prenblog.com/at/de/galya0?TID=6320A140005B7A26680ED494&host=mandarv.com
212.224.121.236301 Moved Permanently 166 B URL HTTP/1.1 prenblog.com/at/de/galya0?TID=6320A140005B7A26680ED494&host=mandarv.com
IP 212.224.121.236:0
ASN #44066 diva-e Datacenters GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3ea1c8d079b38532a6e01a96216ba5e2
598d3ff91d3e252f1e13df8cf0348b270ff2da3f
87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691
GET /at/de/galya0?TID=6320A140005B7A26680ED494&host=mandarv.com HTTP/1.1
Host: prenblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 13 Sep 2022 15:27:06 GMT
Content-Type: text/html
Content-Length: 166
Connection: keep-alive
Location: http://prenblog.com/at/de/galya0/?TID=6320A140005B7A26680ED494&host=mandarv.com
Expires: Sat, 12 Nov 2022 15:27:06 GMT
Cache-Control: max-age=5184000, public
X-Static-Region: DE
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 13 Sep 2022 15:08:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vvoIOo9ZzRRYRJVuDlnqsft36e8BdN5pwIT5ZCrEE43s33Oln0W82A==
Age: 1100
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash be88d3e043e3b95b52e41812e50fb634
0318ba1ce487817ea7cba61dd9413bed29213800
b5f178d23e633283f226cca7a9ae79b01e6cab2299ff7065c980d3a9953212fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5563
Expires: Tue, 13 Sep 2022 16:59:49 GMT
Date: Tue, 13 Sep 2022 15:27:06 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 13 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: t9TCdy9BJ3LrbZFYI1y1DgcvPz2jwwDFS-rmHBgmDjVJOaHUkeVGUg==
age: 39112
X-Firefox-Spdy: h2
prenblog.com/at/de/galya0/?TID=6320A140005B7A26680ED494&host=mandarv.com
212.224.121.236200 OK 5.7 kB URL HTTP/1.1 prenblog.com/at/de/galya0/?TID=6320A140005B7A26680ED494&host=mandarv.com
IP 212.224.121.236:0
ASN #44066 diva-e Datacenters GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (842)
Hash 14d0f3f4e55913260c161b4b44afdabd
8ec727a278ec6265d491992aa353a4fce773b0c4
6a928500df0a152925261f35d3b8179418727cb1322732b72501ebd37d7908fc
GET /at/de/galya0/?TID=6320A140005B7A26680ED494&host=mandarv.com HTTP/1.1
Host: prenblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Sep 2022 15:27:06 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 11 Jul 2022 11:48:43 GMT
ETag: W/"62cc0e1b-3662"
Expires: Sat, 12 Nov 2022 15:27:06 GMT
Cache-Control: max-age=5184000, public
X-Static-Region: DE
Content-Encoding: gzip
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:27:06 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
prenblog.com/at/de/galya0/css/main.css
212.224.121.236200 OK 2.5 kB URL HTTP/1.1 prenblog.com/at/de/galya0/css/main.css
IP 212.224.121.236:0
ASN #44066 diva-e Datacenters GmbH
File type ASCII text, with CRLF line terminators
Hash 0fc750495fad367612dbda9a7c3e5012
782074f20b1aea13af7c7d8e62af0d22483dcb27
77dc5dee2e36051c5d1085d22473c74f8d750ab9c7b05915790e4f2430e59ba5
GET /at/de/galya0/css/main.css HTTP/1.1
Host: prenblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prenblog.com/at/de/galya0/?TID=6320A140005B7A26680ED494&host=mandarv.com
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Sep 2022 15:27:06 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 16 Jun 2017 14:14:48 GMT
ETag: W/"5943e7d8-361b"
Expires: Sat, 12 Nov 2022 15:27:06 GMT
Cache-Control: max-age=5184000, public
X-Static-Region: DE
Content-Encoding: gzip
prenblog.com/cdn/js/lr.js
212.224.121.236200 OK 2.6 kB URL HTTP/1.1 prenblog.com/cdn/js/lr.js
IP 212.224.121.236:0
ASN #44066 diva-e Datacenters GmbH
File type ASCII text, with very long lines (6614), with no line terminators
Hash a48e1075b482fc34a02c8cd9b4c88f00
0128eb940411a55247e24ed4e06e124b8ef5a003
4b9d113616f335d61a6a5a7da786ed3b465fc5500dd53dfc388def48814fa7ad
Analyzer Verdict Alert fortinet Phishing
GET /cdn/js/lr.js HTTP/1.1
Host: prenblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prenblog.com/at/de/galya0/?TID=6320A140005B7A26680ED494&host=mandarv.com
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Sep 2022 15:27:06 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 12 Jan 2022 12:00:23 GMT
ETag: W/"61dec2d7-19d6"
Expires: Tue, 13 Sep 2022 17:27:06 GMT
Cache-Control: max-age=7200
Content-Encoding: gzip
prenblog.com/at/de/galya0/js/translater.js
212.224.121.236200 OK 4.7 kB URL HTTP/1.1 prenblog.com/at/de/galya0/js/translater.js
IP 212.224.121.236:0
ASN #44066 diva-e Datacenters GmbH
File type Unicode text, UTF-8 text, with very long lines (589), with CRLF line terminators
Hash 7838f4a957fe8e62adaf816bfe66489c
6954166b6598794e59f8af197caa395d4a4dc80c
f93703551eae2a106914976d2c7b02fb03696b52277e2a6956827bed5ea7678a
Analyzer Verdict Alert fortinet Phishing
GET /at/de/galya0/js/translater.js HTTP/1.1
Host: prenblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prenblog.com/at/de/galya0/?TID=6320A140005B7A26680ED494&host=mandarv.com
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Sep 2022 15:27:06 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 16 Jun 2017 14:14:55 GMT
ETag: W/"5943e7df-25b0"
Expires: Sat, 12 Nov 2022 15:27:06 GMT
Cache-Control: max-age=5184000, public
X-Static-Region: DE
Content-Encoding: gzip
prenblog.com/cdn/js/jquery.js
212.224.121.236200 OK 39 kB URL HTTP/1.1 prenblog.com/cdn/js/jquery.js
IP 212.224.121.236:0
ASN #44066 diva-e Datacenters GmbH
File type ASCII text, with very long lines (65483)
Hash 6b4043a36de9e477727d6997af4e871b
9d38d31969173f681a48bf36c29dc4a6c778a4f7
473ed819d4fe77bf5285600ddf59084aceb71007fd371afe1e3130a8113c5cdd
Analyzer Verdict Alert fortinet Phishing
GET /cdn/js/jquery.js HTTP/1.1
Host: prenblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prenblog.com/at/de/galya0/?TID=6320A140005B7A26680ED494&host=mandarv.com
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Sep 2022 15:27:06 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 08 Sep 2015 14:12:04 GMT
ETag: W/"55eeecb4-16dc4"
Expires: Tue, 13 Sep 2022 17:27:06 GMT
Cache-Control: max-age=7200
Content-Encoding: gzip
prenblog.com/at/de/galya0/img/commit_head_c.png
212.224.121.236200 OK 18 kB URL HTTP/1.1 prenblog.com/at/de/galya0/img/commit_head_c.png
IP 212.224.121.236:0
ASN #44066 diva-e Datacenters GmbH
File type PNG image data, 236 x 26, 8-bit/color RGBA, non-interlaced\012- data
Hash 409fb131519cefa601276dcb2eef19ea
f09e243168304a1da4ae8c5d20b22ebbd89843e6
fe1456f19072471e357e2e38c794bd2034edcfaf6e3b6e7e5a98e602b7ed87d3
GET /at/de/galya0/img/commit_head_c.png HTTP/1.1
Host: prenblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prenblog.com/at/de/galya0/?TID=6320A140005B7A26680ED494&host=mandarv.com
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Sep 2022 15:27:06 GMT
Content-Type: image/png
Content-Length: 18307
Connection: keep-alive
Last-Modified: Fri, 16 Jun 2017 14:14:53 GMT
ETag: "5943e7dd-4783"
Expires: Sat, 12 Nov 2022 15:27:06 GMT
Cache-Control: max-age=5184000, public
X-Static-Region: DE
Accept-Ranges: bytes
prenblog.com/at/de/galya0/img/pre_content.png
212.224.121.236200 OK 27 kB URL HTTP/1.1 prenblog.com/at/de/galya0/img/pre_content.png
IP 212.224.121.236:0
ASN #44066 diva-e Datacenters GmbH
File type PNG image data, 1068 x 53, 8-bit/color RGBA, non-interlaced\012- data
Hash bc8cfb0ce700b422f97a0cf6b9b6c027
cbdf7a869e58b1eba80e2dcba7afb7e0e0ea2dfd
ca34381dd05cb390ffdb4c42f88013e0fd446b38f80c4069a931471040e555b5
GET /at/de/galya0/img/pre_content.png HTTP/1.1
Host: prenblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prenblog.com/at/de/galya0/?TID=6320A140005B7A26680ED494&host=mandarv.com
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Sep 2022 15:27:06 GMT
Content-Type: image/png
Content-Length: 27171
Connection: keep-alive
Last-Modified: Fri, 16 Jun 2017 14:14:54 GMT
ETag: "5943e7de-6a23"
Expires: Sat, 12 Nov 2022 15:27:06 GMT
Cache-Control: max-age=5184000, public
X-Static-Region: DE
Accept-Ranges: bytes
prenblog.com/at/de/galya0/img/head_1.png
212.224.121.236410 Gone 7 B URL HTTP/1.1 prenblog.com/at/de/galya0/img/head_1.png
IP 212.224.121.236:0
ASN #44066 diva-e Datacenters GmbH
File type ASCII text, with no line terminators
Hash 93f07b720ebf7d1246512569761a5804
b5e77c5c02a90c01b16fea8f21a1083425ebe0e0
4118fb4fed0ecec996876cae9dc97177e50fb5f8702ddd8a26eff63813cfd6aa
GET /at/de/galya0/img/head_1.png HTTP/1.1
Host: prenblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prenblog.com/at/de/galya0/css/main.css
HTTP/1.1 410 Gone
Server: nginx
Date: Tue, 13 Sep 2022 15:27:06 GMT
Content-Type: image/png
Content-Length: 7
Connection: keep-alive
prenblog.com/at/de/galya0/img/1.png
212.224.121.236200 OK 3.3 kB URL HTTP/1.1 prenblog.com/at/de/galya0/img/1.png
IP 212.224.121.236:0
ASN #44066 diva-e Datacenters GmbH
File type PNG image data, 52 x 52, 8-bit colormap, non-interlaced\012- data
Hash 05d9fb96ef6546016f541e5b9ec994b9
4d4e3e441d67255307b567d079f52de5b8d4b847
d572934b7adf473b9ce9afd23b5d7ee62ed6fffe30cb3edc3ad38dfdcdbbcf99
GET /at/de/galya0/img/1.png HTTP/1.1
Host: prenblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prenblog.com/at/de/galya0/css/main.css
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Sep 2022 15:27:06 GMT
Content-Type: image/png
Content-Length: 3302
Connection: keep-alive
Last-Modified: Fri, 16 Jun 2017 14:14:52 GMT
ETag: "5943e7dc-ce6"
Expires: Sat, 12 Nov 2022 15:27:06 GMT
Cache-Control: max-age=5184000, public
X-Static-Region: DE
Accept-Ranges: bytes
prenblog.com/at/de/galya0/img/commit_head_1.png
212.224.121.236410 Gone 7 B URL HTTP/1.1 prenblog.com/at/de/galya0/img/commit_head_1.png
IP 212.224.121.236:0
ASN #44066 diva-e Datacenters GmbH
File type ASCII text, with no line terminators
Hash 93f07b720ebf7d1246512569761a5804
b5e77c5c02a90c01b16fea8f21a1083425ebe0e0
4118fb4fed0ecec996876cae9dc97177e50fb5f8702ddd8a26eff63813cfd6aa
GET /at/de/galya0/img/commit_head_1.png HTTP/1.1
Host: prenblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prenblog.com/at/de/galya0/css/main.css
HTTP/1.1 410 Gone
Server: nginx
Date: Tue, 13 Sep 2022 15:27:06 GMT
Content-Type: image/png
Content-Length: 7
Connection: keep-alive
prenblog.com/at/de/galya0/img/2.png
212.224.121.236200 OK 3.3 kB URL HTTP/1.1 prenblog.com/at/de/galya0/img/2.png
IP 212.224.121.236:0
ASN #44066 diva-e Datacenters GmbH
File type PNG image data, 52 x 52, 8-bit colormap, non-interlaced\012- data
Hash 34777eaded6d7bed8649bd6584f83e72
25f98309b049e13302cfabea0f0326544234bb02
8945408d36439c02befeda0d082281417082e9f865da0ee67cf25df600dd20e3
GET /at/de/galya0/img/2.png HTTP/1.1
Host: prenblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prenblog.com/at/de/galya0/css/main.css
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Sep 2022 15:27:06 GMT
Content-Type: image/png
Content-Length: 3337
Connection: keep-alive
Last-Modified: Fri, 16 Jun 2017 14:14:52 GMT
ETag: "5943e7dc-d09"
Expires: Sat, 12 Nov 2022 15:27:06 GMT
Cache-Control: max-age=5184000, public
X-Static-Region: DE
Accept-Ranges: bytes
prenblog.com/at/de/galya0/img/3.png
212.224.121.236200 OK 3.3 kB URL HTTP/1.1 prenblog.com/at/de/galya0/img/3.png
IP 212.224.121.236:0
ASN #44066 diva-e Datacenters GmbH
File type PNG image data, 52 x 52, 8-bit colormap, non-interlaced\012- data
Hash e9de87da4dde899ed2abcf00fe415e7a
de90fde3c9c87df1f7198eb16d95a7eb240973bc
6c9489e3029c5d60f7d841dae7931a3c688bc8e32c3a296e8600f4013fb82ce9
GET /at/de/galya0/img/3.png HTTP/1.1
Host: prenblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prenblog.com/at/de/galya0/css/main.css
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Sep 2022 15:27:06 GMT
Content-Type: image/png
Content-Length: 3340
Connection: keep-alive
Last-Modified: Fri, 16 Jun 2017 14:14:52 GMT
ETag: "5943e7dc-d0c"
Expires: Sat, 12 Nov 2022 15:27:06 GMT
Cache-Control: max-age=5184000, public
X-Static-Region: DE
Accept-Ranges: bytes
prenblog.com/at/de/galya0/img/4.png
212.224.121.236200 OK 3.3 kB URL HTTP/1.1 prenblog.com/at/de/galya0/img/4.png
IP 212.224.121.236:0
ASN #44066 diva-e Datacenters GmbH
File type PNG image data, 52 x 52, 8-bit colormap, non-interlaced\012- data
Hash d08b6c15437d6e29c14f7d7d546dbfa7
6a98abb8f10238c09606e26a5b895f5a9444b97f
b451a777e0fdee078a9bbebc388089c20940cb3636b0ab896bbdce37ee60a730
GET /at/de/galya0/img/4.png HTTP/1.1
Host: prenblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prenblog.com/at/de/galya0/css/main.css
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Sep 2022 15:27:06 GMT
Content-Type: image/png
Content-Length: 3300
Connection: keep-alive
Last-Modified: Fri, 16 Jun 2017 14:14:52 GMT
ETag: "5943e7dc-ce4"
Expires: Sat, 12 Nov 2022 15:27:06 GMT
Cache-Control: max-age=5184000, public
X-Static-Region: DE
Accept-Ranges: bytes
prenblog.com/at/de/galya0/img/5.png
212.224.121.236200 OK 3.4 kB URL HTTP/1.1 prenblog.com/at/de/galya0/img/5.png
IP 212.224.121.236:0
ASN #44066 diva-e Datacenters GmbH
File type PNG image data, 51 x 51, 8-bit colormap, non-interlaced\012- data
Hash 61131d3a19e4bab9f25cf75637ef7faf
2edcf601598e48d3ad78c4ba6828d011cba072d2
05f097593fdca61f039da59e497535066af25509df8f98d4aff2c05540414f92
GET /at/de/galya0/img/5.png HTTP/1.1
Host: prenblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prenblog.com/at/de/galya0/css/main.css
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Sep 2022 15:27:06 GMT
Content-Type: image/png
Content-Length: 3378
Connection: keep-alive
Last-Modified: Fri, 16 Jun 2017 14:14:53 GMT
ETag: "5943e7dd-d32"
Expires: Sat, 12 Nov 2022 15:27:06 GMT
Cache-Control: max-age=5184000, public
X-Static-Region: DE
Accept-Ranges: bytes
prenblog.com/at/de/galya0/img/6.png
212.224.121.236200 OK 3.5 kB URL HTTP/1.1 prenblog.com/at/de/galya0/img/6.png
IP 212.224.121.236:0
ASN #44066 diva-e Datacenters GmbH
File type PNG image data, 53 x 53, 8-bit colormap, non-interlaced\012- data
Hash e4a1763275a8abb8008631d0209f3db7
fe2ca35e43f71efb283eac686ea6c7b16d4b498e
f619a3398877ca625aac5b9896e3939a4c34d02db60ad873a95271ec50007a1e
GET /at/de/galya0/img/6.png HTTP/1.1
Host: prenblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prenblog.com/at/de/galya0/css/main.css
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Sep 2022 15:27:06 GMT
Content-Type: image/png
Content-Length: 3461
Connection: keep-alive
Last-Modified: Fri, 16 Jun 2017 14:14:53 GMT
ETag: "5943e7dd-d85"
Expires: Sat, 12 Nov 2022 15:27:06 GMT
Cache-Control: max-age=5184000, public
X-Static-Region: DE
Accept-Ranges: bytes
prenblog.com/at/de/galya0/img/7.png
212.224.121.236200 OK 3.5 kB URL HTTP/1.1 prenblog.com/at/de/galya0/img/7.png
IP 212.224.121.236:0
ASN #44066 diva-e Datacenters GmbH
File type PNG image data, 52 x 52, 8-bit colormap, non-interlaced\012- data
Hash 6e4c4fce31700f01c7ba1fdaac700e08
4216eb555369417077db87a278b18de572356b6c
a28ba6569959b3ece933954ff9d942fc13a9237ef7a04f01aa11efdbdfa8445e
GET /at/de/galya0/img/7.png HTTP/1.1
Host: prenblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prenblog.com/at/de/galya0/css/main.css
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Sep 2022 15:27:06 GMT
Content-Type: image/png
Content-Length: 3515
Connection: keep-alive
Last-Modified: Fri, 16 Jun 2017 14:14:53 GMT
ETag: "5943e7dd-dbb"
Expires: Sat, 12 Nov 2022 15:27:06 GMT
Cache-Control: max-age=5184000, public
X-Static-Region: DE
Accept-Ranges: bytes
mandarv.com/layer-data?callback=App.jsonCallback&v=2&page=prenblog.com%2Fat%2Fde%2Fgalya0&iframe=false&callback=App.jsonCallback&TID=6320A140005B7A26680ED494&_=1663082813805
5.187.3.40200 OK 1.1 kB URL HTTP/1.1 mandarv.com/layer-data?callback=App.jsonCallback&v=2&page=prenblog.com%2Fat%2Fde%2Fgalya0&iframe=false&callback=App.jsonCallback&TID=6320A140005B7A26680ED494&_=1663082813805
IP 5.187.3.40:0
ASN #44066 diva-e Datacenters GmbH
File type Unicode text, UTF-8 text, with very long lines (1048)
Hash b7f5dd0530be4a84b2d3a3188af93bd4
8e83791613fbebc882ac3a2d5157c7646227aead
12e3855124381d03bf0452517c05bd532e1860b28c5bb28003f2eb53415d386b
GET /layer-data?callback=App.jsonCallback&v=2&page=prenblog.com%2Fat%2Fde%2Fgalya0&iframe=false&callback=App.jsonCallback&TID=6320A140005B7A26680ED494&_=1663082813805 HTTP/1.1
Host: mandarv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prenblog.com/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Sep 2022 15:27:06 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
prenblog.com/cdn/js/comebacker/comebacker.js
212.224.121.236200 OK 2.2 kB URL HTTP/1.1 prenblog.com/cdn/js/comebacker/comebacker.js
IP 212.224.121.236:0
ASN #44066 diva-e Datacenters GmbH
File type Unicode text, UTF-8 text, with very long lines (304)
Hash 26d70e58838a0b7541533cce6de32f62
fa938b86233a32b6a6ac299a3492ef6e70893cd3
870ce8acce0724020d6af5027801534869d16a305563add762194a3c081c833c
Analyzer Verdict Alert fortinet Phishing
GET /cdn/js/comebacker/comebacker.js HTTP/1.1
Host: prenblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prenblog.com/at/de/galya0/?TID=6320A140005B7A26680ED494&host=mandarv.com
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Sep 2022 15:27:07 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 21 Oct 2016 10:53:22 GMT
ETag: W/"5809f3a2-164f"
Expires: Tue, 13 Sep 2022 17:27:06 GMT
Cache-Control: max-age=7200
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 13 Sep 2022 15:03:22 GMT
Expires: Tue, 13 Sep 2022 15:13:59 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: dWvneLe-Qw7CtRcHRQ5SW3rz2aAi3BuFs_1NV0BRNC2x2e7zl481Hw==
Age: 1425
cdn.leadbit.com/comebacker/comebacker_all_de.jpg
212.224.124.77200 OK 43 kB URL HTTP/1.1 cdn.leadbit.com/comebacker/comebacker_all_de.jpg
IP 212.224.124.77:0
ASN #44066 diva-e Datacenters GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 610x180, components 3\012- data
Hash 56eabf1f0084f4790f5cc84a47dade7a
e20762717a36d85929dfaa46b4dad49faa9e81f0
4f862458106e55959a2c5e8ecb5e248acdd1d5cdda332bb9943bfd3793fc15d4
GET /comebacker/comebacker_all_de.jpg HTTP/1.1
Host: cdn.leadbit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prenblog.com/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Sep 2022 15:27:07 GMT
Content-Type: image/jpeg
Content-Length: 43340
Connection: keep-alive
Last-Modified: Tue, 05 Jul 2016 13:30:05 GMT
ETag: "577bb65d-a94c"
Expires: Tue, 13 Sep 2022 17:27:06 GMT
Cache-Control: max-age=7200, public
Accept-Ranges: bytes
cdn.leadbit.com/comebacker/audio/IVR-German-J-Factory-Dry.mp3
212.224.124.77206 Partial Content 133 kB URL HTTP/1.1 cdn.leadbit.com/comebacker/audio/IVR-German-J-Factory-Dry.mp3
IP 212.224.124.77:0
ASN #44066 diva-e Datacenters GmbH
File type Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, JntStereo\012- data
Size 133 kB (132780 bytes)
Hash 08c036857e446430ab189b084c416a08
710facb0f5d3e99d5551e05873a31f1ca33e3164
f73d34e6c1e6dbf809fd648f5ff413693094d7d7a7665fe0cba46372743740f3
GET /comebacker/audio/IVR-German-J-Factory-Dry.mp3 HTTP/1.1
Host: cdn.leadbit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://prenblog.com/
HTTP/1.1 206 Partial Content
Server: nginx
Date: Tue, 13 Sep 2022 15:27:07 GMT
Content-Type: audio/mpeg
Content-Length: 132780
Connection: keep-alive
Last-Modified: Mon, 04 Jul 2016 15:59:02 GMT
ETag: "577a87c6-206ac"
Expires: Tue, 13 Sep 2022 17:27:06 GMT
Cache-Control: max-age=7200, public
Content-Range: bytes 0-132779/132780
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 66bc88dc0f72d704fbb8583a1c1bcd6c
ef5a2276a0ad2dfb347f152a9fa1229cc1cbc8a1
47bdd15604c2f6d29a6d1e9a107bfd4fcf4f5f5812a477243acac50479b6d187
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47BDD15604C2F6D29A6D1E9A107BFD4FCF4F5F5812A477243ACAC50479B6D187"
Last-Modified: Sun, 11 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3097
Expires: Tue, 13 Sep 2022 16:18:44 GMT
Date: Tue, 13 Sep 2022 15:27:07 GMT
Connection: keep-alive
de1.alkotoxv.com/?TID=6320A140005B7A26680ED494
212.224.118.124302 Found 142 B URL HTTP/2 de1.alkotoxv.com/?TID=6320A140005B7A26680ED494
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /?TID=6320A140005B7A26680ED494 HTTP/1.1
Host: de1.alkotoxv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://prenblog.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Tue, 13 Sep 2022 15:27:07 GMT
content-type: text/html
content-length: 142
location: https://de1.alkotoxv.com/?TID=6320A140005B7A26680ED494&c=no
expires: Sat, 12 Nov 2022 15:27:07 GMT
cache-control: max-age=5184000, public
x-static-region: DE
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e96dbe1b54932c8f447bbbfc9d31cfb0
b15d4a54fbdf95b0af8bd34b6f8ef03055eef0cd
427326963ac1ef6ddeeaf52ab07807c694b82effa6111671ada8270b1faecdae
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3017
Cache-Control: max-age=149405
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 15:27:07 GMT
Etag: "63203a1f-1d7"
Expires: Thu, 15 Sep 2022 08:57:12 GMT
Last-Modified: Tue, 13 Sep 2022 08:06:55 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
prenblog.com/at/de/galya0/img/right.png
212.224.121.236200 OK 402 kB URL HTTP/1.1 prenblog.com/at/de/galya0/img/right.png
IP 212.224.121.236:0
ASN #44066 diva-e Datacenters GmbH
File type PNG image data, 296 x 2055, 8-bit/color RGBA, non-interlaced\012- data
Size 402 kB (401829 bytes)
Hash 290b5cc37c6cf0d652691a5cb264bb97
0a1026f53c1110fb3c5ba8c8d0a62d0983893322
4afd383b1e4b877826e5d0746efc43e6118ba76b6015e7335a21c0d44126dc12
GET /at/de/galya0/img/right.png HTTP/1.1
Host: prenblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prenblog.com/at/de/galya0/?TID=6320A140005B7A26680ED494&host=mandarv.com
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Sep 2022 15:27:06 GMT
Content-Type: image/png
Content-Length: 401829
Connection: keep-alive
Last-Modified: Fri, 16 Jun 2017 14:14:54 GMT
ETag: "5943e7de-621a5"
Expires: Sat, 12 Nov 2022 15:27:06 GMT
Cache-Control: max-age=5184000, public
X-Static-Region: DE
Accept-Ranges: bytes
prenblog.com/favicon.ico
212.224.121.236200 OK 43 B IP 212.224.121.236:0
ASN #44066 diva-e Datacenters GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /favicon.ico HTTP/1.1
Host: prenblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prenblog.com/at/de/galya0/?TID=6320A140005B7A26680ED494&host=mandarv.com
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Sep 2022 15:27:07 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Expires: Sat, 12 Nov 2022 15:27:07 GMT
Cache-Control: max-age=5184000, public
de1.alkotoxv.com/images/krestik.png
212.224.118.124200 OK 772 B URL HTTP/2 de1.alkotoxv.com/images/krestik.png
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
File type PNG image data, 31 x 31, 8-bit colormap, non-interlaced\012- data
Hash 7ea4540538e4cc15dd368c3a6e6a7c06
020acf4a96bf901c536b426961c963ff7d3b6774
4239c53f0a142dce5053f55063b771ed5370157486e2284a1b03033f9fd6a3c3
GET /images/krestik.png HTTP/1.1
Host: de1.alkotoxv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://de1.alkotoxv.com/?TID=6320A140005B7A26680ED494&c=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:27:07 GMT
content-type: image/png
content-length: 772
last-modified: Mon, 10 Jul 2017 14:04:54 GMT
etag: "59638986-304"
expires: Sat, 12 Nov 2022 15:27:07 GMT
cache-control: max-age=5184000, public
x-static-region: DE
accept-ranges: bytes
X-Firefox-Spdy: h2
de1.alkotoxv.com/img/img1.2.png
212.224.118.124200 OK 60 kB URL HTTP/2 de1.alkotoxv.com/img/img1.2.png
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
File type PNG image data, 228 x 213, 8-bit/color RGBA, non-interlaced\012- data
Hash a3469fee3e2595aa4a0c94a198d722a6
29d485475b3555c3ea6ae43b84a10b4a0df72a2f
390f91fd3ff1603878d072d564392b80693651d15e68b9fc29d7689916eb65b4
GET /img/img1.2.png HTTP/1.1
Host: de1.alkotoxv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://de1.alkotoxv.com/css/style.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:27:07 GMT
content-type: image/png
content-length: 60455
last-modified: Tue, 26 Nov 2019 09:16:47 GMT
etag: "5ddced7f-ec27"
expires: Sat, 12 Nov 2022 15:27:07 GMT
cache-control: max-age=5184000, public
x-static-region: DE
accept-ranges: bytes
X-Firefox-Spdy: h2
de1.alkotoxv.com/img/img1.1.png
212.224.118.124200 OK 510 B URL HTTP/2 de1.alkotoxv.com/img/img1.1.png
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
File type PNG image data, 27 x 26, 8-bit/color RGBA, non-interlaced\012- data
Hash 8dd2c140a32de35a72318bf03a7460ec
a932a88a0b87d816e70ee843539a61982e01fbc3
ba92ce743267115ce532a2740185fcd86e1600cdae05ca3ed919363c4e912106
GET /img/img1.1.png HTTP/1.1
Host: de1.alkotoxv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://de1.alkotoxv.com/css/style.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:27:07 GMT
content-type: image/png
content-length: 510
last-modified: Mon, 10 Jul 2017 14:04:58 GMT
etag: "5963898a-1fe"
expires: Sat, 12 Nov 2022 15:27:07 GMT
cache-control: max-age=5184000, public
x-static-region: DE
accept-ranges: bytes
X-Firefox-Spdy: h2
de1.alkotoxv.com/img/img0.2.png
212.224.118.124200 OK 42 kB URL HTTP/2 de1.alkotoxv.com/img/img0.2.png
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
File type PNG image data, 1606 x 150, 8-bit colormap, non-interlaced\012- data
Hash ac045d5be9f87fca9f14edda490649ed
50234507a132901f0669dffdf7eb5e4431e2c7fa
0c7808f3813856156e2d02c616ce00c15adc9cb5add450bbe0c05c97ffaef014
GET /img/img0.2.png HTTP/1.1
Host: de1.alkotoxv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://de1.alkotoxv.com/css/style.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:27:07 GMT
content-type: image/png
content-length: 41715
last-modified: Mon, 10 Jul 2017 14:04:58 GMT
etag: "5963898a-a2f3"
expires: Sat, 12 Nov 2022 15:27:07 GMT
cache-control: max-age=5184000, public
x-static-region: DE
accept-ranges: bytes
X-Firefox-Spdy: h2
de1.alkotoxv.com/img/img0.1.png
212.224.118.124200 OK 35 kB URL HTTP/2 de1.alkotoxv.com/img/img0.1.png
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
File type PNG image data, 200 x 215, 8-bit colormap, non-interlaced\012- data
Hash c7d56152b00e5cf52ecd4e2ff45b9464
08aaa2b9e9743acde17fe66c2e8c48068e535693
6a86e101ce388e3c17f6c5bee6bedf6ca63e33ea9b075d22926d2559bcbd664a
GET /img/img0.1.png HTTP/1.1
Host: de1.alkotoxv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://de1.alkotoxv.com/css/style.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:27:07 GMT
content-type: image/png
content-length: 35000
last-modified: Mon, 10 Jul 2017 14:04:58 GMT
etag: "5963898a-88b8"
expires: Sat, 12 Nov 2022 15:27:07 GMT
cache-control: max-age=5184000, public
x-static-region: DE
accept-ranges: bytes
X-Firefox-Spdy: h2
de1.alkotoxv.com/js/ouibounce.min.js
212.224.118.124200 OK 3.7 kB URL HTTP/2 de1.alkotoxv.com/js/ouibounce.min.js
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
Hash f353a0b5f22c9257228e43cd5f6b7d66
66ca6196dcaf0a8b76f3d64aa8f87ea2a6c3c993
771f36249ef9ed0f4a6a5b42205136e95c541af51030a3c1ad422a9a5ba8dac0
GET /js/ouibounce.min.js HTTP/1.1
Host: de1.alkotoxv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://de1.alkotoxv.com/?TID=6320A140005B7A26680ED494&c=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:27:07 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 10 Jul 2017 14:05:13 GMT
etag: W/"59638999-13e9"
expires: Sat, 12 Nov 2022 15:27:07 GMT
cache-control: max-age=5184000, public
x-static-region: DE
content-encoding: gzip
X-Firefox-Spdy: h2
de1.alkotoxv.com/img/img1.8.png
212.224.118.124200 OK 48 kB URL HTTP/2 de1.alkotoxv.com/img/img1.8.png
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
File type PNG image data, 147 x 146, 8-bit/color RGBA, non-interlaced\012- data
Hash c7a5d99a64e74acea23b2d4139d69a02
4ef6959bf12d64b4c7f05c4e20e114b4c74fda33
8122520795485756db7fd01ff6d99c3f52bf4a9dcb1c5b632eed1f510ced7360
GET /img/img1.8.png HTTP/1.1
Host: de1.alkotoxv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://de1.alkotoxv.com/css/style.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:27:07 GMT
content-type: image/png
content-length: 47462
last-modified: Mon, 10 Jul 2017 14:05:01 GMT
etag: "5963898d-b966"
expires: Sat, 12 Nov 2022 15:27:07 GMT
cache-control: max-age=5184000, public
x-static-region: DE
accept-ranges: bytes
X-Firefox-Spdy: h2
de1.alkotoxv.com/img/img1.5.1.png
212.224.118.124200 OK 16 kB URL HTTP/2 de1.alkotoxv.com/img/img1.5.1.png
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
File type PNG image data, 56 x 42, 8-bit/color RGBA, non-interlaced\012- data
Hash 160fd99cdb463cae5d3e0d4ec189fb08
10c4475cfe0e42fcd35962f5e559dc39e8cb273c
3c0cb47d658d39b3f309b792be15c2043e64c40e8f6265bce6c62ee989aa4803
GET /img/img1.5.1.png HTTP/1.1
Host: de1.alkotoxv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://de1.alkotoxv.com/css/style.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:27:07 GMT
content-type: image/png
content-length: 15752
last-modified: Mon, 10 Jul 2017 14:05:00 GMT
etag: "5963898c-3d88"
expires: Sat, 12 Nov 2022 15:27:07 GMT
cache-control: max-age=5184000, public
x-static-region: DE
accept-ranges: bytes
X-Firefox-Spdy: h2
de1.alkotoxv.com/img/img1.5.png
212.224.118.124200 OK 108 B URL HTTP/2 de1.alkotoxv.com/img/img1.5.png
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
File type PNG image data, 5 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash a29e47f33654787c4b958b94aef5b7be
60d621096f90772914ace325de49cbe23e9be522
588bc903c7d7ee3415d967063c1e6969ae67f9e7b1450ab371af40994eafb1c6
GET /img/img1.5.png HTTP/1.1
Host: de1.alkotoxv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://de1.alkotoxv.com/css/style.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:27:07 GMT
content-type: image/png
content-length: 108
last-modified: Mon, 10 Jul 2017 14:05:01 GMT
etag: "5963898d-6c"
expires: Sat, 12 Nov 2022 15:27:07 GMT
cache-control: max-age=5184000, public
x-static-region: DE
accept-ranges: bytes
X-Firefox-Spdy: h2
de1.alkotoxv.com/img/img1.4.png
212.224.118.124200 OK 1.4 kB URL HTTP/2 de1.alkotoxv.com/img/img1.4.png
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
File type PNG image data, 151 x 47, 8-bit/color RGBA, non-interlaced\012- data
Hash ec472ed78f0806e5f34f07ae60532f87
e77470a4960d866795b33da4361596bd9858ec56
aeca78374d4b3303d1207e28213e462eb9df0ee12f0e130108a465b28a2c7dd6
GET /img/img1.4.png HTTP/1.1
Host: de1.alkotoxv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://de1.alkotoxv.com/css/style.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:27:07 GMT
content-type: image/png
content-length: 1436
last-modified: Mon, 10 Jul 2017 14:05:00 GMT
etag: "5963898c-59c"
expires: Sat, 12 Nov 2022 15:27:07 GMT
cache-control: max-age=5184000, public
x-static-region: DE
accept-ranges: bytes
X-Firefox-Spdy: h2
de1.alkotoxv.com/img/img3.6.png
212.224.118.124200 OK 103 kB URL HTTP/2 de1.alkotoxv.com/img/img3.6.png
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
File type PNG image data, 635 x 635, 8-bit colormap, non-interlaced\012- data
Size 103 kB (102923 bytes)
Hash 3931b62366753469134ddc8ab4209899
71f35da5e2b51934745523dffd9c6b6232c2e4ed
d5baf78d6cfa7a3706e7f864d6da7360ae3c70494966d55aa2e2e3d7a9f57a4f
GET /img/img3.6.png HTTP/1.1
Host: de1.alkotoxv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://de1.alkotoxv.com/css/style.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:27:07 GMT
content-type: image/png
content-length: 102923
last-modified: Mon, 10 Jul 2017 14:05:09 GMT
etag: "59638995-1920b"
expires: Sat, 12 Nov 2022 15:27:07 GMT
cache-control: max-age=5184000, public
x-static-region: DE
accept-ranges: bytes
X-Firefox-Spdy: h2
de1.alkotoxv.com/iclick/js/alarm.js
212.224.118.124200 OK 35 kB URL HTTP/2 de1.alkotoxv.com/iclick/js/alarm.js
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
Hash ff3a40967f69f8bd5007c6cc665a76e1
1f23cd5a01e4f520c6cceec0b5471d4147c7d24e
7f3d3d33b4068fd7b728b2839d3e0e0c0ab20d66f60c3d12802bf6cbeaa3276e
GET /iclick/js/alarm.js HTTP/1.1
Host: de1.alkotoxv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://de1.alkotoxv.com/?TID=6320A140005B7A26680ED494&c=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:27:07 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 01 Nov 2018 10:03:02 GMT
etag: W/"5bdacf56-afd"
expires: Tue, 13 Sep 2022 17:27:07 GMT
cache-control: max-age=7200
content-encoding: gzip
X-Firefox-Spdy: h2
de1.alkotoxv.com/?TID=6320A140005B7A26680ED494&c=no
212.224.118.124200 OK 29 kB URL HTTP/2 de1.alkotoxv.com/?TID=6320A140005B7A26680ED494&c=no
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
Hash 99005a679f00c1313d28ead428c34310
8b92d6c6d9a96d25cc512a8e2ab1c734a223d7ac
38fdcce17a501f78c202e007488b0209f21aed2f2bb247d7f5f0e0b737e18610
GET /?TID=6320A140005B7A26680ED494&c=no HTTP/1.1
Host: de1.alkotoxv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://prenblog.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:27:07 GMT
content-type: text/html; charset=utf-8
last-modified: Wed, 15 Sep 2021 10:34:09 GMT
etag: W/"6141cc21-3c31"
expires: Sat, 12 Nov 2022 15:27:07 GMT
cache-control: max-age=5184000, public
x-static-region: DE
content-encoding: gzip
X-Firefox-Spdy: h2
de1.alkotoxv.com/img/img3.2.jpg
212.224.118.124200 OK 35 kB URL HTTP/2 de1.alkotoxv.com/img/img3.2.jpg
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=129, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=883], progressive, precision 8, 883x129, components 3\012- data
Hash fdf0a8c8bad644fafbeb35abaf3e8fab
e0503da6538362a2659e5dccbb2e37e18a5c1e50
5e96883cefeeaf586ceb4cb4b8c10d5cf93d238a7d4c988c8c929f65c250f6c6
GET /img/img3.2.jpg HTTP/1.1
Host: de1.alkotoxv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://de1.alkotoxv.com/css/style.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:27:07 GMT
content-type: image/jpeg
content-length: 34755
last-modified: Tue, 26 Nov 2019 13:11:45 GMT
etag: "5ddd2491-87c3"
expires: Sat, 12 Nov 2022 15:27:07 GMT
cache-control: max-age=5184000, public
x-static-region: DE
accept-ranges: bytes
X-Firefox-Spdy: h2
de1.alkotoxv.com/css/jquery.formstyler.css
212.224.118.124200 OK 19 kB URL HTTP/2 de1.alkotoxv.com/css/jquery.formstyler.css
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
Hash 6768e246d9599fba685906d7f873fc80
21f85425e4cec828b8f9a34c159dbab4a8a9af6f
a1523ff12f36ab47df6ece526bbf0eb804454f5fc873477607887d5360edabe8
GET /css/jquery.formstyler.css HTTP/1.1
Host: de1.alkotoxv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://de1.alkotoxv.com/?TID=6320A140005B7A26680ED494&c=no
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:27:07 GMT
content-type: text/css
last-modified: Mon, 10 Jul 2017 14:04:52 GMT
etag: W/"59638984-114e"
expires: Sat, 12 Nov 2022 15:27:07 GMT
cache-control: max-age=5184000, public
x-static-region: DE
content-encoding: gzip
X-Firefox-Spdy: h2
de1.alkotoxv.com/cdn/js/geo/de1.js
212.224.118.124200 OK 21 kB URL HTTP/2 de1.alkotoxv.com/cdn/js/geo/de1.js
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
Hash e3a1e35084d4776991ac1601f2c8a905
3dd74260127366387d84cf55ae84691bf09cdb71
e625f3ad7450f1069467262c945a26188bf1dbfedbc1ea73e9bbe9b89ad6327e
GET /cdn/js/geo/de1.js HTTP/1.1
Host: de1.alkotoxv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://de1.alkotoxv.com/?TID=6320A140005B7A26680ED494&c=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:27:07 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 20 Feb 2017 09:53:25 GMT
etag: W/"58aabc95-209"
expires: Tue, 13 Sep 2022 17:27:07 GMT
cache-control: max-age=7200
content-encoding: gzip
X-Firefox-Spdy: h2
de1.alkotoxv.com/cdn/js/countries.js
212.224.118.124200 OK 5.5 kB URL HTTP/2 de1.alkotoxv.com/cdn/js/countries.js
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
Hash 51fa553ce06801cb7c2912dfca48805a
88e31e45ad801eec810536afc8bacd69e92cf0c4
3ef2cbaa36f495b169d636f62e2ec2e7006dc880b4feb5494272190de12eb049
GET /cdn/js/countries.js HTTP/1.1
Host: de1.alkotoxv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://de1.alkotoxv.com/?TID=6320A140005B7A26680ED494&c=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:27:07 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 18 Feb 2020 09:25:30 GMT
etag: W/"5e4bad8a-1013"
expires: Tue, 13 Sep 2022 17:27:07 GMT
cache-control: max-age=7200
content-encoding: gzip
X-Firefox-Spdy: h2
de1.alkotoxv.com/cdn/js/jquery.js
212.224.118.124200 OK 60 kB URL HTTP/2 de1.alkotoxv.com/cdn/js/jquery.js
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
Hash d312645393fa287d89dfffe641b618d0
0b78b48196d63f2c0f77328729af3639dfda25fe
b343de8c63a782015a0b9aff477746479056a1ae2953b339400f1e09ea43a147
GET /cdn/js/jquery.js HTTP/1.1
Host: de1.alkotoxv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://de1.alkotoxv.com/?TID=6320A140005B7A26680ED494&c=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:27:07 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 08 Sep 2015 14:12:04 GMT
etag: W/"55eeecb4-16dc4"
expires: Tue, 13 Sep 2022 17:27:07 GMT
cache-control: max-age=7200
content-encoding: gzip
X-Firefox-Spdy: h2
de1.alkotoxv.com/cdn/js/ld.js
212.224.118.124200 OK 35 kB URL HTTP/2 de1.alkotoxv.com/cdn/js/ld.js
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
Hash 3b44ab7e8d1ce67738bbd309fe01599a
ed1772653ad80e3cdaf04ce17f46860b006fa6e2
463e71b61d16a0748fbaba755cdd9043441dc51cc8b353b855f2e1d7712bb7dc
GET /cdn/js/ld.js HTTP/1.1
Host: de1.alkotoxv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://de1.alkotoxv.com/?TID=6320A140005B7A26680ED494&c=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:27:07 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 20 Jul 2022 10:13:37 GMT
etag: W/"62d7d551-6ca9"
expires: Tue, 13 Sep 2022 17:27:07 GMT
cache-control: max-age=7200
content-encoding: gzip
X-Firefox-Spdy: h2
prenblog.com/at/de/galya0/img/man.png
212.224.121.236200 OK 681 kB URL HTTP/1.1 prenblog.com/at/de/galya0/img/man.png
IP 212.224.121.236:0
ASN #44066 diva-e Datacenters GmbH
File type PNG image data, 1016 x 507, 8-bit/color RGBA, non-interlaced\012- data
Size 681 kB (681348 bytes)
Hash baa8eb7823bd837e1094ca74fb4913f6
ed6e7e504d1bfe1aaad73085a7f1b374619ff244
e485c9a4ed4ce649aa92f697a3975b2ed5192b280aee6badeda8e156b8864731
GET /at/de/galya0/img/man.png HTTP/1.1
Host: prenblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prenblog.com/at/de/galya0/?TID=6320A140005B7A26680ED494&host=mandarv.com
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Sep 2022 15:27:06 GMT
Content-Type: image/png
Content-Length: 681348
Connection: keep-alive
Last-Modified: Fri, 16 Jun 2017 14:14:54 GMT
ETag: "5943e7de-a6584"
Expires: Sat, 12 Nov 2022 15:27:06 GMT
Cache-Control: max-age=5184000, public
X-Static-Region: DE
Accept-Ranges: bytes
de1.alkotoxv.com/js/main.js
212.224.118.124200 OK 30 kB URL HTTP/2 de1.alkotoxv.com/js/main.js
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
Hash 1bf2ba04a5cde1257c969df42bbf7005
9aae9c6ddcf10f3ce8a1878756774658505841e2
a5453d3c6efb066f35361edf28b407a19947af2e49de9d19558deb29105a45b8
GET /js/main.js HTTP/1.1
Host: de1.alkotoxv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://de1.alkotoxv.com/?TID=6320A140005B7A26680ED494&c=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:27:07 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 10 Jul 2017 14:05:12 GMT
etag: W/"59638998-213b"
expires: Sat, 12 Nov 2022 15:27:07 GMT
cache-control: max-age=5184000, public
x-static-region: DE
content-encoding: gzip
X-Firefox-Spdy: h2
de1.alkotoxv.com/img/img8.3.png
212.224.118.124200 OK 94 kB URL HTTP/2 de1.alkotoxv.com/img/img8.3.png
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
File type PNG image data, 995 x 413, 8-bit/color RGBA, non-interlaced\012- data
Hash 7ee8a05e6438a2b7ea4d9736350d904d
a3e01a54500ce27816118f2b0afe0c682db51947
14103ba7ab400bac25e5b1309226e35742d9d506dc84a2597ae3429c30293cf1
GET /img/img8.3.png HTTP/1.1
Host: de1.alkotoxv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://de1.alkotoxv.com/css/style.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:27:07 GMT
content-type: image/png
content-length: 94142
last-modified: Tue, 26 Nov 2019 07:54:27 GMT
etag: "5ddcda33-16fbe"
expires: Sat, 12 Nov 2022 15:27:07 GMT
cache-control: max-age=5184000, public
x-static-region: DE
accept-ranges: bytes
X-Firefox-Spdy: h2
de1.alkotoxv.com/img/img10.0.png
212.224.118.124200 OK 60 kB URL HTTP/2 de1.alkotoxv.com/img/img10.0.png
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
File type PNG image data, 1048 x 428, 8-bit colormap, non-interlaced\012- data
Hash b5ba6f59766c75f10594a4f84b5ead5f
b021d79c938d5ecc854c9566c2034e55d8794154
c3b58bfae9ae02f4b2495d8fa95c35c7e0aa1962fe95a10a62849accea6fbbf0
GET /img/img10.0.png HTTP/1.1
Host: de1.alkotoxv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://de1.alkotoxv.com/css/style.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:27:07 GMT
content-type: image/png
content-length: 60022
last-modified: Mon, 10 Jul 2017 14:05:02 GMT
etag: "5963898e-ea76"
expires: Sat, 12 Nov 2022 15:27:07 GMT
cache-control: max-age=5184000, public
x-static-region: DE
accept-ranges: bytes
X-Firefox-Spdy: h2
de1.alkotoxv.com/img/img10.1.png
212.224.118.124200 OK 1.9 kB URL HTTP/2 de1.alkotoxv.com/img/img10.1.png
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
File type PNG image data, 184 x 82, 8-bit colormap, non-interlaced\012- data
Hash 9510b28a5cffac6314aac5732fd55e56
a50c19a44d1f9dc3a5eec301dcd9f0566d4bdaef
a9b4328098beec12129eaa938c99de4cea511eb7bdbc43aa5dee25bcfe3890de
GET /img/img10.1.png HTTP/1.1
Host: de1.alkotoxv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://de1.alkotoxv.com/css/style.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:27:07 GMT
content-type: image/png
content-length: 1884
last-modified: Mon, 10 Jul 2017 14:05:03 GMT
etag: "5963898f-75c"
expires: Sat, 12 Nov 2022 15:27:07 GMT
cache-control: max-age=5184000, public
x-static-region: DE
accept-ranges: bytes
X-Firefox-Spdy: h2
de1.alkotoxv.com/img/img9.1.png
212.224.118.124200 OK 105 kB URL HTTP/2 de1.alkotoxv.com/img/img9.1.png
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
File type PNG image data, 889 x 171, 8-bit/color RGBA, non-interlaced\012- data
Size 105 kB (105112 bytes)
Hash 9820d5968f20640e19fa10c123e5f00d
6350ed79612f7fc73d3af2e8cf2d8a9bbc9c91eb
c1725ccd9e6ebf1a3cf64151b2fe9c20bf3b433600d0ece93fc866bfddfcbe32
GET /img/img9.1.png HTTP/1.1
Host: de1.alkotoxv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://de1.alkotoxv.com/css/style.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:27:07 GMT
content-type: image/png
content-length: 105112
last-modified: Tue, 26 Nov 2019 08:21:55 GMT
etag: "5ddce0a3-19a98"
expires: Sat, 12 Nov 2022 15:27:07 GMT
cache-control: max-age=5184000, public
x-static-region: DE
accept-ranges: bytes
X-Firefox-Spdy: h2
de1.alkotoxv.com/img/img10.6.png
212.224.118.124200 OK 810 B URL HTTP/2 de1.alkotoxv.com/img/img10.6.png
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
File type PNG image data, 172 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 0cac957964570589fb9efbc01c762782
c58f8255750c5e2fb79fd71c9a4fdd446143129d
00e45dff75ec9040c4a8c08ead3c3ccfbdb53f617317258331426dc797d1b703
GET /img/img10.6.png HTTP/1.1
Host: de1.alkotoxv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://de1.alkotoxv.com/css/style.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:27:07 GMT
content-type: image/png
content-length: 810
last-modified: Mon, 10 Jul 2017 14:05:06 GMT
etag: "59638992-32a"
expires: Sat, 12 Nov 2022 15:27:07 GMT
cache-control: max-age=5184000, public
x-static-region: DE
accept-ranges: bytes
X-Firefox-Spdy: h2
de1.alkotoxv.com/img/img10.5.png
212.224.118.124200 OK 2.4 kB URL HTTP/2 de1.alkotoxv.com/img/img10.5.png
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
File type PNG image data, 47 x 97, 8-bit colormap, non-interlaced\012- data
Hash a22acf00cdcdfe380a837d7bad026694
ad471190554ba59a9cd7354f2d74921c189bfa0f
f9613f6de95718bb01a784703a80dd8897078914724f37cf14a481c2ea203f53
GET /img/img10.5.png HTTP/1.1
Host: de1.alkotoxv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://de1.alkotoxv.com/css/style.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:27:07 GMT
content-type: image/png
content-length: 2383
last-modified: Mon, 10 Jul 2017 14:05:06 GMT
etag: "59638992-94f"
expires: Sat, 12 Nov 2022 15:27:07 GMT
cache-control: max-age=5184000, public
x-static-region: DE
accept-ranges: bytes
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.187.146.10101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.187.146.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 03gC2Md4MYT2WghjsdWhVg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: CfNe89cPYzAQcUSQPzbtOCV5qLo=
de1.alkotoxv.com/img/img10.2.png
212.224.118.124200 OK 126 kB URL HTTP/2 de1.alkotoxv.com/img/img10.2.png
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
File type PNG image data, 245 x 350, 8-bit/color RGBA, non-interlaced\012- data
Size 126 kB (126303 bytes)
Hash e8584daa7e1e74455634080e3469e4db
48116ce00d52041fad9af0cbcf99f5f11d09f974
e0a9467dfe55bcfcf8c4d201cfc9bded0b27d9a09a7be0f1cbad22c84c947076
GET /img/img10.2.png HTTP/1.1
Host: de1.alkotoxv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://de1.alkotoxv.com/css/style.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:27:07 GMT
content-type: image/png
content-length: 126303
last-modified: Mon, 18 Jan 2021 08:20:35 GMT
etag: "600544d3-1ed5f"
expires: Sat, 12 Nov 2022 15:27:07 GMT
cache-control: max-age=5184000, public
x-static-region: DE
accept-ranges: bytes
X-Firefox-Spdy: h2
de1.alkotoxv.com/img/img0.jpg
212.224.118.124200 OK 153 kB URL HTTP/2 de1.alkotoxv.com/img/img0.jpg
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1739x991, components 3\012- data
Size 153 kB (152881 bytes)
Hash 472a10aa1255696d68a49dbbe87052bb
99d256095e7f102b7d5b3e7bc505270dc45be55f
5d21a82bdd48f375ccd58c6aedbcfe909344d0a021dda38c215de80c2283ed42
GET /img/img0.jpg HTTP/1.1
Host: de1.alkotoxv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://de1.alkotoxv.com/css/style.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:27:07 GMT
content-type: image/jpeg
content-length: 152881
last-modified: Mon, 10 Jul 2017 14:04:58 GMT
etag: "5963898a-25531"
expires: Sat, 12 Nov 2022 15:27:07 GMT
cache-control: max-age=5184000, public
x-static-region: DE
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ca8d8fa3966e15258a35740dca08733e
1ae6ad99179c2374b3d04b9ff4735404d78e54cd
e0659243cd78fe5537d1e7976cc96bb247ac5757a7cf8442557ee1423bf718a4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E0659243CD78FE5537D1E7976CC96BB247AC5757A7CF8442557EE1423BF718A4"
Last-Modified: Mon, 12 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3758
Expires: Tue, 13 Sep 2022 16:29:45 GMT
Date: Tue, 13 Sep 2022 15:27:07 GMT
Connection: keep-alive
de1.alkotoxv.com/img/img3.1.jpg
212.224.118.124200 OK 139 kB URL HTTP/2 de1.alkotoxv.com/img/img3.1.jpg
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=234, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=966], progressive, precision 8, 966x234, components 3\012- data
Size 139 kB (138945 bytes)
Hash 30232aa2a683724c8470496df80cdd3e
9c454026864d6ce4ed073e9f4cc1f4e7bba1e631
84c6b7efd4ec69a344feed64011c7b35c49b25353195f032b45690ca57706c96
GET /img/img3.1.jpg HTTP/1.1
Host: de1.alkotoxv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://de1.alkotoxv.com/css/style.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:27:07 GMT
content-type: image/jpeg
content-length: 138945
last-modified: Mon, 18 Jan 2021 09:07:52 GMT
etag: "60054fe8-21ec1"
expires: Sat, 12 Nov 2022 15:27:07 GMT
cache-control: max-age=5184000, public
x-static-region: DE
accept-ranges: bytes
X-Firefox-Spdy: h2
de1.alkotoxv.com/img/img1.3.png
212.224.118.124200 OK 263 kB URL HTTP/2 de1.alkotoxv.com/img/img1.3.png
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
File type PNG image data, 243 x 285, 16-bit/color RGBA, non-interlaced\012- data
Size 263 kB (262730 bytes)
Hash 80b0a6065132b91083a80eb465dcbb45
a12a9dcb4ec4863a76bf74df573066135937f1db
b5bec79a4234b44a0e4e902ec8d16a0db4a59ccf71ad58178026ce429a9bc999
GET /img/img1.3.png HTTP/1.1
Host: de1.alkotoxv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://de1.alkotoxv.com/?TID=6320A140005B7A26680ED494&c=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:27:07 GMT
content-type: image/png
content-length: 262730
last-modified: Mon, 18 Jan 2021 08:18:55 GMT
etag: "6005446f-4024a"
expires: Sat, 12 Nov 2022 15:27:07 GMT
cache-control: max-age=5184000, public
x-static-region: DE
accept-ranges: bytes
X-Firefox-Spdy: h2
leadbit.biz/landing-data?callback=App.jsonCallback&v=2&page=de1.alkotoxv.com&iframe=true&callback=App.jsonCallback&TID=6320A140005B7A26680ED494&_=1663082814479
212.224.121.199200 OK 467 B URL HTTP/1.1 leadbit.biz/landing-data?callback=App.jsonCallback&v=2&page=de1.alkotoxv.com&iframe=true&callback=App.jsonCallback&TID=6320A140005B7A26680ED494&_=1663082814479
IP 212.224.121.199:0
ASN #44066 diva-e Datacenters GmbH
File type ASCII text, with very long lines (466)
Hash cac94811ba7820ef148b18f76c818d16
f4d5cde060efff841d1de33a257181afd37ae896
0d2ef9f2c15da4cb9d40a332ad94c3cf6f9273c27eff8f27603c1a8ad80ec56e
GET /landing-data?callback=App.jsonCallback&v=2&page=de1.alkotoxv.com&iframe=true&callback=App.jsonCallback&TID=6320A140005B7A26680ED494&_=1663082814479 HTTP/1.1
Host: leadbit.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://de1.alkotoxv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 13 Sep 2022 15:27:07 GMT
Content-Type: application/octet-stream
Transfer-Encoding: chunked
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7455
Expires: Tue, 13 Sep 2022 17:31:23 GMT
Date: Tue, 13 Sep 2022 15:27:08 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7455
Expires: Tue, 13 Sep 2022 17:31:23 GMT
Date: Tue, 13 Sep 2022 15:27:08 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7455
Expires: Tue, 13 Sep 2022 17:31:23 GMT
Date: Tue, 13 Sep 2022 15:27:08 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7455
Expires: Tue, 13 Sep 2022 17:31:23 GMT
Date: Tue, 13 Sep 2022 15:27:08 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7455
Expires: Tue, 13 Sep 2022 17:31:23 GMT
Date: Tue, 13 Sep 2022 15:27:08 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4acf448-2a96-49a3-8257-7743a38525f5.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4acf448-2a96-49a3-8257-7743a38525f5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ae7d16fad4da4300a1953a916fb59688
488c58f73c81bb4d45e496c458fe3197a0884c26
4d4946932d53caad6e97bcc66527bd9cad658c0cf6f4215d01943b8a9e832959
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4acf448-2a96-49a3-8257-7743a38525f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7720
x-amzn-requestid: 7670a969-cb9c-4583-8455-10f7512ee9c6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YT9YJG__oAMF4YA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e429a-674ef5a4727826ab0d60529e;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 20:18:34 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OOCryyfLht-3ebVn-5aWtQI_JnVkWxMGggv07cUoomDlgb5ogru7vg==
via: 1.1 d16c3f15bd14953a9d4109eaaa991de2.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 22:01:55 GMT
age: 62713
etag: "488c58f73c81bb4d45e496c458fe3197a0884c26"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 838f709437b2dfbede4ee15307afe217
2ab2ee20e720b78be6deb55f967ac0d8b7dad048
a3b47ce595b475f2aab6f7378888d15ba3e98453d6c8a3d88946efc5d65eedba
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10849
x-amzn-requestid: 722d8d75-0911-4b59-af65-2b408bc09d80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YXbx6E9-oAMFT8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631fa672-74ea9343619d4a1865e34818;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 21:36:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 4rpwcrZLDlgcwBtH7wpoHMOb8hhFbKbZSQpjWqUqbt_Sl4ud3dm9Vg==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:42:18 GMT
age: 63890
etag: "2ab2ee20e720b78be6deb55f967ac0d8b7dad048"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c9ab2ec10c79b91d15edb1d1e3dc763c
744fee4a0baa22ba3aa352d60620a916972b47dd
f7bb66f5bb572d73f936fc74823f51ede1f2c4e309a939b39d9529ff8f757fbe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9945
x-amzn-requestid: a347749f-a63a-4533-a274-7151b9f235ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YXcX8HAKoAMF5EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631fa765-56cff18515b2a5b3397231df;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 21:40:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: lZ3FmD1gM8YBgZNt97kuYSol1kj0GQqRjyLT_7715VtH9GR1WpMDxA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:42:20 GMT
age: 63888
etag: "744fee4a0baa22ba3aa352d60620a916972b47dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f033f00-b116-4419-9d21-3aed9c73ea2e.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f033f00-b116-4419-9d21-3aed9c73ea2e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9d97e56f75165efcc71ae54952ded405
28d47359e70789115b2954b6c94711bb783b3c8c
564eac2ae99724e5f43aa1ae0afe4dec03697f888f51774e70e1b9c273c2d9d6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f033f00-b116-4419-9d21-3aed9c73ea2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8764
x-amzn-requestid: 48f44e2c-3d91-46cf-8701-3c5028e0a86d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YE-gLG4_oAMFn-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63184467-46abfc77601bd90f39a2c840;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 07:12:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tE5GZDktiELwfFRC_IEAqoat6cN7vb_TA17d-zRO6saTLEGRqB94Pw==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 22:01:47 GMT
age: 62721
etag: "28d47359e70789115b2954b6c94711bb783b3c8c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 239262b6ab17cb19414c35cd4f761092
48eddcf9838e980e67cc8f9cbb05b475df2f0331
cd27cbce632d769288d9c33c5c8e887ba02df5677f10f7a6d03139b590ba24b4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9815
x-amzn-requestid: 89243e57-94eb-4c6b-903f-aa01df030ecc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUIxnEAjoAMF_Ig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e54d6-199403e2695b214711f5117f;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:36:23 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: gUhO_jZ9W_10cAK-2lOVSmQ9r1DIZvNDaqpJs5oc6lt85qAkWbBcXg==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:48:14 GMT
age: 63534
etag: "48eddcf9838e980e67cc8f9cbb05b475df2f0331"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6174529fff57758e958da5432344962f
05ec2076b32398d60ee77fab8c14345bc7dfe647
65284a76355864efa944dff5033575013c6d74a019a7b731e0236603f2f656a7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9466
x-amzn-requestid: ba3f7eac-61c9-4b5f-ae8a-b372906a25ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YOTeoHMKoAMFr5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bff90-1e70e2c444242a2d46387986;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 03:08:00 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: -SwaUjMInlOaGpH6yK1W1a57QCQMgY-l43RdUfKVtZA1zJzMrLzC6g==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 f7283f3fe2c258cf54f8b7d3dd272e0e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 04:49:30 GMT
age: 38258
etag: "05ec2076b32398d60ee77fab8c14345bc7dfe647"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2