larry-richert-and-kevin-battle-to-discuss-the-covid-19-crisis%2F&dt=Joanna%20Doven%20Joins%20KDKA%20to%20Talk%20the%20COVID-19%20Crisis%20-%20PREMO&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-WL7NHCNYR9>m=2oe120&_p=2129744280&gdid=dZGIzZG&cid=1011986160.1673007243&ul=en-us&sr=1280x1024&_s=1&sid=1673007242&sct=1&seg=0&dl=http%3A%2F%2Fpremoconsultants.com%2Fceo-joanna-doven-joins-the-kdka-radio-morning-show-with-larry-richert-and-kevin-battle-to-discuss-the-covid-19-crisis%2F&dt=Joanna%20Doven%20Joins%20KDKA%20to%20Talk%20the%20COVID-19%20Crisis%20-%20PREMO&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://premoconsultants.com
Connection: keep-alive
Referer: http://premoconsultants.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: http://premoconsultants.com
date: Fri, 06 Jan 2023 12:14:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
premoconsultants.com/wp-content/uploads/2020/03/cdc-k0KRNtqcjfw-unsplash-610x343.jpg
161.35.61.73200 OK 24 kB URL HTTP/2 premoconsultants.com/wp-content/uploads/2020/03/cdc-k0KRNtqcjfw-unsplash-610x343.jpg
IP 161.35.61.73:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 610x343, components 3\012- data
Hash 3bea1525ba6ff389aec99d3d3a8f3608
4827b47140dd4e0f87879544e46afd06e3756079
4ec166d6949a8c11faab5fc43b153c39816bff69c3a638e73a274f7aa9458143
GET /wp-content/uploads/2020/03/cdc-k0KRNtqcjfw-unsplash-610x343.jpg HTTP/1.1
Host: premoconsultants.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://premoconsultants.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 06 Jan 2023 12:14:14 GMT
content-type: image/jpeg
content-length: 23495
last-modified: Mon, 12 Dec 2022 17:18:42 GMT
etag: "63976272-5bc7"
cache-control: public, max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
premoconsultants.com/wp-content/uploads/2019/06/cropped-PREMO-FAVICON-192x192.png
161.35.61.73200 OK 3.0 kB URL HTTP/2 premoconsultants.com/wp-content/uploads/2019/06/cropped-PREMO-FAVICON-192x192.png
IP 161.35.61.73:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 192 x 192, 8-bit colormap, non-interlaced\012- data
Hash 26eb007488938c8229323f2e2397e300
33e675576b317a594090748bb73e40fdac18b83c
8b9e4c38b165f577129a0521ab42937c13b84831ffb966a5e7f8ec454f12aba1
GET /wp-content/uploads/2019/06/cropped-PREMO-FAVICON-192x192.png HTTP/1.1
Host: premoconsultants.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://premoconsultants.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 06 Jan 2023 12:14:14 GMT
content-type: image/png
content-length: 2991
last-modified: Mon, 12 Dec 2022 17:18:39 GMT
etag: "6397626f-baf"
cache-control: public, max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1780bdca4138463723f65222d72004e2
c0acbd7a8cf08d7b675dd8a0cdb73d4ff4fbdb8b
92d022d0945f2e9ff1b27013792745c4ca2d65150693532049985efdf9022efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "92D022D0945F2E9FF1B27013792745C4CA2D65150693532049985EFDF9022EFA"
Last-Modified: Wed, 04 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5280
Expires: Fri, 06 Jan 2023 13:42:15 GMT
Date: Fri, 06 Jan 2023 12:14:15 GMT
Connection: keep-alive
premoconsultants.com/wp-content/uploads/2019/06/PREMO-LOGO.svg
161.35.61.73200 OK 1.5 kB URL HTTP/2 premoconsultants.com/wp-content/uploads/2019/06/PREMO-LOGO.svg
IP 161.35.61.73:0
ASN #14061 DIGITALOCEAN-ASN
Hash 1b873598890fcaf584f61be8d1a8df23
fa2db9c9306f0ef47b69584a72ccc01ae5a64d76
cf2781a7d36937cf046c118f1625a91b61a87dc8db26e89099e80d2065129918
GET /wp-content/uploads/2019/06/PREMO-LOGO.svg HTTP/1.1
Host: premoconsultants.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://premoconsultants.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 06 Jan 2023 12:14:14 GMT
content-type: image/svg+xml
last-modified: Mon, 12 Dec 2022 17:18:39 GMT
vary: Accept-Encoding
etag: W/"6397626f-96a"
cache-control: public, max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1780bdca4138463723f65222d72004e2
c0acbd7a8cf08d7b675dd8a0cdb73d4ff4fbdb8b
92d022d0945f2e9ff1b27013792745c4ca2d65150693532049985efdf9022efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "92D022D0945F2E9FF1B27013792745C4CA2D65150693532049985EFDF9022EFA"
Last-Modified: Wed, 04 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5280
Expires: Fri, 06 Jan 2023 13:42:15 GMT
Date: Fri, 06 Jan 2023 12:14:15 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1780bdca4138463723f65222d72004e2
c0acbd7a8cf08d7b675dd8a0cdb73d4ff4fbdb8b
92d022d0945f2e9ff1b27013792745c4ca2d65150693532049985efdf9022efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "92D022D0945F2E9FF1B27013792745C4CA2D65150693532049985EFDF9022EFA"
Last-Modified: Wed, 04 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5280
Expires: Fri, 06 Jan 2023 13:42:15 GMT
Date: Fri, 06 Jan 2023 12:14:15 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1780bdca4138463723f65222d72004e2
c0acbd7a8cf08d7b675dd8a0cdb73d4ff4fbdb8b
92d022d0945f2e9ff1b27013792745c4ca2d65150693532049985efdf9022efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "92D022D0945F2E9FF1B27013792745C4CA2D65150693532049985EFDF9022EFA"
Last-Modified: Wed, 04 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5280
Expires: Fri, 06 Jan 2023 13:42:15 GMT
Date: Fri, 06 Jan 2023 12:14:15 GMT
Connection: keep-alive
fonts.hellobar.com/css2?family=Lato
172.67.43.233200 OK 8.5 kB URL HTTP/2 fonts.hellobar.com/css2?family=Lato
IP 172.67.43.233:0
Hash 9a49c4696c56246ad56289c4142244c5
2932388039718e4e4688abbc047b9e80205efc03
aa6f6961f275f043e6a41ee5bc6761f2e82685be4959f5539ab1be1daae42dea
GET /css2?family=Lato HTTP/1.1
Host: fonts.hellobar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://premoconsultants.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 06 Jan 2023 12:14:14 GMT
content-type: text/css; charset=utf-8
cf-ray: 78545f4b281e1c12-OSL
access-control-allow-origin: *
cache-control: private, max-age=86400
expires: Fri, 06 Jan 2023 12:14:14 GMT
cf-cache-status: DYNAMIC
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4210cd0d-e5ae-416b-b3b1-984a5c3f750c.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4210cd0d-e5ae-416b-b3b1-984a5c3f750c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7e96507584bce9f14a50123fb78a8102
c45249ddffb15b9e957af8f5203d7d06ddf32cf8
118f62631c92e42b135046647e828eb80a54405603f5b461320b483bce0c55ba
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4210cd0d-e5ae-416b-b3b1-984a5c3f750c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11746
x-amzn-requestid: 1df278ae-becc-4016-a2c4-b41d07badc43
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eRlHbGlWoAMF-Vw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b6e895-5ec70fd53a30bd8c340440b6;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 15:11:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: L3MUqNupzj6DCPouwDuqyys95kzHkBEM3RDCVs06mh9ezzL9FMIcoA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 05 Jan 2023 15:17:01 GMT
age: 75434
etag: "c45249ddffb15b9e957af8f5203d7d06ddf32cf8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc535aaa1-951e-4893-a957-f179a26124b1.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc535aaa1-951e-4893-a957-f179a26124b1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 08245b72bc871314c3e019ba54ade711
8d0465899941e32c125bb9e81156c8f9e754534b
7705a6129a9b3c4da034c02cc2378efa2bdd13eba6c5c3c9c4177abab64462b6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc535aaa1-951e-4893-a957-f179a26124b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5423
x-amzn-requestid: 85905776-11b9-44c6-b1c5-c64580b67d06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eSptHEvtoAMF1wQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b75653-677c6fe43181d630354ecfe0;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 22:59:31 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: gFAyiRKtN-TPtrG8stZjhBSNFi7Qx43jyqbRBs6InTbCOPLr-Qdz6Q==
via: 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 05 Jan 2023 23:03:30 GMT
etag: "8d0465899941e32c125bb9e81156c8f9e754534b"
content-type: image/jpeg
age: 47445
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e832123ea0c92a446b5894e75efc86ae
bb438ca635b43819701067ef07a3d910ad29a0c7
e1b0c6cd873f304de15664f96af6b6914e13fbbfb3e2179ba43369e116446773
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5578
x-amzn-requestid: 93353c3e-1b26-424c-b4c6-0d113703edd6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eFvpBFGvIAMFobw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b22c9f-1d07cff31ae39320693642f0;Sampled=0
x-amzn-remapped-date: Mon, 02 Jan 2023 01:00:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: skIlgzeKmjJ2Wsx2QeubgMvO7chgpPNZYqW4E_xhRgkCtDEhAfBp4w==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 06 Jan 2023 07:33:22 GMT
age: 16853
etag: "bb438ca635b43819701067ef07a3d910ad29a0c7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F727b2cef-2229-487d-9623-29ccec44ab1f.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F727b2cef-2229-487d-9623-29ccec44ab1f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d256d063b2698bb9d915589a2c79fbce
d7c083857e9512ad3ecb3bbaf285409926473ceb
d4e5f901f62fa98b525fc1ecbe187032fd2d0e112c6f1b9534b742b2d6c05b08
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F727b2cef-2229-487d-9623-29ccec44ab1f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5809
x-amzn-requestid: 16b4843e-ac69-402f-87e7-66c24984cecb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eSeJoHgwIAMFhdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b743d7-507b52112e0f1176182e5d99;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 21:40:39 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JGGMyfzW2uwEbY-V22ZCWjFegXRLY-wAlWxSjLCM6C1A5kjXa2DTGw==
via: 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 05 Jan 2023 21:46:41 GMT
age: 52054
etag: "d7c083857e9512ad3ecb3bbaf285409926473ceb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb84dc300-436d-4ab6-93ff-5c34a5e8faa9.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb84dc300-436d-4ab6-93ff-5c34a5e8faa9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 905c01ccaa57e0ea71e9a2f58bbb2ca4
6cf4b068623644dd0ca790dbc75e3533e7759f8b
4b579d86c6b957bf5c777b44b474c1c8fac699ffe695757d43f9752b079ef42a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb84dc300-436d-4ab6-93ff-5c34a5e8faa9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4473
x-amzn-requestid: 4732a7f2-382c-41a0-a96a-dbd073af76dc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eScwQG6hoAMFQaw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b7419b-4b3c3ebf3c06242b360e6421;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 21:31:07 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XRsEwpela3bYpgBLNQxwiFzDcHzfFiXWmAEAl1jvIb1ustFu2lJdaA==
via: 1.1 adc2002956acc4d61bfbf3b973fdf246.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Thu, 05 Jan 2023 22:00:17 GMT
age: 51238
etag: "6cf4b068623644dd0ca790dbc75e3533e7759f8b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 6e9c57c20651826bd576c43abc85335a
aa66db6d2f3646e18a469c16e9e8ac7368710dbb
933cd894e2122c36105d1958c4aba73b19c5edd1c5b2f0e71a64c6be144e912b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=159661
Date: Fri, 06 Jan 2023 12:14:19 GMT
Etag: "63b7d822-1d7"
Expires: Sun, 08 Jan 2023 08:35:20 GMT
Last-Modified: Fri, 06 Jan 2023 08:13:22 GMT
Server: ECS (nyb/1D1F)
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: OeYu1Y4KNWUKepA074Ia-5aR4JVQQXwgK5ZMkmH1wlN-QGFiv-ESsw==
Age: 1318
hi.hellobar.com/v/7CJPvhuuL5TBWpJfeLZ6S-kcvbbdMLmzJUYRlBtBKMeGaLy4TYs/G8QuokQgaQetvDR0oguUD-H4xGeShGR3RcTDJGJOxGDDD?t=1673007249&v=dad15188-c15f-414d-bd6e-32e0507af4a0&f=i&s=8b52ae78dee109f255de9879e04f682e286de604fe76496ad7738ae7b95b09de58625a072fc2374b97ffbdb9d2286f261276919915579da99fcbc0185431c240
143.204.55.78200 OK 35 B URL HTTP/2 hi.hellobar.com/v/7CJPvhuuL5TBWpJfeLZ6S-kcvbbdMLmzJUYRlBtBKMeGaLy4TYs/G8QuokQgaQetvDR0oguUD-H4xGeShGR3RcTDJGJOxGDDD?t=1673007249&v=dad15188-c15f-414d-bd6e-32e0507af4a0&f=i&s=8b52ae78dee109f255de9879e04f682e286de604fe76496ad7738ae7b95b09de58625a072fc2374b97ffbdb9d2286f261276919915579da99fcbc0185431c240
IP 143.204.55.78:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /v/7CJPvhuuL5TBWpJfeLZ6S-kcvbbdMLmzJUYRlBtBKMeGaLy4TYs/G8QuokQgaQetvDR0oguUD-H4xGeShGR3RcTDJGJOxGDDD?t=1673007249&v=dad15188-c15f-414d-bd6e-32e0507af4a0&f=i&s=8b52ae78dee109f255de9879e04f682e286de604fe76496ad7738ae7b95b09de58625a072fc2374b97ffbdb9d2286f261276919915579da99fcbc0185431c240 HTTP/1.1
Host: hi.hellobar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://premoconsultants.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 35
last-modified: Tue, 10 Apr 2018 13:15:02 GMT
accept-ranges: bytes
server: AmazonS3
date: Fri, 06 Jan 2023 09:04:46 GMT
etag: "c2196de8ba412c60c22ab491af7b1409"
x-cache: Error from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Sd4MOWWPVuk-Vr5Sn7bxKTHSgtEdd_x-vIncfq9JjkSpuMrwY_6mgQ==
age: 39758
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 6e9c57c20651826bd576c43abc85335a
aa66db6d2f3646e18a469c16e9e8ac7368710dbb
933cd894e2122c36105d1958c4aba73b19c5edd1c5b2f0e71a64c6be144e912b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=162586
Date: Fri, 06 Jan 2023 12:14:20 GMT
Etag: "63b7d822-1d7"
Expires: Sun, 08 Jan 2023 09:24:06 GMT
Last-Modified: Fri, 06 Jan 2023 08:13:22 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: G9nsAf1lI6-jVTwwXaJI5P24wKHUXBLqhVHPeFi2N4g2-PSUDvgMow==
Age: 4244
premoconsultants.com/wp-content/plugins/ewww-image-optimizer/includes/lazysizes.min.js?ver=651
161.35.61.73200 OK 0 B URL HTTP/1.1 premoconsultants.com/wp-content/plugins/ewww-image-optimizer/includes/lazysizes.min.js?ver=651
IP 161.35.61.73:0
ASN #14061 DIGITALOCEAN-ASN
GET /wp-content/plugins/ewww-image-optimizer/includes/lazysizes.min.js?ver=651 HTTP/1.1
Host: premoconsultants.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://premoconsultants.com/ceo-joanna-doven-joins-the-kdka-radio-morning-show-with-larry-richert-and-kevin-battle-to-discuss-the-covid-19-crisis/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 06 Jan 2023 12:14:13 GMT
Content-Type: application/javascript
Last-Modified: Mon, 12 Dec 2022 17:19:51 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"639762b7-2e84"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
fonts.hellobar.com/s/lato/v23/S6uyw4BMUTPHvxk.ttf
172.67.43.233200 OK 0 B URL HTTP/2 fonts.hellobar.com/s/lato/v23/S6uyw4BMUTPHvxk.ttf
IP 172.67.43.233:0
GET /s/lato/v23/S6uyw4BMUTPHvxk.ttf HTTP/1.1
Host: fonts.hellobar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://premoconsultants.com
Connection: keep-alive
Referer: https://fonts.hellobar.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 06 Jan 2023 12:14:19 GMT
content-type: font/ttf
cf-ray: 78545f6b8e930b06-OSL
access-control-allow-origin: *
age: 3033143
cache-control: public, max-age=31536000
expires: Sat, 25 Nov 2023 13:06:24 GMT
last-modified: Tue, 26 Apr 2022 15:50:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
my.hellobar.com/db26b9cc04a5be03e3540f384276e663081d6da3.js
172.67.43.233200 OK 0 B URL HTTP/2 my.hellobar.com/db26b9cc04a5be03e3540f384276e663081d6da3.js
IP 172.67.43.233:0
GET /db26b9cc04a5be03e3540f384276e663081d6da3.js HTTP/1.1
Host: my.hellobar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://premoconsultants.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 06 Jan 2023 12:14:13 GMT
content-type: text/javascript
x-amz-id-2: f50Mz3/i3KKLGHQUbIufEVtM/BNGg+wyA6CewKi663p2m3WzpadAv2SwOfxXnsPBrbZos57iT0s=
x-amz-request-id: KCRD06TP0MNK2PBQ
last-modified: Thu, 05 Jan 2023 17:21:27 GMT
etag: W/"97ae054f4982735c9a33e05c17cbb428"
cache-control: max-age=86400, must-revalidate, proxy-revalidate, s-maxage=10
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 78545f43be9e1c02-OSL
content-encoding: br
X-Firefox-Spdy: h2
my.hellobar.com/modules.js
172.67.43.233200 OK 0 B URL HTTP/2 my.hellobar.com/modules.js
IP 172.67.43.233:0
GET /modules.js HTTP/1.1
Host: my.hellobar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://premoconsultants.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 06 Jan 2023 12:14:13 GMT
content-type: text/javascript
cf-bgj: minify
cf-polished: origSize=260615
etag: W/"ee85f3aa09f4f82ddd1d0df2fd1af30f"
last-modified: Fri, 23 Dec 2022 05:10:46 GMT
x-amz-id-2: FbKu5nSSamqqutaqGylcNdcI5O5SDGopg0GxPftEg1ygWGh7Rvcz4B73tCzUOVDlgYROQFCF8SM=
x-amz-request-id: 2W5YNVHZ8P90QP0P
cache-control: max-age=14400
cf-cache-status: HIT
age: 1287
vary: Accept-Encoding
server: cloudflare
cf-ray: 78545f490c481c02-OSL
content-encoding: br
X-Firefox-Spdy: h2