www.newsandpromotions.com Open in urlscan Pro
35.227.209.77 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://leak-hub.com/igit/fet/miy/Panel/five/PvqDq929BSx_A_D_M1n_a.php
Effective URL:
https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
Submission Tags: threatshare
Submission: On March 25 via api (March 25th 2024, 12:00:58 pm UTC) from GB — Scanned from GB

Summary HTTP 97 Redirects Behaviour Indicators

Summary

This website contacted 48 IPs in 10 countries across 46 domains to perform 97 HTTP transactions. The main IP is 35.227.209.77, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is www.newsandpromotions.com. The Cisco Umbrella rank of the primary domain is 231071.
TLS certificate: Issued by GTS CA 1D4 on March 13th 2024. Valid for: 3 months.

This is the only time www.newsandpromotions.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	37.48.65.152 37.48.65.152	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 2	103.224.182.206 103.224.182.206	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
1 32	35.227.209.77 35.227.209.77	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	34.111.12.38 34.111.12.38	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
2	185.255.84.151 185.255.84.151	200271 (IGUANE-) (IGUANE-)
1	2600:9000:211... 2600:9000:211e:5e00:4:8491:f2c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	35.190.72.161 35.190.72.161	15169 (GOOGLE) (GOOGLE)
1	18.66.97.10 18.66.97.10	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:4f4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
2	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2 3	44.213.220.50 44.213.220.50	14618 (AMAZON-AES) (AMAZON-AES)
1 1	52.211.99.1 52.211.99.1	16509 (AMAZON-02) (AMAZON-02)
1	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	35.190.36.172 35.190.36.172	15169 (GOOGLE) (GOOGLE)
1	34.231.129.236 34.231.129.236	14618 (AMAZON-AES) (AMAZON-AES)
1	23.48.23.37 23.48.23.37	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	157.240.252.13 157.240.252.13	32934 (FACEBOOK) (FACEBOOK)
1	13.32.27.19 13.32.27.19	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	142.250.185.164 142.250.185.164	15169 (GOOGLE) (GOOGLE)
2	172.217.18.3 172.217.18.3	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	104.45.184.134 104.45.184.134	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.26.11.16 104.26.11.16	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
1	67.202.105.22 67.202.105.22	32748 (STEADFAST) (STEADFAST)
1 1	104.64.126.246 104.64.126.246	16625 (AKAMAI-AS) (AKAMAI-AS)
1	72.246.169.246 72.246.169.246	16625 (AKAMAI-AS) (AKAMAI-AS)
4 4	185.89.210.82 185.89.210.82	29990 (ASN-APPNEX) (ASN-APPNEX)
8	185.255.84.152 185.255.84.152	200271 (IGUANE-) (IGUANE-)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 3	35.214.149.91 35.214.149.91	15169 (GOOGLE) (GOOGLE)
1 1	35.214.132.90 35.214.132.90	15169 (GOOGLE) (GOOGLE)
2 2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	18.245.31.19 18.245.31.19	16509 (AMAZON-02) (AMAZON-02)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2 2	52.215.86.157 52.215.86.157	16509 (AMAZON-02) (AMAZON-02)
2 2	64.202.112.63 64.202.112.63	23352 (SERVERCEN...) (SERVERCENTRAL)
1	185.64.190.79 185.64.190.79	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	35.214.206.184 35.214.206.184	15169 (GOOGLE) (GOOGLE)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 1	54.210.145.203 54.210.145.203	14618 (AMAZON-AES) (AMAZON-AES)
1	34.149.50.64 34.149.50.64	15169 (GOOGLE) (GOOGLE)
1	2.23.8.24 2.23.8.24	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.214.129.77 34.214.129.77	16509 (AMAZON-02) (AMAZON-02)
1	34.233.219.30 34.233.219.30	14618 (AMAZON-AES) (AMAZON-AES)
1	54.76.208.25 54.76.208.25	16509 (AMAZON-02) (AMAZON-02)
1	192.132.33.69 192.132.33.69	18568 (BIDTELLECT) (BIDTELLECT)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:1901:0:2... 2600:1901:0:298e::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
97	48

1 37.48.65.152 (Amsterdam, Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

leak-hub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.224.182.206 (Australia) 1 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: bidr.trellian.com

dinnza.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 35.227.209.77 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 77.209.227.35.bc.googleusercontent.com

www.newsandpromotions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.12.38 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.12.111.34.bc.googleusercontent.com

track.ecampaignstats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.255.84.151 (France)

ASN200271 (IGUANE-, FR)

fo-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fo-ssp.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:5e00:4:8491:f2c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

tags.clickagy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.72.161 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 161.72.190.35.bc.googleusercontent.com

c.fqtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-10.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:4f4 (United States)

ASN13335 (CLOUDFLARENET, US)

ssl.luckyorange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.213.220.50 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-213-220-50.compute-1.amazonaws.com

aorta.clickagy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.211.99.1 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-99-1.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.36.172 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 172.36.190.35.bc.googleusercontent.com

cdn.fqtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.231.129.236 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-129-236.compute-1.amazonaws.com

hemsync.clickagy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.48.23.37 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-23-37.deploy.static.akamaitechnologies.com

fo-static.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-19.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f3.1e100.net

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.45.184.134 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

a.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.11.16 (None, )

ASN13335 (CLOUDFLARENET, US)

settings.luckyorange.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.22 (United States)

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.64.126.246 (Prague, Czech Republic) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-126-246.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.246.169.246 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-169-246.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.82 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.255.84.152 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.214.149.91 (Groningen, Netherlands) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 91.149.214.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.132.90 (Groningen, Netherlands) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 90.132.214.35.bc.googleusercontent.com

u.ipw.metadsp.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, CY)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.31.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-19.fra56.r.cloudfront.net

api-2-0.spot.im	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.215.86.157 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-86-157.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.63 (United States) 2 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.206.184 (Groningen, Netherlands) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 184.206.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.210.145.203 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-145-203.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.50.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.50.149.34.bc.googleusercontent.com

s.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.23.8.24 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-8-24.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.214.129.77 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-214-129-77.us-west-2.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.233.219.30 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-219-30.compute-1.amazonaws.com

cs-server-s2s.yellowblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.208.25 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-208-25.eu-west-1.compute.amazonaws.com

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.69 (United States)

ASN18568 (BIDTELLECT, US)
PTR: NET-33-132-192.69.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:298e:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

aux.fqtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	newsandpromotions.com 1 redirects www.newsandpromotions.com — Cisco Umbrella Rank: 231071	235 KB
11	omnitagjs.com fo-api.omnitagjs.com — Cisco Umbrella Rank: 50414 fo-static.omnitagjs.com — Cisco Umbrella Rank: 21812 fo-ssp.omnitagjs.com — Cisco Umbrella Rank: 58781 visitor.omnitagjs.com — Cisco Umbrella Rank: 1091	125 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1170 a.clarity.ms — Cisco Umbrella Rank: 8810 c.clarity.ms — Cisco Umbrella Rank: 1778	28 KB
5	clickagy.com 2 redirects tags.clickagy.com — Cisco Umbrella Rank: 59262 aorta.clickagy.com — Cisco Umbrella Rank: 3843 hemsync.clickagy.com — Cisco Umbrella Rank: 52982	15 KB
4	adnxs.com 4 redirects secure.adnxs.com — Cisco Umbrella Rank: 800	5 KB
4	fqtag.com c.fqtag.com — Cisco Umbrella Rank: 120030 cdn.fqtag.com — Cisco Umbrella Rank: 42859 aux.fqtag.com — Cisco Umbrella Rank: 45133	91 KB
3	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 615	2 KB
3	google.com www.google.com — Cisco Umbrella Rank: 5 region1.analytics.google.com — Cisco Umbrella Rank: 2156	369 B
3	gstatic.com fonts.gstatic.com	79 KB
3	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1350 sync.taboola.com — Cisco Umbrella Rank: 1963	209 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	21 KB
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 1114	922 B
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 994	1 KB
2	creativecdn.com 2 redirects creativecdn.com — Cisco Umbrella Rank: 772	1 KB
2	rubiconproject.com 1 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1435 eus.rubiconproject.com — Cisco Umbrella Rank: 866	151 B
2	criteo.com gum.criteo.com — Cisco Umbrella Rank: 635 dis.criteo.com — Cisco Umbrella Rank: 979	651 B
2	google.co.uk www.google.co.uk — Cisco Umbrella Rank: 3085	126 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 203	415 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 246	89 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 1305 script.hotjar.com — Cisco Umbrella Rank: 1679	59 KB
2	ecampaignstats.com 2 redirects track.ecampaignstats.com — Cisco Umbrella Rank: 245864	307 B
2	dinnza.com 1 redirects dinnza.com — Cisco Umbrella Rank: 555871	2 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 442	761 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 10301	265 B
1	bttrack.com bttrack.com — Cisco Umbrella Rank: 1609	163 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 1074	175 B
1	yellowblue.io cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 2542	376 B
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1631	422 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 1153	318 B
1	seedtag.com s.seedtag.com — Cisco Umbrella Rank: 2401	284 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 1204	1 KB
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 1480	285 B
1	pubmatic.com image8.pubmatic.com — Cisco Umbrella Rank: 1020	42 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 530	149 B
1	spot.im api-2-0.spot.im — Cisco Umbrella Rank: 3099	456 B
1	metadsp.co.uk 1 redirects u.ipw.metadsp.co.uk — Cisco Umbrella Rank: 9754	239 B
1	33across.com ssc-cms.33across.com — Cisco Umbrella Rank: 1524
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 1026
1	luckyorange.net settings.luckyorange.net — Cisco Umbrella Rank: 18838	749 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 108	85 KB
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 889	295 B
1	crwdcntrl.net 1 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 1467	216 B
1	luckyorange.com ssl.luckyorange.com — Cisco Umbrella Rank: 198600	3 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 112	1 KB
1	leak-hub.com 1 redirects leak-hub.com	1 KB
0	rlcdn.com Failed id.rlcdn.com Failed
97	46

	Domain	Requested by
32	www.newsandpromotions.com	1 redirects dinnza.com www.newsandpromotions.com
8	visitor.omnitagjs.com	www.newsandpromotions.com
4	secure.adnxs.com	4 redirects
3	x.bidswitch.net	2 redirects www.newsandpromotions.com
3	aorta.clickagy.com	2 redirects tags.clickagy.com
3	fonts.gstatic.com	fonts.googleapis.com
3	www.google-analytics.com	www.newsandpromotions.com www.google-analytics.com
2	c.clarity.ms	1 redirects
2	b1sync.zemanta.com	2 redirects
2	match.prod.bidr.io	2 redirects
2	creativecdn.com	2 redirects
2	region1.analytics.google.com	www.googletagmanager.com
2	a.clarity.ms	www.clarity.ms
2	www.google.co.uk	www.newsandpromotions.com
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	connect.facebook.net	www.newsandpromotions.com connect.facebook.net
2	www.clarity.ms	www.newsandpromotions.com www.clarity.ms
2	cdn.taboola.com	www.newsandpromotions.com cdn.taboola.com
2	c.fqtag.com	www.newsandpromotions.com cdn.fqtag.com
2	track.ecampaignstats.com	2 redirects
2	dinnza.com	1 redirects
1	c.bing.com	1 redirects
1	aux.fqtag.com	cdn.fqtag.com
1	matching.ivitrack.com	www.newsandpromotions.com
1	bttrack.com	www.newsandpromotions.com
1	ap.lijit.com	www.newsandpromotions.com
1	cs-server-s2s.yellowblue.io	www.newsandpromotions.com
1	jadserve.postrelease.com	www.newsandpromotions.com
1	contextual.media.net	www.newsandpromotions.com
1	s.seedtag.com	www.newsandpromotions.com
1	sync.srv.stackadapt.com	1 redirects
1	sync.taboola.com	www.newsandpromotions.com
1	csync.loopme.me	1 redirects
1	image8.pubmatic.com	www.newsandpromotions.com
1	match.adsrvr.org	www.newsandpromotions.com
1	api-2-0.spot.im	www.newsandpromotions.com
1	u.ipw.metadsp.co.uk	1 redirects
1	dis.criteo.com	www.newsandpromotions.com
1	eus.rubiconproject.com	fo-ssp.omnitagjs.com
1	secure-assets.rubiconproject.com	1 redirects
1	ssc-cms.33across.com	fo-ssp.omnitagjs.com
1	onetag-sys.com	fo-ssp.omnitagjs.com
1	settings.luckyorange.net	ssl.luckyorange.com
1	fo-ssp.omnitagjs.com	fo-static.omnitagjs.com
1	gum.criteo.com	cdn.taboola.com
1	www.google.com	www.newsandpromotions.com
1	www.googletagmanager.com	www.google-analytics.com
1	script.hotjar.com	static.hotjar.com
1	fo-static.omnitagjs.com	fo-api.omnitagjs.com
1	hemsync.clickagy.com	tags.clickagy.com
1	cdn.fqtag.com	c.fqtag.com
1	us-u.openx.net	www.newsandpromotions.com
1	sync.crwdcntrl.net	1 redirects
1	ssl.luckyorange.com	www.newsandpromotions.com
1	static.hotjar.com	www.newsandpromotions.com
1	tags.clickagy.com	www.newsandpromotions.com
1	fo-api.omnitagjs.com	www.newsandpromotions.com
1	fonts.googleapis.com	www.newsandpromotions.com
1	leak-hub.com	1 redirects
0	id.rlcdn.com Failed	www.newsandpromotions.com
97	60

This site contains no links.

Subject Issuer	Validity	Valid
belgradeonline.com R3	`2024-01-25` - `2024-04-24`	3 months	crt.sh
newsandpromotions.com GTS CA 1D4	`2024-03-13` - `2024-06-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-23` - `2024-07-22`	a year	crt.sh
*.clickagy.com Amazon ECDSA 256 M02	`2023-09-22` - `2024-10-20`	a year	crt.sh
*.fqtag.com R3	`2024-01-27` - `2024-04-26`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M03	`2024-02-07` - `2025-03-08`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-10` - `2024-05-09`	a year	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-01-02` - `2024-04-01`	3 months	crt.sh
dyn.omnitagjs.com R3	`2024-02-04` - `2024-05-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-08` - `2024-05-07`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 01	`2024-01-14` - `2024-06-27`	5 months	crt.sh
*.onetag-sys.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-23` - `2025-01-29`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-03-07` - `2025-04-03`	a year	crt.sh
*.spot.im Amazon RSA 2048 M02	`2023-09-03` - `2024-09-30`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.seedtag.com Sectigo RSA Domain Validation Secure Server CA	`2024-03-22` - `2025-04-22`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-21` - `2024-12-21`	a year	crt.sh
*.postrelease.com Amazon RSA 2048 M02	`2023-08-30` - `2024-09-28`	a year	crt.sh
*.yellowblue.io Amazon ECDSA 256 M03	`2024-03-18` - `2025-04-16`	a year	crt.sh
*.lijit.com Amazon RSA 2048 M02	`2023-11-21` - `2024-12-19`	a year	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2024-03-01` - `2025-04-01`	a year	crt.sh
itm.ivitrack.com R3	`2024-02-12` - `2024-05-12`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
Frame ID: 7ED783346EFB9C8E199A1E5272D35477
Requests: 94 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Frame ID: 9824F6B52B4E0143BDFC675F5BF64270
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Frame ID: D251156CE6E0B4D855F428CE41703BFE
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Frame ID: 45159690799D00F9FDE1E70891EF97AF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Special Offer

Page URL History Show full URLs

http://leak-hub.com/igit/fet/miy/Panel/five/PvqDq929BSx_A_D_M1n_a.php HTTP 307
https://leak-hub.com/igit/fet/miy/Panel/five/PvqDq929BSx_A_D_M1n_a.php HTTP 302
http://dinnza.com/f.php?e=fsO%2BiNpR%2F2yPGORxTXNJXX49flBLRFhHbzVrTGVEZ21HbmRSVzRJV3p4Z2lJRU0z... HTTP 307
https://dinnza.com/f.php?e=fsO%2BiNpR%2F2yPGORxTXNJXX49flBLRFhHbzVrTGVEZ21HbmRSVzRJV3p4Z2lJRU0z... Page URL
http://dinnza.com/f2.php?e=LSAFaP3zw9DULZpGkF6JHX49fjhGaG5UWTdYWUxkU1dSU3k3cTFLd3JNZ2MvTGh4eUN... HTTP 307
https://dinnza.com/f2.php?e=LSAFaP3zw9DULZpGkF6JHX49fjhGaG5UWTdYWUxkU1dSU3k3cTFLd3JNZ2MvTGh4eUN... HTTP 302
https://www.newsandpromotions.com/tracking/11911 HTTP 307
http://track.ecampaignstats.com/lprd/trk.php?TID=11911 HTTP 307
https://track.ecampaignstats.com/lprd/trk.php?TID=11911 HTTP 302
http://track.ecampaignstats.com/scr/btr.php?bl=1&rd=1&bua=0&TID=11911 HTTP 307
https://track.ecampaignstats.com/scr/btr.php?bl=1&rd=1&bua=0&TID=11911 HTTP 302
http://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 HTTP 307
https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

97
Requests

86 %
HTTPS

22 %
IPv6

46
Domains

60
Subdomains

48
IPs

10
Countries

1044 kB
Transfer

3254 kB
Size

37
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://leak-hub.com/igit/fet/miy/Panel/five/PvqDq929BSx_A_D_M1n_a.php HTTP 307
https://leak-hub.com/igit/fet/miy/Panel/five/PvqDq929BSx_A_D_M1n_a.php HTTP 302
http://dinnza.com/f.php?e=fsO%2BiNpR%2F2yPGORxTXNJXX49flBLRFhHbzVrTGVEZ21HbmRSVzRJV3p4Z2lJRU0zc2lGallaT2VLa0QzUyt5aUxlZFFkeUZ2TVNjK1NiUWxmc3B0MFRPc3ZobXNnWlVMVzM5bUVzVVlQTWIzdGJGVGE0SkxrWlduRS85QWVOMG13NGp1dVBIWHVMc2NheUo3R05WeXpIcnZ5MGNqdVlEckIrQ0lGNWswRUtacTBtMVdEQUUyWVQ1SnAyUWJuamVlenM0Q0ViRlZOVldZVlJGQXJ0cjhhVVVzVjRna0pCYjFDWllvVXFJTzhqeDVtaXN2TW5GOEpnSkw1ZVBTOTBSRWtjYlE1citVS1d6bDY0ZC9ZQnRMMVYrbDE1UXlRYW1mV2NxbE8vV3FMOEYrVnJYajYrNXVmRFJGSHhZV2d0RXlDWkQ3ZTBjSmcxR2lnK0ZuV2x5c0hwTDNoYy8rUklRYXdkb2ZrNytFMXFMQlVqSmZFVXBhd0hmUFVxcjhnK1R5ekZPOFROVXNxRjA5WjBKZ3gwV1N0ZkhPanZGMmoxbVg5ZmkxcW1TVWZrdWRPNzEwb3Z2S29venJWbHBhcndiYW84eDhpRWRMZ2I4YlQ1ekxMak5TSUVpbVJmNGVINm9WUTZjYXI0NDJpRHY5Nm10Mm12Q0NpSk9sd1JRbFhGK3BpNm5OT0JVN1VtVklGeTRsaTNrWEljMFpLZzNENzg0WUVpZ1dWOXBBQ2RrbTlUTnFqek1FQ2FPcFVPdGZhcmpIRW9RcXFBV2s5bXFDcnBnVGxpNU9yQXd0R2N1emVta3pUNTZjS2VNS2NIMk53UjY0UlNUSUZMcXZ0TGl6SE9OQXBZWjJsZUlqRVh3RlEzakphOFR4c0h3WEltbWRPTEZmcTIwZ0pTY3RtMUMvT3lGMTVWVm5vTWNUbnZyT1U1Z0JDK2R4SCtZVGZ2R2JIZmdvcWttWWQ2VkVQNHJrZyt1T0lROHd4RWVsV2o4Q09HNWlMM1R6eXhwSmUvdHFaN1pXVFB2YlJHZ1NNSGJ3OGtUS25xNlp6TTdJTHNhZW5hYWRnUTdyVkJtbDh1NkdLenVpOWhaZkVwNFRlblVHREVBRVpUelJ1ZG5PeG11c3Z5aGN0RmwvL1dKQlM4MVpFTXh4ZTZCT0F6RjRRPT0%3D HTTP 307
https://dinnza.com/f.php?e=fsO%2BiNpR%2F2yPGORxTXNJXX49flBLRFhHbzVrTGVEZ21HbmRSVzRJV3p4Z2lJRU0zc2lGallaT2VLa0QzUyt5aUxlZFFkeUZ2TVNjK1NiUWxmc3B0MFRPc3ZobXNnWlVMVzM5bUVzVVlQTWIzdGJGVGE0SkxrWlduRS85QWVOMG13NGp1dVBIWHVMc2NheUo3R05WeXpIcnZ5MGNqdVlEckIrQ0lGNWswRUtacTBtMVdEQUUyWVQ1SnAyUWJuamVlenM0Q0ViRlZOVldZVlJGQXJ0cjhhVVVzVjRna0pCYjFDWllvVXFJTzhqeDVtaXN2TW5GOEpnSkw1ZVBTOTBSRWtjYlE1citVS1d6bDY0ZC9ZQnRMMVYrbDE1UXlRYW1mV2NxbE8vV3FMOEYrVnJYajYrNXVmRFJGSHhZV2d0RXlDWkQ3ZTBjSmcxR2lnK0ZuV2x5c0hwTDNoYy8rUklRYXdkb2ZrNytFMXFMQlVqSmZFVXBhd0hmUFVxcjhnK1R5ekZPOFROVXNxRjA5WjBKZ3gwV1N0ZkhPanZGMmoxbVg5ZmkxcW1TVWZrdWRPNzEwb3Z2S29venJWbHBhcndiYW84eDhpRWRMZ2I4YlQ1ekxMak5TSUVpbVJmNGVINm9WUTZjYXI0NDJpRHY5Nm10Mm12Q0NpSk9sd1JRbFhGK3BpNm5OT0JVN1VtVklGeTRsaTNrWEljMFpLZzNENzg0WUVpZ1dWOXBBQ2RrbTlUTnFqek1FQ2FPcFVPdGZhcmpIRW9RcXFBV2s5bXFDcnBnVGxpNU9yQXd0R2N1emVta3pUNTZjS2VNS2NIMk53UjY0UlNUSUZMcXZ0TGl6SE9OQXBZWjJsZUlqRVh3RlEzakphOFR4c0h3WEltbWRPTEZmcTIwZ0pTY3RtMUMvT3lGMTVWVm5vTWNUbnZyT1U1Z0JDK2R4SCtZVGZ2R2JIZmdvcWttWWQ2VkVQNHJrZyt1T0lROHd4RWVsV2o4Q09HNWlMM1R6eXhwSmUvdHFaN1pXVFB2YlJHZ1NNSGJ3OGtUS25xNlp6TTdJTHNhZW5hYWRnUTdyVkJtbDh1NkdLenVpOWhaZkVwNFRlblVHREVBRVpUelJ1ZG5PeG11c3Z5aGN0RmwvL1dKQlM4MVpFTXh4ZTZCT0F6RjRRPT0%3D Page URL
http://dinnza.com/f2.php?e=LSAFaP3zw9DULZpGkF6JHX49fjhGaG5UWTdYWUxkU1dSU3k3cTFLd3JNZ2MvTGh4eUNaRmptTkcyNUhQTVpTaXFwZzRMQjRhdmNCUXJxc3RWejdNWWJZZXo0cU90dkhBd0RrR2xZUFlDS3pwdnN6YklVKzFXblFkV1RveWNmTXJCNGVDTVBrdWM4L211cUZyd3RWZCtQSURHcmhRQzhGbFFGbzh2OVdSVDJ6SUlhVitDeHhGalJLK3lmaDBsSlNYd1lJdEFYNStVQWFKcjBUb2U0OVh5ZzBNYWJvNU1qdHlvcisvM0pNR0Qxa3pzTDZTbGs2aHJ5aTdZSHY1dTh0Ykw2a0E2VUpFaEtkS2tvOGJ1U2ZOOVVtc3doeXl5OUdDeU1XK1dMdXU5ZXZQYllVdFdrbmZsVlgxK3lVcTRlRkdHc0h4c2o0ZDVCV1l5cFVDSW1vNldMVTQyOWtjRmZ3djlNczlSUUJKQU4wTlE5MXFKYjJaZlQvMktpR0hzVXpMb0hvU1R5ZDdhRjFGb3p0bzI0L3NxY003T1FoM0NvV3VHZHFoQ00zdzVKRHM1VjhpSXZXUGNuTTk3bnNqSDhqdTFlVUNvZnc3TkwxMTdBd0V6YUk0R0tESm9WUkl6U0Z2TjlzNk5Mci9sZ2RpT1BOMVlaUHVsQ2htZzJKaHRnVU5qd1lNY1Q4SWV5cGRxSmJiRHdISmlkd3B5SVlxYjRMS0kxV3lxdU1VZHRFZ3E0L2tHcDF0ZmIzQzZuKzYrcXdzbklOV0RxOEdHNFZKWTUydzZZU1Jpa2FWRUF4dW1HaXJFeHFjTHE5d0lkOVhCek12THMyYVJ4U29kSTJzR3R5d1NubFBTTmtxb2xaTFBTSU5xMFVhcWNrRVRueGNGbXNUUkQwdGRvTUpoajVMVk1lNHBkMWphV1dxMlEvSlluWmR1K01Yb3d4SmE3b2t1RzcrcmE2YUNqcFQ5ZElUcFltQkltOHYrYVovc0U3c2V4a2VRU3BOdVhPNmVyU0pUQ1ZKOWlydmFxTWlvL1RnbDBoWjZjT0V3VlZDa3djcUxxWGw5YlltOEhGbjc4SDcrdXBLZ0dpcndnUzhNQmNKcDZvNUV6ZWhwSkNoeUZ2TzZPcHVtMjhBaTFGdXFpWERMbjlCak05ODFZZ0x6VURCNWJDc0xuSE85a2NJTkdDYWdTS014dDhXQlp5V0dJd2N6NVhxcDdZSHJ4T3FsR3VucS9JRDNXYWh2UkFudz09&vs=1600:1113&ds=800:600&sl=80:80&os=f&nos=f HTTP 307
https://dinnza.com/f2.php?e=LSAFaP3zw9DULZpGkF6JHX49fjhGaG5UWTdYWUxkU1dSU3k3cTFLd3JNZ2MvTGh4eUNaRmptTkcyNUhQTVpTaXFwZzRMQjRhdmNCUXJxc3RWejdNWWJZZXo0cU90dkhBd0RrR2xZUFlDS3pwdnN6YklVKzFXblFkV1RveWNmTXJCNGVDTVBrdWM4L211cUZyd3RWZCtQSURHcmhRQzhGbFFGbzh2OVdSVDJ6SUlhVitDeHhGalJLK3lmaDBsSlNYd1lJdEFYNStVQWFKcjBUb2U0OVh5ZzBNYWJvNU1qdHlvcisvM0pNR0Qxa3pzTDZTbGs2aHJ5aTdZSHY1dTh0Ykw2a0E2VUpFaEtkS2tvOGJ1U2ZOOVVtc3doeXl5OUdDeU1XK1dMdXU5ZXZQYllVdFdrbmZsVlgxK3lVcTRlRkdHc0h4c2o0ZDVCV1l5cFVDSW1vNldMVTQyOWtjRmZ3djlNczlSUUJKQU4wTlE5MXFKYjJaZlQvMktpR0hzVXpMb0hvU1R5ZDdhRjFGb3p0bzI0L3NxY003T1FoM0NvV3VHZHFoQ00zdzVKRHM1VjhpSXZXUGNuTTk3bnNqSDhqdTFlVUNvZnc3TkwxMTdBd0V6YUk0R0tESm9WUkl6U0Z2TjlzNk5Mci9sZ2RpT1BOMVlaUHVsQ2htZzJKaHRnVU5qd1lNY1Q4SWV5cGRxSmJiRHdISmlkd3B5SVlxYjRMS0kxV3lxdU1VZHRFZ3E0L2tHcDF0ZmIzQzZuKzYrcXdzbklOV0RxOEdHNFZKWTUydzZZU1Jpa2FWRUF4dW1HaXJFeHFjTHE5d0lkOVhCek12THMyYVJ4U29kSTJzR3R5d1NubFBTTmtxb2xaTFBTSU5xMFVhcWNrRVRueGNGbXNUUkQwdGRvTUpoajVMVk1lNHBkMWphV1dxMlEvSlluWmR1K01Yb3d4SmE3b2t1RzcrcmE2YUNqcFQ5ZElUcFltQkltOHYrYVovc0U3c2V4a2VRU3BOdVhPNmVyU0pUQ1ZKOWlydmFxTWlvL1RnbDBoWjZjT0V3VlZDa3djcUxxWGw5YlltOEhGbjc4SDcrdXBLZ0dpcndnUzhNQmNKcDZvNUV6ZWhwSkNoeUZ2TzZPcHVtMjhBaTFGdXFpWERMbjlCak05ODFZZ0x6VURCNWJDc0xuSE85a2NJTkdDYWdTS014dDhXQlp5V0dJd2N6NVhxcDdZSHJ4T3FsR3VucS9JRDNXYWh2UkFudz09&vs=1600:1113&ds=800:600&sl=80:80&os=f&nos=f HTTP 302
https://www.newsandpromotions.com/tracking/11911 HTTP 307
http://track.ecampaignstats.com/lprd/trk.php?TID=11911 HTTP 307
https://track.ecampaignstats.com/lprd/trk.php?TID=11911 HTTP 302
http://track.ecampaignstats.com/scr/btr.php?bl=1&rd=1&bua=0&TID=11911 HTTP 307
https://track.ecampaignstats.com/scr/btr.php?bl=1&rd=1&bua=0&TID=11911 HTTP 302
http://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 HTTP 307
https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://leak-hub.com/igit/fet/miy/Panel/five/PvqDq929BSx_A_D_M1n_a.php HTTP 307
https://leak-hub.com/igit/fet/miy/Panel/five/PvqDq929BSx_A_D_M1n_a.php HTTP 302
http://dinnza.com/f.php?e=fsO%2BiNpR%2F2yPGORxTXNJXX49flBLRFhHbzVrTGVEZ21HbmRSVzRJV3p4Z2lJRU0zc2lGallaT2VLa0QzUyt5aUxlZFFkeUZ2TVNjK1NiUWxmc3B0MFRPc3ZobXNnWlVMVzM5bUVzVVlQTWIzdGJGVGE0SkxrWlduRS85QWVOMG13NGp1dVBIWHVMc2NheUo3R05WeXpIcnZ5MGNqdVlEckIrQ0lGNWswRUtacTBtMVdEQUUyWVQ1SnAyUWJuamVlenM0Q0ViRlZOVldZVlJGQXJ0cjhhVVVzVjRna0pCYjFDWllvVXFJTzhqeDVtaXN2TW5GOEpnSkw1ZVBTOTBSRWtjYlE1citVS1d6bDY0ZC9ZQnRMMVYrbDE1UXlRYW1mV2NxbE8vV3FMOEYrVnJYajYrNXVmRFJGSHhZV2d0RXlDWkQ3ZTBjSmcxR2lnK0ZuV2x5c0hwTDNoYy8rUklRYXdkb2ZrNytFMXFMQlVqSmZFVXBhd0hmUFVxcjhnK1R5ekZPOFROVXNxRjA5WjBKZ3gwV1N0ZkhPanZGMmoxbVg5ZmkxcW1TVWZrdWRPNzEwb3Z2S29venJWbHBhcndiYW84eDhpRWRMZ2I4YlQ1ekxMak5TSUVpbVJmNGVINm9WUTZjYXI0NDJpRHY5Nm10Mm12Q0NpSk9sd1JRbFhGK3BpNm5OT0JVN1VtVklGeTRsaTNrWEljMFpLZzNENzg0WUVpZ1dWOXBBQ2RrbTlUTnFqek1FQ2FPcFVPdGZhcmpIRW9RcXFBV2s5bXFDcnBnVGxpNU9yQXd0R2N1emVta3pUNTZjS2VNS2NIMk53UjY0UlNUSUZMcXZ0TGl6SE9OQXBZWjJsZUlqRVh3RlEzakphOFR4c0h3WEltbWRPTEZmcTIwZ0pTY3RtMUMvT3lGMTVWVm5vTWNUbnZyT1U1Z0JDK2R4SCtZVGZ2R2JIZmdvcWttWWQ2VkVQNHJrZyt1T0lROHd4RWVsV2o4Q09HNWlMM1R6eXhwSmUvdHFaN1pXVFB2YlJHZ1NNSGJ3OGtUS25xNlp6TTdJTHNhZW5hYWRnUTdyVkJtbDh1NkdLenVpOWhaZkVwNFRlblVHREVBRVpUelJ1ZG5PeG11c3Z5aGN0RmwvL1dKQlM4MVpFTXh4ZTZCT0F6RjRRPT0%3D HTTP 307
https://dinnza.com/f.php?e=fsO%2BiNpR%2F2yPGORxTXNJXX49flBLRFhHbzVrTGVEZ21HbmRSVzRJV3p4Z2lJRU0zc2lGallaT2VLa0QzUyt5aUxlZFFkeUZ2TVNjK1NiUWxmc3B0MFRPc3ZobXNnWlVMVzM5bUVzVVlQTWIzdGJGVGE0SkxrWlduRS85QWVOMG13NGp1dVBIWHVMc2NheUo3R05WeXpIcnZ5MGNqdVlEckIrQ0lGNWswRUtacTBtMVdEQUUyWVQ1SnAyUWJuamVlenM0Q0ViRlZOVldZVlJGQXJ0cjhhVVVzVjRna0pCYjFDWllvVXFJTzhqeDVtaXN2TW5GOEpnSkw1ZVBTOTBSRWtjYlE1citVS1d6bDY0ZC9ZQnRMMVYrbDE1UXlRYW1mV2NxbE8vV3FMOEYrVnJYajYrNXVmRFJGSHhZV2d0RXlDWkQ3ZTBjSmcxR2lnK0ZuV2x5c0hwTDNoYy8rUklRYXdkb2ZrNytFMXFMQlVqSmZFVXBhd0hmUFVxcjhnK1R5ekZPOFROVXNxRjA5WjBKZ3gwV1N0ZkhPanZGMmoxbVg5ZmkxcW1TVWZrdWRPNzEwb3Z2S29venJWbHBhcndiYW84eDhpRWRMZ2I4YlQ1ekxMak5TSUVpbVJmNGVINm9WUTZjYXI0NDJpRHY5Nm10Mm12Q0NpSk9sd1JRbFhGK3BpNm5OT0JVN1VtVklGeTRsaTNrWEljMFpLZzNENzg0WUVpZ1dWOXBBQ2RrbTlUTnFqek1FQ2FPcFVPdGZhcmpIRW9RcXFBV2s5bXFDcnBnVGxpNU9yQXd0R2N1emVta3pUNTZjS2VNS2NIMk53UjY0UlNUSUZMcXZ0TGl6SE9OQXBZWjJsZUlqRVh3RlEzakphOFR4c0h3WEltbWRPTEZmcTIwZ0pTY3RtMUMvT3lGMTVWVm5vTWNUbnZyT1U1Z0JDK2R4SCtZVGZ2R2JIZmdvcWttWWQ2VkVQNHJrZyt1T0lROHd4RWVsV2o4Q09HNWlMM1R6eXhwSmUvdHFaN1pXVFB2YlJHZ1NNSGJ3OGtUS25xNlp6TTdJTHNhZW5hYWRnUTdyVkJtbDh1NkdLenVpOWhaZkVwNFRlblVHREVBRVpUelJ1ZG5PeG11c3Z5aGN0RmwvL1dKQlM4MVpFTXh4ZTZCT0F6RjRRPT0%3D

Request Chain 37

https://aorta.clickagy.com/pixel.gif?clkgypv=jstag HTTP 302
https://sync.crwdcntrl.net/map/c=8545/tp=CKGY/tpid=c:73eb6a079b8c6348c6d57ef1b9e155cf/gdpr=0/gdpr_consent=false/?https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D120%26cm%3D%24%7Bprofile_id%7D HTTP 302
https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=120&cm= HTTP 302
https://us-u.openx.net/w/1.0/cm?id=af408286-42f3-4d1c-bb48-10bd86dbcd66&r=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fch%3D4%26cm%3D%7BOPENX_ID%7D%26redir%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537073026%2526val%253D%257Bvisitor_id%257D

Request Chain 68

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent= HTTP 301
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=

Request Chain 69

https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%2B-%2BBanner%26ttl%3D720%26uid%3D75d56568a11564bfb79a01d2fa9fdb29%26visitor%3D%24UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fvisitor.omnitagjs.com%252Fvisitor%252Fsync%253Fname%253DXandr%252B%2525E2%252580%252593%252BInvest%252BDSP%252B-%252BBanner%2526ttl%253D720%2526uid%253D75d56568a11564bfb79a01d2fa9fdb29%2526visitor%253D%2524UID%2526gdpr%253D0%2526gdpr_consent%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://visitor.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=4519483493053224219&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=

Request Chain 70

https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%26ttl%3D720%26uid%3D48d5713d5c563cba2049f505b2d944b6%26visitor%3D%24UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fvisitor.omnitagjs.com%252Fvisitor%252Fsync%253Fname%253DXandr%252B%2525E2%252580%252593%252BInvest%252BDSP%2526ttl%253D720%2526uid%253D48d5713d5c563cba2049f505b2d944b6%2526visitor%253D%2524UID%2526gdpr%253D0%2526gdpr_consent%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://visitor.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=4519483493053224219&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=

Request Chain 72

https://x.bidswitch.net/sync?ssp=adyoulike&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=adyoulike&gdpr=0&gdpr_consent= HTTP 302
https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=adyoulike&bsw_user_id=${BSW_USER_UD}&bsw_param=9e8cb4ce-7ff0-4158-89ba-669608118ca4&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=adyoulike&bsw_param=9e8cb4ce-7ff0-4158-89ba-669608118ca4

Request Chain 73

https://creativecdn.com/cm-notify?pi=adyoulike&gdpr=0&gdpr_consent= HTTP 302
https://creativecdn.com/cm-notify?pi=adyoulike&gdpr=0&gdpr_consent=&tc=1 HTTP 302
https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=uBi4rKQ_Xd3-h6PDDgh9Pf6huM4pqMrSZrFIdcEG45Q&name=RTB_HOUSE&pi=adyoulike&gdpr=0&gdpr_consent=&tc=1

Request Chain 76

https://match.prod.bidr.io/cookie-sync/aul HTTP 303
https://match.prod.bidr.io/cookie-sync/aul?_bee_ppp=1 HTTP 303
https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AAKDKE7MAs8AABWS-tz17Q&name=BEESWAX

Request Chain 77

https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_BANNER%26ttl%3D720%26uid%3Dbdef6bd95b7450b4e62a32db8c7d8c9d%26visitor%3D__ZUID__%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://visitor.omnitagjs.com/visitor/sync?name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=&gdpr=0&gdpr_consent=&gdpr=0

Request Chain 79

https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_NATIVE_1_2%26ttl%3D720%26uid%3Df2d9136cf53dede7f83ba16171a37fdd%26visitor%3D__ZUID__%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://visitor.omnitagjs.com/visitor/sync?name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=&gdpr=0&gdpr_consent=&gdpr=0

Request Chain 80

https://csync.loopme.me/?pubid=11480&redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D68c72dd412a8d0f3f6d2276db2509939%26name%3DLOOPME%26visitor%3D%7Bdevice_id%7D%0A&gdpr=0&gdpr_consent= HTTP 307
https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=92af4c3f-ab5d-4d47-9583-754bec3de184%20&gdpr_consent=null&gdpr=0

Request Chain 82

https://sync.srv.stackadapt.com/sync?nid=33&gdpr=0&gdpr_consent= HTTP 302
https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-1461cd0e-8d79-5b22-741e-394fb682a8bc$ip$5.187.21.105&name=STACKADAPT&gdpr=0&gdpr_consent=

Request Chain 92

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=25D8F42F41DE43A5ABC298AD6F995203&RedC=c.clarity.ms&MXFR=0FF4CC0D28BE623F28D7D8402CBE6C1F HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=25D8F42F41DE43A5ABC298AD6F995203&MUID=154623699FBE697036D937249E75687D

97 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

f.php
dinnza.com/
Redirect Chain

http://leak-hub.com/igit/fet/miy/Panel/five/PvqDq929BSx_A_D_M1n_a.php
https://leak-hub.com/igit/fet/miy/Panel/five/PvqDq929BSx_A_D_M1n_a.php
http://dinnza.com/f.php?e=fsO%2BiNpR%2F2yPGORxTXNJXX49flBLRFhHbzVrTGVEZ21HbmRSVzRJV3p4Z2lJRU0zc2lGallaT2VLa0QzUyt5aUxlZFFkeUZ2TVNjK1NiUWxmc3B0MFRPc3ZobXNnWlVMVzM5bUVzVVlQTWIzdGJGVGE0SkxrWlduRS85QWV...
https://dinnza.com/f.php?e=fsO%2BiNpR%2F2yPGORxTXNJXX49flBLRFhHbzVrTGVEZ21HbmRSVzRJV3p4Z2lJRU0zc2lGallaT2VLa0QzUyt5aUxlZFFkeUZ2TVNjK1NiUWxmc3B0MFRPc3ZobXNnWlVMVzM5bUVzVVlQTWIzdGJGVGE0SkxrWlduRS85QW...

2 KB
2 KB

693ms
168ms

Document
text/html

103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: https://dinnza.com/f.php?e=fsO%2BiNpR%2F2yPGORxTXNJXX49flBLRFhHbzVrTGVEZ21HbmRSVzRJV3p4Z2lJRU0zc2lGallaT2VLa0QzUyt5aUxlZFFkeUZ2TVNjK1NiUWxmc3B0MFRPc3ZobXNnWlVMVzM5bUVzVVlQTWIzdGJGVGE0SkxrWlduRS85QWVOMG13NGp1dVBIWHVMc2NheUo3R05WeXpIcnZ5MGNqdVlEckIrQ0lGNWswRUtacTBtMVdEQUUyWVQ1SnAyUWJuamVlenM0Q0ViRlZOVldZVlJGQXJ0cjhhVVVzVjRna0pCYjFDWllvVXFJTzhqeDVtaXN2TW5GOEpnSkw1ZVBTOTBSRWtjYlE1citVS1d6bDY0ZC9ZQnRMMVYrbDE1UXlRYW1mV2NxbE8vV3FMOEYrVnJYajYrNXVmRFJGSHhZV2d0RXlDWkQ3ZTBjSmcxR2lnK0ZuV2x5c0hwTDNoYy8rUklRYXdkb2ZrNytFMXFMQlVqSmZFVXBhd0hmUFVxcjhnK1R5ekZPOFROVXNxRjA5WjBKZ3gwV1N0ZkhPanZGMmoxbVg5ZmkxcW1TVWZrdWRPNzEwb3Z2S29venJWbHBhcndiYW84eDhpRWRMZ2I4YlQ1ekxMak5TSUVpbVJmNGVINm9WUTZjYXI0NDJpRHY5Nm10Mm12Q0NpSk9sd1JRbFhGK3BpNm5OT0JVN1VtVklGeTRsaTNrWEljMFpLZzNENzg0WUVpZ1dWOXBBQ2RrbTlUTnFqek1FQ2FPcFVPdGZhcmpIRW9RcXFBV2s5bXFDcnBnVGxpNU9yQXd0R2N1emVta3pUNTZjS2VNS2NIMk53UjY0UlNUSUZMcXZ0TGl6SE9OQXBZWjJsZUlqRVh3RlEzakphOFR4c0h3WEltbWRPTEZmcTIwZ0pTY3RtMUMvT3lGMTVWVm5vTWNUbnZyT1U1Z0JDK2R4SCtZVGZ2R2JIZmdvcWttWWQ2VkVQNHJrZyt1T0lROHd4RWVsV2o4Q09HNWlMM1R6eXhwSmUvdHFaN1pXVFB2YlJHZ1NNSGJ3OGtUS25xNlp6TTdJTHNhZW5hYWRnUTdyVkJtbDh1NkdLenVpOWhaZkVwNFRlblVHREVBRVpUelJ1ZG5PeG11c3Z5aGN0RmwvL1dKQlM4MVpFTXh4ZTZCT0F6RjRRPT0%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

connection: close
content-encoding: gzip
content-length: 1342
content-type: text/html; charset=UTF-8
date: Mon, 25 Mar 2024 12:00:50 GMT
server: Apache
vary: Accept-Encoding

Redirect headers

Location: https://dinnza.com/f.php?e=fsO%2BiNpR%2F2yPGORxTXNJXX49flBLRFhHbzVrTGVEZ21HbmRSVzRJV3p4Z2lJRU0zc2lGallaT2VLa0QzUyt5aUxlZFFkeUZ2TVNjK1NiUWxmc3B0MFRPc3ZobXNnWlVMVzM5bUVzVVlQTWIzdGJGVGE0SkxrWlduRS85QWVOMG13NGp1dVBIWHVMc2NheUo3R05WeXpIcnZ5MGNqdVlEckIrQ0lGNWswRUtacTBtMVdEQUUyWVQ1SnAyUWJuamVlenM0Q0ViRlZOVldZVlJGQXJ0cjhhVVVzVjRna0pCYjFDWllvVXFJTzhqeDVtaXN2TW5GOEpnSkw1ZVBTOTBSRWtjYlE1citVS1d6bDY0ZC9ZQnRMMVYrbDE1UXlRYW1mV2NxbE8vV3FMOEYrVnJYajYrNXVmRFJGSHhZV2d0RXlDWkQ3ZTBjSmcxR2lnK0ZuV2x5c0hwTDNoYy8rUklRYXdkb2ZrNytFMXFMQlVqSmZFVXBhd0hmUFVxcjhnK1R5ekZPOFROVXNxRjA5WjBKZ3gwV1N0ZkhPanZGMmoxbVg5ZmkxcW1TVWZrdWRPNzEwb3Z2S29venJWbHBhcndiYW84eDhpRWRMZ2I4YlQ1ekxMak5TSUVpbVJmNGVINm9WUTZjYXI0NDJpRHY5Nm10Mm12Q0NpSk9sd1JRbFhGK3BpNm5OT0JVN1VtVklGeTRsaTNrWEljMFpLZzNENzg0WUVpZ1dWOXBBQ2RrbTlUTnFqek1FQ2FPcFVPdGZhcmpIRW9RcXFBV2s5bXFDcnBnVGxpNU9yQXd0R2N1emVta3pUNTZjS2VNS2NIMk53UjY0UlNUSUZMcXZ0TGl6SE9OQXBZWjJsZUlqRVh3RlEzakphOFR4c0h3WEltbWRPTEZmcTIwZ0pTY3RtMUMvT3lGMTVWVm5vTWNUbnZyT1U1Z0JDK2R4SCtZVGZ2R2JIZmdvcWttWWQ2VkVQNHJrZyt1T0lROHd4RWVsV2o4Q09HNWlMM1R6eXhwSmUvdHFaN1pXVFB2YlJHZ1NNSGJ3OGtUS25xNlp6TTdJTHNhZW5hYWRnUTdyVkJtbDh1NkdLenVpOWhaZkVwNFRlblVHREVBRVpUelJ1ZG5PeG11c3Z5aGN0RmwvL1dKQlM4MVpFTXh4ZTZCT0F6RjRRPT0%3D
Non-Authoritative-Reason: HttpsUpgrades

GET
H2

200

Primary Request / Show response
www.newsandpromotions.com/special-offer/
Redirect Chain

http://dinnza.com/f2.php?e=LSAFaP3zw9DULZpGkF6JHX49fjhGaG5UWTdYWUxkU1dSU3k3cTFLd3JNZ2MvTGh4eUNaRmptTkcyNUhQTVpTaXFwZzRMQjRhdmNCUXJxc3RWejdNWWJZZXo0cU90dkhBd0RrR2xZUFlDS3pwdnN6YklVKzFXblFkV1RveWNmTX...
https://dinnza.com/f2.php?e=LSAFaP3zw9DULZpGkF6JHX49fjhGaG5UWTdYWUxkU1dSU3k3cTFLd3JNZ2MvTGh4eUNaRmptTkcyNUhQTVpTaXFwZzRMQjRhdmNCUXJxc3RWejdNWWJZZXo0cU90dkhBd0RrR2xZUFlDS3pwdnN6YklVKzFXblFkV1RveWNmT...
https://www.newsandpromotions.com/tracking/11911
http://track.ecampaignstats.com/lprd/trk.php?TID=11911
https://track.ecampaignstats.com/lprd/trk.php?TID=11911
http://track.ecampaignstats.com/scr/btr.php?bl=1&rd=1&bua=0&TID=11911
https://track.ecampaignstats.com/scr/btr.php?bl=1&rd=1&bua=0&TID=11911
http://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0

63 KB
14 KB

139ms
139ms

Document
text/html

35.227.209.77
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
Requested by: Host: dinnza.com
URL: https://dinnza.com/f.php?e=fsO%2BiNpR%2F2yPGORxTXNJXX49flBLRFhHbzVrTGVEZ21HbmRSVzRJV3p4Z2lJRU0zc2lGallaT2VLa0QzUyt5aUxlZFFkeUZ2TVNjK1NiUWxmc3B0MFRPc3ZobXNnWlVMVzM5bUVzVVlQTWIzdGJGVGE0SkxrWlduRS85QWVOMG13NGp1dVBIWHVMc2NheUo3R05WeXpIcnZ5MGNqdVlEckIrQ0lGNWswRUtacTBtMVdEQUUyWVQ1SnAyUWJuamVlenM0Q0ViRlZOVldZVlJGQXJ0cjhhVVVzVjRna0pCYjFDWllvVXFJTzhqeDVtaXN2TW5GOEpnSkw1ZVBTOTBSRWtjYlE1citVS1d6bDY0ZC9ZQnRMMVYrbDE1UXlRYW1mV2NxbE8vV3FMOEYrVnJYajYrNXVmRFJGSHhZV2d0RXlDWkQ3ZTBjSmcxR2lnK0ZuV2x5c0hwTDNoYy8rUklRYXdkb2ZrNytFMXFMQlVqSmZFVXBhd0hmUFVxcjhnK1R5ekZPOFROVXNxRjA5WjBKZ3gwV1N0ZkhPanZGMmoxbVg5ZmkxcW1TVWZrdWRPNzEwb3Z2S29venJWbHBhcndiYW84eDhpRWRMZ2I4YlQ1ekxMak5TSUVpbVJmNGVINm9WUTZjYXI0NDJpRHY5Nm10Mm12Q0NpSk9sd1JRbFhGK3BpNm5OT0JVN1VtVklGeTRsaTNrWEljMFpLZzNENzg0WUVpZ1dWOXBBQ2RrbTlUTnFqek1FQ2FPcFVPdGZhcmpIRW9RcXFBV2s5bXFDcnBnVGxpNU9yQXd0R2N1emVta3pUNTZjS2VNS2NIMk53UjY0UlNUSUZMcXZ0TGl6SE9OQXBZWjJsZUlqRVh3RlEzakphOFR4c0h3WEltbWRPTEZmcTIwZ0pTY3RtMUMvT3lGMTVWVm5vTWNUbnZyT1U1Z0JDK2R4SCtZVGZ2R2JIZmdvcWttWWQ2VkVQNHJrZyt1T0lROHd4RWVsV2o4Q09HNWlMM1R6eXhwSmUvdHFaN1pXVFB2YlJHZ1NNSGJ3OGtUS25xNlp6TTdJTHNhZW5hYWRnUTdyVkJtbDh1NkdLenVpOWhaZkVwNFRlblVHREVBRVpUelJ1ZG5PeG11c3Z5aGN0RmwvL1dKQlM4MVpFTXh4ZTZCT0F6RjRRPT0%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.209.77 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 77.209.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: cb7e55101bbe7cf1c75758b4b148ef2cb840d32690bc3ac99b0552ae6fc65c74

Request headers

Referer: https://dinnza.com/f.php?e=fsO%2BiNpR%2F2yPGORxTXNJXX49flBLRFhHbzVrTGVEZ21HbmRSVzRJV3p4Z2lJRU0zc2lGallaT2VLa0QzUyt5aUxlZFFkeUZ2TVNjK1NiUWxmc3B0MFRPc3ZobXNnWlVMVzM5bUVzVVlQTWIzdGJGVGE0SkxrWlduRS85QWVOMG13NGp1dVBIWHVMc2NheUo3R05WeXpIcnZ5MGNqdVlEckIrQ0lGNWswRUtacTBtMVdEQUUyWVQ1SnAyUWJuamVlenM0Q0ViRlZOVldZVlJGQXJ0cjhhVVVzVjRna0pCYjFDWllvVXFJTzhqeDVtaXN2TW5GOEpnSkw1ZVBTOTBSRWtjYlE1citVS1d6bDY0ZC9ZQnRMMVYrbDE1UXlRYW1mV2NxbE8vV3FMOEYrVnJYajYrNXVmRFJGSHhZV2d0RXlDWkQ3ZTBjSmcxR2lnK0ZuV2x5c0hwTDNoYy8rUklRYXdkb2ZrNytFMXFMQlVqSmZFVXBhd0hmUFVxcjhnK1R5ekZPOFROVXNxRjA5WjBKZ3gwV1N0ZkhPanZGMmoxbVg5ZmkxcW1TVWZrdWRPNzEwb3Z2S29venJWbHBhcndiYW84eDhpRWRMZ2I4YlQ1ekxMak5TSUVpbVJmNGVINm9WUTZjYXI0NDJpRHY5Nm10Mm12Q0NpSk9sd1JRbFhGK3BpNm5OT0JVN1VtVklGeTRsaTNrWEljMFpLZzNENzg0WUVpZ1dWOXBBQ2RrbTlUTnFqek1FQ2FPcFVPdGZhcmpIRW9RcXFBV2s5bXFDcnBnVGxpNU9yQXd0R2N1emVta3pUNTZjS2VNS2NIMk53UjY0UlNUSUZMcXZ0TGl6SE9OQXBZWjJsZUlqRVh3RlEzakphOFR4c0h3WEltbWRPTEZmcTIwZ0pTY3RtMUMvT3lGMTVWVm5vTWNUbnZyT1U1Z0JDK2R4SCtZVGZ2R2JIZmdvcWttWWQ2VkVQNHJrZyt1T0lROHd4RWVsV2o4Q09HNWlMM1R6eXhwSmUvdHFaN1pXVFB2YlJHZ1NNSGJ3OGtUS25xNlp6TTdJTHNhZW5hYWRnUTdyVkJtbDh1NkdLenVpOWhaZkVwNFRlblVHREVBRVpUelJ1ZG5PeG11c3Z5aGN0RmwvL1dKQlM4MVpFTXh4ZTZCT0F6RjRRPT0%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: max-age=3008,public
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 25 Mar 2024 12:00:51 GMT
etag: "d6b1fc6df8b746b5248907bc32cf912c"
last-modified: Mon, 25 Mar 2024 11:50:59 GMT
pragma: public
server: Apache
vary: Accept-Encoding,User-Agent
via: 1.1 google

Redirect headers

Location: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 style.css
www.newsandpromotions.com/wp-content/themes/magazine-pro/ 43 KB
8 KB 36ms
36ms Stylesheet
text/css 35.227.209.77
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsandpromotions.com/wp-content/themes/magazine-pro/style.css?ver=3.1
Requested by: Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.209.77 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 77.209.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 7513ea071ec3a6d65ea28a5d0bd1136522b6503b825789849dad425d677c2d73

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 25 Mar 2024 11:28:49 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 29 Aug 2022 12:36:58 GMT
server: Apache
age: 1923
etag: "aa26-5e76085030e80-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: public,max-age=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7771

GET
H3 200 style.min.css
www.newsandpromotions.com/wp-includes/css/dist/block-library/ 87 KB
11 KB 31ms
30ms Stylesheet
text/css 35.227.209.77
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsandpromotions.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.1
Requested by: Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.209.77 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 77.209.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 25 Mar 2024 11:28:49 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Wed, 17 Aug 2022 12:20:12 GMT
server: Apache
age: 1923
etag: "15b64-5e66ee2f43700-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: public,max-age=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11681

GET
H3 200 styles.css
www.newsandpromotions.com/wp-content/plugins/contact-form-7/includes/css/ 3 KB
994 B 43ms
41ms Stylesheet
text/css 35.227.209.77
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsandpromotions.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.2
Requested by: Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.209.77 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 77.209.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 25 Mar 2024 11:28:49 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 29 Aug 2022 13:14:18 GMT
server: Apache
age: 1923
etag: "aab-5e7610a86be80-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: public,max-age=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 972

GET
H3 200 popup-styles.css
www.newsandpromotions.com/wp-content/plugins/m-wp-popup/css/ 7 KB
2 KB 145ms
143ms Stylesheet
text/css 35.227.209.77
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsandpromotions.com/wp-content/plugins/m-wp-popup/css/popup-styles.css?ver=1.0
Requested by: Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.209.77 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 77.209.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 4ab71d481de1298c26ac983c76d3f4215ea398331074369993f1c27493fa1006

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 25 Mar 2024 12:00:52 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 29 Aug 2022 12:36:58 GMT
server: Apache
etag: "1bdc-5e76085030e80-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: public,max-age=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1875

GET
H3 200 sfsi-style.css
www.newsandpromotions.com/wp-content/plugins/ultimate-social-media-plus/css/ 100 KB
14 KB 150ms
148ms Stylesheet
text/css 35.227.209.77
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsandpromotions.com/wp-content/plugins/ultimate-social-media-plus/css/sfsi-style.css?ver=3.5.1
Requested by: Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.209.77 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 77.209.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 8b0ce2bf2fd117fdda281bec4fc88f09bc07566810aadc45dd566fa4fcd2679c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 25 Mar 2024 12:00:52 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 29 Aug 2022 13:11:11 GMT
server: Apache
etag: "19115-5e760ff6159c0-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: public,max-age=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14652

GET
H3 200 disable_sfsi.css
www.newsandpromotions.com/wp-content/plugins/ultimate-social-media-plus/css/ 78 B
114 B 143ms
141ms Stylesheet
text/css 35.227.209.77
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsandpromotions.com/wp-content/plugins/ultimate-social-media-plus/css/disable_sfsi.css?ver=6.0.1
Requested by: Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.209.77 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 77.209.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: ad03543ac37253e14391a4c0a02845320456d23ca50546ee72143e1bec705927

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 25 Mar 2024 12:00:52 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 29 Aug 2022 13:11:11 GMT
server: Apache
etag: "4e-5e760ff6159c0-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: public,max-age=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93

GET
H3 200 dashicons.min.css
www.newsandpromotions.com/wp-includes/css/ 58 KB
35 KB 146ms
144ms Stylesheet
text/css 35.227.209.77
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsandpromotions.com/wp-includes/css/dashicons.min.css?ver=6.0.1
Requested by: Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.209.77 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 77.209.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 25 Mar 2024 12:00:52 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Wed, 17 Aug 2022 12:20:12 GMT
server: Apache
etag: "e688-5e66ee2f43700-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: public,max-age=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35730

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 131ms
47ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%7CRaleway%3A400%2C500%2C900&ver=3.1

Requested by

Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c74ae25896e6f760efc2b5f7d3983d8112d043c959970948eb197491c150f319

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/
Origin: https://www.newsandpromotions.com
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 25 Mar 2024 12:00:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 25 Mar 2024 11:58:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 25 Mar 2024 12:00:52 GMT

GET
H3 200 style.css
www.newsandpromotions.com/wp-content/plugins/genesis-responsive-slider/assets/ 4 KB
1 KB 137ms
135ms Stylesheet
text/css 35.227.209.77
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsandpromotions.com/wp-content/plugins/genesis-responsive-slider/assets/style.css?ver=1.0.1
Requested by: Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.209.77 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 77.209.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 9472f0e4b9df82ddfd868a6b15cbbffcf1a00e25f6f502a36bdf9707fe93aec9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 25 Mar 2024 12:00:52 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 29 Aug 2022 13:18:47 GMT
server: Apache
etag: "1066-5e7611a8f5bc0-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: public,max-age=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1470

GET
H3 200 jquery.min.js Show response
www.newsandpromotions.com/wp-includes/js/jquery/ 87 KB
30 KB 187ms
185ms Script
application/x-javascript 35.227.209.77
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsandpromotions.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.209.77 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 77.209.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 25 Mar 2024 12:00:52 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Wed, 17 Aug 2022 12:20:12 GMT
server: Apache
etag: "15db1-5e66ee2f43700-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30908

GET
H3 200 jquery-migrate.min.js Show response
www.newsandpromotions.com/wp-includes/js/jquery/ 11 KB
4 KB 134ms
133ms Script
application/x-javascript 35.227.209.77
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsandpromotions.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.209.77 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 77.209.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 25 Mar 2024 12:00:52 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Wed, 17 Aug 2022 12:20:12 GMT
server: Apache
etag: "2bd8-5e66ee2f43700-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4169

GET
H3 200 wpp-popup-frontend.js Show response
www.newsandpromotions.com/wp-content/plugins/m-wp-popup/js/ 35 KB
11 KB 180ms
179ms Script
application/x-javascript 35.227.209.77
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsandpromotions.com/wp-content/plugins/m-wp-popup/js/wpp-popup-frontend.js?ver=1.0
Requested by: Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.209.77 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 77.209.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: fe1d956c373c6c52de2b9b7671e0bdf901b27d7c61aa45198da3c21081f31874

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 25 Mar 2024 12:00:52 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 29 Aug 2022 12:36:58 GMT
server: Apache
etag: "8cd5-5e76085030e80-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11107

GET
H3 200 advanced.min.js Show response
www.newsandpromotions.com/wp-content/plugins/advanced-ads/public/assets/js/ 7 KB
3 KB 177ms
175ms Script
application/x-javascript 35.227.209.77
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsandpromotions.com/wp-content/plugins/advanced-ads/public/assets/js/advanced.min.js?ver=1.35.1
Requested by: Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.209.77 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 77.209.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 8ca576c1a2552134c66c3bdfbbff559654f0eca9d749d2933397df6b80616852

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 25 Mar 2024 12:00:52 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 29 Aug 2022 13:13:19 GMT
server: Apache
etag: "1c13-5e761070279c0-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2547

GET
H3 200 entry-date.js Show response
www.newsandpromotions.com/wp-content/themes/magazine-pro/js/ 380 B
259 B 178ms
176ms Script
application/x-javascript 35.227.209.77
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsandpromotions.com/wp-content/themes/magazine-pro/js/entry-date.js?ver=1.0.0
Requested by: Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.209.77 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 77.209.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 97307859d3fcb1aa21e13e3e7bf6f7200f237d178bb18ada0fae75b35f8aef85

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 25 Mar 2024 12:00:52 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 29 Aug 2022 12:36:58 GMT
server: Apache
etag: "17c-5e76085030e80-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 238

GET
H3 200 responsive-menu.js Show response
www.newsandpromotions.com/wp-content/themes/magazine-pro/js/ 867 B
360 B 184ms
182ms Script
application/x-javascript 35.227.209.77
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsandpromotions.com/wp-content/themes/magazine-pro/js/responsive-menu.js?ver=1.0.0
Requested by: Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.209.77 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 77.209.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: bf820c2e5608b055b98402b2f885df349d9f9e605ff3fd7a4c03f1c49d5c8264

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 25 Mar 2024 12:00:52 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 29 Aug 2022 12:36:58 GMT
server: Apache
etag: "363-5e76085030e80-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 339

GET
H2 200 ot.js Show response
fo-api.omnitagjs.com/fo-api/ 1009 B
1 KB 135ms
37ms Script
text/javascript 185.255.84.151
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://fo-api.omnitagjs.com/fo-api/ot.js

Requested by

Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.151 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

ed57410b6d3577ae079759ca23479e4b44f02b6e0042fb56cf08b3904dc3fa70

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 12:00:52 GMT
x-content-type-options: nosniff
p3p: CP="CAO PSA OUR"
x-envoy-upstream-service-time: 4
content-length: 1009
pragma: no-cache
server: ayl-lb-fra02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, GET
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Accept-Encoding
expires: 0

GET
H2 200 data.js Show response
tags.clickagy.com/ 36 KB
13 KB 178ms
46ms Script
application/javascript 2600:9000:211e:5e00:4:8491:f2c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.clickagy.com/data.js?rnd=5a7223b9ea03d

Requested by

Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:5e00:4:8491:f2c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

85b9dffd781e47c571a53afc2f594c53f9c49ebeadc9adc3fc720d4a6e3a688b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 9OWM.Z0Dh.HHVWQAeO49BBTVx4LoDSWJ
content-encoding: gzip
via: 1.1 b25bc331cb2e5e7e25d9488f5ecdc940.cloudfront.net (CloudFront)
date: Mon, 25 Mar 2024 11:03:20 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-C2
age: 3454
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 08 Feb 2024 19:03:11 GMT
server: AmazonS3
etag: W/"9d6129b555ace3efebf194d38a3e562d"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-amz-cf-id: XhCe2cDNOFc9_zkDU9_fB51SyBqmMAek_mD1xtNzuF8RkymLlAIeHw==

GET
H3 200 regenerator-runtime.min.js Show response
www.newsandpromotions.com/wp-includes/js/dist/vendor/ 6 KB
2 KB 185ms
184ms Script
application/x-javascript 35.227.209.77
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsandpromotions.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by: Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.209.77 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 77.209.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 25 Mar 2024 12:00:52 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Wed, 17 Aug 2022 12:20:12 GMT
server: Apache
etag: "194b-5e66ee2f43700-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2457

GET
H3 200 wp-polyfill.min.js Show response
www.newsandpromotions.com/wp-includes/js/dist/vendor/ 19 KB
7 KB 137ms
136ms Script
application/x-javascript 35.227.209.77
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsandpromotions.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.209.77 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 77.209.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 25 Mar 2024 12:00:52 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Wed, 17 Aug 2022 12:20:12 GMT
server: Apache
etag: "4ac6-5e66ee2f43700-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7095

GET
H3 200 index.js Show response
www.newsandpromotions.com/wp-content/plugins/contact-form-7/includes/js/ 21 KB
6 KB 136ms
135ms Script
application/x-javascript 35.227.209.77
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsandpromotions.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.2
Requested by: Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.209.77 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 77.209.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 32dd00604df8db3415240d450341558b6827b1e02dc0f211d8a6d9a4287c522e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 25 Mar 2024 12:00:52 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 29 Aug 2022 13:14:18 GMT
server: Apache
etag: "5591-5e7610a86be80-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6564

GET
H3 200 core.min.js Show response
www.newsandpromotions.com/wp-includes/js/jquery/ui/ 20 KB
7 KB 179ms
178ms Script
application/x-javascript 35.227.209.77
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsandpromotions.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
Requested by: Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.209.77 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 77.209.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 240b702419d6c39ecc4896f0132ccfc9bc517e9aef0c782d99580e0c678b47d5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 25 Mar 2024 12:00:52 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Wed, 17 Aug 2022 12:20:12 GMT
server: Apache
etag: "50eb-5e66ee2f43700-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6914

GET
H3 200 modernizr.custom.min.js Show response
www.newsandpromotions.com/wp-content/plugins/ultimate-social-media-plus/js/shuffle/ 3 KB
1 KB 185ms
184ms Script
application/x-javascript 35.227.209.77
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsandpromotions.com/wp-content/plugins/ultimate-social-media-plus/js/shuffle/modernizr.custom.min.js?ver=6.0.1
Requested by: Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.209.77 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 77.209.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: c13e5fd1c85742cd9c2a7cce6255d9096b2c85830f85a0f8c142633da4e81078

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 25 Mar 2024 12:00:52 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 29 Aug 2022 13:11:11 GMT
server: Apache
etag: "c07-5e760ff6159c0-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1493

GET
H3 200 custom.js Show response
www.newsandpromotions.com/wp-content/plugins/ultimate-social-media-plus/js/ 36 KB
7 KB 184ms
183ms Script
application/x-javascript 35.227.209.77
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsandpromotions.com/wp-content/plugins/ultimate-social-media-plus/js/custom.js?ver=3.5.1
Requested by: Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.209.77 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 77.209.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 45e040bbe8b505348d26fbfd50ce1fb32271fc5ab3c05c388ba5342e082b4efd

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 25 Mar 2024 12:00:52 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 29 Aug 2022 13:11:11 GMT
server: Apache
etag: "90a8-5e760ff6159c0-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7101

GET
H3 200 jquery.flexslider.js Show response
www.newsandpromotions.com/wp-content/plugins/genesis-responsive-slider/assets/js/ 27 KB
6 KB 169ms
168ms Script
application/x-javascript 35.227.209.77
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsandpromotions.com/wp-content/plugins/genesis-responsive-slider/assets/js/jquery.flexslider.js?ver=1.0.1
Requested by: Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.209.77 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 77.209.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: ee509bb1c57d79983d9b61bc0df4ffba2307f8bcae447efa74c311e2f615dda1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 25 Mar 2024 12:00:52 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 29 Aug 2022 13:18:47 GMT
server: Apache
etag: "6a6d-5e7611a8f5bc0-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5652

GET
H3 200 wp-emoji-release.min.js Show response
www.newsandpromotions.com/wp-includes/js/ 18 KB
5 KB 117ms
116ms Script
application/x-javascript 35.227.209.77
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsandpromotions.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.1
Requested by: Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.209.77 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 77.209.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 25 Mar 2024 12:00:52 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Wed, 17 Aug 2022 12:20:12 GMT
server: Apache
etag: "48b9-5e66ee2f43700-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5009

GET
H2 200 implement-r.js Show response
c.fqtag.com/tag/ 3 KB
3 KB 101ms
37ms Script
application/javascript 35.190.72.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c.fqtag.com/tag/implement-r.js?org=9Xf4JS6qIDnMDOaZ0z86&fmt=banner&rt=click&sl=1&fq=1&p=11911&a=0&cmp=nap

Requested by

Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.72.161 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

161.72.190.35.bc.googleusercontent.com

Software

Resource Hash

2ab0f45758fa81cc5b4669004d42b4ac117c807fad6fb9509359f8b6ef592f38

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 25 Mar 2024 12:00:52 GMT
via: 1.1 google
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2797
x-xss-protection: 0
expires: 0

GET
H2 200 hotjar-31899.js Show response
static.hotjar.com/c/ 9 KB
4 KB 162ms
72ms Script
application/javascript 18.66.97.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-31899.js?sv=5

Requested by

Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-10.fra56.r.cloudfront.net

Software

Resource Hash

bfe52d579512209544104e967b8f57c10cf992cf879321612613640baa57ab8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Mon, 25 Mar 2024 12:00:52 GMT
via: 1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/73e557bc305ebed3bd158908d0bc2abb
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: s4kCZqiFIkZjG37DazE__UR2C0MgbFFCuX0rGclvb5qwmv4wxe8NIw==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 125ms
39ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 25 Mar 2024 11:48:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 764
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 25 Mar 2024 13:48:08 GMT

GET
H2 200 w.js Show response
ssl.luckyorange.com/ 5 KB
3 KB 417ms
51ms Script
application/javascript 2606:4700:20::681a:4f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.luckyorange.com/w.js
Requested by: Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cb6821219dae9fa9a21519d86d7ec7acaf0c4dd61463eb336eb92964feebef3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 12:00:52 GMT
via: 1.1 9f5b4008febf8a5c5039fa9fa335a2cc.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3203
x-amz-cf-pop: LHR50-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cf-bgj: minify
last-modified: Thu, 25 Jan 2024 18:19:40 GMT
server: cloudflare
etag: W/"e31293f40e8a324de552ff593ee76a9b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wyQGfU56qGkwKks4X6OQL13hy%2BPy3GCtYIiOTjyUIM7K%2BuRsjskjpCaMURS3ZAEbWfDNFvNfkpxL88FCKNMGA559fEI1%2B1mHaQWDPeEm8SfS5k4PSU4yc8Nbrb1hFRJzMRQ9uGubYDPrxA3fjBxn0E0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 869ebe390cf671a4-LHR
x-amz-cf-id: JB20MzdWdqlqAOfXORf1wjceFryWhPdW_f3shpHcEGXgiDOx5YTPjw==

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/newsandpromotions/ 138 KB
42 KB 260ms
202ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/newsandpromotions/loader.js
Requested by: Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 83aa0e460deafba34165363c3a229c2d6faf9f239d2b782c456651b78c032437

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: g2Sg5hfyr8Ede0R9dc2wHPbLCmjec10f
content-encoding: gzip
via: 1.1 varnish
date: Mon, 25 Mar 2024 12:00:52 GMT
x-amz-request-id: 6W78GMD8XTMBFJMK
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 42641
x-amz-id-2: Kp8PFtLqmfF/sCpqWuqh5Ig+v6tLHYM3gn8fOXR9ji6E2MElkJP0tH+ojtQZIFiSJXWHcev0BiY=
x-served-by: cache-lcy-eglc8600044-LCY
last-modified: Sun, 03 Sep 2023 15:39:52 GMT
server: AmazonS3
x-timer: S1711368052.342760,VS0,VE177
etag: "07ce7246fba3cc3d29096f84259d12c0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 40
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 kk7o1ny45v Show response
www.clarity.ms/tag/ 650 B
1013 B 211ms
104ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/kk7o1ny45v
Requested by: Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c56e11ae42d0f719ff2017e3adc5ba87af8ae85624c1245e9b827faed56a7987

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: -1
date: Mon, 25 Mar 2024 12:00:52 GMT
x-azure-ref: 20240325T120052Z-gh9wfcfnfp3k18pdudc54axq7n00000004c00000000072gn
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 650
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v29/ 47 KB
47 KB 163ms
80ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%7CRaleway%3A400%2C500%2C900&ver=3.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://www.newsandpromotions.com
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 19 Mar 2024 07:44:56 GMT
x-content-type-options: nosniff
age: 533756
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48208
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Mar 2025 07:44:56 GMT

GET
H3 200 newspromotions-1.png
www.newsandpromotions.com/wp-content/uploads/2016/12/ 4 KB
4 KB 29ms
29ms Image
image/png 35.227.209.77
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsandpromotions.com/wp-content/uploads/2016/12/newspromotions-1.png
Requested by: Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.209.77 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 77.209.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 5c61ddd4f7ab45d1ca4f263ae05f6814284e8e13d39f7acd4df221a2c1202d90

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Sun, 24 Mar 2024 19:34:11 GMT
via: 1.1 google
last-modified: Fri, 02 Dec 2016 16:33:23 GMT
server: Apache
age: 59201
etag: "119f-542af7f1efac0"
vary: Accept-Encoding
content-type: image/png
cache-control: public,max-age=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4511

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 121ms
39ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%7CRaleway%3A400%2C500%2C900&ver=3.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://www.newsandpromotions.com
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 18 Mar 2024 20:54:29 GMT
x-content-type-options: nosniff
age: 572783
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Mar 2025 20:54:29 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 131ms
49ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%7CRaleway%3A400%2C500%2C900&ver=3.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://www.newsandpromotions.com
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 19 Mar 2024 07:45:27 GMT
x-content-type-options: nosniff
age: 533725
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Mar 2025 07:45:27 GMT

POST
H2 200 data Show response
aorta.clickagy.com/ 57 B
513 B 311ms
104ms XHR
application/json 44.213.220.50
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://aorta.clickagy.com/data
Requested by: Host: tags.clickagy.com
URL: https://tags.clickagy.com/data.js?rnd=5a7223b9ea03d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.213.220.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-213-220-50.compute-1.amazonaws.com
Software: Aorta/20240315.dacd8e781 /
Resource Hash: 5d594c9f8e7ea0a8bf5bad07a77a1dcf675fcb2b456369df14fecaa6c3214f15

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.newsandpromotions.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 25 Mar 2024 12:00:52 GMT
content-encoding: gzip
server: Aorta/20240315.dacd8e781
expect: 0
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.newsandpromotions.com
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-aorta-region: us-east-1
x-aorta-host: cebddd85a03b
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
content-length: 81

GET
H2

200

cm
us-u.openx.net/w/1.0/
Redirect Chain

https://aorta.clickagy.com/pixel.gif?clkgypv=jstag
https://sync.crwdcntrl.net/map/c=8545/tp=CKGY/tpid=c:73eb6a079b8c6348c6d57ef1b9e155cf/gdpr=0/gdpr_consent=false/?https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D120%26cm%3D%24%7...
https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=120&cm=
https://us-u.openx.net/w/1.0/cm?id=af408286-42f3-4d1c-bb48-10bd86dbcd66&r=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fch%3D4%26cm%3D%7BOPENX_ID%7D%26redir%3Dhttps%253A%252F%252Fus-u.openx.net%25...

43 B
295 B

136ms
30ms

Image
image/gif

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=af408286-42f3-4d1c-bb48-10bd86dbcd66&r=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fch%3D4%26cm%3D%7BOPENX_ID%7D%26redir%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537073026%2526val%253D%257Bvisitor_id%257D
Requested by: Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.newsandpromotions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Mar 2024 12:00:52 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Mon, 25 Mar 2024 12:00:52 GMT
server: Aorta/20240315.dacd8e781
expect: 0
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
location: https://us-u.openx.net/w/1.0/cm?id=af408286-42f3-4d1c-bb48-10bd86dbcd66&r=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fch%3D4%26cm%3D%7BOPENX_ID%7D%26redir%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537073026%2526val%253D%257Bvisitor_id%257D
access-control-allow-origin: *
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-aorta-region: us-east-1
x-aorta-host: 57c924ec2090
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
content-length: 0

GET
H3 200 lead-img-colonial-pipeline-paid-bitcoin-ransomware-150x150.jpg
www.newsandpromotions.com/wp-content/uploads/2021/05/ 7 KB
7 KB 30ms
30ms Image
image/jpeg 35.227.209.77
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsandpromotions.com/wp-content/uploads/2021/05/lead-img-colonial-pipeline-paid-bitcoin-ransomware-150x150.jpg
Requested by: Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.209.77 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 77.209.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 05cbe0eb63271667225aa3f633752f33320920a81377672462140256ff8f9c8a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Sun, 24 Mar 2024 19:33:59 GMT
via: 1.1 google
last-modified: Thu, 13 May 2021 20:32:39 GMT
server: Apache
age: 59213
etag: "1cd6-5c23c073fc7c0"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public,max-age=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7382

GET
H3 200 image1-2-150x150.png
www.newsandpromotions.com/wp-content/uploads/2021/05/ 15 KB
15 KB 50ms
49ms Image
image/png 35.227.209.77
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsandpromotions.com/wp-content/uploads/2021/05/image1-2-150x150.png
Requested by: Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.209.77 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 77.209.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 4f7166cc360d114d3279967bae732d3eab578ad1f4ea9cedd9c349e9a5eaed37

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Sun, 24 Mar 2024 19:33:59 GMT
via: 1.1 google
last-modified: Thu, 13 May 2021 20:32:29 GMT
server: Apache
age: 59213
etag: "3dbf-5c23c06a73140"
vary: Accept-Encoding
content-type: image/png
cache-control: public,max-age=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15807

GET
H3 200 5f457a9389aff80028ab7e63-150x150.jpeg
www.newsandpromotions.com/wp-content/uploads/2021/05/ 7 KB
7 KB 31ms
30ms Image
image/jpeg 35.227.209.77
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsandpromotions.com/wp-content/uploads/2021/05/5f457a9389aff80028ab7e63-150x150.jpeg
Requested by: Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.209.77 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 77.209.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 98978ca510c9861cfdd523c3f518a6d4f0706c75394f006bc6fe0d58c3334fbe

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Sun, 24 Mar 2024 19:34:01 GMT
via: 1.1 google
last-modified: Thu, 13 May 2021 20:09:23 GMT
server: Apache
age: 59211
etag: "1b63-5c23bb40a82c0"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public,max-age=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7011

GET
H3 200 1620912671_blueprint-api-production.s3.amazonaws-150x150.com
www.newsandpromotions.com/wp-content/uploads/2021/05/ 7 KB
7 KB 119ms
118ms Image
application/x-msdownload 35.227.209.77
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsandpromotions.com/wp-content/uploads/2021/05/1620912671_blueprint-api-production.s3.amazonaws-150x150.com
Requested by: Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.209.77 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 77.209.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: f08dccdc1054a4c83e6fafa075bde0ac227e6fc5c56d7b9e981039ab8032409a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 12:00:52 GMT
via: 1.1 google
last-modified: Thu, 13 May 2021 13:31:10 GMT
server: Apache
etag: "1bae-5c23623e84380"
vary: User-Agent
content-type: application/x-msdownload
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7086

GET
H3 200 blueprint-api-production.s3.amazonaws-150x150.com
www.newsandpromotions.com/wp-content/uploads/2021/05/ 7 KB
7 KB 124ms
124ms Image
application/x-msdownload 35.227.209.77
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsandpromotions.com/wp-content/uploads/2021/05/blueprint-api-production.s3.amazonaws-150x150.com
Requested by: Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.209.77 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 77.209.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 7d6c99efb6e127e4d771df15c40b164de3ee8ea290ce575b20f81aee60a03d3b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 12:00:52 GMT
via: 1.1 google
last-modified: Thu, 13 May 2021 13:30:08 GMT
server: Apache
etag: "1a54-5c23620363800"
vary: User-Agent
content-type: application/x-msdownload
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6740

GET
H3 200 RipeFigs_HalloumiSaganaki-scaled-150x150.jpg
www.newsandpromotions.com/wp-content/uploads/2021/05/ 10 KB
10 KB 31ms
31ms Image
image/jpeg 35.227.209.77
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsandpromotions.com/wp-content/uploads/2021/05/RipeFigs_HalloumiSaganaki-scaled-150x150.jpg
Requested by: Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.209.77 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 77.209.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 6743d9e9284060da973b7a61a6ce0b6137b24b470de65cc3048156ba7582cdd0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Sun, 24 Mar 2024 19:34:08 GMT
via: 1.1 google
last-modified: Thu, 13 May 2021 13:19:48 GMT
server: Apache
age: 59204
etag: "27f4-5c235fb41c500"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public,max-age=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10228

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
3 KB 123ms
39ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

054bdf9b8da204cabfcd876409243e05bec63fe13643da4583464e8927ee9481

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 25 Mar 2024 12:00:52 GMT
content-md5: NGv3Vwa/mwPYB5pUVzkELQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=37, rtx=0, c=12, mss=1294, tbw=2764, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug: W78WQCi4FkxKCBRGDFsgMuGyHh8I3cZEI+INe68SQjT/a/RMEBiiTd0BP1vWaY97s4XwPmknmAAh0P6tCTr04Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 526bf93c13c6314ad27479253b476a92
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "0e8ce475527b93e3653f291b340362da"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Mon, 25 Mar 2024 12:18:20 GMT

GET
H2 200 pixel.js Show response
cdn.fqtag.com/1.27.339-ccfb11a/ 88 KB
88 KB 94ms
28ms Script
application/javascript 35.190.36.172
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fqtag.com/1.27.339-ccfb11a/pixel.js
Requested by: Host: c.fqtag.com
URL: https://c.fqtag.com/tag/implement-r.js?org=9Xf4JS6qIDnMDOaZ0z86&fmt=banner&rt=click&sl=1&fq=1&p=11911&a=0&cmp=nap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.36.172 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 172.36.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e70a34c5f232fa80328a361630a994cf847c54deb926f13d40be4807291b657b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 11:31:50 GMT
age: 1742
x-guploader-uploadid: ABPtcPofN4TwS8SomRTKX90qu3UEVSDT0krGD12-DJU9hrbIceB2oz9lLAd_bdApXLe8i0EdNaQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89647
last-modified: Wed, 27 Jan 2021 19:48:44 GMT
server: UploadServer
etag: "e0eff30579598f76147c9ea12f490d21"
x-goog-hash: crc32c=YwE4YA==, md5=4O/zBXlZj3YUfJ6hL0kNIQ==
x-goog-generation: 1611776924905378
content-language: en
content-type: application/javascript
x-goog-expiration: Sun, 11 Nov 2294 19:48:44 GMT
cache-control: public, max-age=3600
x-goog-stored-content-length: 89647
accept-ranges: bytes
expires: Mon, 25 Mar 2024 12:31:50 GMT

GET
H2 200 hasHashes Show response
hemsync.clickagy.com/external/ 2 B
333 B 348ms
100ms XHR
text/plain 34.231.129.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hemsync.clickagy.com/external/hasHashes?clkgypv=jstag&cb=null
Requested by: Host: tags.clickagy.com
URL: https://tags.clickagy.com/data.js?rnd=5a7223b9ea03d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.231.129.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-231-129-236.compute-1.amazonaws.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 12:00:52 GMT
content-encoding: gzip
vary: origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.newsandpromotions.com
access-control-expose-headers: content-length, last-modified, expires, content-type
access-control-allow-credentials: true
content-length: 28

GET
H2 200 ot_multi.js Show response
fo-static.omnitagjs.com/ 490 KB
120 KB 227ms
68ms Script
application/javascript 23.48.23.37
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://fo-static.omnitagjs.com/ot_multi.js

Requested by

Host: fo-api.omnitagjs.com
URL: https://fo-api.omnitagjs.com/fo-api/ot.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.48.23.37 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-23-37.deploy.static.akamaitechnologies.com

Software

ayl-lb-fra02 /

Resource Hash

b2797fb79fdbded709d7aff399648ce4d809dda4028eb2c3636b38bb5451132f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/
Origin: https://www.newsandpromotions.com
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 12:00:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-envoy-upstream-service-time: 0
pragma: public
last-modified: Tue, 23 Jan 2024 14:47:52 GMT
server: ayl-lb-fra02
etag: "65afd198-7a7d2"
access-control-max-age: 86400
access-control-allow-methods: OPTIONS, GET
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
access-control-allow-credentials: false
cache-control: public, max-age=278
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type
expires: Mon, 25 Mar 2024 12:05:30 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 298 KB
85 KB 78ms
40ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=6f92ca4df1a331894171bdd8ccb2b795

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

c762a9ebb4f3912f5f97bdaa579b2c7813cee4b6b4929555295dfd49508f7839

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/
Origin: https://www.newsandpromotions.com
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 25 Mar 2024 12:00:52 GMT
content-md5: jRoJCNAVua2V6iYCpo32zw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87227
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=36, rtx=0, c=23, mss=1232, tbw=4275, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug: 24hJK7F0BtmREpgDmep1rM2d52L5gBUtph1tG26uyIT+YHWuhRnOztSznEw8PiLhh9B/Yg7zTR1Ojn2OQaDb3A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 9a339d66eff7a97e0b50b6f781dff59e
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "bf3baeffadaa05708e4f5deeceddb287"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Tue, 25 Mar 2025 10:08:50 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
167 B 52ms
52ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1350284220&t=pageview&_s=1&dl=https%3A%2F%2Fwww.newsandpromotions.com%2Fspecial-offer%2F%3FTID%3D11911%26SID%3D0&ul=en-us&de=UTF-8&dt=Special%20Offer&sd=24-bit&sr=800x600&vp=1600x1113&je=0&_u=IEBAAEABAAAAACAAI~&jid=105513705&gjid=1444275712&cid=779323957.1711368052&tid=UA-47081731-1&_gid=538255413.1711368052&_r=1&_slc=1&z=1742346011

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

d4dcfed0a67f59a30ee2adaf895cc47005779090fdb558481f88c3aae095b276

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.newsandpromotions.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Mar 2024 12:00:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.newsandpromotions.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 38ms
38ms Image
image/gif 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1350284220&t=pageview&_s=2&dl=https%3A%2F%2Fwww.newsandpromotions.com%2Fspecial-offer%2F%3FTID%3D11911%26SID%3D0&ul=en-us&de=UTF-8&dt=Special%20Offer&sd=24-bit&sr=800x600&vp=1600x1113&je=0&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=779323957.1711368052&tid=UA-47081731-1&_gid=538255413.1711368052&z=1774129286

Requested by

Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 24 Mar 2024 20:50:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 54593
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.0ce9b654b0ac7fef3cf0.js Show response
script.hotjar.com/ 220 KB
55 KB 132ms
46ms Script
application/javascript 13.32.27.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.0ce9b654b0ac7fef3cf0.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-31899.js?sv=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-19.fra56.r.cloudfront.net

Software

Resource Hash

a4273a4627dee7cb7316462117406296f7ac0602a76c101e5c0ca8dfa6686cbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 21 Mar 2024 15:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 333946
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55498
last-modified: Thu, 21 Mar 2024 15:14:32 GMT
etag: "115ac93274d69bd2c455fda9dea090c8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: LBeqTINWQCvKsNXLTrFF5Q-LZIMtWRUhrL5K5fkbTWT2iKf91K9Mlw==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
359 B 96ms
32ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-47081731-1&cid=779323957.1711368052&jid=105513705&gjid=1444275712&_gid=538255413.1711368052&_u=IEBAAEAAAAAAACAAI~&z=1575094555

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.newsandpromotions.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 25 Mar 2024 12:00:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.newsandpromotions.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 237 KB
85 KB 138ms
53ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YEP2FYVEFL&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

20209a9204b5e945a57a466b9010e3f572003437a235ff415083ca91d31cbd77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 12:00:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87009
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 25 Mar 2024 12:00:52 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.24/ 60 KB
25 KB 54ms
54ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.24/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/kk7o1ny45v
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3bc9c1f81ac6f56f2077096ca22a3bb734f895f14dc0d8524dee9a0e124302cc

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 12:00:52 GMT
content-encoding: br
last-modified: Tue, 19 Mar 2024 12:23:39 GMT
etag: W/"0x8DC480F6888504A"
vary: Accept-Encoding
x-azure-ref: 20240325T120052Z-gh9wfcfnfp3k18pdudc54axq7n00000004c00000000072h0
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: a76c0f57-001e-0079-66fc-79d2ff000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 142ms
62ms Image
image/gif 142.250.185.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-47081731-1&cid=779323957.1711368052&jid=105513705&_u=IEBAAEAAAAAAACAAI~&z=1416679358

Requested by

Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 25 Mar 2024 12:00:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.co.uk/ads/ 42 B
63 B 143ms
63ms Image
image/gif 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-47081731-1&cid=779323957.1711368052&jid=105513705&_u=IEBAAEAAAAAAACAAI~&z=1416679358

Requested by

Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 25 Mar 2024 12:00:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 pixel Show response
c.fqtag.com/ 0
10 B 91ms
36ms XHR
text/plain 35.190.72.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c.fqtag.com/pixel
Requested by: Host: cdn.fqtag.com
URL: https://cdn.fqtag.com/1.27.339-ccfb11a/pixel.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.72.161 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 161.72.190.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.newsandpromotions.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 25 Mar 2024 12:00:52 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 impl.20230903-6-RELEASE.js Show response
cdn.taboola.com/libtrc/ 803 KB
166 KB 26ms
25ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230903-6-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newsandpromotions/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: a80eae4454fa66280866a7243d2ea51e927c41af8ba045ade41a03f64d1180fa

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: gIOT1yBEHv3sGddP5vV_8PlP09Adq8pg
content-encoding: br
via: 1.1 varnish
date: Mon, 25 Mar 2024 12:00:52 GMT
x-amz-request-id: XMH08FANJBB9K6Q4
age: 22754
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 170019
x-amz-id-2: m0lnizS4lT9ibO9rAYXc8YPOhYFJfN0wlKIt4/uAZHB4a1HwyXYbVI1ArW6eiWHpIGzWP7GHOOo=
x-served-by: cache-lcy-eglc8600044-LCY
last-modified: Mon, 04 Sep 2023 09:32:01 GMT
server: AmazonS3-br
x-timer: S1711368053.608518,VS0,VE0
etag: "ebfc5e8f71b99d31d408f4b268b3cf64"
vary: Accept-Encoding
content-type: application/javascript
abp: 89
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 107ms
34ms Script
text/javascript 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230903-6-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 12:00:52 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 316715
expires: 60

POST
H/1.1 204
No Content collect Show response
a.clarity.ms/ 0
305 B 435ms
206ms XHR
text/plain 104.45.184.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.24/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.45.184.134 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/x-clarity-gzip
Referer: https://www.newsandpromotions.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://www.newsandpromotions.com
Date: Mon, 25 Mar 2024 12:00:53 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
H2 200 sync Show response
fo-ssp.omnitagjs.com/fo-ssp/ 7 KB
2 KB 78ms
44ms Script
application/javascript 185.255.84.151
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://fo-ssp.omnitagjs.com/fo-ssp/sync?attempt=local-zko8i0ba85t

Requested by

Host: fo-static.omnitagjs.com
URL: https://fo-static.omnitagjs.com/ot_multi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.151 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

62af96b589b3b91ab85d8215cfad925f0b748c2c0714772d8dfd96f6db78d569

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 25 Mar 2024 12:00:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
p3p: CP="CAO PSA OUR"
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 10
content-length: 1961
expires: 0

GET
H2 200 / Show response
settings.luckyorange.net/ 127 B
749 B 189ms
123ms Fetch
application/json 104.26.11.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://settings.luckyorange.net/?u=https%3A%2F%2Fwww.newsandpromotions.com%2Fspecial-offer%2F%3FTID%3D11911%26SID%3D0&s=49801

Requested by

Host: ssl.luckyorange.com
URL: https://ssl.luckyorange.com/w.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.11.16 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a49654f4f596b62de7a848de385fd6c6f65cebdb23df83456f066256630ba035

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 12:00:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.newsandpromotions.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S3y0eZNrD2EaChlQjp%2FzKthjwLti5070kP2ChhvcbsgVJDHEm7MrrVyrQqWNv2cMnbplX9bF79xnAtgWA7BcJMg0s8O7y3%2BwDgD5t3lbwsMGcseXcxXnirUAU7Szon%2BDWEhC0vClMlI%2F0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-credentials: true
cf-ray: 869ebe3a299f9406-LHR
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Keep-Alive,X-Requested-With,If-Modified-Since

POST
H2 204 collect
region1.analytics.google.com/g/ 0
261 B 105ms
34ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-YEP2FYVEFL&gtm=45je43k0v9119291653za200&_p=1711368052473&_gaz=1&gcd=13l3l3l3l2&npa=0&dma=0&ul=en-us&sr=800x600&cid=779323957.1711368052&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.58%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.58&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwww.newsandpromotions.com%2Fspecial-offer%2F%3FTID%3D11911%26SID%3D0&dt=Special%20Offer&sid=1711368052&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2185
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YEP2FYVEFL&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 25 Mar 2024 12:00:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.newsandpromotions.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 33ms
32ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-YEP2FYVEFL&cid=779323957.1711368052&gtm=45je43k0v9119291653za200&aip=1&dma=0&gcd=13l3l3l3l2&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YEP2FYVEFL&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 25 Mar 2024 12:00:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.newsandpromotions.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.co.uk/ads/ 42 B
63 B 62ms
62ms Image
image/gif 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-YEP2FYVEFL&cid=779323957.1711368052&gtm=45je43k0v9119291653za200&aip=1&dma=0&gcd=13l3l3l3l2&npa=0&z=1834502996

Requested by

Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 25 Mar 2024 12:00:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
onetag-sys.com/usync/ Frame 9824 0
0 135ms
43ms Document
text/html 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=

Requested by

Host: fo-ssp.omnitagjs.com
URL: https://fo-ssp.omnitagjs.com/fo-ssp/sync?attempt=local-zko8i0ba85t

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.newsandpromotions.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-GB,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
content-type: text/html
strict-transport-security: max-age=15552000

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame D251 0
0 347ms
110ms Document
text/plain 67.202.105.22
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Requested by: Host: fo-ssp.omnitagjs.com
URL: https://fo-ssp.omnitagjs.com/fo-ssp/sync?attempt=local-zko8i0ba85t
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.22 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip22.67-202-105.static.steadfastdns.net
Software: 33XP016 /
Resource Hash

Request headers

Referer: https://www.newsandpromotions.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-GB,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 12:00:52 GMT
server: 33XP016
x-33x-status: 2000208

GET
H/1.1

200
OK

usync.html
eus.rubiconproject.com/ Frame 4515
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=

0
0

129ms
38ms

Document
text/html

72.246.169.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Requested by: Host: fo-ssp.omnitagjs.com
URL: https://fo-ssp.omnitagjs.com/fo-ssp/sync?attempt=local-zko8i0ba85t
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-169-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer: https://www.newsandpromotions.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-GB,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 224
Content-Type: text/html; charset=UTF-8
Date: Mon, 25 Mar 2024 12:00:53 GMT
ETag: "28052a-10d-6142d69a886c0"
Last-Modified: Thu, 21 Mar 2024 15:32:19 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Mon, 25 Mar 2024 12:00:52 GMT
location: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
server: AkamaiGHost

GET
H2

200

sync
visitor.omnitagjs.com/visitor/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%2B-%2BBanner%26ttl%3D720%26uid%3D75d56568a11564bfb79a01d2fa9fdb2...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fvisitor.omnitagjs.com%252Fvisitor%252Fsync%253Fname%253DXandr%252B%2525E2%252580%252593%252BInvest%252BDSP%252B-%252BBanner%2526ttl%2...
https://visitor.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=4519483493053224219&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=

49 B
341 B

115ms
39ms

Image
image/gif

185.255.84.152
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=4519483493053224219&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=

Requested by

Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0

Protocol

Server

185.255.84.152 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.newsandpromotions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Mar 2024 12:00:53 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 7
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 25 Mar 2024 12:00:52 GMT
an-x-request-uuid: a7136fd5-eb03-43da-9664-634f17734340
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://visitor.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=4519483493053224219&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
x-proxy-origin: 5.187.21.105; 5.187.21.105; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sync
visitor.omnitagjs.com/visitor/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%26ttl%3D720%26uid%3D48d5713d5c563cba2049f505b2d944b6%26visitor%3...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fvisitor.omnitagjs.com%252Fvisitor%252Fsync%253Fname%253DXandr%252B%2525E2%252580%252593%252BInvest%252BDSP%2526ttl%253D720%2526uid%25...
https://visitor.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=4519483493053224219&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=

49 B
180 B

117ms
41ms

Image
image/gif

185.255.84.152
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=4519483493053224219&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=

Requested by

Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0

Protocol

Server

185.255.84.152 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.newsandpromotions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Mar 2024 12:00:53 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 9
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 25 Mar 2024 12:00:52 GMT
an-x-request-uuid: c13f8d2e-7674-471b-82d9-bc04c4a3587a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://visitor.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=4519483493053224219&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
x-proxy-origin: 5.187.21.105; 5.187.21.105; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ 43 B
363 B 109ms
34ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=70&p=120&cp=adyoulike&cu=1&url=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fis_cookie_sync_uid%3Dtrue%26uid%3D4246a50e6cf42e85f26c381a4b7701fb%26name%3DCRITEO%26visitor%3D%40%40CRITEO_USERID%40%40

Requested by

Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 25 Mar 2024 12:00:52 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 204202
expires: Mon, 25 Mar 2024 00:00:00 GMT

GET
H/1.1

200
OK

sync
x.bidswitch.net/
Redirect Chain

https://x.bidswitch.net/sync?ssp=adyoulike&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=adyoulike&gdpr=0&gdpr_consent=
https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=adyoulike&bsw_user_id=${BSW_USER_UD}&bsw_param=9e8cb4ce-7ff0-4158-89ba-669608118ca4&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=adyoulike&bsw_param=9e8cb4ce-7ff0-4158-89ba-669608118ca4

43 B
235 B

34ms
34ms

Image
image/gif

35.214.149.91
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=adyoulike&bsw_param=9e8cb4ce-7ff0-4158-89ba-669608118ca4
Requested by: Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
Protocol: HTTP/1.1
Server: 35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 91.149.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.newsandpromotions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date: Mon, 25 Mar 2024 12:00:53 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

location: https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=adyoulike&bsw_param=9e8cb4ce-7ff0-4158-89ba-669608118ca4
date: Mon, 25 Mar 2024 12:00:53 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

sync
visitor.omnitagjs.com/visitor/
Redirect Chain

https://creativecdn.com/cm-notify?pi=adyoulike&gdpr=0&gdpr_consent=
https://creativecdn.com/cm-notify?pi=adyoulike&gdpr=0&gdpr_consent=&tc=1
https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=uBi4rKQ_Xd3-h6PDDgh9Pf6huM4pqMrSZrFIdcEG45Q&name=RTB_HOUSE&pi=adyoulike&gdpr=0&gdpr_consent=&tc=1

49 B
180 B

130ms
44ms

Image
image/gif

185.255.84.152
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=uBi4rKQ_Xd3-h6PDDgh9Pf6huM4pqMrSZrFIdcEG45Q&name=RTB_HOUSE&pi=adyoulike&gdpr=0&gdpr_consent=&tc=1

Requested by

Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0

Protocol

Server

185.255.84.152 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.newsandpromotions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Mar 2024 12:00:53 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 13
content-length: 49
expires: 0

Redirect headers

location: https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=uBi4rKQ_Xd3-h6PDDgh9Pf6huM4pqMrSZrFIdcEG45Q&name=RTB_HOUSE&pi=adyoulike&gdpr=0&gdpr_consent=&tc=1
pragma: no-cache
date: Mon, 25 Mar 2024 12:00:52 GMT, Mon, 25 Mar 2024 12:00:52 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
vary: Accept-Encoding
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 ayl_pixel
api-2-0.spot.im/pixels/ 0
456 B 226ms
139ms Image
text/plain 18.245.31.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api-2-0.spot.im/pixels/ayl_pixel?ayl_id=e2eebf0acceea88d42f66ebdb6f89e66

Requested by

Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.31.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-31-19.fra56.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 12:00:52 GMT
via: 1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
content-security-policy: default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P8
x-amz-cf-id: xPAIGHockgVa0GZ0FxWB-I5FKgPkqLpq3Ntb1iRbPh4V-DsUxS34Cw==
x-cache: Miss from cloudfront

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
149 B 122ms
38ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=k2j3gqp&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 12:00:52 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

sync
visitor.omnitagjs.com/visitor/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/aul
https://match.prod.bidr.io/cookie-sync/aul?_bee_ppp=1
https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AAKDKE7MAs8AABWS-tz17Q&name=BEESWAX

49 B
177 B

77ms
40ms

Image
image/gif

185.255.84.152
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AAKDKE7MAs8AABWS-tz17Q&name=BEESWAX

Requested by

Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0

Protocol

Server

185.255.84.152 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.newsandpromotions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Mar 2024 12:00:53 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 7
content-length: 49
expires: 0

Redirect headers

location: https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AAKDKE7MAs8AABWS-tz17Q&name=BEESWAX
Date: Mon, 25 Mar 2024 12:00:52 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2

200

sync
visitor.omnitagjs.com/visitor/
Redirect Chain

https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_BANNER%26ttl%3D720%26uid%3Dbdef6bd95b7450b4e62a32db8c7d8c9d%26visitor%3D__ZUI...
https://visitor.omnitagjs.com/visitor/sync?name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=&gdpr=0&gdpr_consent=&gdpr=0

49 B
93 B

34ms
33ms

Image
image/gif

185.255.84.152
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=&gdpr=0&gdpr_consent=&gdpr=0

Requested by

Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0

Protocol

Server

185.255.84.152 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.newsandpromotions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Mar 2024 12:00:53 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 2
content-length: 49
expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 25 Mar 2024 12:00:53 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/html; charset=utf-8
Location: https://visitor.omnitagjs.com/visitor/sync?name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=&gdpr=0&gdpr_consent=&gdpr=0
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 191
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ 0
42 B 104ms
26ms Image
text/plain 185.64.190.79
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=159706&pu=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DPUBMATIC%26ttl%3D720%26uid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26visitor%3D%23PMUID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Requested by: Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 12:00:53 GMT
content-length: 0

GET
H2

200

sync
visitor.omnitagjs.com/visitor/
Redirect Chain

https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_NATIVE_1_2%26ttl%3D720%26uid%3Df2d9136cf53dede7f83ba16171a37fdd%26visitor%3D_...
https://visitor.omnitagjs.com/visitor/sync?name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=&gdpr=0&gdpr_consent=&gdpr=0

49 B
93 B

38ms
38ms

Image
image/gif

185.255.84.152
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=&gdpr=0&gdpr_consent=&gdpr=0

Requested by

Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0

Protocol

Server

185.255.84.152 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.newsandpromotions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Mar 2024 12:00:53 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 6
content-length: 49
expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 25 Mar 2024 12:00:53 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/html; charset=utf-8
Location: https://visitor.omnitagjs.com/visitor/sync?name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=&gdpr=0&gdpr_consent=&gdpr=0
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 195
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

sync
visitor.omnitagjs.com/visitor/
Redirect Chain

https://csync.loopme.me/?pubid=11480&redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D68c72dd412a8d0f3f6d2276db2509939%26name%3DLOOPME%26visitor%3D%7Bdevice_id%7D%0A&gdpr=0&gdp...
https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=92af4c3f-ab5d-4d47-9583-754bec3de184%20&gdpr_consent=null&gdpr=0

49 B
177 B

40ms
40ms

Image
image/gif

185.255.84.152
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=92af4c3f-ab5d-4d47-9583-754bec3de184%20&gdpr_consent=null&gdpr=0

Requested by

Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0

Protocol

Server

185.255.84.152 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.newsandpromotions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Mar 2024 12:00:53 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 7
content-length: 49
expires: 0

Redirect headers

location: https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=92af4c3f-ab5d-4d47-9583-754bec3de184 &gdpr_consent=null&gdpr=0
date: Mon, 25 Mar 2024 12:00:53 GMT
server: _
content-length: 0

GET
H2 200 /
sync.taboola.com/sg/adyoulikertb-network/1/rtb-h/ 0
99 B 130ms
33ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/adyoulikertb-network/1/rtb-h/?GDPR=0&GDPR_CONSENT=&taboola_hm=e2eebf0acceea88d42f66ebdb6f89e66
Requested by: Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 12:00:53 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 33733

GET
H2

200

sync
visitor.omnitagjs.com/visitor/
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=33&gdpr=0&gdpr_consent=
https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-1461cd0e-8d79-5b22-741e-394fb682a8bc$ip$5.187.21.105&name=STACKADAPT&gdpr=0&gdpr_consent=

49 B
177 B

35ms
35ms

Image
image/gif

185.255.84.152
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-1461cd0e-8d79-5b22-741e-394fb682a8bc$ip$5.187.21.105&name=STACKADAPT&gdpr=0&gdpr_consent=

Requested by

Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0

Protocol

Server

185.255.84.152 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.newsandpromotions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Mar 2024 12:00:53 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 2
content-length: 49
expires: 0

Redirect headers

Location: https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-1461cd0e-8d79-5b22-741e-394fb682a8bc$ip$5.187.21.105&name=STACKADAPT&gdpr=0&gdpr_consent=
Date: Mon, 25 Mar 2024 12:00:53 GMT
Connection: keep-alive
Content-Length: 218
Content-Type: text/html; charset=utf-8

GET
H2 204 adyoulike
s.seedtag.com/cs/cookiesync/ 0
284 B 103ms
41ms Image
text/plain 34.149.50.64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.seedtag.com/cs/cookiesync/adyoulike?channeluid=e2eebf0acceea88d42f66ebdb6f89e66&gdpr=0&gdpr_consent=
Requested by: Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 12:00:53 GMT
via: 1.1 google
access-control-allow-credentials: true
server: openresty
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD

GET
H2 200 cksync.php
contextual.media.net/ 56 B
318 B 246ms
132ms Image
image/gif 2.23.8.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=ayl&ovsid=e2eebf0acceea88d42f66ebdb6f89e66

Requested by

Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.23.8.24 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-23-8-24.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

5eeb0081366c82d6237c6e16e9af56188182db7669e6916a9018bbf8d16b5b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Mon, 25 Mar 2024 12:00:53 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
alt-svc: h3=":443"; ma=93600
content-length: 56
x-mnet-hl2: E
expires: Mon, 25 Mar 2024 12:00:53 GMT

GET
H2 200 101967
jadserve.postrelease.com/suid/ 43 B
422 B 476ms
155ms Image
image/gif 34.214.129.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/101967?ntv_r=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DNATIVO%26ttl%3D720%26uid%3D0544850a0778385701c6899403bef718%26visitor%3DNTV_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Requested by: Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.214.129.77 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-214-129-77.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 25 Mar 2024 12:00:53 GMT
server: nginx
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 sync-iframe
cs-server-s2s.yellowblue.io/ 0
376 B 320ms
100ms Image
text/html 34.233.219.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DRISE_CODES%26ttl%3D720%26uid%3D48b439bcf2930e6408d6e795f7f1cdd2%26visitor%3D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Requested by: Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.233.219.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-219-30.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 12:00:53 GMT
server: istio-envoy
x-reason: could not perform CS due to compliance policy: gdpr is not applied
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://www.newsandpromotions.com/
content-type: text/html
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0

GET
H2 204 pixel
ap.lijit.com/ 0
175 B 141ms
37ms Image
text/plain 54.76.208.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DSOVRN%26ttl%3D720%26uid%3D4b30a0b1f289a261ab592e1e53c126eb%26visitor%3D%24UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Requested by: Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.76.208.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-208-25.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Mon, 25 Mar 2024 12:00:53 GMT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
access-control-allow-methods: GET, POST, DELETE, PUT

GET 711333.gif
id.rlcdn.com/ 0
0

GET
H2 200 cookiesync
bttrack.com/pixel/ 35 B
163 B 319ms
107ms Image
image/gif 192.132.33.69
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bttrack.com/pixel/cookiesync?source=6b2595d5-cf4e-4298-a4ac-bcc34433eaad&secure=1&gdpr=0&gdpr_consent=

Requested by

Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.132.33.69 , United States, ASN18568 (BIDTELLECT, US),

Reverse DNS

NET-33-132-192.69.bidtellect.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-servername: Track004-iad
pragma: no-cache
date: Mon, 25 Mar 2024 12:00:24 GMT
strict-transport-security: max-age=31536000;
content-type: image/gif
cache-control: private,no-cache
content-length: 35
expires: -1

GET
H2 200 sync
matching.ivitrack.com/ 42 B
265 B 117ms
35ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=ayl&uid=e2eebf0acceea88d42f66ebdb6f89e66
Requested by: Host: www.newsandpromotions.com
URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 12:00:52 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

POST
H2 204 p Show response
aux.fqtag.com/aux/ 0
94 B 123ms
46ms XHR
text/plain 2600:1901:0:298e::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://aux.fqtag.com/aux/p
Requested by: Host: cdn.fqtag.com
URL: https://cdn.fqtag.com/1.27.339-ccfb11a/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:298e:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.newsandpromotions.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 25 Mar 2024 12:00:53 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=25D8F42F41DE43A5ABC298AD6F995203&RedC=c.clarity.ms&MXFR=0FF4CC0D28BE623F28D7D8402CBE6C1F
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=25D8F42F41DE43A5ABC298AD6F995203&MUID=154623699FBE697036D937249E75687D

42 B
440 B

37ms
37ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=25D8F42F41DE43A5ABC298AD6F995203&MUID=154623699FBE697036D937249E75687D
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.newsandpromotions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Mar 2024 12:00:53 GMT
last-modified: Fri, 01 Mar 2024 22:54:48 GMT
server: Microsoft-IIS/10.0
etag: "3e26b762b6cda1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 25 Mar 2024 12:00:53 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C5EBCF1CFE2D47409490469F179491E7 Ref B: LTSEDGE1919 Ref C: 2024-03-25T12:00:53Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=25D8F42F41DE43A5ABC298AD6F995203&MUID=154623699FBE697036D937249E75687D
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H/1.1 200
OK favicon.ico
www.newsandpromotions.com/wp-content/plugins/genesis-favicon-uploader/favicons/ 1 KB
719 B 57ms
29ms Other
image/x-icon 35.227.209.77
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.newsandpromotions.com/wp-content/plugins/genesis-favicon-uploader/favicons/favicon.ico
Protocol: HTTP/1.1
Server: 35.227.209.77 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 77.209.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: a8e247a4aa584404ac0d10d6e3cd94399855c535101c136c054b3dea4860d975

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Pragma: public
Date: Mon, 25 Mar 2024 03:53:20 GMT
Content-Encoding: gzip
Via: 1.1 google
Last-Modified: Mon, 29 Aug 2022 12:36:58 GMT
Server: Apache
Age: 29253
ETag: "47c-5e76085030e80-gzip"
Vary: Accept-Encoding
Content-Type: image/x-icon
Cache-Control: public,max-age=3600
Accept-Ranges: bytes
Content-Length: 370

POST
H/1.1 204
No Content collect Show response
a.clarity.ms/ 0
305 B 105ms
105ms XHR
text/plain 104.45.184.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.24/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.45.184.134 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/x-clarity-gzip
Referer: https://www.newsandpromotions.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://www.newsandpromotions.com
Date: Mon, 25 Mar 2024 12:00:53 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

POST
H2 204 collect
region1.analytics.google.com/g/ 0
45 B 33ms
32ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-YEP2FYVEFL&gtm=45je43k0v9119291653za200&_p=1711368052473&gcd=13l3l3l3l2&npa=0&dma=0&ul=en-us&sr=800x600&cid=779323957.1711368052&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.58%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.58&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=ABAI&_s=2&dl=https%3A%2F%2Fwww.newsandpromotions.com%2Fspecial-offer%2F%3FTID%3D11911%26SID%3D0&dt=Special%20Offer&sid=1711368052&sct=1&seg=1&en=page_view&_ee=1&_et=2&tfd=7187
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YEP2FYVEFL&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.newsandpromotions.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 25 Mar 2024 12:00:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.newsandpromotions.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: id.rlcdn.com
URL: https://id.rlcdn.com/711333.gif?&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

246 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.leak-hub.com/	1970-01-21 04:58:48	Name: sid Value: 51bee4e2-ea9f-11ee-a64a-20352c3a8e8e
.newsandpromotions.com/	1970-01-20 19:22:48	Name: _xTID Value: 11911
.omnitagjs.com/	1970-01-20 20:06:00	Name: ayl_visitor Value: e2eebf0acceea88d42f66ebdb6f89e66
.newsandpromotions.com/	1970-01-21 04:58:48	Name: _ga Value: GA1.2.779323957.1711368052
.newsandpromotions.com/	1970-01-20 19:24:14	Name: _gid Value: GA1.2.538255413.1711368052
.newsandpromotions.com/	1970-01-20 19:22:48	Name: _gat Value: 1
www.clarity.ms/	1970-01-21 04:08:24	Name: CLID Value: dbd2d3c4b24242deb55d46c831028c92.20240325.20250325
.newsandpromotions.com/	1970-01-21 04:08:24	Name: _clck Value: lif49i%7C2%7Cfkd%7C0%7C1545
.newsandpromotions.com/	1970-01-21 04:08:24	Name: _hjSessionUser_31899 Value: eyJpZCI6IjYyMGVlMGNlLTI2YjUtNTIzZS1iMmQ4LWIyOWQyNGQ4MTEzOSIsImNyZWF0ZWQiOjE3MTEzNjgwNTI2MzIsImV4aXN0aW5nIjp0cnVlfQ==
.newsandpromotions.com/	1970-01-20 19:22:49	Name: _hjSession_31899 Value: eyJpZCI6IjRlZDFiZDc2LThhYzEtNGFjNi05MWI0LTZmMmI4NDAzZWRjMSIsImMiOjE3MTEzNjgwNTI2MzMsInMiOjEsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.newsandpromotions.com/	1970-01-21 04:58:48	Name: _ga_YEP2FYVEFL Value: GS1.2.1711368052.1.1.1711368052.60.0.0
.creativecdn.com/	1970-01-21 04:08:24	Name: g Value: 9wi5VBFuDeconHhn5UcS_1711368052915
.creativecdn.com/	1970-01-21 04:08:24	Name: ts Value: 1711368052
.bidswitch.net/	1970-01-21 04:08:24	Name: tuuid Value: 9e8cb4ce-7ff0-4158-89ba-669608118ca4
.bidswitch.net/	1970-01-21 04:08:24	Name: c Value: 1711368052
.bidswitch.net/	1970-01-21 04:08:24	Name: tuuid_lu Value: 1711368052
.adnxs.com/	1970-01-21 04:58:48	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 21:32:24	Name: XANDR_PANID Value: a8MZZ2FJqQDQ4M_-By-G44hHxRjlQgsqbLj0uxWLztfbvuC9GiYw52Y4pmA-B0LnAHt074aU_gyXAcKIXSDPmHX4eJuSJSyZ0pXoRWrjTOo.
.adnxs.com/	1970-01-20 21:32:24	Name: uuid2 Value: 4519483493053224219
.bidr.io/	1970-01-21 04:51:21	Name: bito Value: AAKDKE7MAs8AABWS-tz17Q
.bidr.io/	1970-01-21 04:51:21	Name: bitoIsSecure Value: ok
.csync.loopme.me/	1970-01-20 21:35:16	Name: viewer_token Value: 92af4c3f-ab5d-4d47-9583-754bec3de184
.newsandpromotions.com/	1970-01-20 19:24:14	Name: _clsk Value: 1cogmc8%7C1711368053169%7C1%7C1%7Ca.clarity.ms%2Fcollect
sync.srv.stackadapt.com/	1970-01-21 04:08:24	Name: sa-user-id Value: s%3A0-1461cd0e-8d79-5b22-741e-394fb682a8bc.X2SM931R2myrau0tEBWJyofScOv1YEZ3SdHl2zoReoo
.srv.stackadapt.com/	1970-01-21 04:08:24	Name: sa-user-id Value: s%3A0-1461cd0e-8d79-5b22-741e-394fb682a8bc.X2SM931R2myrau0tEBWJyofScOv1YEZ3SdHl2zoReoo
sync.srv.stackadapt.com/	1970-01-21 04:08:24	Name: sa-user-id-v2 Value: s%3AFGHNDo15WyJ0HjlPtoKovAW7FWk.A8ue0zw14ovOJsp3Ji%2BAvvjkJFHK8PSzpO3CoGZAz2g
.srv.stackadapt.com/	1970-01-21 04:08:24	Name: sa-user-id-v2 Value: s%3AFGHNDo15WyJ0HjlPtoKovAW7FWk.A8ue0zw14ovOJsp3Ji%2BAvvjkJFHK8PSzpO3CoGZAz2g
sync.srv.stackadapt.com/	1970-01-21 04:08:24	Name: sa-user-id-v3 Value: s%3AAQAKIGEBXK4QipDwfyUmxUwkP9RL9mINvBWHwjU1Hcd8xfGXEHwYBCD1zoWwBjABOgT7-sM6QgSfcj7E.glGBDDbjdgZ%2B2lNev0SPkpx9o%2BYLRoC1KTCVYv4QTGg
.srv.stackadapt.com/	1970-01-21 04:08:24	Name: sa-user-id-v3 Value: s%3AAQAKIGEBXK4QipDwfyUmxUwkP9RL9mINvBWHwjU1Hcd8xfGXEHwYBCD1zoWwBjABOgT7-sM6QgSfcj7E.glGBDDbjdgZ%2B2lNev0SPkpx9o%2BYLRoC1KTCVYv4QTGg
.postrelease.com/	1970-01-21 04:08:24	Name: opt_out Value: 1
.bing.com/	1970-01-21 04:44:24	Name: MUID Value: 154623699FBE697036D937249E75687D
.c.bing.com/	1970-01-20 19:32:52	Name: MR Value: 0
.c.bing.com/	1970-01-21 04:44:24	Name: SRM_B Value: 154623699FBE697036D937249E75687D
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 04:44:24	Name: MUID Value: 154623699FBE697036D937249E75687D
.c.clarity.ms/	1970-01-20 19:32:52	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 19:22:48	Name: ANONCHK Value: 0

65 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Mixed Content: The page at 'https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0' was loaded over HTTPS, but requested an insecure favicon 'http://www.newsandpromotions.com/wp-content/plugins/genesis-favicon-uploader/favicons/favicon.ico'. This content should also be served over HTTPS.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.newsandpromotions.com/special-offer/?TID=11911&SID=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.clarity.ms
aorta.clickagy.com
ap.lijit.com
api-2-0.spot.im
aux.fqtag.com
b1sync.zemanta.com
bttrack.com
c.bing.com
c.clarity.ms
c.fqtag.com
cdn.fqtag.com
cdn.taboola.com
connect.facebook.net
contextual.media.net
creativecdn.com
cs-server-s2s.yellowblue.io
csync.loopme.me
dinnza.com
dis.criteo.com
eus.rubiconproject.com
fo-api.omnitagjs.com
fo-ssp.omnitagjs.com
fo-static.omnitagjs.com
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
hemsync.clickagy.com
id.rlcdn.com
image8.pubmatic.com
jadserve.postrelease.com
leak-hub.com
match.adsrvr.org
match.prod.bidr.io
matching.ivitrack.com
onetag-sys.com
region1.analytics.google.com
s.seedtag.com
script.hotjar.com
secure-assets.rubiconproject.com
secure.adnxs.com
settings.luckyorange.net
ssc-cms.33across.com
ssl.luckyorange.com
static.hotjar.com
stats.g.doubleclick.net
sync.crwdcntrl.net
sync.srv.stackadapt.com
sync.taboola.com
tags.clickagy.com
track.ecampaignstats.com
u.ipw.metadsp.co.uk
us-u.openx.net
visitor.omnitagjs.com
www.clarity.ms
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.newsandpromotions.com
x.bidswitch.net
id.rlcdn.com
103.224.182.206
104.26.11.16
104.45.184.134
104.64.126.246
13.32.27.19
141.226.228.48
142.250.185.164
151.101.65.44
157.240.252.13
172.217.18.3
178.250.1.9
18.245.31.19
18.66.97.10
185.184.8.90
185.255.84.151
185.255.84.152
185.64.190.79
185.89.210.82
192.132.33.69
2.23.8.24
2001:4860:4802:32::36
23.48.23.37
2600:1901:0:298e::
2600:9000:211e:5e00:4:8491:f2c0:93a1
2606:4700:20::681a:4f4
2620:1ec:bdf::45
2620:1ec:c11::200
2a00:1450:4001:803::200a
2a00:1450:4001:803::200e
2a00:1450:4001:806::2003
2a00:1450:4001:812::2008
2a00:1450:400c:c00::9d
2a02:2638:3::c
2a03:2880:f084:d:face:b00c:0:3
34.111.12.38
34.117.157.22
34.149.50.64
34.214.129.77
34.231.129.236
34.233.219.30
35.190.36.172
35.190.72.161
35.214.132.90
35.214.149.91
35.214.206.184
35.227.209.77
35.244.159.8
35.71.131.137
37.48.65.152
44.213.220.50
51.89.9.253
52.211.99.1
52.215.86.157
54.210.145.203
54.76.208.25
64.202.112.63
67.202.105.22
68.219.88.97
72.246.169.246
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
054bdf9b8da204cabfcd876409243e05bec63fe13643da4583464e8927ee9481
05cbe0eb63271667225aa3f633752f33320920a81377672462140256ff8f9c8a
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
20209a9204b5e945a57a466b9010e3f572003437a235ff415083ca91d31cbd77
240b702419d6c39ecc4896f0132ccfc9bc517e9aef0c782d99580e0c678b47d5
2ab0f45758fa81cc5b4669004d42b4ac117c807fad6fb9509359f8b6ef592f38
32dd00604df8db3415240d450341558b6827b1e02dc0f211d8a6d9a4287c522e
3bc9c1f81ac6f56f2077096ca22a3bb734f895f14dc0d8524dee9a0e124302cc
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
45e040bbe8b505348d26fbfd50ce1fb32271fc5ab3c05c388ba5342e082b4efd
4ab71d481de1298c26ac983c76d3f4215ea398331074369993f1c27493fa1006
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f7166cc360d114d3279967bae732d3eab578ad1f4ea9cedd9c349e9a5eaed37
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5c61ddd4f7ab45d1ca4f263ae05f6814284e8e13d39f7acd4df221a2c1202d90
5d594c9f8e7ea0a8bf5bad07a77a1dcf675fcb2b456369df14fecaa6c3214f15
5eeb0081366c82d6237c6e16e9af56188182db7669e6916a9018bbf8d16b5b7a
62af96b589b3b91ab85d8215cfad925f0b748c2c0714772d8dfd96f6db78d569
6743d9e9284060da973b7a61a6ce0b6137b24b470de65cc3048156ba7582cdd0
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6cb6821219dae9fa9a21519d86d7ec7acaf0c4dd61463eb336eb92964feebef3
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf
7513ea071ec3a6d65ea28a5d0bd1136522b6503b825789849dad425d677c2d73
7d6c99efb6e127e4d771df15c40b164de3ee8ea290ce575b20f81aee60a03d3b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83aa0e460deafba34165363c3a229c2d6faf9f239d2b782c456651b78c032437
85b9dffd781e47c571a53afc2f594c53f9c49ebeadc9adc3fc720d4a6e3a688b
8b0ce2bf2fd117fdda281bec4fc88f09bc07566810aadc45dd566fa4fcd2679c
8ca576c1a2552134c66c3bdfbbff559654f0eca9d749d2933397df6b80616852
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9472f0e4b9df82ddfd868a6b15cbbffcf1a00e25f6f502a36bdf9707fe93aec9
97307859d3fcb1aa21e13e3e7bf6f7200f237d178bb18ada0fae75b35f8aef85
98978ca510c9861cfdd523c3f518a6d4f0706c75394f006bc6fe0d58c3334fbe
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4273a4627dee7cb7316462117406296f7ac0602a76c101e5c0ca8dfa6686cbd
a49654f4f596b62de7a848de385fd6c6f65cebdb23df83456f066256630ba035
a80eae4454fa66280866a7243d2ea51e927c41af8ba045ade41a03f64d1180fa
a8e247a4aa584404ac0d10d6e3cd94399855c535101c136c054b3dea4860d975
ad03543ac37253e14391a4c0a02845320456d23ca50546ee72143e1bec705927
b2797fb79fdbded709d7aff399648ce4d809dda4028eb2c3636b38bb5451132f
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bf820c2e5608b055b98402b2f885df349d9f9e605ff3fd7a4c03f1c49d5c8264
bfe52d579512209544104e967b8f57c10cf992cf879321612613640baa57ab8e
c13e5fd1c85742cd9c2a7cce6255d9096b2c85830f85a0f8c142633da4e81078
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c56e11ae42d0f719ff2017e3adc5ba87af8ae85624c1245e9b827faed56a7987
c74ae25896e6f760efc2b5f7d3983d8112d043c959970948eb197491c150f319
c762a9ebb4f3912f5f97bdaa579b2c7813cee4b6b4929555295dfd49508f7839
cb7e55101bbe7cf1c75758b4b148ef2cb840d32690bc3ac99b0552ae6fc65c74
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d4dcfed0a67f59a30ee2adaf895cc47005779090fdb558481f88c3aae095b276
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
e70a34c5f232fa80328a361630a994cf847c54deb926f13d40be4807291b657b
ed57410b6d3577ae079759ca23479e4b44f02b6e0042fb56cf08b3904dc3fa70
ee509bb1c57d79983d9b61bc0df4ffba2307f8bcae447efa74c311e2f615dda1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f08dccdc1054a4c83e6fafa075bde0ac227e6fc5c56d7b9e981039ab8032409a
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fe1d956c373c6c52de2b9b7671e0bdf901b27d7c61aa45198da3c21081f31874

www.newsandpromotions.com Open in urlscan Pro 35.227.209.77 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

97 Requests

86 %HTTPS

22 %IPv6

46 Domains

60 Subdomains

48 IPs

10 Countries

1044 kBTransfer

3254 kBSize

37 Cookies

0 Outgoing links

Page URL History

Redirected requests

97 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.newsandpromotions.com Open in urlscan Pro
35.227.209.77 Public Scan

Screenshot
Live screenshot

Full Image

97
Requests

86 %
HTTPS

22 %
IPv6

46
Domains

60
Subdomains

48
IPs

10
Countries

1044 kB
Transfer

3254 kB
Size

37
Cookies

97 HTTP transactions
0 data transactions