Report - news4kcnn.hs-sites-eu1.com/

Report Overview

Submitted URL
news4kcnn.hs-sites-eu1.com/
IP
104.18.33.253
ASN
#13335 CLOUDFLARENET
Submitted
2022-09-14 18:54:26
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	4.2 kB	142.250.74.3
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	415 B	3.9 kB	142.250.74.10
forms-eu1.hsforms.com	91702	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	444 B	668 B	172.65.232.43
forms-eu1.hubspot.com	77050	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	477 B	1.3 kB	172.65.193.34
static.hsappstatic.net	8199	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	5.5 kB	104.17.9.210
f.hubspotusercontent-eu1.net	278068	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	1.3 kB	172.64.153.30
maxcdn.bootstrapcdn.com	724	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	414 B	11 kB	104.18.11.207
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.25
js-eu1.hscollectedforms.net	75385	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	418 B	1.3 kB	172.65.192.122
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	6.0 kB	23.36.77.32
cdn.jsdelivr.net	439	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	434 B	16 kB	151.101.85.229
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.36
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	27 kB	142.250.74.163
track-eu1.hubspot.com	73788	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	831 B	1.3 kB	172.65.240.166
widgets.amung.us	12623	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	308 B	1.9 kB	104.22.75.171
js-eu1.hs-analytics.net	69352	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	392 B	592 B	172.65.238.60
news4kcnn.hs-sites-eu1.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	20 kB	172.64.154.3
app-eu1.hubspot.com	191732	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	444 B	994 B	172.65.236.181
felizvd.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	514 kB	159.203.26.69
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	67 kB	34.120.237.76
whos.amung.us	12687	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	304 B	343 B	172.67.8.141
code.jquery.com	634	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	408 B	31 kB	69.16.175.10
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	356 B	1.9 kB	104.18.21.226
cdn1.hubspotusercontent-eu1.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	24 kB	104.18.34.226
www.lean-labs.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	446 B	280 kB	199.60.103.254
f.hubspotusercontent20.net	27622	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.1 kB	29 kB	104.16.187.114
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
js-eu1.hs-scripts.com	63672	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	285 B	1.2 kB	172.65.208.22
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	34.214.17.205

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-14	medium	news4kcnn.hs-sites-eu1.com/	Phishing
2022-09-14	medium	news4kcnn.hs-sites-eu1.com/_hcms/perf	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (22)

	URL	Size	First Seen	Last Seen
	js-eu1.hs-scripts.com/26246936.js	1.6 kB	2023-03-07	2023-03-07
Pretty URL js-eu1.hs-scripts.com/26246936.js IP 172.65.208.22 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:30:36 Last Seen2023-03-07 16:30:36 Times Seen1 Hash 541a918fec6452881992989e5832bda9 74e892e82abbe1483b0b1ad928588443c4e33f41 9b396602f35932adb34b124c60dd206fa46252efbefa62251d48481d3dc3f05d Loading...

	js-eu1.hscollectedforms.net/collectedforms.js	67 kB	2023-03-07	2023-03-17
Pretty URL js-eu1.hscollectedforms.net/collectedforms.js IP 172.65.192.122 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:58:35 Last Seen2023-03-17 12:54:02 Times Seen1 Hash 7a468b833be86c01bc8dfd455308f792 c6984552ec9934ce1657ce3f1f992fc3f887f959 5678810bf1c13d60bc4d55a3ca96c163ffc01f865c4e4a64001fc32ffcd367cb Loading...

	felizvd.com/location	1.3 kB	2023-03-07	2024-02-06
Pretty URL felizvd.com/location IP 159.203.26.69 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:20:46 Last Seen2024-02-06 18:22:51 Times Seen330 Hash 1401015f43018b783442c90eb68759cb 4dc50704780ab796fa6dd8735ff8da7b47cd85f4 3de23e25978ddb672300db108b340bd66bbc29fe9aad622c41034c3b92396ffd Loading...

	unknown	0 B	2023-03-07	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 05:11:56 Times Seen37083852 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.min.js	64 kB	2023-03-07	2024-04-26
Pretty URL cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.min.js IP 151.101.85.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:47 Last Seen2024-04-26 05:08:03 Times Seen8576 Hash f0c2bcf5ef0c4476508d79ec9cdcce07 3beed68ed7d753c6bf4f61c26386ddd7929ba030 edd03b96ae4ff7886406c59d7dfeeaa1b624a7da297bf2f92d0cb6b7f9633cba Loading...

	news4kcnn.hs-sites-eu1.com/	392 B	2023-03-07	2023-03-07
Pretty URL news4kcnn.hs-sites-eu1.com/ IP 172.64.154.3 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:30:37 Last Seen2023-03-07 16:30:37 Times Seen1 Hash 4bae14dccba13b0bc8756a981cdcc271 6d484ad916cf4e18979f3e7ec19aad4b9367c1d2 4511a6ed401e2c24cd616b7078233c3a45f432f100c63a61564a617022d4fd03 Loading...

	felizvd.com/?api=1&lan=twthk&ht=2&counter0=cococho01	733 kB	2023-03-07	2023-03-07
Pretty URL felizvd.com/?api=1&lan=twthk&ht=2&counter0=cococho01 IP 159.203.26.69 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:30:37 Last Seen2023-03-07 16:52:59 Times Seen1 Hash a75e2b710cb900445f5ed3496eaa3cde 2a8fc703d31ee11672094cb3abc6b69d26678d8e 1eb0e04e0eb11a5a902ca1b2ee11d17b491790ad97c0d0a5f82e96965db6ec7e Loading...

	news4kcnn.hs-sites-eu1.com/	1.3 kB	2023-03-07	2023-03-07
Pretty URL news4kcnn.hs-sites-eu1.com/ IP 172.64.154.3 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:30:37 Last Seen2023-03-07 16:52:59 Times Seen1 Hash 0cb7aacc6a875177dde317492e0ec641 6903f612f0f83ee2386cededfa876193ffff1912 b4b41c72ad2f3095bb32287f209f8957c723e17a4b87ce6e69bb2cb43e014f01 Loading...

	f.hubspotusercontent-eu1.net/hub/26246936/hub_generated/template_assets/53117121742/1663156035455/marketplace/Sprocket_Rocket/sr-theme-free/js/interaction.min.js	834 B	2023-03-07	2023-03-07
Pretty URL f.hubspotusercontent-eu1.net/hub/26246936/hub_generated/template_assets/53117121742/1663156035455/marketplace/Sprocket_Rocket/sr-theme-free/js/interaction.min.js IP 172.64.153.30 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:30:37 Last Seen2023-03-07 16:52:59 Times Seen1 Hash 7aaf15d8888fb0d938235508aaa643ff b15eef0b6d7bc3eefc200c1a097ad313848a3a90 8bd54059d6e4768cc256df198e3cf0ec1546d3e3fea6ea9810ec599d6fcc38f9 Loading...

	js-eu1.hs-banner.com/26246936.js	62 kB	2023-03-07	2023-03-07
Pretty URL js-eu1.hs-banner.com/26246936.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:30:37 Last Seen2023-03-07 16:52:59 Times Seen1 Hash 025adeed3e76b7cd26ecf01b989b32e9 445b133ac5d773d8ba9b8efb17c66b7954b4f5c3 fd73009f51de54e3315fbf28f5401ef15f93fbfa01f49fc47468e7224aa745ae Loading...

	js-eu1.hs-analytics.net/analytics/1663181400000/26246936.js	65 kB	2023-03-07	2023-03-07
Pretty URL js-eu1.hs-analytics.net/analytics/1663181400000/26246936.js IP 172.65.238.60 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:30:37 Last Seen2023-03-07 16:52:59 Times Seen1 Hash 961ca446759a9849f5f31f953b62814c 63d5e52c2e12dd71448853d6ed3ac679f93a5df5 d7fd49bcdf0c02a0dd512ac2aead0876c3e2caded3614cad4c4cb1d27e9f5865 Loading...

	code.jquery.com/jquery-3.6.0.min.js	90 kB	2023-03-07	2024-04-26
Pretty URL code.jquery.com/jquery-3.6.0.min.js IP 69.16.175.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-04-26 05:07:56 Times Seen261542 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	static.hsappstatic.net/HubspotToolsMenu/static-1.138/js/index.js	9.9 kB	2023-03-07	2023-03-17
Pretty URL static.hsappstatic.net/HubspotToolsMenu/static-1.138/js/index.js IP 104.17.9.210 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:36 Last Seen2023-03-17 12:44:43 Times Seen1 Hash 0d86ec7be24f2dff2308b8edf54c2f32 3a4bb91f5d162991d449eb77ba8904ba6350dc6c 9a50df52651133ee2b309daf0c3b921e9f5109067d5e11f2b8dd055f9ca3e66f Loading...

	news4kcnn.hs-sites-eu1.com/	55 B	2023-03-07	2024-04-26
Pretty URL news4kcnn.hs-sites-eu1.com/ IP 172.64.154.3 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:36 Last Seen2024-04-26 04:05:32 Times Seen1311 Hash ce1fc3b5331cf86ea892bc85482d1ec4 5c36d274239612dbe75c30b19314b001af103dba 1e3defbb6c74c5b86f18073e0901cd29cb4eed326b1aa91e66b1faa20dbb8327 Loading...

	static.hsappstatic.net/cos-i18n/static-1.53/bundles/project.js	1.2 kB	2023-03-07	2024-04-26
Pretty URL static.hsappstatic.net/cos-i18n/static-1.53/bundles/project.js IP 104.17.9.210 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:36 Last Seen2024-04-26 04:05:33 Times Seen2126 Hash 61ca66de658cab9587e4636894680d5d 047e17b37c12cbb9dc8ad2b5cd0201a7c65e9f53 8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02 Loading...

	news4kcnn.hs-sites-eu1.com/	441 B	2023-03-07	2023-03-07
Pretty URL news4kcnn.hs-sites-eu1.com/ IP 172.64.154.3 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:30:37 Last Seen2023-03-07 16:52:59 Times Seen1 Hash 2c47b47943d740d0f906c6b5939d18c4 125f6574aa9d1f4ee0ffe3a2d5571ce5e2dfe1d4 444fb07a982d5f82e6d8d8ee4a1a94ce75b0f8c6a9ebbe4c083d13ebdb6b9cf7 Loading...

		Size	First Seen	Last Seen
	#1 Eval - ac0f838cd8489e911c7a96f854f2d30a	382 B	2023-03-07	2023-03-07
Pretty Observations First Seen2023-03-07 16:30:37 Last Seen2023-03-07 16:52:59 Times Seen1 Hash ac0f838cd8489e911c7a96f854f2d30a af6d28e21d705b424d7cd051e597559178ee2d05 630da06768d46273e886988238462aafe64796fc9d8c9c85d75b30b8afcb99a7 Loading...

	#2 Eval - d41d8cd98f00b204e9800998ecf8427e	0 B	2023-03-07	2024-04-26
Pretty Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 05:11:56 Times Seen37083852 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	#3 Eval - c13f5377f6edf435da7d4786cec0c32a	522 B	2023-03-07	2023-03-07
Pretty Observations First Seen2023-03-07 16:30:37 Last Seen2023-03-07 16:52:59 Times Seen1 Hash c13f5377f6edf435da7d4786cec0c32a 8e0da6499ba73b4e59e7dffdef45654a725b8078 1960d3df1ea15d7133627d151eb48fd1680fc7155dc1a6541807cbac6f33ca3e Loading...

	#4 Eval - eb3c1f84b12e091e7c02bafb084a2ab0	74 B	2023-03-07	2023-03-07
Pretty Observations First Seen2023-03-07 16:30:37 Last Seen2023-03-07 16:52:59 Times Seen1 Hash eb3c1f84b12e091e7c02bafb084a2ab0 11c285ebc7dd370fb27cddda799c3c6190e01af4 1ce0b8fec4048a2609b79aba672d90ed8de6b3ef78178347d9b42d8d90a5506e Loading...

	#5 Eval - 269aeba4ed25b1e9068232330c04a9e2	72 B	2023-03-07	2023-03-07
Pretty Observations First Seen2023-03-07 16:30:37 Last Seen2023-03-07 16:52:59 Times Seen1 Hash 269aeba4ed25b1e9068232330c04a9e2 ccbd9f97c2e526f4f8e7a4639cf42bf3cdf0a2ac 2639df9c76423338e6d3e7493ad3993bb984d7bfa198a2a7336fdb831f3d301a Loading...

	#6 Eval - c0af788c4f790c7a7c757f3a6832b00e	532 B	2023-03-07	2023-03-07
Pretty Observations First Seen2023-03-07 16:30:37 Last Seen2023-03-07 16:52:59 Times Seen1 Hash c0af788c4f790c7a7c757f3a6832b00e 37952e31f0ad35b8094e2489796f6e47ee18fc8b 92e7aa669ac71e7d85cf27ac15baef2fe25d2f76602f98ccb61719f459672d3b Loading...

HTTP Transactions (64)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
be88d3e043e3b95b52e41812e50fb634
0318ba1ce487817ea7cba61dd9413bed29213800
b5f178d23e633283f226cca7a9ae79b01e6cab2299ff7065c980d3a9953212fd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3980
Expires: Wed, 14 Sep 2022 20:00:35 GMT
Date: Wed, 14 Sep 2022 18:54:15 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

143.204.55.36

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 14 Sep 2022 18:09:39 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vodz8hhvWvSv9oB3ivNe-C09m4eLNyDvYe1TL28dyzv9yWdd3r9dgQ==
Age: 2676

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.25

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.25:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 14 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: gGed-eRZO1q_Bo6IB2jtlHrwclXrxoxSy5dRQc7JLvPgzOZ8QT_uKw==
age: 51540
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 18:54:15 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.36

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Wed, 14 Sep 2022 18:03:22 GMT
Expires: Wed, 14 Sep 2022 18:36:58 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: OS_oxc-TnXWN-7dk8QpB_0gsRiXaEeZYJCeP18ATsWUiQrqsMKWkmA==
Age: 3053

news4kcnn.hs-sites-eu1.com/

172.64.154.3

200 OK

8.9 kB

URL HTTP/1.1
news4kcnn.hs-sites-eu1.com/
IP
172.64.154.3:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (33982), with CRLF, LF line terminators
Size
8.9 kB (8920 bytes)
Hash
bcab196a6593557aff48e2bee8fa0485
ef0cf786187bc58ceb07c7cd28329d4a4acefb54
b41ceacdede39ea52cb45ba3250785e7fe421259da949230311cd31475da3bd1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: news4kcnn.hs-sites-eu1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 18:54:16 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 74ab54824f770afa-OSL
Cache-Control: s-maxage=10,max-age=5
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Access-Control-Allow-Credentials: false
cache-tag: CT-53117545672,P-26246936,CW-53116949197,CW-53117121730,CW-53117121734,CW-53118088388,E-53116948940,E-53116948942,E-53116948943,E-53116948945,E-53117121515,E-53117121739,E-53117121741,E-53117121742,E-53117470969,PGS-ALL,SW-0,TS-53117471166
Edge-Cache-Tag: CT-53117545672,P-26246936,CW-53116949197,CW-53117121730,CW-53117121734,CW-53118088388,E-53116948940,E-53116948942,E-53116948943,E-53116948945,E-53117121515,E-53117121739,E-53117121741,E-53117121742,E-53117470969,PGS-ALL,SW-0,TS-53117471166
X-HS-Cache-Config: BrowserCache-5s-EdgeCache-10s
X-HS-Content-Id: 53117545672
X-HS-Hub-Id: 26246936
X-HubSpot-Correlation-Id: 3a6f2be7-b4a5-4ebd-99a3-60df3ec97b5f
X-Powered-By: HubSpot
X-Robots-Tag: none
X-Trace: 2B557C01E44DCD6CF56203767BC48A708B535D96BE000000000000000000
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

code.jquery.com/jquery-3.6.0.min.js

69.16.175.10

200 OK

31 kB

URL HTTP/2
code.jquery.com/jquery-3.6.0.min.js
IP
69.16.175.10:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (65447)
Size
31 kB (30875 bytes)
Hash
899f0189aaf034bbba5340f724d91dfa
210ea9de03968edb9d839ba4a0ce2d48666a8ab8
949b6597c5ea907a7ef3c8ca6d5ffc73be2352f9df485b78704e5c4dabac5d0f

HTTP Headers

GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://news4kcnn.hs-sites-eu1.com
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 14 Sep 2022 18:54:16 GMT
content-encoding: gzip
content-length: 30875
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d9d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1663181656.dop013.sk1.t,1663181656.cds069.sk1.hn,1663181656.cds210.sk1.c
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.min.js

151.101.85.229

200 OK

15 kB

URL HTTP/2
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.min.js
IP
151.101.85.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (63188)
Size
15 kB (14954 bytes)
Hash
bcd78d6c0ec033bf482fd42a464a0456
db079a86c03c9930571f8d0d6585cd7c4817fb95
3ade5e6e9f8a5da4b810b01861e48e7e4fa50b8c4fc5899a715062a139c5d258

HTTP Headers

GET /npm/bootstrap@4.6.0/dist/js/bootstrap.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://news4kcnn.hs-sites-eu1.com
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 4.6.0
x-jsd-version-type: version
etag: W/"f7eb-O+7WjtfXU8a/T2HCY4bd15KboDA"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 14 Sep 2022 18:54:16 GMT
age: 12248409
x-served-by: cache-fra19124-FRA, cache-bma1622-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 14954
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
abea4dc307fd4da34aac369f4316657c
ef7be7963fa8154c83b78d6ca8518b8448f079ff
1c50a6b2765a5108f31d7a31c98c62d293440c84e8bf63f9dac685be9e3d77d5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 18:54:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

js-eu1.hs-scripts.com/26246936.js

172.65.208.22

200 OK

606 B

URL HTTP/1.1
js-eu1.hs-scripts.com/26246936.js
IP
172.65.208.22:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (546)
Size
606 B (606 bytes)
Hash
df7dcfde59d9c67e1119982c2743a3b9
e873fb2265c6e6a6c631f4befe52aa5917f1d7f9
69b348ccdc2fcb54bcba20bf92281a51b346addec65eb19e5d19d60fb8401ebb

HTTP Headers

GET /26246936.js HTTP/1.1
Host: js-eu1.hs-scripts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/

HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 18:54:16 GMT
Content-Type: application/javascript;charset=utf-8
Content-Length: 606
Connection: keep-alive
X-Trace: 2B4F0F1F0654A3B96F9DABED42E4D663080BD659F9000000000000000000
Cache-Control: public, max-age=30
Vary: Accept-Encoding
X-HubSpot-Correlation-Id: 6ae7b19b-dcbb-4dad-91bf-8c48318b218c
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 3600
Access-Control-Allow-Origin: http://news4kcnn.hs-sites-eu1.com
Last-Modified: Wed, 14 Sep 2022 18:54:16 GMT
CF-Cache-Status: MISS
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 74ab54873aaab505-OSL

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
70023870328bc2851602bfda0671f8d8
1fea657d8819a97c2080bd6b9817dbbc037d5a92
36fe42df3eb421c9a023d170b3058b6d39bc381945f40a1492d6e67983c85dac

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 18:54:16 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "052BA26C709F9CC2B246ADAEF78E82457FF39828"
Expires: Thu, 15 Sep 2022 06:00:00 GMT
Last-Modified: Wed, 14 Sep 2022 18:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1539
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74ab5487d94db527-OSL

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c86fc6649c7c512abb52fcd62d51ee26
bf241d6c1779668447df444a239d715b6ed46f6d
822cb499ea058f2c40ce4942048528575fadc172d3669007f5f34fae41c7ea49

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 18:54:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

static.hsappstatic.net/cms-free-branding-lib/static-1.111/css/hsCmsFreeBranding.css

104.17.9.210

301 Moved Permanently

0 B

URL HTTP/1.1
static.hsappstatic.net/cms-free-branding-lib/static-1.111/css/hsCmsFreeBranding.css
IP
104.17.9.210:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cms-free-branding-lib/static-1.111/css/hsCmsFreeBranding.css HTTP/1.1
Host: static.hsappstatic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/

HTTP/1.1 301 Moved Permanently
Date: Wed, 14 Sep 2022 18:54:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 14 Sep 2022 19:54:16 GMT
Location: https://static.hsappstatic.net/cms-free-branding-lib/static-1.111/css/hsCmsFreeBranding.css
Vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FILmx5ql%2FsM6wLdCSorRq3D9M%2BUPPgBiNzE183XyXCh64GkkYdg7Rt5Eon7pSc0cOI2XBiAyRTJKKQ%2BRdPQaQQQi4J7qLmc4tMIvMletfCTtrwG%2BoaEEOHWacP3%2BqNclz1q6rg9Xoao%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74ab54883857b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

cdn1.hubspotusercontent-eu1.net/hub/26246936/hub_generated/template_assets/53117470969/1663156032537/marketplace/Sprocket_Rocket/sr-theme-free/css/custom-styles.css

104.18.34.226

200 OK

78 B

URL HTTP/1.1
cdn1.hubspotusercontent-eu1.net/hub/26246936/hub_generated/template_assets/53117470969/1663156032537/marketplace/Sprocket_Rocket/sr-theme-free/css/custom-styles.css
IP
104.18.34.226:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
78 B (78 bytes)
Hash
e348549f26a3ad80a396b1cd9a23c7bd
49da85c5983381fccabb9a74833bd4809e0e9b43
53522dd0dc006920a06fa5bbf2859f1e6ce4e5ff1a10d128f5decde523ad71cc

HTTP Headers

GET /hub/26246936/hub_generated/template_assets/53117470969/1663156032537/marketplace/Sprocket_Rocket/sr-theme-free/css/custom-styles.css HTTP/1.1
Host: cdn1.hubspotusercontent-eu1.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/

HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 18:54:16 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 74ab54870805b50c-OSL
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1209600
ETag: W/"498bc73d25b9dc6a812c316d9cd729d5"
Expires: Wed, 28 Sep 2022 18:54:16 GMT
Last-Modified: Wed, 14 Sep 2022 11:47:13 GMT
Vary: Accept-Encoding
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
CF-Cache-Status: REVALIDATED
Access-Control-Allow-Methods: GET
X-Amz-Cf-Id: ZIOeklDZXLt1r1yDgBN8iD-XnG_Lv3ZI1rMrMJsAGt4rz58ltcopDw==
X-Amz-Cf-Pop: OSL50-P1
x-amz-id-2: IQfd/ZZRcu7clS5Edl9Cejf2Ci7p9Vvt2NvgDnk2aTr24T+jwbsgWmIYmxIjE+FvqKdoE17Y7lM=
x-amz-meta-created-unix-time-millis: 1663156032537
x-amz-request-id: JW14A1KGN4JM2J2K
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-version-id: 0U79poF8JgGlnWv7dPJzVsC10kSp.WnG
X-Cache: RefreshHit from cloudfront
X-HS-Alternate-Content-Type: text/plain
X-HS-CF-Lambda: us-east-1.enforceAclForReads 5
X-HS-CF-Lambda-Enforce: us-east-1.enforceAclForReads 5
Server: cloudflare
Content-Encoding: gzip

www.lean-labs.com/hubfs/sr-assets/pattern-library/sr-hero-01/sr-hero-01-v2.jpg

199.60.103.254

200 OK

278 kB

URL HTTP/2
www.lean-labs.com/hubfs/sr-assets/pattern-library/sr-hero-01/sr-hero-01-v2.jpg
IP
199.60.103.254:0
ASN
#209242 Cloudflare London, LLC

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], progressive, precision 8, 2880x1958, components 3\012- data
Size
278 kB (278074 bytes)
Hash
77de0dfc7063d547a20f260ade8123b6
4a494659cbe0ed89c9fd8192f59e8036c0ceb04f
676c068451bb86a8562138ea1641517afc1fb87819c8212e711ea47bac92650c

HTTP Headers

GET /hubfs/sr-assets/pattern-library/sr-hero-01/sr-hero-01-v2.jpg HTTP/1.1
Host: www.lean-labs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 14 Sep 2022 18:54:16 GMT
content-type: image/jpeg
content-length: 278074
cf-ray: 74ab54882d77b51d-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 25716
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
etag: "c83bc29a87114e8e700922654fc8a888"
last-modified: Tue, 11 Dec 2018 17:17:13 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 bfeae0ecbffe44ad98e5cd0ae83bdb4a.cloudfront.net (CloudFront)
cf-cache-status: HIT
access-control-allow-methods: GET
cache-tag: F-6752477065,FD-5987776827,P-275827,FLS-ALL
cf-bgj: imgq:85,h2pri
cf-polished: origSize=305715, status=webp_bigger
edge-cache-tag: F-6752477065,FD-5987776827,P-275827,FLS-ALL
x-amz-cf-id: 78UNxBXXc6IQMkolNLJ-2mN3_qElRDRqD9Z8Ixe-0GWbKpB_rNTT1g==
x-amz-cf-pop: ARN56-P1
x-amz-id-2: oWqLIlMzN5uvFa6YHkgpo+PLxpQl+XWuhEMuj6vWY9GPvJ0aycqM7LLNYIumvmjsFJLleK8cnEI=
x-amz-meta-cache-tag: F-6752477065,FD-5987776827,P-275827,FLS-ALL
x-amz-request-id: B7M52HGBE8AH4FMZ
x-amz-version-id: q.wNl0WaWucSMi8QYT59BSQdbGZRKDEb
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
x-hs-https-only: worker
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0S%2Fwomfw184OQ8N%2FumyjpREAGErz%2BQ2we5VM7FQqu8r30fTJmTtX6XDmn6zwqVP49x3V%2FRn0qmYcQaLiAiK%2FTMlq26po2Tx48zhz144%2FIfSdQ%2FAzDL7HFUd7Y6nRNM%2FCdmD1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: __cf_bm=uImj_Lwz3mz2cNZojVoFhm24kboPmjEiUDgABzKtjxA-1663181656-0-AbPT/5xT2M+MmptEQ6CJNpNVBK8lR+jsvB4NO4FRlsv3b9s6sNmPljKW8PX28AMfhHcYmsLX/sNdCTN8qQd7fLA=; path=/; expires=Wed, 14-Sep-22 19:24:16 GMT; domain=.www.lean-labs.com; HttpOnly; Secure; SameSite=None
__cfruid=415bbb7d53e096fecf9e730c76bf1e1790943fb6-1663181656; path=/; domain=.www.lean-labs.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2

cdn1.hubspotusercontent-eu1.net/hub/26246936/hub_generated/template_assets/53117121739/1663156038137/marketplace/Sprocket_Rocket/sr-theme-free/css/sr-base.min.css

104.18.34.226

200 OK

10 kB

URL HTTP/1.1
cdn1.hubspotusercontent-eu1.net/hub/26246936/hub_generated/template_assets/53117121739/1663156038137/marketplace/Sprocket_Rocket/sr-theme-free/css/sr-base.min.css
IP
104.18.34.226:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
10 kB (10289 bytes)
Hash
002069daafeb38a2d0947d0949775f1d
5f548d13bce90cc5381e9abd0551e709e9552a51
f7706fbf5b79cd01d99dc49d22a09e6c90ef4c3d18ca342828dd94fcd2adc95d

HTTP Headers

GET /hub/26246936/hub_generated/template_assets/53117121739/1663156038137/marketplace/Sprocket_Rocket/sr-theme-free/css/sr-base.min.css HTTP/1.1
Host: cdn1.hubspotusercontent-eu1.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/

HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 18:54:16 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 74ab5486f893b52d-OSL
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1209600
ETag: W/"a034c0cb06aab3ae7329c7fcf548bb86"
Expires: Wed, 28 Sep 2022 18:54:16 GMT
Last-Modified: Wed, 14 Sep 2022 11:47:20 GMT
Vary: Accept-Encoding
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
CF-Cache-Status: REVALIDATED
Access-Control-Allow-Methods: GET
X-Amz-Cf-Id: eEeTgzox4mQnUbfk32woVhH4WO-Rh-5Xxs5HstvZsMLp1iGljVQIhw==
X-Amz-Cf-Pop: OSL50-P1
x-amz-id-2: GEoScNlY3RY+W8eP9fARismE9ziCJmIYLnRvwSo8zBESrLBxb4ELYFI8GhD+gpHYLWTqATO3hfc=
x-amz-meta-created-unix-time-millis: 1663156039053
x-amz-request-id: E4632G2SAK3S975Z
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-version-id: 8Gnw.tLvBXShIILkllBZ0xddBtensMPp
X-Cache: RefreshHit from cloudfront
X-HS-Alternate-Content-Type: text/plain
X-HS-CF-Lambda: us-east-1.enforceAclForReads 5
X-HS-CF-Lambda-Enforce: us-east-1.enforceAclForReads 5
Server: cloudflare
Content-Encoding: gzip

f.hubspotusercontent-eu1.net/hub/26246936/hub_generated/template_assets/53117121742/1663156035455/marketplace/Sprocket_Rocket/sr-theme-free/js/interaction.min.js

172.64.153.30

200 OK

482 B

URL HTTP/1.1
f.hubspotusercontent-eu1.net/hub/26246936/hub_generated/template_assets/53117121742/1663156035455/marketplace/Sprocket_Rocket/sr-theme-free/js/interaction.min.js
IP
172.64.153.30:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (651)
Size
482 B (482 bytes)
Hash
a8ec1039a995911412902cb4717fd404
3d293889f7a140349035cc1430d0d690fe2fc101
58fcc8942d038edb40d8b78169d7376cfff6b92d7b0c0269cc7c330071e94c9a

HTTP Headers

GET /hub/26246936/hub_generated/template_assets/53117121742/1663156035455/marketplace/Sprocket_Rocket/sr-theme-free/js/interaction.min.js HTTP/1.1
Host: f.hubspotusercontent-eu1.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/

HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 18:54:16 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 74ab54871d6e0b61-OSL
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1209600
ETag: W/"7aaf15d8888fb0d938235508aaa643ff"
Expires: Wed, 28 Sep 2022 18:54:16 GMT
Last-Modified: Wed, 14 Sep 2022 11:47:16 GMT
Vary: Accept-Encoding
CF-Cache-Status: MISS
Access-Control-Allow-Methods: GET
X-Amz-Cf-Pop: FRA53-C1
x-amz-meta-created-unix-time-millis: 1663156035636
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
X-HS-Alternate-Content-Type: text/plain
X-HS-CF-Lambda: us-east-1.enforceAclForReads 5
X-HS-CF-Lambda-Enforce: us-east-1.enforceAclForReads 5
Server: cloudflare
Content-Encoding: gzip

f.hubspotusercontent20.net/hub/275827/hubfs/sr-assets/pattern-library/sr-clients/hirevibe-01.png?width=146&height=76&name=hirevibe-01.png

104.16.187.114

200 OK

1.5 kB

URL HTTP/2
f.hubspotusercontent20.net/hub/275827/hubfs/sr-assets/pattern-library/sr-clients/hirevibe-01.png?width=146&height=76&name=hirevibe-01.png
IP
104.16.187.114:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.5 kB (1514 bytes)
Hash
cf95d3460c4507a59e3a53c64466047d
b0c84c4e9fbdfd64529a3a2c70fde1c35d7d2aa3
acf2f13e778a3ac3199b8b252a2387e8da87f68c96faa4ee91dfac736b300bac

HTTP Headers

GET /hub/275827/hubfs/sr-assets/pattern-library/sr-clients/hirevibe-01.png?width=146&height=76&name=hirevibe-01.png HTTP/1.1
Host: f.hubspotusercontent20.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 14 Sep 2022 18:54:16 GMT
content-type: image/webp
content-length: 1514
cf-ray: 74ab54888a65b52d-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 21162
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
content-disposition: inline; filename="hirevibe-01.webp"
etag: "f4a30fecd8660f5da52c510403afdf91"
last-modified: Tue, 14 May 2019 15:32:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept, Accept-Encoding
via: 1.1 16df6ade68382d048f8aad1f7e39da28.cloudfront.net (CloudFront)
cf-cache-status: HIT
access-control-allow-methods: GET
cache-tag: F-9555291586,FD-6589324589,P-275827,FLS-ALL
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=4194
edge-cache-tag: F-9555291586,FD-6589324589,P-275827,FLS-ALL
x-amz-cf-id: o1LH6fZtxmzVKotaOMr8Pns9286gTyi_I2C1qI6Ib0QI-4JiamsLfA==
x-amz-cf-pop: IAD12-P3
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
server: cloudflare
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Poppins:regular,300,600&display=swap

142.250.74.10

200 OK

3.2 kB

URL HTTP/2
fonts.googleapis.com/css?family=Poppins:regular,300,600&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
3.2 kB (3195 bytes)
Hash
1eabc1b2595b8a7649b3d404dd1dd13d
e95f942c6282a85f1af314894586d4e11886ff4b
25dc6b78d31e85ceeeaa666bf715fd5c37bcb3bf85ffdbee1f50ddc407b6dd7f

HTTP Headers

GET /css?family=Poppins:regular,300,600&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 14 Sep 2022 18:54:16 GMT
date: Wed, 14 Sep 2022 18:54:16 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

f.hubspotusercontent20.net/hub/275827/hubfs/sr-assets/images/sr-logo@2x.png?width=220&height=50&name=sr-logo@2x.png

104.16.187.114

200 OK

3.7 kB

URL HTTP/2
f.hubspotusercontent20.net/hub/275827/hubfs/sr-assets/images/sr-logo@2x.png?width=220&height=50&name=sr-logo@2x.png
IP
104.16.187.114:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
3.7 kB (3732 bytes)
Hash
063485242fc42d804986b23d560573e8
70e915df8932e3346959fc922309a6b6710c0b41
95a4d783c21a40bf91f5312cf1ad9beaf702be65f04bc7214a277795d536c624

HTTP Headers

GET /hub/275827/hubfs/sr-assets/images/sr-logo@2x.png?width=220&height=50&name=sr-logo@2x.png HTTP/1.1
Host: f.hubspotusercontent20.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 14 Sep 2022 18:54:16 GMT
content-type: image/webp
content-length: 3732
cf-ray: 74ab54888a5bb52d-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 21163
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
content-disposition: inline; filename="sr-logo@2x.webp"
etag: "59c1225e9f3a62bab92559267927d780"
last-modified: Tue, 06 Sep 2022 02:12:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept, Accept-Encoding
via: 1.1 e21fbbed60133ff896ee44224814dc5c.cloudfront.net (CloudFront)
cf-cache-status: HIT
access-control-allow-methods: GET
cache-tag: F-9889655840,FD-9889336472,P-275827,FLS-ALL
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=13061
edge-cache-tag: F-9889655840,FD-9889336472,P-275827,FLS-ALL
x-amz-cf-id: RePgr6s-4k_9ZJTuSjFcVo3yyJ7qxdFtJcxYGaJhejE28TNQvi6nVQ==
x-amz-cf-pop: IAD12-P3
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
server: cloudflare
X-Firefox-Spdy: h2

f.hubspotusercontent20.net/hub/275827/hubfs/sr-assets/pattern-library/sr-clients/logo-alphabet-01.png?width=216&height=56&name=logo-alphabet-01.png

104.16.187.114

200 OK

2.3 kB

URL HTTP/2
f.hubspotusercontent20.net/hub/275827/hubfs/sr-assets/pattern-library/sr-clients/logo-alphabet-01.png?width=216&height=56&name=logo-alphabet-01.png
IP
104.16.187.114:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
2.3 kB (2300 bytes)
Hash
ca39d37fd2b94ce26df4357045b1c80b
7ce08836730461305cda41b524f22dc497899c74
8d8eda0dd2720b65ee680d0ae28536401a8a2f38730b9055e3953c1ba734d43a

HTTP Headers

GET /hub/275827/hubfs/sr-assets/pattern-library/sr-clients/logo-alphabet-01.png?width=216&height=56&name=logo-alphabet-01.png HTTP/1.1
Host: f.hubspotusercontent20.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 14 Sep 2022 18:54:16 GMT
content-type: image/webp
content-length: 2300
cf-ray: 74ab54888a61b52d-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 21163
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
content-disposition: inline; filename="logo-alphabet-01.webp"
etag: "4e953fa65bb59372af3fda0982b27093"
last-modified: Tue, 14 May 2019 15:32:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept, Accept-Encoding
via: 1.1 36b04143ac1626bb30bb225fb2cccb1e.cloudfront.net (CloudFront)
cf-cache-status: HIT
access-control-allow-methods: GET
cache-tag: F-6589371902,FD-6589324589,P-275827,FLS-ALL
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=6837
edge-cache-tag: F-6589371902,FD-6589324589,P-275827,FLS-ALL
x-amz-cf-id: cY7UOLJHa20H1mcl2Co5yn0ClpUVBSOyYampxPkiYyTeuZxyxp3zLA==
x-amz-cf-pop: IAD12-P3
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
server: cloudflare
X-Firefox-Spdy: h2

f.hubspotusercontent20.net/hub/275827/hubfs/sr-assets/pattern-library/sr-clients/precision-hawk-01.png?width=216&height=20&name=precision-hawk-01.png

104.16.187.114

200 OK

2.9 kB

URL HTTP/2
f.hubspotusercontent20.net/hub/275827/hubfs/sr-assets/pattern-library/sr-clients/precision-hawk-01.png?width=216&height=20&name=precision-hawk-01.png
IP
104.16.187.114:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
2.9 kB (2860 bytes)
Hash
36454962763724292d451e1542478eda
14a93c0719abb4c844cf2861d28a99bc9759c8a2
ed1d4dbb208eca6bcbd25f6b993d4beb45dfd46294d6cf665165949ce2dbc0db

HTTP Headers

GET /hub/275827/hubfs/sr-assets/pattern-library/sr-clients/precision-hawk-01.png?width=216&height=20&name=precision-hawk-01.png HTTP/1.1
Host: f.hubspotusercontent20.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 14 Sep 2022 18:54:16 GMT
content-type: image/webp
content-length: 2860
cf-ray: 74ab54888a6cb52d-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 21162
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
content-disposition: inline; filename="precision-hawk-01.webp"
etag: "a23bf1a95aac0362a9f667252a32c368"
last-modified: Tue, 14 May 2019 15:32:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept, Accept-Encoding
via: 1.1 979084a90b32fe3f5fdc377fb6e67b76.cloudfront.net (CloudFront)
cf-cache-status: HIT
access-control-allow-methods: GET
cache-tag: F-9555223614,FD-6589324589,P-275827,FLS-ALL
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=6523
edge-cache-tag: F-9555223614,FD-6589324589,P-275827,FLS-ALL
x-amz-cf-id: acQyKRdQy8n28pvLbRB_1W6BrYGBUjJwx1B4qv5zKJhk29-9Xy05Nw==
x-amz-cf-pop: IAD89-P1
x-cache: Hit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
server: cloudflare
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b7e665b6b70fa840ee6a1417da402132
658fa05afcf7752e8cb02979c28874efb0f4ddd8
9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 18:54:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn1.hubspotusercontent-eu1.net/hub/26246936/hub_generated/template_assets/53117121741/1663156028974/marketplace/Sprocket_Rocket/sr-theme-free/css/bootstrap.min.css

104.18.34.226

200 OK

11 kB

URL HTTP/1.1
cdn1.hubspotusercontent-eu1.net/hub/26246936/hub_generated/template_assets/53117121741/1663156028974/marketplace/Sprocket_Rocket/sr-theme-free/css/bootstrap.min.css
IP
104.18.34.226:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (60403), with CRLF line terminators
Size
11 kB (10557 bytes)
Hash
32b3e9164c49c97d4adde88f657a6b7e
c6f168becfed8089e060db9e9521a42b612399f0
31f9d2cdd152be4f8ba18cf0b20c2734248bc956df1715345bbbb1c580d8f902

HTTP Headers

GET /hub/26246936/hub_generated/template_assets/53117121741/1663156028974/marketplace/Sprocket_Rocket/sr-theme-free/css/bootstrap.min.css HTTP/1.1
Host: cdn1.hubspotusercontent-eu1.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/

HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 18:54:16 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 74ab54870a0cb529-OSL
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1209600
ETag: W/"c88bd7615d4ee2fd33a13cb75405c830"
Expires: Wed, 28 Sep 2022 18:54:16 GMT
Last-Modified: Wed, 14 Sep 2022 11:47:11 GMT
Vary: Accept-Encoding
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
CF-Cache-Status: REVALIDATED
Access-Control-Allow-Methods: GET
X-Amz-Cf-Id: K6nRyT9uDW41t2WPE2MUoI-UzkpS_1hL9_uoKASTbqeV6r5jq0LUPA==
X-Amz-Cf-Pop: OSL50-P1
x-amz-id-2: 36Be7wHyHEEOf2F1wdahRkWQ6gNp5aA/Nk4hCzwanVFkYeXjD8mdClBOs8Y8Na5apGkrg2/o0z8=
x-amz-meta-created-unix-time-millis: 1663156030393
x-amz-request-id: E46DXWE3ZE4BQY55
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-version-id: DeLv0lvfDoMeJaIXttGZVwetqbFKKiUG
X-Cache: RefreshHit from cloudfront
X-HS-Alternate-Content-Type: text/plain
X-HS-CF-Lambda: us-east-1.enforceAclForReads 5
X-HS-CF-Lambda-Enforce: us-east-1.enforceAclForReads 5
Server: cloudflare
Content-Encoding: gzip

maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

104.18.11.207

200 OK

10 kB

URL HTTP/2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.18.11.207:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (30837)
Size
10 kB (9963 bytes)
Hash
7a3ae8626ab0472d8fc48e1f156b2f79
3c2d2147c00d3ff0f51520276db0105a0035855a
f1e28ceab528ed8633b40d5f0b423ef405f97373c78bff730a23196c52789a96

HTTP Headers

GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 14 Sep 2022 18:54:16 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 722, 617
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 2021-03-10 20:26:20
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 121d365db7a9aba3915641185d93b963
cdn-cache: HIT
cf-cache-status: HIT
age: 12492463
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74ab54872b30b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

f.hubspotusercontent20.net/hub/275827/hubfs/sr-assets/pattern-library/sr-clients/smartmail-01.png?width=216&height=48&name=smartmail-01.png

104.16.187.114

200 OK

2.1 kB

URL HTTP/2
f.hubspotusercontent20.net/hub/275827/hubfs/sr-assets/pattern-library/sr-clients/smartmail-01.png?width=216&height=48&name=smartmail-01.png
IP
104.16.187.114:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
2.1 kB (2058 bytes)
Hash
b9de48b252120fc5c381efef8b31a090
0611ffc3e95d5d607bb0ba17849105fa20ca33c9
c2d59834fe4a5b9c001fbc46c1bf9c40254365be7e03f79f27bbaf2758e93e75

HTTP Headers

GET /hub/275827/hubfs/sr-assets/pattern-library/sr-clients/smartmail-01.png?width=216&height=48&name=smartmail-01.png HTTP/1.1
Host: f.hubspotusercontent20.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 14 Sep 2022 18:54:16 GMT
content-type: image/webp
content-length: 2058
cf-ray: 74ab54889a6fb52d-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 21162
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
content-disposition: inline; filename="smartmail-01.webp"
etag: "cea6cb5f7cf365a77bfbd59e3bbf1cd4"
last-modified: Tue, 14 May 2019 15:32:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept, Accept-Encoding
via: 1.1 3d4bfc42e9575ee1f9559241c9e3f464.cloudfront.net (CloudFront)
cf-cache-status: HIT
access-control-allow-methods: GET
cache-tag: F-9555425370,FD-6589324589,P-275827,FLS-ALL
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=5846
edge-cache-tag: F-9555425370,FD-6589324589,P-275827,FLS-ALL
x-amz-cf-id: uvFQYdfYk5kpkQTNroMb8cJONwjnofFVO8zeQ_CXgsLecb4ColHHZw==
x-amz-cf-pop: IAD12-P3
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
server: cloudflare
X-Firefox-Spdy: h2

f.hubspotusercontent20.net/hub/275827/hubfs/sr-assets/pattern-library/sr-clients/qualio-01.png?width=216&height=60&name=qualio-01.png

104.16.187.114

200 OK

2.9 kB

URL HTTP/2
f.hubspotusercontent20.net/hub/275827/hubfs/sr-assets/pattern-library/sr-clients/qualio-01.png?width=216&height=60&name=qualio-01.png
IP
104.16.187.114:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
2.9 kB (2868 bytes)
Hash
2968c5068d55383be7df5b6edeedbec5
1aa3f7d2b597f4952402372d641bce5b47693119
746b0e9d3c407413c00d624f2e4f50a137f981a8eddc23aeedd625074942ad39

HTTP Headers

GET /hub/275827/hubfs/sr-assets/pattern-library/sr-clients/qualio-01.png?width=216&height=60&name=qualio-01.png HTTP/1.1
Host: f.hubspotusercontent20.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 14 Sep 2022 18:54:16 GMT
content-type: image/webp
content-length: 2868
cf-ray: 74ab54888a63b52d-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 21162
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
content-disposition: inline; filename="qualio-01.webp"
etag: "e31e7490353b4655f5ea5ec34be34e50"
last-modified: Tue, 14 May 2019 15:32:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept, Accept-Encoding
via: 1.1 736ad67f05a9a5a8fd5ed8cba30196f4.cloudfront.net (CloudFront)
cf-cache-status: HIT
access-control-allow-methods: GET
cache-tag: F-9555223454,FD-6589324589,P-275827,FLS-ALL
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=8692
edge-cache-tag: F-9555223454,FD-6589324589,P-275827,FLS-ALL
x-amz-cf-id: IG7oRhGd0rt0xNXk7Okgc3dIcMqotqkaJLFlTmb0VKKStL7a9VJPkg==
x-amz-cf-pop: IAD12-P3
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
server: cloudflare
X-Firefox-Spdy: h2

f.hubspotusercontent20.net/hub/275827/hubfs/sr-assets/pattern-library/sr-clients/logo-airbnb-01.png?width=216&height=68&name=logo-airbnb-01.png

104.16.187.114

200 OK

2.5 kB

URL HTTP/2
f.hubspotusercontent20.net/hub/275827/hubfs/sr-assets/pattern-library/sr-clients/logo-airbnb-01.png?width=216&height=68&name=logo-airbnb-01.png
IP
104.16.187.114:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
2.5 kB (2536 bytes)
Hash
1a4cc65de36d8bcd2eb456231b373d17
3495f83209d24b6ce75d0b87c83805117004ab13
846b71545820c891fd3bc6a00da4ea1d5743f0bdfd1401937d5beeb3749c3fc0

HTTP Headers

GET /hub/275827/hubfs/sr-assets/pattern-library/sr-clients/logo-airbnb-01.png?width=216&height=68&name=logo-airbnb-01.png HTTP/1.1
Host: f.hubspotusercontent20.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 14 Sep 2022 18:54:16 GMT
content-type: image/webp
content-length: 2536
cf-ray: 74ab54888a5fb52d-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 21163
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
content-disposition: inline; filename="logo-airbnb-01.webp"
etag: "8272f107647148a70bf19428d65408d9"
last-modified: Tue, 14 May 2019 15:32:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept, Accept-Encoding
via: 1.1 0501dadffc52b06a0cf6aadc57586acc.cloudfront.net (CloudFront)
cf-cache-status: HIT
access-control-allow-methods: GET
cache-tag: F-6589325565,FD-6589324589,P-275827,FLS-ALL
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=7383
edge-cache-tag: F-6589325565,FD-6589324589,P-275827,FLS-ALL
x-amz-cf-id: De3VeFTJF9Nw-18aUmR4I4ttZ4nTX-YS1wZCChOA3XPb12XbUrp3aQ==
x-amz-cf-pop: IAD89-P1
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
server: cloudflare
X-Firefox-Spdy: h2

f.hubspotusercontent20.net/hub/275827/hubfs/sr-assets/pattern-library/sr-clients/logo-fitbit-01.png?width=216&height=60&name=logo-fitbit-01.png

104.16.187.114

200 OK

2.1 kB

URL HTTP/2
f.hubspotusercontent20.net/hub/275827/hubfs/sr-assets/pattern-library/sr-clients/logo-fitbit-01.png?width=216&height=60&name=logo-fitbit-01.png
IP
104.16.187.114:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
2.1 kB (2088 bytes)
Hash
c3670ba0b7439b0f226113351eaea7cc
1b2e2724370323192c04714a46459e8c547b34c9
81b5ba6fe680add910fbc5cb54ded0927c7877427222f80fb1d2fb87b6b47ced

HTTP Headers

GET /hub/275827/hubfs/sr-assets/pattern-library/sr-clients/logo-fitbit-01.png?width=216&height=60&name=logo-fitbit-01.png HTTP/1.1
Host: f.hubspotusercontent20.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 14 Sep 2022 18:54:16 GMT
content-type: image/webp
content-length: 2088
cf-ray: 74ab54888a67b52d-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 21163
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
content-disposition: inline; filename="logo-fitbit-01.webp"
etag: "550dec525dbee69d80c98a38027d6632"
last-modified: Tue, 14 May 2019 15:32:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept, Accept-Encoding
via: 1.1 dfc1931cc62ecd4133c2b9bdae1bb476.cloudfront.net (CloudFront)
cf-cache-status: HIT
access-control-allow-methods: GET
cache-tag: F-6589324599,FD-6589324589,P-275827,FLS-ALL
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=6233
edge-cache-tag: F-6589324599,FD-6589324589,P-275827,FLS-ALL
x-amz-cf-id: eQLJAmFzguPdEXKsrpHLsy5eEvzoxlLOlodxrOQcPxI4P3684cqPmw==
x-amz-cf-pop: IAD12-P3
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
server: cloudflare
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b7e665b6b70fa840ee6a1417da402132
658fa05afcf7752e8cb02979c28874efb0f4ddd8
9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 18:54:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

142.250.74.163

200 OK

7.9 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Size
7.9 kB (7884 bytes)
Hash
9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

HTTP Headers

GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://news4kcnn.hs-sites-eu1.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:32:09 GMT
expires: Thu, 07 Sep 2023 19:32:09 GMT
cache-control: public, max-age=31536000
age: 602527
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

142.250.74.163

200 OK

8.0 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data
Size
8.0 kB (8000 bytes)
Hash
72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

HTTP Headers

GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://news4kcnn.hs-sites-eu1.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:30:59 GMT
expires: Thu, 07 Sep 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 602597
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

static.hsappstatic.net/cms-free-branding-lib/static-1.111/assets/sprocket_white.svg

104.17.9.210

301 Moved Permanently

0 B

URL HTTP/1.1
static.hsappstatic.net/cms-free-branding-lib/static-1.111/assets/sprocket_white.svg
IP
104.17.9.210:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cms-free-branding-lib/static-1.111/assets/sprocket_white.svg HTTP/1.1
Host: static.hsappstatic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/

HTTP/1.1 301 Moved Permanently
Date: Wed, 14 Sep 2022 18:54:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 14 Sep 2022 19:54:16 GMT
Location: https://static.hsappstatic.net/cms-free-branding-lib/static-1.111/assets/sprocket_white.svg
Vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vldfyjbaaQG%2FHQN01106D9609U%2BksFOtIGFIkjFwVt0xJo1%2F0adEzPDB2TkedN72HDlmlEM3nUUL9sabybZ4tDJmDaPq5Y47ExXV3eYzHfKE8IO6PeFWgR%2Bg1MxMB39VJ9nysFzQ69s%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74ab54890fc4fac8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b7e665b6b70fa840ee6a1417da402132
658fa05afcf7752e8cb02979c28874efb0f4ddd8
9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 18:54:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2

142.250.74.163

200 OK

7.8 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 7840, version 1.0\012- data
Size
7.8 kB (7840 bytes)
Hash
8d91ec1ca2d8b56640a47117e313a3e9
a9e9bafe64666f4595051a0e895b47a5fa39e67e
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb

HTTP Headers

GET /s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://news4kcnn.hs-sites-eu1.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:31:02 GMT
expires: Thu, 07 Sep 2023 19:31:02 GMT
cache-control: public, max-age=31536000
age: 602594
last-modified: Wed, 27 Apr 2022 16:51:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

push.services.mozilla.com/

34.214.17.205

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.214.17.205:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: MD/cXtRV1BbX/8ONYCGmMg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: GwOOAaYO7tTMNxVKJc1i/mlYrSM=

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b7e665b6b70fa840ee6a1417da402132
658fa05afcf7752e8cb02979c28874efb0f4ddd8
9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 18:54:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.77.32

200 OK

1.2 kB

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.2 kB (1195 bytes)
Hash
9ba0a89d131bdb512efa3898b9a65972
f9703fad64c292259079dbbfa429b3382f8a402e
aa9b9808ce15e60d969010326eebeb4a3311a534f447275d4ae7d37f92466ed4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01D9ABBA982648F6763DADDE86CC6E4D4673C93D6CE0A5EE0616E508A4854537"
Last-Modified: Wed, 14 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 15 Sep 2022 00:54:16 GMT
Date: Wed, 14 Sep 2022 18:54:16 GMT
Connection: keep-alive

app-eu1.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission?portalId=26246936&callback=jsonpHandler

172.65.236.181

204 No Content

0 B

URL HTTP/2
app-eu1.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission?portalId=26246936&callback=jsonpHandler
IP
172.65.236.181:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /content-tools-menu/api/v1/tools-menu/has-permission?portalId=26246936&callback=jsonpHandler HTTP/1.1
Host: app-eu1.hubspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Wed, 14 Sep 2022 18:54:16 GMT
cf-ray: 74ab548b4f4f15f4-ARN
cache-control: max-age=0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports?cfRay=74ab548b4f4f15f4&resource=unknown"}]}
x-hs-worker-debug-mode: false
x-hubspot-correlation-id: 691edde7-9450-4b86-ac7d-35f4e66501fa
x-trace: 2B255F3B911B4599873F8A782212C09DEBF032E4C2000000000000000000
set-cookie: __cf_bm=EUsQkYisNVDSl0RaSRFnSE1rKF8IEP0_NHHld01BRjw-1663181656-0-AZuLkKFWDRURQkkpYdDjqvHarQvqq1hoxukI5w1jlKZBYYJ6HPEEKXD4blxy+FTU41bNgyx0nnPALmJVyyGrTw8=; path=/; expires=Wed, 14-Sep-22 19:24:16 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

news4kcnn.hs-sites-eu1.com/favicon.ico

172.64.154.3

404 Not Found

8.8 kB

URL HTTP/1.1
news4kcnn.hs-sites-eu1.com/favicon.ico
IP
172.64.154.3:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1351)
Size
8.8 kB (8841 bytes)
Hash
13d55e4da1053a25ad8d83581038e63c
dac65ab4c87984b7d0d0c6b2b4ca8299c65d2c8f
a2db3d24fb2b615625060ce18996e9653313cb92109b90eade08cc90e946f61f

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: news4kcnn.hs-sites-eu1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/

HTTP/1.1 404 Not Found
Date: Wed, 14 Sep 2022 18:54:17 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 74ab548b09d00afa-OSL
Cache-Control: s-maxage=5,max-age=5
Vary: Accept-Encoding
CF-Cache-Status: MISS
Access-Control-Allow-Credentials: false
X-HS-Reason: No favicon src specified for portal
X-HubSpot-Correlation-Id: 2adc95e9-1860-430d-b4d1-7766bc5c0259
X-HubSpot-NotFound: true
X-Trace: 2B474FD6593D58064ED0F8C598961FCFE7A45E7F5E000000000000000000
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

felizvd.com/?api=1&lan=twthk&ht=2&counter0=cococho01

159.203.26.69

200 OK

512 kB

URL HTTP/1.1
felizvd.com/?api=1&lan=twthk&ht=2&counter0=cococho01
IP
159.203.26.69:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63717), with CRLF line terminators
Size
512 kB (512222 bytes)
Hash
6e3f46d32347b09c3400e7ba5a35e2b9
78ff982e7ee593ec072205235f32ea9261b078e8
68e207154c227dddaa31a4acb7d58296dc2a2e981650bc8f9385f22ed0cfd279

HTTP Headers

GET /?api=1&lan=twthk&ht=2&counter0=cococho01 HTTP/1.1
Host: felizvd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 14 Sep 2022 18:54:16 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=ek972qtsvoh72qup9np10r5s4r; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip

track-eu1.hubspot.com/__ptq.gif?k=1&sd=1280x1024&cd=24-bit&cs=UTF-8&ln=en-us&bfp=931822577&v=1.1&a=26246936&pi=53117545672&ct=standard-page&ccu=http%3A%2F%2Fnews4kcnn.hs-sites-eu1.com&cpi=53117545672&lpi=53117545672&lvi=53117545672&pu=http%3A%2F%2Fnews4kcnn.hs-sites-eu1.com%2F&t=news+private&cts=1663181642945&vi=273058360422436e2d4b8a10fc5ce748&nc=true&u=205882892.273058360422436e2d4b8a10fc5ce748.1663181642943.1663181642943.1663181642943.1&b=205882892.1.1663181642943&cc=15

172.65.240.166

200 OK

45 B

URL HTTP/2
track-eu1.hubspot.com/__ptq.gif?k=1&sd=1280x1024&cd=24-bit&cs=UTF-8&ln=en-us&bfp=931822577&v=1.1&a=26246936&pi=53117545672&ct=standard-page&ccu=http%3A%2F%2Fnews4kcnn.hs-sites-eu1.com&cpi=53117545672&lpi=53117545672&lvi=53117545672&pu=http%3A%2F%2Fnews4kcnn.hs-sites-eu1.com%2F&t=news+private&cts=1663181642945&vi=273058360422436e2d4b8a10fc5ce748&nc=true&u=205882892.273058360422436e2d4b8a10fc5ce748.1663181642943.1663181642943.1663181642943.1&b=205882892.1.1663181642943&cc=15
IP
172.65.240.166:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 1 x 1\012- data
Size
45 B (45 bytes)
Hash
c8817d472077ebfc04593c1fa019d32d
e1e86f41c86c7b9cd2e8b76c6a925a1a3e7e3247
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

HTTP Headers

GET /__ptq.gif?k=1&sd=1280x1024&cd=24-bit&cs=UTF-8&ln=en-us&bfp=931822577&v=1.1&a=26246936&pi=53117545672&ct=standard-page&ccu=http%3A%2F%2Fnews4kcnn.hs-sites-eu1.com&cpi=53117545672&lpi=53117545672&lvi=53117545672&pu=http%3A%2F%2Fnews4kcnn.hs-sites-eu1.com%2F&t=news+private&cts=1663181642945&vi=273058360422436e2d4b8a10fc5ce748&nc=true&u=205882892.273058360422436e2d4b8a10fc5ce748.1663181642943.1663181642943.1663181642943.1&b=205882892.1.1663181642943&cc=15 HTTP/1.1
Host: track-eu1.hubspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 14 Sep 2022 18:54:17 GMT
content-type: image/gif
content-length: 45
cf-ray: 74ab548dfe9315e0-ARN
accept-ranges: bytes
cache-control: no-cache, no-store, no-transform
last-modified: Wed, 14 Sep 2022 18:54:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-hubspot-correlation-id: 9ab1c3bc-33ab-4211-8f48-066b62c886ce
x-robots-tag: none
set-cookie: __cf_bm=m140rDQYUc8Kw6NwPBDYPDYmYlV9raYFfH3OKDSzR9E-1663181657-0-AUYBWpQszEhDEhcVe8dxRtgviB45kPXoeQDQgct0ndhpcl5q585LZmclDdb/dPk1bL7p9i1REDtThIfWQkXMqPk=; path=/; expires=Wed, 14-Sep-22 19:24:17 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z3rIwfNq0%2BF9hNixYog8%2BnMp3NYfTi3Oo%2BVbzs2dFnHbrqpmh%2FW%2FmiM9B%2Bz35D5MoI9JxYEOUtijCoRx9J7F%2B0eM6%2FyfTHc77%2FZdwn5DzObx6hhiFbyMEXm9H%2FFhg1KRc6FiCcu3dA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

felizvd.com/location

159.203.26.69

301 Moved Permanently

237 B

URL HTTP/1.1
felizvd.com/location
IP
159.203.26.69:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
237 B (237 bytes)
Hash
0fef66e5d094fd5d91561b9c03320d9e
9c213b1d3b04836b255a65124ad96b4eacd9ab26
78645463804d6b08abadc3b2b83989fc96d69a7855e75fca9deda265c95b9c9b

HTTP Headers

GET /location HTTP/1.1
Host: felizvd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 14 Sep 2022 18:54:17 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 237
Connection: keep-alive
Location: https://felizvd.com/location/

forms-eu1.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1

172.65.232.43

200 OK

35 B

URL HTTP/2
forms-eu1.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1
IP
172.65.232.43:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

HTTP Headers

GET /embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1 HTTP/1.1
Host: forms-eu1.hsforms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 14 Sep 2022 18:54:17 GMT
content-type: image/gif
content-length: 35
x-trace: 2B70B136C3675050E16C7258712A2DD6086AFEC112000000000000000000
cache-control: max-age=0, no-cache, no-store
vary: Accept-Encoding
x-hubspot-correlation-id: f789febe-8f94-41c8-8dd2-b36d9f93a65d
access-control-allow-credentials: false
access-control-expose-headers: X-Origin-Hublet
x-robots-tag: none
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74ab548e689d9915-ARN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

felizvd.com/location/

159.203.26.69

200 OK

468 B

URL HTTP/1.1
felizvd.com/location/
IP
159.203.26.69:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text, with CRLF line terminators
Size
468 B (468 bytes)
Hash
6f1497d5364a6cfda0e81dd10d409ebf
4db66111b55d4b33203ba3a888e12ba6163cdfdf
3cf8f3dd6ae89d4970edad8007c999d712327c53c1da0998db6f32c7ad99c4e2

HTTP Headers

GET /location/ HTTP/1.1
Host: felizvd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://news4kcnn.hs-sites-eu1.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 14 Sep 2022 18:54:17 GMT
Content-Type: application/javascript
Content-Length: 468
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

whos.amung.us/widget/cococho01

172.67.8.141

307 Temporary Redirect

0 B

URL HTTP/1.1
whos.amung.us/widget/cococho01
IP
172.67.8.141:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /widget/cococho01 HTTP/1.1
Host: whos.amung.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/

HTTP/1.1 307 Temporary Redirect
Date: Wed, 14 Sep 2022 18:54:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: no-cache, no-store, must-revalidate
location: http://widgets.amung.us/classic/00/88.png
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74ab548f5cf6b509-OSL

widgets.amung.us/classic/00/88.png

104.22.75.171

200 OK

1.4 kB

URL HTTP/1.1
widgets.amung.us/classic/00/88.png
IP
104.22.75.171:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 81 x 29, 8-bit colormap, non-interlaced\012- data
Size
1.4 kB (1436 bytes)
Hash
caf28860e0c7d89ea78836e05e93755d
b591ef6584fd6be163f95afab85fb209d6bbb079
76bfd6ca7d85a2ba9cdd79ff28df644c3e75e243222cd10ecf466746eed6dff3

HTTP Headers

GET /classic/00/88.png HTTP/1.1
Host: widgets.amung.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://news4kcnn.hs-sites-eu1.com/
Connection: keep-alive

HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 18:54:17 GMT
Content-Type: image/png
Content-Length: 1436
Connection: keep-alive
last-modified: Sun, 13 Jun 2010 09:03:09 GMT
etag: "4c149ecd-59c"
expires: Mon, 12 Sep 2022 15:39:11 GMT
cache-control: max-age=2678400
access-control-allow-origin: *
CF-Cache-Status: HIT
Age: 270906
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74ab54905a80991a-ARN

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2194
Expires: Wed, 14 Sep 2022 19:30:51 GMT
Date: Wed, 14 Sep 2022 18:54:17 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2194
Expires: Wed, 14 Sep 2022 19:30:51 GMT
Date: Wed, 14 Sep 2022 18:54:17 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2194
Expires: Wed, 14 Sep 2022 19:30:51 GMT
Date: Wed, 14 Sep 2022 18:54:17 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2194
Expires: Wed, 14 Sep 2022 19:30:51 GMT
Date: Wed, 14 Sep 2022 18:54:17 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f033f00-b116-4419-9d21-3aed9c73ea2e.jpeg

34.120.237.76

200 OK

8.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f033f00-b116-4419-9d21-3aed9c73ea2e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.8 kB (8764 bytes)
Hash
9d97e56f75165efcc71ae54952ded405
28d47359e70789115b2954b6c94711bb783b3c8c
564eac2ae99724e5f43aa1ae0afe4dec03697f888f51774e70e1b9c273c2d9d6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f033f00-b116-4419-9d21-3aed9c73ea2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8764
x-amzn-requestid: 48f44e2c-3d91-46cf-8701-3c5028e0a86d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YE-gLG4_oAMFn-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63184467-46abfc77601bd90f39a2c840;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 07:12:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tE5GZDktiELwfFRC_IEAqoat6cN7vb_TA17d-zRO6saTLEGRqB94Pw==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 13:36:51 GMT
age: 19046
etag: "28d47359e70789115b2954b6c94711bb783b3c8c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.1 kB (6078 bytes)
Hash
f2157f7cfbdeb607f28ae51eb090f2c3
33d0dcadaa42179b2eae914c8ad16c9c088afbc9
135cd89c2c82f0f5e53d2612d5eac868c175b28a567a07e63a2073942e36a066

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6078
x-amzn-requestid: e09c099f-5a2d-49d7-b6ab-e16f09c28bd0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YavJEEM5IAMFreQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f8a0-0fbb7b3d0cd6fbfa04f5a5d2;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:39:44 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Ur-HTN2DS8b3ojSQldJOZi6YW2wtCwRfbGqxg49ZUJ_00hC_rFxYEw==
via: 1.1 9b21fd56256eda6d1379e32829c4c446.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 22:05:07 GMT
age: 74950
etag: "33d0dcadaa42179b2eae914c8ad16c9c088afbc9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34a3d36b-806f-4fea-a370-b26c1e8473d0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.0 kB (5988 bytes)
Hash
f5befd5bb8e6d5dad2465be69d5a33e4
e5b46c3ca439a09950290cada1af5e27cede10f2
4dc0a3373fb4c1830c4e2420dddbcbe8dceecf10e969cbe8d02368e41207832c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34a3d36b-806f-4fea-a370-b26c1e8473d0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5988
x-amzn-requestid: a0d81c7a-14e3-443d-8fb7-19241f06d3c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yaux0H77IAMF2_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f80b-0fe6fbbe75e891b925f88dc2;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:37:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3PbHWkNMa0XkuY_FcTO22i9YwMdqlJPCho7FlBwdbuUnbWrOv0w5Hg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 21:59:03 GMT
age: 75314
etag: "e5b46c3ca439a09950290cada1af5e27cede10f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

16 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2b71bb0-fd92-43d0-8cd0-b426d0b88ee8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
16 kB (15547 bytes)
Hash
56811a1a20a467464e1f3da171ef8b14
366b2090d409d694b72b4b4131df46dd65d69c5a
4c208fb88884166adf4ecc5882f75948b4a87d85c76ad6e7137e8edbd125c996

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2b71bb0-fd92-43d0-8cd0-b426d0b88ee8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 15547
x-amzn-requestid: a78f7d90-84c3-4198-88bf-1d722c37f09f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yauv4EUDoAMF13A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f7ff-49535e5525606250306488ba;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:37:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: CWzE6n2U7hSFcSIHX5z76DPIid9pvbOqM6ikOlegBxzbuRThMeLKZA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 21:46:14 GMT
etag: "366b2090d409d694b72b4b4131df46dd65d69c5a"
content-type: image/jpeg
age: 76083
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8cb650f7-1b0f-4a3d-898f-97b846afe9db.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10138 bytes)
Hash
0789404fdbe3613d465d8fa89a63d7b8
0617d2e513097ca415a1d07cd39b1cb64d832ecf
80e55e383f354113c3694bbcc00fd1c544a97079bd3c462f1b90e952c0634bac

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8cb650f7-1b0f-4a3d-898f-97b846afe9db.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10138
x-amzn-requestid: bdf798d9-6729-4363-a900-f32c4041d0c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YU5qsGZ-oAMFQ1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ea311-7b146c0620a83d5c00446f87;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 03:10:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OM9K72ukk0cuyR1ZcV5xWXnEd8U9OgeQi7bkCe0Pzn3BfdLMvSdSXg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 03:09:32 GMT
age: 56685
etag: "0617d2e513097ca415a1d07cd39b1cb64d832ecf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16b1b829-b672-479c-964a-2f636f65f91e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (14151 bytes)
Hash
fef8234ab83f6f8f8b29665f592cbc9f
a3e706d6309e4a9d7b293f2b9255f1550ba5e9b7
569c8c9736026fc310e148d4d74081e96a86245baaa1f784280d44a1cbd25ed0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16b1b829-b672-479c-964a-2f636f65f91e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14151
x-amzn-requestid: d5bc9be4-af3a-40fd-bfc9-1ac4769d2d3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yauv4GhboAMF2dA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f7ff-375df72d2d67582635b9e4ae;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:37:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: CZRpgjU_AxNYoyeSTOwhJhONl2DS4pvCLJ62RgAFp0flw-kPz3GkpQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 22:06:54 GMT
etag: "a3e706d6309e4a9d7b293f2b9255f1550ba5e9b7"
content-type: image/jpeg
age: 74843
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

news4kcnn.hs-sites-eu1.com/_hcms/perf

172.64.154.3

200 OK

2 B

URL HTTP/1.1
news4kcnn.hs-sites-eu1.com/_hcms/perf
IP
172.64.154.3:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /_hcms/perf HTTP/1.1
Host: news4kcnn.hs-sites-eu1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-type: application/json
Content-Length: 740
Origin: http://news4kcnn.hs-sites-eu1.com
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Cookie: __hstc=205882892.273058360422436e2d4b8a10fc5ce748.1663181642943.1663181642943.1663181642943.1; hubspotutk=273058360422436e2d4b8a10fc5ce748; __hssrc=1; __hssc=205882892.1.1663181642943

HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 18:54:20 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
CF-Ray: 74ab54a07adf0afa-OSL
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Access-Control-Allow-Credentials: false
X-HubSpot-Correlation-Id: 1451bb5b-6de3-42b6-bc33-d846a719305e
X-Robots-Tag: none
X-Trace: 2B5E83F9C78C984906E575122F2449D6BC2C03A133000000000000000000
Server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

js-eu1.hscollectedforms.net/collectedforms.js

172.65.192.122

200 OK

0 B

URL HTTP/2
js-eu1.hscollectedforms.net/collectedforms.js
IP
172.65.192.122:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /collectedforms.js HTTP/1.1
Host: js-eu1.hscollectedforms.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://news4kcnn.hs-sites-eu1.com
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 14 Sep 2022 18:54:16 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Tue, 13 Sep 2022 10:41:10 UTC
x-amz-server-side-encryption: AES256
x-amz-version-id: 5afLcxIjU5LfvvyyfvxzjsWXufXHSL1t
etag: W/"7a468b833be86c01bc8dfd455308f792"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: RefreshHit from cloudfront
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: gFbXK5bvIT-64gLggHKl6jfIrLLqDkz4GKbT0mrWX8m_wFhkZZ7HzA==
cache-control: s-maxage=86400, max-age=0
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.292/bundles/project.js&cfRay=74a953939d2a7377-FRA
x-hs-target-asset: collected-forms-embed-js/static-1.292/bundles/project.js
x-hs-cache-status: MISS
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
cf-cache-status: HIT
age: 21011
server: cloudflare
cf-ray: 74ab54884a1c0d32-ARN
content-encoding: br
X-Firefox-Spdy: h2

js-eu1.hs-analytics.net/analytics/1663181400000/26246936.js

172.65.238.60

200 OK

0 B

URL HTTP/2
js-eu1.hs-analytics.net/analytics/1663181400000/26246936.js
IP
172.65.238.60:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /analytics/1663181400000/26246936.js HTTP/1.1
Host: js-eu1.hs-analytics.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 14 Sep 2022 18:54:16 GMT
content-type: text/javascript
x-amz-id-2: AkXuTOlv4OZKCj15k4eSlfx+ApqkKeYc00FIyEfjkvFua3SezDX9wpx49DHxvHFKXgl1jSfkOiY=
x-amz-request-id: 8DTE6V58BD3YDPZN
last-modified: Wed, 14 Sep 2022 11:45:11 GMT
etag: W/"961ca446759a9849f5f31f953b62814c"
x-amz-server-side-encryption: AES256
cache-control: max-age=300, public
access-control-allow-credentials: false
expires: Wed, 14 Sep 2022 18:59:16 GMT
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ab548b4d370d4e-ARN
content-encoding: br
X-Firefox-Spdy: h2

forms-eu1.hubspot.com/collected-forms/v1/config/json?portalId=26246936&utk=

172.65.193.34

200 OK

0 B

URL HTTP/2
forms-eu1.hubspot.com/collected-forms/v1/config/json?portalId=26246936&utk=
IP
172.65.193.34:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /collected-forms/v1/config/json?portalId=26246936&utk= HTTP/1.1
Host: forms-eu1.hubspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://news4kcnn.hs-sites-eu1.com
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 14 Sep 2022 18:54:16 GMT
content-type: application/json;charset=utf-8
vary: Accept-Encoding
x-hubspot-correlation-id: 7b8bf744-595e-4127-9466-75a48338aef3
access-control-allow-credentials: false
access-control-allow-origin: http://news4kcnn.hs-sites-eu1.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: *
access-control-max-age: 180
x-robots-tag: none
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=tTdd.UxA1qpMJ2_hW7kBZN0WJ4IaIQmNCOe3R6xUOI8-1663181656-0-AaGWcNxw8wTwpu2/QXc61TVvoOc/U93IeK3Yc51i8HMf7WiR5XIMq9tkiDBpm+fdivPN0SFRswHvpkfbO/Ykb1M=; path=/; expires=Wed, 14-Sep-22 19:24:16 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6i7kvNJywarug0Nyu2W1jxIoKHxQ5zaw3PDi%2FCyGJEexBKWpYXWUwCX3EijHrtkUfmhe8%2FXE%2BrEtS8BNrx4X%2BBk2zw1qX0xCAglm%2Btxmbz1%2BycLpaAJvpN%2BkbGTP5E73Lzt3H9wD6w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74ab548a1aa00d42-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.hsappstatic.net/HubspotToolsMenu/static-1.138/js/index.js

104.17.9.210

200 OK

0 B

URL HTTP/2
static.hsappstatic.net/HubspotToolsMenu/static-1.138/js/index.js
IP
104.17.9.210:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /HubspotToolsMenu/static-1.138/js/index.js HTTP/1.1
Host: static.hsappstatic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 14 Sep 2022 18:54:16 GMT
content-type: application/javascript
x-amz-replication-status: COMPLETED
last-modified: Wed, 27 Jul 2022 14:35:54 GMT
etag: W/"0d86ec7be24f2dff2308b8edf54c2f32"
x-amz-server-side-encryption: AES256
x-amz-version-id: k79.hN9WG526nViFF800Vr3DxQF_q.yo
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 2f7792bdc67f7953e2dce93aea1bb9ee.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: YLTjijGIrvYs-mnf4m802qhKaeCMPTJPO9kWnGo7DPUFSWw4moWKag==
cf-cache-status: HIT
age: 1739613
expires: Thu, 14 Sep 2023 18:54:16 GMT
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tiQnISxID13cO5yoTYUqI%2Bz1tO7EnX439ecg9FG0FqUqaiu7abzcPjsz6l8Z9HlelB2jo800FFzhofEZBkFyqCctSUs1T8QZZ5Fz2WHmMy811IWgBxvYh5hJfRwcW345Hzds1v%2Fxoy4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74ab548758e00afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.hsappstatic.net/cos-i18n/static-1.53/bundles/project.js

104.17.9.210

200 OK

0 B

URL HTTP/2
static.hsappstatic.net/cos-i18n/static-1.53/bundles/project.js
IP
104.17.9.210:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /cos-i18n/static-1.53/bundles/project.js HTTP/1.1
Host: static.hsappstatic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 14 Sep 2022 18:54:16 GMT
content-type: application/javascript
x-amz-replication-status: COMPLETED
last-modified: Tue, 09 Nov 2021 16:12:42 GMT
etag: W/"61ca66de658cab9587e4636894680d5d"
x-amz-server-side-encryption: AES256
x-amz-version-id: P9ES7sOpFzrLl1QoRwjEAy5outPo5_GO
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 251aba405178d16c89041692c3261a47.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL50-C1
x-amz-cf-id: 34g4n2oNRs8WvBEZGObRDrs6gH3jdmXpAmCs72tfRrSAm6YeuGEZUA==
cf-cache-status: HIT
age: 85104
expires: Thu, 14 Sep 2023 18:54:16 GMT
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FE%2BCbPlCq%2FkWWMK0z1tgN2M8zBdNLT6aalrS228bfnD532cQ37nOK960NrHGp8wwf1NRS2pRp5MLksP5zl4l9WvAp5%2BoL96afFNzTbooMadaV13VnOxmOldR9a8bXEZA1vLSxTxW7DA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74ab548758d80afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.hsappstatic.net/cms-free-branding-lib/static-1.111/js/index.js

104.17.9.210

200 OK

0 B

URL HTTP/2
static.hsappstatic.net/cms-free-branding-lib/static-1.111/js/index.js
IP
104.17.9.210:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /cms-free-branding-lib/static-1.111/js/index.js HTTP/1.1
Host: static.hsappstatic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news4kcnn.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 14 Sep 2022 18:54:16 GMT
content-type: application/javascript
x-amz-replication-status: COMPLETED
last-modified: Tue, 12 Jul 2022 20:24:02 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: UeMu8WOMDUthADLLgqZZZU3H9mISgOsX
etag: W/"29a15a515ef5e383fba2c6d65b1de499"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: RefreshHit from cloudfront
via: 1.1 60d22b5ab79521d827fcdd546c7710d4.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: -KuTJcFYSjo9F4GglqsT_-vXHaNSY_Z_DAQD2EJCoeEMmw1nPJ3ipg==
cf-cache-status: HIT
age: 1456298
expires: Thu, 14 Sep 2023 18:54:16 GMT
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xY0YwgCPgYspi44Jr1MSEhkW28Pae3qkAxEM4KZ2BIpQw3gSv8hGBlkWYI09OGUelhWxr8QLfSuiJbUenThfczDpcg%2BEu8kLn4mg1R8lBBdx1vgIntPtj7FEiDaYcaPYyPdIYtqrc5M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74ab548748cc0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (22)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP