r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash be88d3e043e3b95b52e41812e50fb634
0318ba1ce487817ea7cba61dd9413bed29213800
b5f178d23e633283f226cca7a9ae79b01e6cab2299ff7065c980d3a9953212fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3980
Expires: Wed, 14 Sep 2022 20:00:35 GMT
Date: Wed, 14 Sep 2022 18:54:15 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 14 Sep 2022 18:09:39 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vodz8hhvWvSv9oB3ivNe-C09m4eLNyDvYe1TL28dyzv9yWdd3r9dgQ==
Age: 2676
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 14 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: gGed-eRZO1q_Bo6IB2jtlHrwclXrxoxSy5dRQc7JLvPgzOZ8QT_uKw==
age: 51540
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 18:54:15 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Wed, 14 Sep 2022 18:03:22 GMT
Expires: Wed, 14 Sep 2022 18:36:58 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: OS_oxc-TnXWN-7dk8QpB_0gsRiXaEeZYJCeP18ATsWUiQrqsMKWkmA==
Age: 3053
news4kcnn.hs-sites-eu1.com/
172.64.154.3200 OK 8.9 kB URL HTTP/1.1 news4kcnn.hs-sites-eu1.com/
IP 172.64.154.3:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (33982), with CRLF, LF line terminators
Hash bcab196a6593557aff48e2bee8fa0485
ef0cf786187bc58ceb07c7cd28329d4a4acefb54
b41ceacdede39ea52cb45ba3250785e7fe421259da949230311cd31475da3bd1
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: news4kcnn.hs-sites-eu1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 18:54:16 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 74ab54824f770afa-OSL
Cache-Control: s-maxage=10,max-age=5
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Access-Control-Allow-Credentials: false
cache-tag: CT-53117545672,P-26246936,CW-53116949197,CW-53117121730,CW-53117121734,CW-53118088388,E-53116948940,E-53116948942,E-53116948943,E-53116948945,E-53117121515,E-53117121739,E-53117121741,E-53117121742,E-53117470969,PGS-ALL,SW-0,TS-53117471166
Edge-Cache-Tag: CT-53117545672,P-26246936,CW-53116949197,CW-53117121730,CW-53117121734,CW-53118088388,E-53116948940,E-53116948942,E-53116948943,E-53116948945,E-53117121515,E-53117121739,E-53117121741,E-53117121742,E-53117470969,PGS-ALL,SW-0,TS-53117471166
X-HS-Cache-Config: BrowserCache-5s-EdgeCache-10s
X-HS-Content-Id: 53117545672
X-HS-Hub-Id: 26246936
X-HubSpot-Correlation-Id: 3a6f2be7-b4a5-4ebd-99a3-60df3ec97b5f
X-Powered-By: HubSpot
X-Robots-Tag: none
X-Trace: 2B557C01E44DCD6CF56203767BC48A708B535D96BE000000000000000000
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
code.jquery.com/jquery-3.6.0.min.js
69.16.175.10200 OK 31 kB URL HTTP/2 code.jquery.com/jquery-3.6.0.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (65447)
Hash 899f0189aaf034bbba5340f724d91dfa
210ea9de03968edb9d839ba4a0ce2d48666a8ab8
949b6597c5ea907a7ef3c8ca6d5ffc73be2352f9df485b78704e5c4dabac5d0f
GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://news4kcnn.hs-sites-eu1.com
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 18:54:16 GMT
content-encoding: gzip
content-length: 30875
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d9d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1663181656.dop013.sk1.t,1663181656.cds069.sk1.hn,1663181656.cds210.sk1.c
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.min.js
151.101.85.229200 OK 15 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.min.js
IP 151.101.85.229:0
File type ASCII text, with very long lines (63188)
Hash bcd78d6c0ec033bf482fd42a464a0456
db079a86c03c9930571f8d0d6585cd7c4817fb95
3ade5e6e9f8a5da4b810b01861e48e7e4fa50b8c4fc5899a715062a139c5d258
GET /npm/bootstrap@4.6.0/dist/js/bootstrap.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://news4kcnn.hs-sites-eu1.com
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 4.6.0
x-jsd-version-type: version
etag: W/"f7eb-O+7WjtfXU8a/T2HCY4bd15KboDA"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 14 Sep 2022 18:54:16 GMT
age: 12248409
x-served-by: cache-fra19124-FRA, cache-bma1622-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 14954
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash abea4dc307fd4da34aac369f4316657c
ef7be7963fa8154c83b78d6ca8518b8448f079ff
1c50a6b2765a5108f31d7a31c98c62d293440c84e8bf63f9dac685be9e3d77d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 18:54:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
js-eu1.hs-scripts.com/26246936.js
172.65.208.22200 OK 606 B URL HTTP/1.1 js-eu1.hs-scripts.com/26246936.js
IP 172.65.208.22:0
File type ASCII text, with very long lines (546)
Hash df7dcfde59d9c67e1119982c2743a3b9
e873fb2265c6e6a6c631f4befe52aa5917f1d7f9
69b348ccdc2fcb54bcba20bf92281a51b346addec65eb19e5d19d60fb8401ebb
GET /26246936.js HTTP/1.1
Host: js-eu1.hs-scripts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 18:54:16 GMT
Content-Type: application/javascript;charset=utf-8
Content-Length: 606
Connection: keep-alive
X-Trace: 2B4F0F1F0654A3B96F9DABED42E4D663080BD659F9000000000000000000
Cache-Control: public, max-age=30
Vary: Accept-Encoding
X-HubSpot-Correlation-Id: 6ae7b19b-dcbb-4dad-91bf-8c48318b218c
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 3600
Access-Control-Allow-Origin: http://news4kcnn.hs-sites-eu1.com
Last-Modified: Wed, 14 Sep 2022 18:54:16 GMT
CF-Cache-Status: MISS
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 74ab54873aaab505-OSL
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.21.226:0
Hash 70023870328bc2851602bfda0671f8d8
1fea657d8819a97c2080bd6b9817dbbc037d5a92
36fe42df3eb421c9a023d170b3058b6d39bc381945f40a1492d6e67983c85dac
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 18:54:16 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "052BA26C709F9CC2B246ADAEF78E82457FF39828"
Expires: Thu, 15 Sep 2022 06:00:00 GMT
Last-Modified: Wed, 14 Sep 2022 18:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1539
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74ab5487d94db527-OSL
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c86fc6649c7c512abb52fcd62d51ee26
bf241d6c1779668447df444a239d715b6ed46f6d
822cb499ea058f2c40ce4942048528575fadc172d3669007f5f34fae41c7ea49
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 18:54:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.hsappstatic.net/cms-free-branding-lib/static-1.111/css/hsCmsFreeBranding.css
104.17.9.210301 Moved Permanently 0 B URL HTTP/1.1 static.hsappstatic.net/cms-free-branding-lib/static-1.111/css/hsCmsFreeBranding.css
IP 104.17.9.210:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cms-free-branding-lib/static-1.111/css/hsCmsFreeBranding.css HTTP/1.1
Host: static.hsappstatic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
HTTP/1.1 301 Moved Permanently
Date: Wed, 14 Sep 2022 18:54:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 14 Sep 2022 19:54:16 GMT
Location: https://static.hsappstatic.net/cms-free-branding-lib/static-1.111/css/hsCmsFreeBranding.css
Vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FILmx5ql%2FsM6wLdCSorRq3D9M%2BUPPgBiNzE183XyXCh64GkkYdg7Rt5Eon7pSc0cOI2XBiAyRTJKKQ%2BRdPQaQQQi4J7qLmc4tMIvMletfCTtrwG%2BoaEEOHWacP3%2BqNclz1q6rg9Xoao%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74ab54883857b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn1.hubspotusercontent-eu1.net/hub/26246936/hub_generated/template_assets/53117470969/1663156032537/marketplace/Sprocket_Rocket/sr-theme-free/css/custom-styles.css
104.18.34.226200 OK 78 B URL HTTP/1.1 cdn1.hubspotusercontent-eu1.net/hub/26246936/hub_generated/template_assets/53117470969/1663156032537/marketplace/Sprocket_Rocket/sr-theme-free/css/custom-styles.css
IP 104.18.34.226:0
File type ASCII text, with CRLF line terminators
Hash e348549f26a3ad80a396b1cd9a23c7bd
49da85c5983381fccabb9a74833bd4809e0e9b43
53522dd0dc006920a06fa5bbf2859f1e6ce4e5ff1a10d128f5decde523ad71cc
GET /hub/26246936/hub_generated/template_assets/53117470969/1663156032537/marketplace/Sprocket_Rocket/sr-theme-free/css/custom-styles.css HTTP/1.1
Host: cdn1.hubspotusercontent-eu1.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 18:54:16 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 74ab54870805b50c-OSL
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1209600
ETag: W/"498bc73d25b9dc6a812c316d9cd729d5"
Expires: Wed, 28 Sep 2022 18:54:16 GMT
Last-Modified: Wed, 14 Sep 2022 11:47:13 GMT
Vary: Accept-Encoding
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
CF-Cache-Status: REVALIDATED
Access-Control-Allow-Methods: GET
X-Amz-Cf-Id: ZIOeklDZXLt1r1yDgBN8iD-XnG_Lv3ZI1rMrMJsAGt4rz58ltcopDw==
X-Amz-Cf-Pop: OSL50-P1
x-amz-id-2: IQfd/ZZRcu7clS5Edl9Cejf2Ci7p9Vvt2NvgDnk2aTr24T+jwbsgWmIYmxIjE+FvqKdoE17Y7lM=
x-amz-meta-created-unix-time-millis: 1663156032537
x-amz-request-id: JW14A1KGN4JM2J2K
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-version-id: 0U79poF8JgGlnWv7dPJzVsC10kSp.WnG
X-Cache: RefreshHit from cloudfront
X-HS-Alternate-Content-Type: text/plain
X-HS-CF-Lambda: us-east-1.enforceAclForReads 5
X-HS-CF-Lambda-Enforce: us-east-1.enforceAclForReads 5
Server: cloudflare
Content-Encoding: gzip
www.lean-labs.com/hubfs/sr-assets/pattern-library/sr-hero-01/sr-hero-01-v2.jpg
199.60.103.254200 OK 278 kB URL HTTP/2 www.lean-labs.com/hubfs/sr-assets/pattern-library/sr-hero-01/sr-hero-01-v2.jpg
IP 199.60.103.254:0
ASN #209242 Cloudflare London, LLC
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], progressive, precision 8, 2880x1958, components 3\012- data
Size 278 kB (278074 bytes)
Hash 77de0dfc7063d547a20f260ade8123b6
4a494659cbe0ed89c9fd8192f59e8036c0ceb04f
676c068451bb86a8562138ea1641517afc1fb87819c8212e711ea47bac92650c
GET /hubfs/sr-assets/pattern-library/sr-hero-01/sr-hero-01-v2.jpg HTTP/1.1
Host: www.lean-labs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Sep 2022 18:54:16 GMT
content-type: image/jpeg
content-length: 278074
cf-ray: 74ab54882d77b51d-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 25716
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
etag: "c83bc29a87114e8e700922654fc8a888"
last-modified: Tue, 11 Dec 2018 17:17:13 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 bfeae0ecbffe44ad98e5cd0ae83bdb4a.cloudfront.net (CloudFront)
cf-cache-status: HIT
access-control-allow-methods: GET
cache-tag: F-6752477065,FD-5987776827,P-275827,FLS-ALL
cf-bgj: imgq:85,h2pri
cf-polished: origSize=305715, status=webp_bigger
edge-cache-tag: F-6752477065,FD-5987776827,P-275827,FLS-ALL
x-amz-cf-id: 78UNxBXXc6IQMkolNLJ-2mN3_qElRDRqD9Z8Ixe-0GWbKpB_rNTT1g==
x-amz-cf-pop: ARN56-P1
x-amz-id-2: oWqLIlMzN5uvFa6YHkgpo+PLxpQl+XWuhEMuj6vWY9GPvJ0aycqM7LLNYIumvmjsFJLleK8cnEI=
x-amz-meta-cache-tag: F-6752477065,FD-5987776827,P-275827,FLS-ALL
x-amz-request-id: B7M52HGBE8AH4FMZ
x-amz-version-id: q.wNl0WaWucSMi8QYT59BSQdbGZRKDEb
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
x-hs-https-only: worker
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0S%2Fwomfw184OQ8N%2FumyjpREAGErz%2BQ2we5VM7FQqu8r30fTJmTtX6XDmn6zwqVP49x3V%2FRn0qmYcQaLiAiK%2FTMlq26po2Tx48zhz144%2FIfSdQ%2FAzDL7HFUd7Y6nRNM%2FCdmD1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: __cf_bm=uImj_Lwz3mz2cNZojVoFhm24kboPmjEiUDgABzKtjxA-1663181656-0-AbPT/5xT2M+MmptEQ6CJNpNVBK8lR+jsvB4NO4FRlsv3b9s6sNmPljKW8PX28AMfhHcYmsLX/sNdCTN8qQd7fLA=; path=/; expires=Wed, 14-Sep-22 19:24:16 GMT; domain=.www.lean-labs.com; HttpOnly; Secure; SameSite=None
__cfruid=415bbb7d53e096fecf9e730c76bf1e1790943fb6-1663181656; path=/; domain=.www.lean-labs.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
cdn1.hubspotusercontent-eu1.net/hub/26246936/hub_generated/template_assets/53117121739/1663156038137/marketplace/Sprocket_Rocket/sr-theme-free/css/sr-base.min.css
104.18.34.226200 OK 10 kB URL HTTP/1.1 cdn1.hubspotusercontent-eu1.net/hub/26246936/hub_generated/template_assets/53117121739/1663156038137/marketplace/Sprocket_Rocket/sr-theme-free/css/sr-base.min.css
IP 104.18.34.226:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 002069daafeb38a2d0947d0949775f1d
5f548d13bce90cc5381e9abd0551e709e9552a51
f7706fbf5b79cd01d99dc49d22a09e6c90ef4c3d18ca342828dd94fcd2adc95d
GET /hub/26246936/hub_generated/template_assets/53117121739/1663156038137/marketplace/Sprocket_Rocket/sr-theme-free/css/sr-base.min.css HTTP/1.1
Host: cdn1.hubspotusercontent-eu1.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 18:54:16 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 74ab5486f893b52d-OSL
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1209600
ETag: W/"a034c0cb06aab3ae7329c7fcf548bb86"
Expires: Wed, 28 Sep 2022 18:54:16 GMT
Last-Modified: Wed, 14 Sep 2022 11:47:20 GMT
Vary: Accept-Encoding
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
CF-Cache-Status: REVALIDATED
Access-Control-Allow-Methods: GET
X-Amz-Cf-Id: eEeTgzox4mQnUbfk32woVhH4WO-Rh-5Xxs5HstvZsMLp1iGljVQIhw==
X-Amz-Cf-Pop: OSL50-P1
x-amz-id-2: GEoScNlY3RY+W8eP9fARismE9ziCJmIYLnRvwSo8zBESrLBxb4ELYFI8GhD+gpHYLWTqATO3hfc=
x-amz-meta-created-unix-time-millis: 1663156039053
x-amz-request-id: E4632G2SAK3S975Z
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-version-id: 8Gnw.tLvBXShIILkllBZ0xddBtensMPp
X-Cache: RefreshHit from cloudfront
X-HS-Alternate-Content-Type: text/plain
X-HS-CF-Lambda: us-east-1.enforceAclForReads 5
X-HS-CF-Lambda-Enforce: us-east-1.enforceAclForReads 5
Server: cloudflare
Content-Encoding: gzip
f.hubspotusercontent-eu1.net/hub/26246936/hub_generated/template_assets/53117121742/1663156035455/marketplace/Sprocket_Rocket/sr-theme-free/js/interaction.min.js
172.64.153.30200 OK 482 B URL HTTP/1.1 f.hubspotusercontent-eu1.net/hub/26246936/hub_generated/template_assets/53117121742/1663156035455/marketplace/Sprocket_Rocket/sr-theme-free/js/interaction.min.js
IP 172.64.153.30:0
File type ASCII text, with very long lines (651)
Hash a8ec1039a995911412902cb4717fd404
3d293889f7a140349035cc1430d0d690fe2fc101
58fcc8942d038edb40d8b78169d7376cfff6b92d7b0c0269cc7c330071e94c9a
GET /hub/26246936/hub_generated/template_assets/53117121742/1663156035455/marketplace/Sprocket_Rocket/sr-theme-free/js/interaction.min.js HTTP/1.1
Host: f.hubspotusercontent-eu1.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 18:54:16 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 74ab54871d6e0b61-OSL
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1209600
ETag: W/"7aaf15d8888fb0d938235508aaa643ff"
Expires: Wed, 28 Sep 2022 18:54:16 GMT
Last-Modified: Wed, 14 Sep 2022 11:47:16 GMT
Vary: Accept-Encoding
CF-Cache-Status: MISS
Access-Control-Allow-Methods: GET
X-Amz-Cf-Pop: FRA53-C1
x-amz-meta-created-unix-time-millis: 1663156035636
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
X-HS-Alternate-Content-Type: text/plain
X-HS-CF-Lambda: us-east-1.enforceAclForReads 5
X-HS-CF-Lambda-Enforce: us-east-1.enforceAclForReads 5
Server: cloudflare
Content-Encoding: gzip
f.hubspotusercontent20.net/hub/275827/hubfs/sr-assets/pattern-library/sr-clients/hirevibe-01.png?width=146&height=76&name=hirevibe-01.png
104.16.187.114200 OK 1.5 kB URL HTTP/2 f.hubspotusercontent20.net/hub/275827/hubfs/sr-assets/pattern-library/sr-clients/hirevibe-01.png?width=146&height=76&name=hirevibe-01.png
IP 104.16.187.114:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash cf95d3460c4507a59e3a53c64466047d
b0c84c4e9fbdfd64529a3a2c70fde1c35d7d2aa3
acf2f13e778a3ac3199b8b252a2387e8da87f68c96faa4ee91dfac736b300bac
GET /hub/275827/hubfs/sr-assets/pattern-library/sr-clients/hirevibe-01.png?width=146&height=76&name=hirevibe-01.png HTTP/1.1
Host: f.hubspotusercontent20.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Sep 2022 18:54:16 GMT
content-type: image/webp
content-length: 1514
cf-ray: 74ab54888a65b52d-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 21162
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
content-disposition: inline; filename="hirevibe-01.webp"
etag: "f4a30fecd8660f5da52c510403afdf91"
last-modified: Tue, 14 May 2019 15:32:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept, Accept-Encoding
via: 1.1 16df6ade68382d048f8aad1f7e39da28.cloudfront.net (CloudFront)
cf-cache-status: HIT
access-control-allow-methods: GET
cache-tag: F-9555291586,FD-6589324589,P-275827,FLS-ALL
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=4194
edge-cache-tag: F-9555291586,FD-6589324589,P-275827,FLS-ALL
x-amz-cf-id: o1LH6fZtxmzVKotaOMr8Pns9286gTyi_I2C1qI6Ib0QI-4JiamsLfA==
x-amz-cf-pop: IAD12-P3
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
server: cloudflare
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Poppins:regular,300,600&display=swap
142.250.74.10200 OK 3.2 kB URL HTTP/2 fonts.googleapis.com/css?family=Poppins:regular,300,600&display=swap
IP 142.250.74.10:0
Hash 1eabc1b2595b8a7649b3d404dd1dd13d
e95f942c6282a85f1af314894586d4e11886ff4b
25dc6b78d31e85ceeeaa666bf715fd5c37bcb3bf85ffdbee1f50ddc407b6dd7f
GET /css?family=Poppins:regular,300,600&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 14 Sep 2022 18:54:16 GMT
date: Wed, 14 Sep 2022 18:54:16 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
f.hubspotusercontent20.net/hub/275827/hubfs/sr-assets/images/sr-logo@2x.png?width=220&height=50&name=sr-logo@2x.png
104.16.187.114200 OK 3.7 kB URL HTTP/2 f.hubspotusercontent20.net/hub/275827/hubfs/sr-assets/images/sr-logo@2x.png?width=220&height=50&name=sr-logo@2x.png
IP 104.16.187.114:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 063485242fc42d804986b23d560573e8
70e915df8932e3346959fc922309a6b6710c0b41
95a4d783c21a40bf91f5312cf1ad9beaf702be65f04bc7214a277795d536c624
GET /hub/275827/hubfs/sr-assets/images/sr-logo@2x.png?width=220&height=50&name=sr-logo@2x.png HTTP/1.1
Host: f.hubspotusercontent20.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Sep 2022 18:54:16 GMT
content-type: image/webp
content-length: 3732
cf-ray: 74ab54888a5bb52d-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 21163
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
content-disposition: inline; filename="sr-logo@2x.webp"
etag: "59c1225e9f3a62bab92559267927d780"
last-modified: Tue, 06 Sep 2022 02:12:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept, Accept-Encoding
via: 1.1 e21fbbed60133ff896ee44224814dc5c.cloudfront.net (CloudFront)
cf-cache-status: HIT
access-control-allow-methods: GET
cache-tag: F-9889655840,FD-9889336472,P-275827,FLS-ALL
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=13061
edge-cache-tag: F-9889655840,FD-9889336472,P-275827,FLS-ALL
x-amz-cf-id: RePgr6s-4k_9ZJTuSjFcVo3yyJ7qxdFtJcxYGaJhejE28TNQvi6nVQ==
x-amz-cf-pop: IAD12-P3
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
server: cloudflare
X-Firefox-Spdy: h2
f.hubspotusercontent20.net/hub/275827/hubfs/sr-assets/pattern-library/sr-clients/logo-alphabet-01.png?width=216&height=56&name=logo-alphabet-01.png
104.16.187.114200 OK 2.3 kB URL HTTP/2 f.hubspotusercontent20.net/hub/275827/hubfs/sr-assets/pattern-library/sr-clients/logo-alphabet-01.png?width=216&height=56&name=logo-alphabet-01.png
IP 104.16.187.114:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash ca39d37fd2b94ce26df4357045b1c80b
7ce08836730461305cda41b524f22dc497899c74
8d8eda0dd2720b65ee680d0ae28536401a8a2f38730b9055e3953c1ba734d43a
GET /hub/275827/hubfs/sr-assets/pattern-library/sr-clients/logo-alphabet-01.png?width=216&height=56&name=logo-alphabet-01.png HTTP/1.1
Host: f.hubspotusercontent20.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Sep 2022 18:54:16 GMT
content-type: image/webp
content-length: 2300
cf-ray: 74ab54888a61b52d-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 21163
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
content-disposition: inline; filename="logo-alphabet-01.webp"
etag: "4e953fa65bb59372af3fda0982b27093"
last-modified: Tue, 14 May 2019 15:32:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept, Accept-Encoding
via: 1.1 36b04143ac1626bb30bb225fb2cccb1e.cloudfront.net (CloudFront)
cf-cache-status: HIT
access-control-allow-methods: GET
cache-tag: F-6589371902,FD-6589324589,P-275827,FLS-ALL
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=6837
edge-cache-tag: F-6589371902,FD-6589324589,P-275827,FLS-ALL
x-amz-cf-id: cY7UOLJHa20H1mcl2Co5yn0ClpUVBSOyYampxPkiYyTeuZxyxp3zLA==
x-amz-cf-pop: IAD12-P3
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
server: cloudflare
X-Firefox-Spdy: h2
f.hubspotusercontent20.net/hub/275827/hubfs/sr-assets/pattern-library/sr-clients/precision-hawk-01.png?width=216&height=20&name=precision-hawk-01.png
104.16.187.114200 OK 2.9 kB URL HTTP/2 f.hubspotusercontent20.net/hub/275827/hubfs/sr-assets/pattern-library/sr-clients/precision-hawk-01.png?width=216&height=20&name=precision-hawk-01.png
IP 104.16.187.114:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 36454962763724292d451e1542478eda
14a93c0719abb4c844cf2861d28a99bc9759c8a2
ed1d4dbb208eca6bcbd25f6b993d4beb45dfd46294d6cf665165949ce2dbc0db
GET /hub/275827/hubfs/sr-assets/pattern-library/sr-clients/precision-hawk-01.png?width=216&height=20&name=precision-hawk-01.png HTTP/1.1
Host: f.hubspotusercontent20.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Sep 2022 18:54:16 GMT
content-type: image/webp
content-length: 2860
cf-ray: 74ab54888a6cb52d-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 21162
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
content-disposition: inline; filename="precision-hawk-01.webp"
etag: "a23bf1a95aac0362a9f667252a32c368"
last-modified: Tue, 14 May 2019 15:32:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept, Accept-Encoding
via: 1.1 979084a90b32fe3f5fdc377fb6e67b76.cloudfront.net (CloudFront)
cf-cache-status: HIT
access-control-allow-methods: GET
cache-tag: F-9555223614,FD-6589324589,P-275827,FLS-ALL
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=6523
edge-cache-tag: F-9555223614,FD-6589324589,P-275827,FLS-ALL
x-amz-cf-id: acQyKRdQy8n28pvLbRB_1W6BrYGBUjJwx1B4qv5zKJhk29-9Xy05Nw==
x-amz-cf-pop: IAD89-P1
x-cache: Hit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
server: cloudflare
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b7e665b6b70fa840ee6a1417da402132
658fa05afcf7752e8cb02979c28874efb0f4ddd8
9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 18:54:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn1.hubspotusercontent-eu1.net/hub/26246936/hub_generated/template_assets/53117121741/1663156028974/marketplace/Sprocket_Rocket/sr-theme-free/css/bootstrap.min.css
104.18.34.226200 OK 11 kB URL HTTP/1.1 cdn1.hubspotusercontent-eu1.net/hub/26246936/hub_generated/template_assets/53117121741/1663156028974/marketplace/Sprocket_Rocket/sr-theme-free/css/bootstrap.min.css
IP 104.18.34.226:0
File type ASCII text, with very long lines (60403), with CRLF line terminators
Hash 32b3e9164c49c97d4adde88f657a6b7e
c6f168becfed8089e060db9e9521a42b612399f0
31f9d2cdd152be4f8ba18cf0b20c2734248bc956df1715345bbbb1c580d8f902
GET /hub/26246936/hub_generated/template_assets/53117121741/1663156028974/marketplace/Sprocket_Rocket/sr-theme-free/css/bootstrap.min.css HTTP/1.1
Host: cdn1.hubspotusercontent-eu1.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 18:54:16 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 74ab54870a0cb529-OSL
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1209600
ETag: W/"c88bd7615d4ee2fd33a13cb75405c830"
Expires: Wed, 28 Sep 2022 18:54:16 GMT
Last-Modified: Wed, 14 Sep 2022 11:47:11 GMT
Vary: Accept-Encoding
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
CF-Cache-Status: REVALIDATED
Access-Control-Allow-Methods: GET
X-Amz-Cf-Id: K6nRyT9uDW41t2WPE2MUoI-UzkpS_1hL9_uoKASTbqeV6r5jq0LUPA==
X-Amz-Cf-Pop: OSL50-P1
x-amz-id-2: 36Be7wHyHEEOf2F1wdahRkWQ6gNp5aA/Nk4hCzwanVFkYeXjD8mdClBOs8Y8Na5apGkrg2/o0z8=
x-amz-meta-created-unix-time-millis: 1663156030393
x-amz-request-id: E46DXWE3ZE4BQY55
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-version-id: DeLv0lvfDoMeJaIXttGZVwetqbFKKiUG
X-Cache: RefreshHit from cloudfront
X-HS-Alternate-Content-Type: text/plain
X-HS-CF-Lambda: us-east-1.enforceAclForReads 5
X-HS-CF-Lambda-Enforce: us-east-1.enforceAclForReads 5
Server: cloudflare
Content-Encoding: gzip
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
104.18.11.207200 OK 10 kB URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.18.11.207:0
File type ASCII text, with very long lines (30837)
Hash 7a3ae8626ab0472d8fc48e1f156b2f79
3c2d2147c00d3ff0f51520276db0105a0035855a
f1e28ceab528ed8633b40d5f0b423ef405f97373c78bff730a23196c52789a96
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 18:54:16 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 722, 617
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 2021-03-10 20:26:20
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 121d365db7a9aba3915641185d93b963
cdn-cache: HIT
cf-cache-status: HIT
age: 12492463
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74ab54872b30b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
f.hubspotusercontent20.net/hub/275827/hubfs/sr-assets/pattern-library/sr-clients/smartmail-01.png?width=216&height=48&name=smartmail-01.png
104.16.187.114200 OK 2.1 kB URL HTTP/2 f.hubspotusercontent20.net/hub/275827/hubfs/sr-assets/pattern-library/sr-clients/smartmail-01.png?width=216&height=48&name=smartmail-01.png
IP 104.16.187.114:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash b9de48b252120fc5c381efef8b31a090
0611ffc3e95d5d607bb0ba17849105fa20ca33c9
c2d59834fe4a5b9c001fbc46c1bf9c40254365be7e03f79f27bbaf2758e93e75
GET /hub/275827/hubfs/sr-assets/pattern-library/sr-clients/smartmail-01.png?width=216&height=48&name=smartmail-01.png HTTP/1.1
Host: f.hubspotusercontent20.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Sep 2022 18:54:16 GMT
content-type: image/webp
content-length: 2058
cf-ray: 74ab54889a6fb52d-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 21162
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
content-disposition: inline; filename="smartmail-01.webp"
etag: "cea6cb5f7cf365a77bfbd59e3bbf1cd4"
last-modified: Tue, 14 May 2019 15:32:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept, Accept-Encoding
via: 1.1 3d4bfc42e9575ee1f9559241c9e3f464.cloudfront.net (CloudFront)
cf-cache-status: HIT
access-control-allow-methods: GET
cache-tag: F-9555425370,FD-6589324589,P-275827,FLS-ALL
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=5846
edge-cache-tag: F-9555425370,FD-6589324589,P-275827,FLS-ALL
x-amz-cf-id: uvFQYdfYk5kpkQTNroMb8cJONwjnofFVO8zeQ_CXgsLecb4ColHHZw==
x-amz-cf-pop: IAD12-P3
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
server: cloudflare
X-Firefox-Spdy: h2
f.hubspotusercontent20.net/hub/275827/hubfs/sr-assets/pattern-library/sr-clients/qualio-01.png?width=216&height=60&name=qualio-01.png
104.16.187.114200 OK 2.9 kB URL HTTP/2 f.hubspotusercontent20.net/hub/275827/hubfs/sr-assets/pattern-library/sr-clients/qualio-01.png?width=216&height=60&name=qualio-01.png
IP 104.16.187.114:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 2968c5068d55383be7df5b6edeedbec5
1aa3f7d2b597f4952402372d641bce5b47693119
746b0e9d3c407413c00d624f2e4f50a137f981a8eddc23aeedd625074942ad39
GET /hub/275827/hubfs/sr-assets/pattern-library/sr-clients/qualio-01.png?width=216&height=60&name=qualio-01.png HTTP/1.1
Host: f.hubspotusercontent20.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Sep 2022 18:54:16 GMT
content-type: image/webp
content-length: 2868
cf-ray: 74ab54888a63b52d-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 21162
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
content-disposition: inline; filename="qualio-01.webp"
etag: "e31e7490353b4655f5ea5ec34be34e50"
last-modified: Tue, 14 May 2019 15:32:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept, Accept-Encoding
via: 1.1 736ad67f05a9a5a8fd5ed8cba30196f4.cloudfront.net (CloudFront)
cf-cache-status: HIT
access-control-allow-methods: GET
cache-tag: F-9555223454,FD-6589324589,P-275827,FLS-ALL
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=8692
edge-cache-tag: F-9555223454,FD-6589324589,P-275827,FLS-ALL
x-amz-cf-id: IG7oRhGd0rt0xNXk7Okgc3dIcMqotqkaJLFlTmb0VKKStL7a9VJPkg==
x-amz-cf-pop: IAD12-P3
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
server: cloudflare
X-Firefox-Spdy: h2
f.hubspotusercontent20.net/hub/275827/hubfs/sr-assets/pattern-library/sr-clients/logo-airbnb-01.png?width=216&height=68&name=logo-airbnb-01.png
104.16.187.114200 OK 2.5 kB URL HTTP/2 f.hubspotusercontent20.net/hub/275827/hubfs/sr-assets/pattern-library/sr-clients/logo-airbnb-01.png?width=216&height=68&name=logo-airbnb-01.png
IP 104.16.187.114:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 1a4cc65de36d8bcd2eb456231b373d17
3495f83209d24b6ce75d0b87c83805117004ab13
846b71545820c891fd3bc6a00da4ea1d5743f0bdfd1401937d5beeb3749c3fc0
GET /hub/275827/hubfs/sr-assets/pattern-library/sr-clients/logo-airbnb-01.png?width=216&height=68&name=logo-airbnb-01.png HTTP/1.1
Host: f.hubspotusercontent20.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Sep 2022 18:54:16 GMT
content-type: image/webp
content-length: 2536
cf-ray: 74ab54888a5fb52d-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 21163
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
content-disposition: inline; filename="logo-airbnb-01.webp"
etag: "8272f107647148a70bf19428d65408d9"
last-modified: Tue, 14 May 2019 15:32:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept, Accept-Encoding
via: 1.1 0501dadffc52b06a0cf6aadc57586acc.cloudfront.net (CloudFront)
cf-cache-status: HIT
access-control-allow-methods: GET
cache-tag: F-6589325565,FD-6589324589,P-275827,FLS-ALL
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=7383
edge-cache-tag: F-6589325565,FD-6589324589,P-275827,FLS-ALL
x-amz-cf-id: De3VeFTJF9Nw-18aUmR4I4ttZ4nTX-YS1wZCChOA3XPb12XbUrp3aQ==
x-amz-cf-pop: IAD89-P1
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
server: cloudflare
X-Firefox-Spdy: h2
f.hubspotusercontent20.net/hub/275827/hubfs/sr-assets/pattern-library/sr-clients/logo-fitbit-01.png?width=216&height=60&name=logo-fitbit-01.png
104.16.187.114200 OK 2.1 kB URL HTTP/2 f.hubspotusercontent20.net/hub/275827/hubfs/sr-assets/pattern-library/sr-clients/logo-fitbit-01.png?width=216&height=60&name=logo-fitbit-01.png
IP 104.16.187.114:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash c3670ba0b7439b0f226113351eaea7cc
1b2e2724370323192c04714a46459e8c547b34c9
81b5ba6fe680add910fbc5cb54ded0927c7877427222f80fb1d2fb87b6b47ced
GET /hub/275827/hubfs/sr-assets/pattern-library/sr-clients/logo-fitbit-01.png?width=216&height=60&name=logo-fitbit-01.png HTTP/1.1
Host: f.hubspotusercontent20.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Sep 2022 18:54:16 GMT
content-type: image/webp
content-length: 2088
cf-ray: 74ab54888a67b52d-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 21163
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
content-disposition: inline; filename="logo-fitbit-01.webp"
etag: "550dec525dbee69d80c98a38027d6632"
last-modified: Tue, 14 May 2019 15:32:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept, Accept-Encoding
via: 1.1 dfc1931cc62ecd4133c2b9bdae1bb476.cloudfront.net (CloudFront)
cf-cache-status: HIT
access-control-allow-methods: GET
cache-tag: F-6589324599,FD-6589324589,P-275827,FLS-ALL
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=6233
edge-cache-tag: F-6589324599,FD-6589324589,P-275827,FLS-ALL
x-amz-cf-id: eQLJAmFzguPdEXKsrpHLsy5eEvzoxlLOlodxrOQcPxI4P3684cqPmw==
x-amz-cf-pop: IAD12-P3
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
server: cloudflare
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b7e665b6b70fa840ee6a1417da402132
658fa05afcf7752e8cb02979c28874efb0f4ddd8
9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 18:54:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
142.250.74.163200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://news4kcnn.hs-sites-eu1.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:32:09 GMT
expires: Thu, 07 Sep 2023 19:32:09 GMT
cache-control: public, max-age=31536000
age: 602527
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
142.250.74.163200 OK 8.0 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data
Hash 72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://news4kcnn.hs-sites-eu1.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:30:59 GMT
expires: Thu, 07 Sep 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 602597
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.hsappstatic.net/cms-free-branding-lib/static-1.111/assets/sprocket_white.svg
104.17.9.210301 Moved Permanently 0 B URL HTTP/1.1 static.hsappstatic.net/cms-free-branding-lib/static-1.111/assets/sprocket_white.svg
IP 104.17.9.210:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cms-free-branding-lib/static-1.111/assets/sprocket_white.svg HTTP/1.1
Host: static.hsappstatic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
HTTP/1.1 301 Moved Permanently
Date: Wed, 14 Sep 2022 18:54:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 14 Sep 2022 19:54:16 GMT
Location: https://static.hsappstatic.net/cms-free-branding-lib/static-1.111/assets/sprocket_white.svg
Vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vldfyjbaaQG%2FHQN01106D9609U%2BksFOtIGFIkjFwVt0xJo1%2F0adEzPDB2TkedN72HDlmlEM3nUUL9sabybZ4tDJmDaPq5Y47ExXV3eYzHfKE8IO6PeFWgR%2Bg1MxMB39VJ9nysFzQ69s%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74ab54890fc4fac8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b7e665b6b70fa840ee6a1417da402132
658fa05afcf7752e8cb02979c28874efb0f4ddd8
9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 18:54:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
142.250.74.163200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 7840, version 1.0\012- data
Hash 8d91ec1ca2d8b56640a47117e313a3e9
a9e9bafe64666f4595051a0e895b47a5fa39e67e
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
GET /s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://news4kcnn.hs-sites-eu1.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:31:02 GMT
expires: Thu, 07 Sep 2023 19:31:02 GMT
cache-control: public, max-age=31536000
age: 602594
last-modified: Wed, 27 Apr 2022 16:51:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
34.214.17.205101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.214.17.205:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: MD/cXtRV1BbX/8ONYCGmMg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: GwOOAaYO7tTMNxVKJc1i/mlYrSM=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b7e665b6b70fa840ee6a1417da402132
658fa05afcf7752e8cb02979c28874efb0f4ddd8
9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 18:54:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 1.2 kB IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9ba0a89d131bdb512efa3898b9a65972
f9703fad64c292259079dbbfa429b3382f8a402e
aa9b9808ce15e60d969010326eebeb4a3311a534f447275d4ae7d37f92466ed4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01D9ABBA982648F6763DADDE86CC6E4D4673C93D6CE0A5EE0616E508A4854537"
Last-Modified: Wed, 14 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 15 Sep 2022 00:54:16 GMT
Date: Wed, 14 Sep 2022 18:54:16 GMT
Connection: keep-alive
app-eu1.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission?portalId=26246936&callback=jsonpHandler
172.65.236.181204 No Content 0 B URL HTTP/2 app-eu1.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission?portalId=26246936&callback=jsonpHandler
IP 172.65.236.181:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /content-tools-menu/api/v1/tools-menu/has-permission?portalId=26246936&callback=jsonpHandler HTTP/1.1
Host: app-eu1.hubspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 14 Sep 2022 18:54:16 GMT
cf-ray: 74ab548b4f4f15f4-ARN
cache-control: max-age=0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports?cfRay=74ab548b4f4f15f4&resource=unknown"}]}
x-hs-worker-debug-mode: false
x-hubspot-correlation-id: 691edde7-9450-4b86-ac7d-35f4e66501fa
x-trace: 2B255F3B911B4599873F8A782212C09DEBF032E4C2000000000000000000
set-cookie: __cf_bm=EUsQkYisNVDSl0RaSRFnSE1rKF8IEP0_NHHld01BRjw-1663181656-0-AZuLkKFWDRURQkkpYdDjqvHarQvqq1hoxukI5w1jlKZBYYJ6HPEEKXD4blxy+FTU41bNgyx0nnPALmJVyyGrTw8=; path=/; expires=Wed, 14-Sep-22 19:24:16 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
news4kcnn.hs-sites-eu1.com/favicon.ico
172.64.154.3404 Not Found 8.8 kB URL HTTP/1.1 news4kcnn.hs-sites-eu1.com/favicon.ico
IP 172.64.154.3:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1351)
Hash 13d55e4da1053a25ad8d83581038e63c
dac65ab4c87984b7d0d0c6b2b4ca8299c65d2c8f
a2db3d24fb2b615625060ce18996e9653313cb92109b90eade08cc90e946f61f
GET /favicon.ico HTTP/1.1
Host: news4kcnn.hs-sites-eu1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
HTTP/1.1 404 Not Found
Date: Wed, 14 Sep 2022 18:54:17 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 74ab548b09d00afa-OSL
Cache-Control: s-maxage=5,max-age=5
Vary: Accept-Encoding
CF-Cache-Status: MISS
Access-Control-Allow-Credentials: false
X-HS-Reason: No favicon src specified for portal
X-HubSpot-Correlation-Id: 2adc95e9-1860-430d-b4d1-7766bc5c0259
X-HubSpot-NotFound: true
X-Trace: 2B474FD6593D58064ED0F8C598961FCFE7A45E7F5E000000000000000000
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
felizvd.com/?api=1&lan=twthk&ht=2&counter0=cococho01
159.203.26.69200 OK 512 kB URL HTTP/1.1 felizvd.com/?api=1&lan=twthk&ht=2&counter0=cococho01
IP 159.203.26.69:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63717), with CRLF line terminators
Size 512 kB (512222 bytes)
Hash 6e3f46d32347b09c3400e7ba5a35e2b9
78ff982e7ee593ec072205235f32ea9261b078e8
68e207154c227dddaa31a4acb7d58296dc2a2e981650bc8f9385f22ed0cfd279
GET /?api=1&lan=twthk&ht=2&counter0=cococho01 HTTP/1.1
Host: felizvd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 14 Sep 2022 18:54:16 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=ek972qtsvoh72qup9np10r5s4r; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
track-eu1.hubspot.com/__ptq.gif?k=1&sd=1280x1024&cd=24-bit&cs=UTF-8&ln=en-us&bfp=931822577&v=1.1&a=26246936&pi=53117545672&ct=standard-page&ccu=http%3A%2F%2Fnews4kcnn.hs-sites-eu1.com&cpi=53117545672&lpi=53117545672&lvi=53117545672&pu=http%3A%2F%2Fnews4kcnn.hs-sites-eu1.com%2F&t=news+private&cts=1663181642945&vi=273058360422436e2d4b8a10fc5ce748&nc=true&u=205882892.273058360422436e2d4b8a10fc5ce748.1663181642943.1663181642943.1663181642943.1&b=205882892.1.1663181642943&cc=15
172.65.240.166200 OK 45 B URL HTTP/2 track-eu1.hubspot.com/__ptq.gif?k=1&sd=1280x1024&cd=24-bit&cs=UTF-8&ln=en-us&bfp=931822577&v=1.1&a=26246936&pi=53117545672&ct=standard-page&ccu=http%3A%2F%2Fnews4kcnn.hs-sites-eu1.com&cpi=53117545672&lpi=53117545672&lvi=53117545672&pu=http%3A%2F%2Fnews4kcnn.hs-sites-eu1.com%2F&t=news+private&cts=1663181642945&vi=273058360422436e2d4b8a10fc5ce748&nc=true&u=205882892.273058360422436e2d4b8a10fc5ce748.1663181642943.1663181642943.1663181642943.1&b=205882892.1.1663181642943&cc=15
IP 172.65.240.166:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c8817d472077ebfc04593c1fa019d32d
e1e86f41c86c7b9cd2e8b76c6a925a1a3e7e3247
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
GET /__ptq.gif?k=1&sd=1280x1024&cd=24-bit&cs=UTF-8&ln=en-us&bfp=931822577&v=1.1&a=26246936&pi=53117545672&ct=standard-page&ccu=http%3A%2F%2Fnews4kcnn.hs-sites-eu1.com&cpi=53117545672&lpi=53117545672&lvi=53117545672&pu=http%3A%2F%2Fnews4kcnn.hs-sites-eu1.com%2F&t=news+private&cts=1663181642945&vi=273058360422436e2d4b8a10fc5ce748&nc=true&u=205882892.273058360422436e2d4b8a10fc5ce748.1663181642943.1663181642943.1663181642943.1&b=205882892.1.1663181642943&cc=15 HTTP/1.1
Host: track-eu1.hubspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 18:54:17 GMT
content-type: image/gif
content-length: 45
cf-ray: 74ab548dfe9315e0-ARN
accept-ranges: bytes
cache-control: no-cache, no-store, no-transform
last-modified: Wed, 14 Sep 2022 18:54:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-hubspot-correlation-id: 9ab1c3bc-33ab-4211-8f48-066b62c886ce
x-robots-tag: none
set-cookie: __cf_bm=m140rDQYUc8Kw6NwPBDYPDYmYlV9raYFfH3OKDSzR9E-1663181657-0-AUYBWpQszEhDEhcVe8dxRtgviB45kPXoeQDQgct0ndhpcl5q585LZmclDdb/dPk1bL7p9i1REDtThIfWQkXMqPk=; path=/; expires=Wed, 14-Sep-22 19:24:17 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z3rIwfNq0%2BF9hNixYog8%2BnMp3NYfTi3Oo%2BVbzs2dFnHbrqpmh%2FW%2FmiM9B%2Bz35D5MoI9JxYEOUtijCoRx9J7F%2B0eM6%2FyfTHc77%2FZdwn5DzObx6hhiFbyMEXm9H%2FFhg1KRc6FiCcu3dA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
felizvd.com/location
159.203.26.69301 Moved Permanently 237 B IP 159.203.26.69:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 0fef66e5d094fd5d91561b9c03320d9e
9c213b1d3b04836b255a65124ad96b4eacd9ab26
78645463804d6b08abadc3b2b83989fc96d69a7855e75fca9deda265c95b9c9b
GET /location HTTP/1.1
Host: felizvd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 14 Sep 2022 18:54:17 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 237
Connection: keep-alive
Location: https://felizvd.com/location/
forms-eu1.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1
172.65.232.43200 OK 35 B URL HTTP/2 forms-eu1.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1
IP 172.65.232.43:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1 HTTP/1.1
Host: forms-eu1.hsforms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 18:54:17 GMT
content-type: image/gif
content-length: 35
x-trace: 2B70B136C3675050E16C7258712A2DD6086AFEC112000000000000000000
cache-control: max-age=0, no-cache, no-store
vary: Accept-Encoding
x-hubspot-correlation-id: f789febe-8f94-41c8-8dd2-b36d9f93a65d
access-control-allow-credentials: false
access-control-expose-headers: X-Origin-Hublet
x-robots-tag: none
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74ab548e689d9915-ARN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
felizvd.com/location/
159.203.26.69200 OK 468 B IP 159.203.26.69:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with CRLF line terminators
Hash 6f1497d5364a6cfda0e81dd10d409ebf
4db66111b55d4b33203ba3a888e12ba6163cdfdf
3cf8f3dd6ae89d4970edad8007c999d712327c53c1da0998db6f32c7ad99c4e2
GET /location/ HTTP/1.1
Host: felizvd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://news4kcnn.hs-sites-eu1.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 14 Sep 2022 18:54:17 GMT
Content-Type: application/javascript
Content-Length: 468
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
whos.amung.us/widget/cococho01
172.67.8.141307 Temporary Redirect 0 B URL HTTP/1.1 whos.amung.us/widget/cococho01
IP 172.67.8.141:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /widget/cococho01 HTTP/1.1
Host: whos.amung.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
HTTP/1.1 307 Temporary Redirect
Date: Wed, 14 Sep 2022 18:54:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: no-cache, no-store, must-revalidate
location: http://widgets.amung.us/classic/00/88.png
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74ab548f5cf6b509-OSL
widgets.amung.us/classic/00/88.png
104.22.75.171200 OK 1.4 kB URL HTTP/1.1 widgets.amung.us/classic/00/88.png
IP 104.22.75.171:0
File type PNG image data, 81 x 29, 8-bit colormap, non-interlaced\012- data
Hash caf28860e0c7d89ea78836e05e93755d
b591ef6584fd6be163f95afab85fb209d6bbb079
76bfd6ca7d85a2ba9cdd79ff28df644c3e75e243222cd10ecf466746eed6dff3
GET /classic/00/88.png HTTP/1.1
Host: widgets.amung.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://news4kcnn.hs-sites-eu1.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 18:54:17 GMT
Content-Type: image/png
Content-Length: 1436
Connection: keep-alive
last-modified: Sun, 13 Jun 2010 09:03:09 GMT
etag: "4c149ecd-59c"
expires: Mon, 12 Sep 2022 15:39:11 GMT
cache-control: max-age=2678400
access-control-allow-origin: *
CF-Cache-Status: HIT
Age: 270906
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74ab54905a80991a-ARN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2194
Expires: Wed, 14 Sep 2022 19:30:51 GMT
Date: Wed, 14 Sep 2022 18:54:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2194
Expires: Wed, 14 Sep 2022 19:30:51 GMT
Date: Wed, 14 Sep 2022 18:54:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2194
Expires: Wed, 14 Sep 2022 19:30:51 GMT
Date: Wed, 14 Sep 2022 18:54:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2194
Expires: Wed, 14 Sep 2022 19:30:51 GMT
Date: Wed, 14 Sep 2022 18:54:17 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f033f00-b116-4419-9d21-3aed9c73ea2e.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f033f00-b116-4419-9d21-3aed9c73ea2e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9d97e56f75165efcc71ae54952ded405
28d47359e70789115b2954b6c94711bb783b3c8c
564eac2ae99724e5f43aa1ae0afe4dec03697f888f51774e70e1b9c273c2d9d6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f033f00-b116-4419-9d21-3aed9c73ea2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8764
x-amzn-requestid: 48f44e2c-3d91-46cf-8701-3c5028e0a86d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YE-gLG4_oAMFn-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63184467-46abfc77601bd90f39a2c840;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 07:12:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tE5GZDktiELwfFRC_IEAqoat6cN7vb_TA17d-zRO6saTLEGRqB94Pw==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 13:36:51 GMT
age: 19046
etag: "28d47359e70789115b2954b6c94711bb783b3c8c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f2157f7cfbdeb607f28ae51eb090f2c3
33d0dcadaa42179b2eae914c8ad16c9c088afbc9
135cd89c2c82f0f5e53d2612d5eac868c175b28a567a07e63a2073942e36a066
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6078
x-amzn-requestid: e09c099f-5a2d-49d7-b6ab-e16f09c28bd0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YavJEEM5IAMFreQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f8a0-0fbb7b3d0cd6fbfa04f5a5d2;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:39:44 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Ur-HTN2DS8b3ojSQldJOZi6YW2wtCwRfbGqxg49ZUJ_00hC_rFxYEw==
via: 1.1 9b21fd56256eda6d1379e32829c4c446.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 22:05:07 GMT
age: 74950
etag: "33d0dcadaa42179b2eae914c8ad16c9c088afbc9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34a3d36b-806f-4fea-a370-b26c1e8473d0.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34a3d36b-806f-4fea-a370-b26c1e8473d0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f5befd5bb8e6d5dad2465be69d5a33e4
e5b46c3ca439a09950290cada1af5e27cede10f2
4dc0a3373fb4c1830c4e2420dddbcbe8dceecf10e969cbe8d02368e41207832c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34a3d36b-806f-4fea-a370-b26c1e8473d0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5988
x-amzn-requestid: a0d81c7a-14e3-443d-8fb7-19241f06d3c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yaux0H77IAMF2_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f80b-0fe6fbbe75e891b925f88dc2;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:37:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3PbHWkNMa0XkuY_FcTO22i9YwMdqlJPCho7FlBwdbuUnbWrOv0w5Hg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 21:59:03 GMT
age: 75314
etag: "e5b46c3ca439a09950290cada1af5e27cede10f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2b71bb0-fd92-43d0-8cd0-b426d0b88ee8.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2b71bb0-fd92-43d0-8cd0-b426d0b88ee8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 56811a1a20a467464e1f3da171ef8b14
366b2090d409d694b72b4b4131df46dd65d69c5a
4c208fb88884166adf4ecc5882f75948b4a87d85c76ad6e7137e8edbd125c996
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2b71bb0-fd92-43d0-8cd0-b426d0b88ee8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15547
x-amzn-requestid: a78f7d90-84c3-4198-88bf-1d722c37f09f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yauv4EUDoAMF13A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f7ff-49535e5525606250306488ba;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:37:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: CWzE6n2U7hSFcSIHX5z76DPIid9pvbOqM6ikOlegBxzbuRThMeLKZA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 21:46:14 GMT
etag: "366b2090d409d694b72b4b4131df46dd65d69c5a"
content-type: image/jpeg
age: 76083
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8cb650f7-1b0f-4a3d-898f-97b846afe9db.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8cb650f7-1b0f-4a3d-898f-97b846afe9db.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0789404fdbe3613d465d8fa89a63d7b8
0617d2e513097ca415a1d07cd39b1cb64d832ecf
80e55e383f354113c3694bbcc00fd1c544a97079bd3c462f1b90e952c0634bac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8cb650f7-1b0f-4a3d-898f-97b846afe9db.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10138
x-amzn-requestid: bdf798d9-6729-4363-a900-f32c4041d0c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YU5qsGZ-oAMFQ1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ea311-7b146c0620a83d5c00446f87;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 03:10:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OM9K72ukk0cuyR1ZcV5xWXnEd8U9OgeQi7bkCe0Pzn3BfdLMvSdSXg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 03:09:32 GMT
age: 56685
etag: "0617d2e513097ca415a1d07cd39b1cb64d832ecf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16b1b829-b672-479c-964a-2f636f65f91e.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16b1b829-b672-479c-964a-2f636f65f91e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fef8234ab83f6f8f8b29665f592cbc9f
a3e706d6309e4a9d7b293f2b9255f1550ba5e9b7
569c8c9736026fc310e148d4d74081e96a86245baaa1f784280d44a1cbd25ed0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16b1b829-b672-479c-964a-2f636f65f91e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14151
x-amzn-requestid: d5bc9be4-af3a-40fd-bfc9-1ac4769d2d3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yauv4GhboAMF2dA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f7ff-375df72d2d67582635b9e4ae;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:37:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: CZRpgjU_AxNYoyeSTOwhJhONl2DS4pvCLJ62RgAFp0flw-kPz3GkpQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 22:06:54 GMT
etag: "a3e706d6309e4a9d7b293f2b9255f1550ba5e9b7"
content-type: image/jpeg
age: 74843
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
news4kcnn.hs-sites-eu1.com/_hcms/perf
172.64.154.3200 OK 2 B URL HTTP/1.1 news4kcnn.hs-sites-eu1.com/_hcms/perf
IP 172.64.154.3:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Analyzer Verdict Alert fortinet Phishing
POST /_hcms/perf HTTP/1.1
Host: news4kcnn.hs-sites-eu1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-type: application/json
Content-Length: 740
Origin: http://news4kcnn.hs-sites-eu1.com
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Cookie: __hstc=205882892.273058360422436e2d4b8a10fc5ce748.1663181642943.1663181642943.1663181642943.1; hubspotutk=273058360422436e2d4b8a10fc5ce748; __hssrc=1; __hssc=205882892.1.1663181642943
HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 18:54:20 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
CF-Ray: 74ab54a07adf0afa-OSL
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Access-Control-Allow-Credentials: false
X-HubSpot-Correlation-Id: 1451bb5b-6de3-42b6-bc33-d846a719305e
X-Robots-Tag: none
X-Trace: 2B5E83F9C78C984906E575122F2449D6BC2C03A133000000000000000000
Server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
js-eu1.hscollectedforms.net/collectedforms.js
172.65.192.122200 OK 0 B URL HTTP/2 js-eu1.hscollectedforms.net/collectedforms.js
IP 172.65.192.122:0
GET /collectedforms.js HTTP/1.1
Host: js-eu1.hscollectedforms.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://news4kcnn.hs-sites-eu1.com
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 18:54:16 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Tue, 13 Sep 2022 10:41:10 UTC
x-amz-server-side-encryption: AES256
x-amz-version-id: 5afLcxIjU5LfvvyyfvxzjsWXufXHSL1t
etag: W/"7a468b833be86c01bc8dfd455308f792"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: RefreshHit from cloudfront
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: gFbXK5bvIT-64gLggHKl6jfIrLLqDkz4GKbT0mrWX8m_wFhkZZ7HzA==
cache-control: s-maxage=86400, max-age=0
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.292/bundles/project.js&cfRay=74a953939d2a7377-FRA
x-hs-target-asset: collected-forms-embed-js/static-1.292/bundles/project.js
x-hs-cache-status: MISS
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
cf-cache-status: HIT
age: 21011
server: cloudflare
cf-ray: 74ab54884a1c0d32-ARN
content-encoding: br
X-Firefox-Spdy: h2
js-eu1.hs-analytics.net/analytics/1663181400000/26246936.js
172.65.238.60200 OK 0 B URL HTTP/2 js-eu1.hs-analytics.net/analytics/1663181400000/26246936.js
IP 172.65.238.60:0
GET /analytics/1663181400000/26246936.js HTTP/1.1
Host: js-eu1.hs-analytics.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 18:54:16 GMT
content-type: text/javascript
x-amz-id-2: AkXuTOlv4OZKCj15k4eSlfx+ApqkKeYc00FIyEfjkvFua3SezDX9wpx49DHxvHFKXgl1jSfkOiY=
x-amz-request-id: 8DTE6V58BD3YDPZN
last-modified: Wed, 14 Sep 2022 11:45:11 GMT
etag: W/"961ca446759a9849f5f31f953b62814c"
x-amz-server-side-encryption: AES256
cache-control: max-age=300, public
access-control-allow-credentials: false
expires: Wed, 14 Sep 2022 18:59:16 GMT
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ab548b4d370d4e-ARN
content-encoding: br
X-Firefox-Spdy: h2
forms-eu1.hubspot.com/collected-forms/v1/config/json?portalId=26246936&utk=
172.65.193.34200 OK 0 B URL HTTP/2 forms-eu1.hubspot.com/collected-forms/v1/config/json?portalId=26246936&utk=
IP 172.65.193.34:0
GET /collected-forms/v1/config/json?portalId=26246936&utk= HTTP/1.1
Host: forms-eu1.hubspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://news4kcnn.hs-sites-eu1.com
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 18:54:16 GMT
content-type: application/json;charset=utf-8
vary: Accept-Encoding
x-hubspot-correlation-id: 7b8bf744-595e-4127-9466-75a48338aef3
access-control-allow-credentials: false
access-control-allow-origin: http://news4kcnn.hs-sites-eu1.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: *
access-control-max-age: 180
x-robots-tag: none
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=tTdd.UxA1qpMJ2_hW7kBZN0WJ4IaIQmNCOe3R6xUOI8-1663181656-0-AaGWcNxw8wTwpu2/QXc61TVvoOc/U93IeK3Yc51i8HMf7WiR5XIMq9tkiDBpm+fdivPN0SFRswHvpkfbO/Ykb1M=; path=/; expires=Wed, 14-Sep-22 19:24:16 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6i7kvNJywarug0Nyu2W1jxIoKHxQ5zaw3PDi%2FCyGJEexBKWpYXWUwCX3EijHrtkUfmhe8%2FXE%2BrEtS8BNrx4X%2BBk2zw1qX0xCAglm%2Btxmbz1%2BycLpaAJvpN%2BkbGTP5E73Lzt3H9wD6w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74ab548a1aa00d42-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.hsappstatic.net/HubspotToolsMenu/static-1.138/js/index.js
104.17.9.210200 OK 0 B URL HTTP/2 static.hsappstatic.net/HubspotToolsMenu/static-1.138/js/index.js
IP 104.17.9.210:0
GET /HubspotToolsMenu/static-1.138/js/index.js HTTP/1.1
Host: static.hsappstatic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 18:54:16 GMT
content-type: application/javascript
x-amz-replication-status: COMPLETED
last-modified: Wed, 27 Jul 2022 14:35:54 GMT
etag: W/"0d86ec7be24f2dff2308b8edf54c2f32"
x-amz-server-side-encryption: AES256
x-amz-version-id: k79.hN9WG526nViFF800Vr3DxQF_q.yo
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 2f7792bdc67f7953e2dce93aea1bb9ee.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: YLTjijGIrvYs-mnf4m802qhKaeCMPTJPO9kWnGo7DPUFSWw4moWKag==
cf-cache-status: HIT
age: 1739613
expires: Thu, 14 Sep 2023 18:54:16 GMT
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tiQnISxID13cO5yoTYUqI%2Bz1tO7EnX439ecg9FG0FqUqaiu7abzcPjsz6l8Z9HlelB2jo800FFzhofEZBkFyqCctSUs1T8QZZ5Fz2WHmMy811IWgBxvYh5hJfRwcW345Hzds1v%2Fxoy4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74ab548758e00afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.hsappstatic.net/cos-i18n/static-1.53/bundles/project.js
104.17.9.210200 OK 0 B URL HTTP/2 static.hsappstatic.net/cos-i18n/static-1.53/bundles/project.js
IP 104.17.9.210:0
GET /cos-i18n/static-1.53/bundles/project.js HTTP/1.1
Host: static.hsappstatic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 18:54:16 GMT
content-type: application/javascript
x-amz-replication-status: COMPLETED
last-modified: Tue, 09 Nov 2021 16:12:42 GMT
etag: W/"61ca66de658cab9587e4636894680d5d"
x-amz-server-side-encryption: AES256
x-amz-version-id: P9ES7sOpFzrLl1QoRwjEAy5outPo5_GO
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 251aba405178d16c89041692c3261a47.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL50-C1
x-amz-cf-id: 34g4n2oNRs8WvBEZGObRDrs6gH3jdmXpAmCs72tfRrSAm6YeuGEZUA==
cf-cache-status: HIT
age: 85104
expires: Thu, 14 Sep 2023 18:54:16 GMT
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FE%2BCbPlCq%2FkWWMK0z1tgN2M8zBdNLT6aalrS228bfnD532cQ37nOK960NrHGp8wwf1NRS2pRp5MLksP5zl4l9WvAp5%2BoL96afFNzTbooMadaV13VnOxmOldR9a8bXEZA1vLSxTxW7DA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74ab548758d80afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.hsappstatic.net/cms-free-branding-lib/static-1.111/js/index.js
104.17.9.210200 OK 0 B URL HTTP/2 static.hsappstatic.net/cms-free-branding-lib/static-1.111/js/index.js
IP 104.17.9.210:0
GET /cms-free-branding-lib/static-1.111/js/index.js HTTP/1.1
Host: static.hsappstatic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 18:54:16 GMT
content-type: application/javascript
x-amz-replication-status: COMPLETED
last-modified: Tue, 12 Jul 2022 20:24:02 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: UeMu8WOMDUthADLLgqZZZU3H9mISgOsX
etag: W/"29a15a515ef5e383fba2c6d65b1de499"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: RefreshHit from cloudfront
via: 1.1 60d22b5ab79521d827fcdd546c7710d4.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: -KuTJcFYSjo9F4GglqsT_-vXHaNSY_Z_DAQD2EJCoeEMmw1nPJ3ipg==
cf-cache-status: HIT
age: 1456298
expires: Thu, 14 Sep 2023 18:54:16 GMT
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xY0YwgCPgYspi44Jr1MSEhkW28Pae3qkAxEM4KZ2BIpQw3gSv8hGBlkWYI09OGUelhWxr8QLfSuiJbUenThfczDpcg%2BEu8kLn4mg1R8lBBdx1vgIntPtj7FEiDaYcaPYyPdIYtqrc5M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74ab548748cc0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2