proteamitc.com/16803-116808/64169?uid=4fWkaUSZfHziUbQB78vy6PGnYwadqUifCo85ba&prom_type=regular&prom_id=188482&pld=26L81sNgpwNGg5&answer-1=2
50.19.16.20301 Moved Permanently 169 B URL HTTP/1.1 proteamitc.com/16803-116808/64169?uid=4fWkaUSZfHziUbQB78vy6PGnYwadqUifCo85ba&prom_type=regular&prom_id=188482&pld=26L81sNgpwNGg5&answer-1=2
IP 50.19.16.20:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash b51956ed2a6129f43c5d0ecc011cc5a5
c03157aff80067b6b57903d3843b9fd9e07b33ab
1ac63374d015eee8d9d875502aa63981dbeb9d86a14096de0d504763808e429b
GET /16803-116808/64169?uid=4fWkaUSZfHziUbQB78vy6PGnYwadqUifCo85ba&prom_type=regular&prom_id=188482&pld=26L81sNgpwNGg5&answer-1=2 HTTP/1.1
Host: proteamitc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx/1.22.0
Date: Wed, 21 Sep 2022 14:55:31 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://proteamitc.com/16803-116808/64169?uid=4fWkaUSZfHziUbQB78vy6PGnYwadqUifCo85ba&prom_type=regular&prom_id=188482&pld=26L81sNgpwNGg5&answer-1=2
firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 21 Sep 2022 14:12:02 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: p7bX9x9Fu37mQG_TUmIx4wF5hgNhrRUSFOB8q-NNg1wt7jjw5qw4cQ==
Age: 2609
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4304
Expires: Wed, 21 Sep 2022 16:07:15 GMT
Date: Wed, 21 Sep 2022 14:55:31 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 21 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: dWTPfNU44zt_9hSYNDrYWFZPJI0l--5WxpLHpXnPCfCpKj8xFSJaLw==
age: 37218
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 21 Sep 2022 14:55:31 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8384dfeb17dd61f21aa2a8a09fc475b8
5057c6874cdd0601cc0cdea5fc7bbb7a99dfa7f9
9f611f25a66d4214e706fbacf02df9926449b1e057bf734e80a733fe009f9343
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9F611F25A66D4214E706FBACF02DF9926449B1E057BF734E80A733FE009F9343"
Last-Modified: Mon, 19 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21510
Expires: Wed, 21 Sep 2022 20:54:01 GMT
Date: Wed, 21 Sep 2022 14:55:31 GMT
Connection: keep-alive
proteamitc.com/16803-116808/64169?uid=4fWkaUSZfHziUbQB78vy6PGnYwadqUifCo85ba&prom_type=regular&prom_id=188482&pld=26L81sNgpwNGg5&answer-1=2
50.19.16.20200 OK 8.6 kB URL HTTP/1.1 proteamitc.com/16803-116808/64169?uid=4fWkaUSZfHziUbQB78vy6PGnYwadqUifCo85ba&prom_type=regular&prom_id=188482&pld=26L81sNgpwNGg5&answer-1=2
IP 50.19.16.20:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (15037)
Hash a79f683a56ea214cc03248d0c0bc8506
5998a175d5b6dde9ada315e39e2e1ba9c8d5c1c1
8b23faf083abf80e5d16f4485f422ae53e9d9989aee958e3559757e8c58f4360
GET /16803-116808/64169?uid=4fWkaUSZfHziUbQB78vy6PGnYwadqUifCo85ba&prom_type=regular&prom_id=188482&pld=26L81sNgpwNGg5&answer-1=2 HTTP/1.1
Host: proteamitc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx/1.22.0
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.4.16
Cache-Control: max-age=0, must-revalidate, private
Date: Wed, 21 Sep 2022 14:55:31 GMT
Expires: Wed, 21 Sep 2022 14:55:31 GMT
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Wed, 21 Sep 2022 14:03:22 GMT
Expires: Wed, 21 Sep 2022 14:42:15 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: rgmikC8n6PLAWj6c6OxpkZ8xSag4cKWzWWyZ9mIe86qi2qNYZR9EzA==
Age: 3129
cdnjs.cloudflare.com/ajax/libs/select2/4.0.13/js/select2.min.js
104.17.24.14200 OK 16 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/select2/4.0.13/js/select2.min.js
IP 104.17.24.14:0
File type Unicode text, UTF-8 text, with very long lines (64131)
Hash e969f2fd683c8d12ccbfa6ec0487dadf
4efb5abd97f96f324fd3bd64902a02e4a8a3d3af
10375c0c9bd1d60f996e3b7eef19ada49ebc3790f78742204cef7026754d2ac2
GET /ajax/libs/select2/4.0.13/js/select2.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://proteamitc.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 14:55:32 GMT
content-type: application/javascript; charset=utf-8
content-length: 16456
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5ecc8659-114c3"
last-modified: Tue, 26 May 2020 03:00:41 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1592505
expires: Mon, 11 Sep 2023 14:55:32 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yc1W8l9Wwfbe3UQrVB9icxCkqeRhnyRTUL9FUB7Q0Q6LKb83HfNBuHKBCskeo6YJIka8FQAdSyil7VPo6QOTz4Q8JXFjv4fR%2FrpqPvMM2TMlQ%2BbCCH9oNtkfZ6amg8%2BdToGzFP56"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74e3a471aea2b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/jquery-validation@1.19.1/dist/jquery.validate.min.js
151.101.85.229200 OK 7.8 kB URL HTTP/2 cdn.jsdelivr.net/npm/jquery-validation@1.19.1/dist/jquery.validate.min.js
IP 151.101.85.229:0
File type Unicode text, UTF-8 text, with very long lines (24237)
Hash 144d2fdbeb2ac0a55e26fd4d3bcb6aa7
7b00473f6a8170bcb0573cec68acea35684250c7
5e9ecf8613ebbaae3c171d1ba18e6af51d41ed136730e2764784f12679fda526
GET /npm/jquery-validation@1.19.1/dist/jquery.validate.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.19.1
x-jsd-version-type: version
etag: W/"5f38-DaTFNbUL203/o7X64+mZru4TfLU"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 21 Sep 2022 14:55:32 GMT
age: 3162118
x-served-by: cache-fra19165-FRA, cache-bma1660-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7815
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
104.17.24.14200 OK 28 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (65451)
Hash 4b5f47439b640180cc3450f7de05d0d8
5a0dc9bcab80ddc409dd35fcb00a88fe6846fee2
1f85e8b327f42c17c025d69849914068536d9aa95412fe473ae90ffb2f4ebd82
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 14:55:32 GMT
content-type: application/javascript; charset=utf-8
content-length: 27958
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb09ed3-15d84"
last-modified: Mon, 04 May 2020 23:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 9215836
expires: Mon, 11 Sep 2023 14:55:32 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GlusXZPtD%2FFE3wdtEKHteS5ZAoAnYNz8s92SkkCExuttC%2FXcudbZ9AoOJRBaL8kGZj0urwlnYcKc6wYOROvujF8tgnek52RA4syHS8DeJPz5b62pDn4zA8qYFG7DqX1WmjMTtDR1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74e3a471bdf6b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
polyfill.io/v3/polyfill.min.js?version=3.52.1&features=URL%2CURLSearchParams%2Ces5%2Ces6%2Ces7
151.101.1.26200 OK 74 B URL HTTP/2 polyfill.io/v3/polyfill.min.js?version=3.52.1&features=URL%2CURLSearchParams%2Ces5%2Ces6%2Ces7
IP 151.101.1.26:0
Hash bdb6d8e9b581dfbdb87566776ede0cbd
d18cdeacd5c146b34919955e97e51b7db50d0d9b
fe35c33df2fa5edeac1dbbe512a6e92c5b1e7fb5c204df818e23ea07b5121add
GET /v3/polyfill.min.js?version=3.52.1&features=URL%2CURLSearchParams%2Ces5%2Ces6%2Ces7 HTTP/1.1
Host: polyfill.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://proteamitc.com
Connection: keep-alive
Referer: https://proteamitc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
content-type: text/javascript; charset=utf-8
last-modified: Wed, 14 Sep 2022 15:11:14 GMT
content-encoding: br
age: 0
accept-ranges: bytes
useragent_normaliser: firefox/96.0.0
date: Wed, 21 Sep 2022 14:55:32 GMT
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
vary: User-Agent, Accept-Encoding
server-timing: cache-bma1651, PASS, fastly;desc="Edge time";dur=14
content-length: 74
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ff6d50919e56aed75c47feb45ee2f2ec
98f558a4b2d4f3c271abc93d0b74ece4ad7a59ef
b1b6f0e78b5a1e2092cba6d71d0d5a918066c0486176cef0a19f51e2d5a9962e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5863
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 14:55:32 GMT
Last-Modified: Wed, 21 Sep 2022 13:17:49 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.21.226:0
Hash 27a94a0ff6f4c75a1ba21dd1caa47527
658d1917a81d1d0a68151903973992e2b59b3697
d1da53aff49d81c8d0139382b6c338d27eb349c0bde61e41ccb9e0e7ab7234f2
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 14:55:32 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "0D300EB098696BC238787019CF374F8685E820CB"
Expires: Thu, 22 Sep 2022 02:00:00 GMT
Last-Modified: Wed, 21 Sep 2022 14:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 604
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e3a4723e68b512-OSL
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a79e3fb6006915f9224684bbf94e54f6
8634c28b2be5a6ee744fa4627853f5fc9a8547f8
500e68bbfc37e3b9f22201367dad6c84dad258d60d3fd38b52555a413bb5b73e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6572
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 14:55:32 GMT
Last-Modified: Wed, 21 Sep 2022 13:06:00 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a79e3fb6006915f9224684bbf94e54f6
8634c28b2be5a6ee744fa4627853f5fc9a8547f8
500e68bbfc37e3b9f22201367dad6c84dad258d60d3fd38b52555a413bb5b73e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6380
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 14:55:32 GMT
Last-Modified: Wed, 21 Sep 2022 13:09:12 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
proteamitc.com/uploads/uploadedFonts/fontsImport.css?v=1663772131
50.19.16.20200 OK 102 kB URL HTTP/1.1 proteamitc.com/uploads/uploadedFonts/fontsImport.css?v=1663772131
IP 50.19.16.20:0
File type ASCII text, with very long lines (508)
Size 102 kB (101830 bytes)
Hash 6536b36ddf48a6079b54f2b4ae0be765
63ffaf2f552dd2861b7147193dcda3b1ea51ef8d
1bc9d3383234ea5dad3eb27f83541f5328d36437eb6e94a3a70492a46d2d10e6
Analyzer Verdict Alert fortinet Phishing
GET /uploads/uploadedFonts/fontsImport.css?v=1663772131 HTTP/1.1
Host: proteamitc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/16803-116808/64169?uid=4fWkaUSZfHziUbQB78vy6PGnYwadqUifCo85ba&prom_type=regular&prom_id=188482&pld=26L81sNgpwNGg5&answer-1=2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Wed, 21 Sep 2022 14:55:32 GMT
Content-Type: text/css
Content-Length: 101830
Last-Modified: Mon, 19 Sep 2022 21:25:17 GMT
Connection: keep-alive
ETag: "6328de3d-18dc6"
Expires: Wed, 21 Sep 2022 14:55:32 GMT
Cache-Control: max-age=0
Accept-Ranges: bytes
proteamitc.com/lib/jq/cqParams/fb.cqParams.js
50.19.16.20200 OK 2.8 kB URL HTTP/1.1 proteamitc.com/lib/jq/cqParams/fb.cqParams.js
IP 50.19.16.20:0
Hash 55159908ed60d22fd3992732aa7e42d3
57976f1953d1da224e9746296eaac849d69dc5f3
c6b1e77cd2f103d2fa292bf088a9680848a4f94b6c1ef6ee2017c2ba530a03c5
Analyzer Verdict Alert fortinet Phishing
GET /lib/jq/cqParams/fb.cqParams.js HTTP/1.1
Host: proteamitc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/16803-116808/64169?uid=4fWkaUSZfHziUbQB78vy6PGnYwadqUifCo85ba&prom_type=regular&prom_id=188482&pld=26L81sNgpwNGg5&answer-1=2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Wed, 21 Sep 2022 14:55:32 GMT
Content-Type: application/javascript
Content-Length: 2815
Last-Modified: Tue, 14 Sep 2021 10:49:24 GMT
Connection: keep-alive
ETag: "61407e34-aff"
Expires: Wed, 21 Sep 2022 14:55:32 GMT
Cache-Control: max-age=0
Accept-Ranges: bytes
proteamitc.com/lib/jq/validator/fb.validation.js
50.19.16.20200 OK 2.0 kB URL HTTP/1.1 proteamitc.com/lib/jq/validator/fb.validation.js
IP 50.19.16.20:0
Hash 60f78449c35e69490026e3f739d322dc
a0f988cad0941c050d4ecbe1d58f450193c604d2
ee75b43f5de847b148b9ed76c06b5db9566ba8da3ac35c726ed43ef9f9b2c3e3
Analyzer Verdict Alert fortinet Phishing
GET /lib/jq/validator/fb.validation.js HTTP/1.1
Host: proteamitc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/16803-116808/64169?uid=4fWkaUSZfHziUbQB78vy6PGnYwadqUifCo85ba&prom_type=regular&prom_id=188482&pld=26L81sNgpwNGg5&answer-1=2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Wed, 21 Sep 2022 14:55:32 GMT
Content-Type: application/javascript
Content-Length: 2011
Last-Modified: Wed, 09 Jun 2021 11:25:31 GMT
Connection: keep-alive
ETag: "60c0a52b-7db"
Expires: Wed, 21 Sep 2022 14:55:32 GMT
Cache-Control: max-age=0
Accept-Ranges: bytes
push.services.mozilla.com/
54.149.28.179101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.28.179:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: DrCw5NzC1XIaboSiAqwe2w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: bErTKPrWpo4WPT5Lu/KSrm3mYXQ=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c69ea0ba9d29ed1911652ddfad636353
9842afd64711993ae833301d5f532c7d69cf521a
43495f16f296bcb7fd72bff5e9b8c7594ff64f16dc40f5eb964dd74a6583b225
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "43495F16F296BCB7FD72BFF5E9B8C7594FF64F16DC40F5EB964DD74A6583B225"
Last-Modified: Wed, 21 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21558
Expires: Wed, 21 Sep 2022 20:54:50 GMT
Date: Wed, 21 Sep 2022 14:55:32 GMT
Connection: keep-alive
stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css
104.18.10.207200 OK 25 kB URL HTTP/2 stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css
IP 104.18.10.207:0
File type ASCII text, with very long lines (65324)
Hash edec8f2de9c29c0abdc984f926a787da
7b5eb181973262103d5656fc4f24849b4bfafab5
a3a826f1e3d4255191e58f5311253abd39321c0f8d78fbd3464a2d80b32c0283
GET /bootstrap/4.4.1/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 14:55:32 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:09 GMT
cdn-cachedat: 08/03/2021 15:16:56
cdn-edgestorageid: 601
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-proxyver: 1.0
cdn-status: 200
cdn-requestid: d6b43e13ddbcd4f60dded6d39b2abed5
cdn-cache: HIT
cf-cache-status: HIT
age: 9213120
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74e3a4724ab10b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
use.typekit.net/mgr2odi.css
23.36.76.122200 OK 4.1 kB URL HTTP/2 use.typekit.net/mgr2odi.css
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (520)
Hash 609b64c6359e37c88bbd245ba638b89f
dd850df3bcab5430f55c233b626cd8f446de3ba2
bfee3862850ad498e1f660bd51f135340cd36894b836ea0e4ae04dbdb9abc72b
GET /mgr2odi.css HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 4083
date: Wed, 21 Sep 2022 14:55:32 GMT
X-Firefox-Spdy: h2
proteamitc.com/lib/jq/otherInput/fb.otherInput.js
50.19.16.20200 OK 2.3 kB URL HTTP/1.1 proteamitc.com/lib/jq/otherInput/fb.otherInput.js
IP 50.19.16.20:0
Hash f49a975af41186993c4e9375ab2811a9
3ff5af70425851ca10b47e5e9a730466f0ec0d07
da384cdad429313cc5b5e7579c3dd5e547273095b9b2f14e598bfc46ed3544c7
Analyzer Verdict Alert fortinet Phishing
GET /lib/jq/otherInput/fb.otherInput.js HTTP/1.1
Host: proteamitc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/16803-116808/64169?uid=4fWkaUSZfHziUbQB78vy6PGnYwadqUifCo85ba&prom_type=regular&prom_id=188482&pld=26L81sNgpwNGg5&answer-1=2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Wed, 21 Sep 2022 14:55:32 GMT
Content-Type: application/javascript
Content-Length: 2326
Last-Modified: Tue, 25 May 2021 16:06:10 GMT
Connection: keep-alive
ETag: "60ad2072-916"
Expires: Wed, 21 Sep 2022 14:55:32 GMT
Cache-Control: max-age=0
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c69ea0ba9d29ed1911652ddfad636353
9842afd64711993ae833301d5f532c7d69cf521a
43495f16f296bcb7fd72bff5e9b8c7594ff64f16dc40f5eb964dd74a6583b225
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "43495F16F296BCB7FD72BFF5E9B8C7594FF64F16DC40F5EB964DD74A6583B225"
Last-Modified: Wed, 21 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 21 Sep 2022 20:55:32 GMT
Date: Wed, 21 Sep 2022 14:55:32 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bcbb61a4f6f0beed45a5f963bfba6e9d
a07136aeace7036e3b7427d63c60576adbdc388f
3a910cde9f8f65341f3422d28e35ca877558e136c99067b72daaeb56b3d9e76d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 14:55:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bcbb61a4f6f0beed45a5f963bfba6e9d
a07136aeace7036e3b7427d63c60576adbdc388f
3a910cde9f8f65341f3422d28e35ca877558e136c99067b72daaeb56b3d9e76d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 14:55:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
p.typekit.net/p.css?s=1&k=mgr2odi&ht=tk&f=137.138.139.140.169.170.171.172.173.174.175.176.5474.5475.25136.25137.143.144.147.148.156.157.161.162.2003.2004.2005.2006.2007.2008.2009.2010.2011.2012.9938.9939.39002.39004.12046.12047.12048.12049.12050.12051.12053.12054.12055.12056.17398.17399.17400.17401.22618.22619.14032.14033.14034.14035.26425.26426.35617.35620.26435.35615.26438.26439.35630.35633.26448.35628.26893.26894.26897.26898.26909.26910.26913.26914.29382.29383&a=14392602&app=typekit&e=css
23.36.76.122200 OK 5 B URL HTTP/2 p.typekit.net/p.css?s=1&k=mgr2odi&ht=tk&f=137.138.139.140.169.170.171.172.173.174.175.176.5474.5475.25136.25137.143.144.147.148.156.157.161.162.2003.2004.2005.2006.2007.2008.2009.2010.2011.2012.9938.9939.39002.39004.12046.12047.12048.12049.12050.12051.12053.12054.12055.12056.17398.17399.17400.17401.22618.22619.14032.14033.14034.14035.26425.26426.35617.35620.26435.35615.26438.26439.35630.35633.26448.35628.26893.26894.26897.26898.26909.26910.26913.26914.29382.29383&a=14392602&app=typekit&e=css
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
Hash 83d24d4b43cc7eef2b61e66c95f3d158
f0cafc285ee23bb6c28c5166f305493c4331c84d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
GET /p.css?s=1&k=mgr2odi&ht=tk&f=137.138.139.140.169.170.171.172.173.174.175.176.5474.5475.25136.25137.143.144.147.148.156.157.161.162.2003.2004.2005.2006.2007.2008.2009.2010.2011.2012.9938.9939.39002.39004.12046.12047.12048.12049.12050.12051.12053.12054.12055.12056.17398.17399.17400.17401.22618.22619.14032.14033.14034.14035.26425.26426.35617.35620.26435.35615.26438.26439.35630.35633.26448.35628.26893.26894.26897.26898.26909.26910.26913.26914.29382.29383&a=14392602&app=typekit&e=css HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: text/css
cross-origin-resource-policy: cross-origin
etag: "613bee4d-5"
last-modified: Fri, 10 Sep 2021 23:46:21 GMT
server: nginx
content-length: 5
unused62: 8096267
date: Wed, 21 Sep 2022 14:55:32 GMT
X-Firefox-Spdy: h2
proteamitc.com/lib/jq/fb.autoSubmit.js
50.19.16.20200 OK 631 B URL HTTP/1.1 proteamitc.com/lib/jq/fb.autoSubmit.js
IP 50.19.16.20:0
Hash d1b0ab11f9d2a041be621b97140bd0de
03eb391c2a4ec2e17385afdb695cb458bddb4dba
348cf9886114edd1ab2df04571fd8e6eeb192d2da111b4ef3200caa25ce0ffae
Analyzer Verdict Alert fortinet Phishing
GET /lib/jq/fb.autoSubmit.js HTTP/1.1
Host: proteamitc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/16803-116808/64169?uid=4fWkaUSZfHziUbQB78vy6PGnYwadqUifCo85ba&prom_type=regular&prom_id=188482&pld=26L81sNgpwNGg5&answer-1=2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Wed, 21 Sep 2022 14:55:32 GMT
Content-Type: application/javascript
Content-Length: 631
Last-Modified: Mon, 12 Apr 2021 20:19:39 GMT
Connection: keep-alive
ETag: "6074ab5b-277"
Expires: Wed, 21 Sep 2022 14:55:32 GMT
Cache-Control: max-age=0
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bcbb61a4f6f0beed45a5f963bfba6e9d
a07136aeace7036e3b7427d63c60576adbdc388f
3a910cde9f8f65341f3422d28e35ca877558e136c99067b72daaeb56b3d9e76d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 14:55:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bcbb61a4f6f0beed45a5f963bfba6e9d
a07136aeace7036e3b7427d63c60576adbdc388f
3a910cde9f8f65341f3422d28e35ca877558e136c99067b72daaeb56b3d9e76d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 14:55:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
proteamitc.com/lpScripts/assetsBehavior.js?v=1
50.19.16.20200 OK 9.5 kB URL HTTP/1.1 proteamitc.com/lpScripts/assetsBehavior.js?v=1
IP 50.19.16.20:0
Hash 102f9d4771d6428b1dc3c9884c08b50d
6250988a74cd66becad95baf5065890ad5d129e9
33c3270c9dc5b39942cbd943a9e3b2a10153518f947b41f3e15fb79977be5e59
Analyzer Verdict Alert fortinet Phishing
GET /lpScripts/assetsBehavior.js?v=1 HTTP/1.1
Host: proteamitc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/16803-116808/64169?uid=4fWkaUSZfHziUbQB78vy6PGnYwadqUifCo85ba&prom_type=regular&prom_id=188482&pld=26L81sNgpwNGg5&answer-1=2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Wed, 21 Sep 2022 14:55:32 GMT
Content-Type: application/javascript
Content-Length: 9494
Last-Modified: Mon, 05 Sep 2022 18:13:19 GMT
Connection: keep-alive
ETag: "63163c3f-2516"
Expires: Wed, 21 Sep 2022 14:55:32 GMT
Cache-Control: max-age=0
Accept-Ranges: bytes
proteamitc.com/lib/jq/fb.utils.js
50.19.16.20200 OK 18 kB URL HTTP/1.1 proteamitc.com/lib/jq/fb.utils.js
IP 50.19.16.20:0
Hash ae4404875fed763d83013c881e85a0ee
b816ad607b6a4a89b901447ad513abbbf7fd16a9
827810c0c757314f1071132a70efabdf940d7a259cf21bc99f008f96f0859637
Analyzer Verdict Alert fortinet Phishing
GET /lib/jq/fb.utils.js HTTP/1.1
Host: proteamitc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/16803-116808/64169?uid=4fWkaUSZfHziUbQB78vy6PGnYwadqUifCo85ba&prom_type=regular&prom_id=188482&pld=26L81sNgpwNGg5&answer-1=2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Wed, 21 Sep 2022 14:55:32 GMT
Content-Type: application/javascript
Content-Length: 17827
Last-Modified: Mon, 12 Sep 2022 09:24:07 GMT
Connection: keep-alive
ETag: "631efab7-45a3"
Expires: Wed, 21 Sep 2022 14:55:32 GMT
Cache-Control: max-age=0
Accept-Ranges: bytes
lp.infusemedia.com/ckeditor/plugins/lpLinkV2/css/styles.css
23.22.88.62200 OK 2.2 kB URL HTTP/1.1 lp.infusemedia.com/ckeditor/plugins/lpLinkV2/css/styles.css
IP 23.22.88.62:0
File type ASCII text, with very long lines (2158)
Hash 20944bcec784ce7e2b95b62808da9869
29fa6fc754e5f8cda684cfcadad4b996f7404e61
479da2477e3d7631c8cca6c411d1b2afad9d5e66bc6bb7acc8b1bdafadd75499
GET /ckeditor/plugins/lpLinkV2/css/styles.css HTTP/1.1
Host: lp.infusemedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Wed, 21 Sep 2022 14:55:32 GMT
Content-Type: text/css
Content-Length: 2159
Last-Modified: Mon, 19 Sep 2022 18:46:45 GMT
Connection: keep-alive
ETag: "6328b915-86f"
Expires: Wed, 21 Sep 2022 14:55:32 GMT
Cache-Control: max-age=0
Accept-Ranges: bytes
lp.infusemedia.com/ckeditor/plugins/formBuilder/styles/formBuilder.css?v=1.3.1663274522602
23.22.88.62200 OK 5.2 kB URL HTTP/1.1 lp.infusemedia.com/ckeditor/plugins/formBuilder/styles/formBuilder.css?v=1.3.1663274522602
IP 23.22.88.62:0
Hash e741d2aa47efe7dda9dfe0a5014fef0e
30ebfe60d0832bb8114c6ba155f0ddb15c1a527c
68c2e3489d098db2a6e2ddba9f32ff172d1c0ff0983b9b3c3c0b59c8a850cf20
GET /ckeditor/plugins/formBuilder/styles/formBuilder.css?v=1.3.1663274522602 HTTP/1.1
Host: lp.infusemedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Wed, 21 Sep 2022 14:55:32 GMT
Content-Type: text/css
Content-Length: 5201
Last-Modified: Mon, 19 Sep 2022 18:46:45 GMT
Connection: keep-alive
ETag: "6328b915-1451"
Expires: Wed, 21 Sep 2022 14:55:32 GMT
Cache-Control: max-age=0
Accept-Ranges: bytes
fonts.googleapis.com/css2?family=Noto+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap
142.250.74.10200 OK 1.3 kB URL HTTP/2 fonts.googleapis.com/css2?family=Noto+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap
IP 142.250.74.10:0
Hash acade2141cc168062c5f38c8ff79dc90
b5fe921df97a9b074841811f188b699e4df45012
7421c4caf226a8e28181e7b8a1424365e8429e02ed374b8ccf898aaa1a549be6
GET /css2?family=Noto+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 21 Sep 2022 14:55:32 GMT
date: Wed, 21 Sep 2022 14:55:32 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
proteamitc.com/lib/uri/uri.js
50.19.16.20200 OK 77 kB URL HTTP/1.1 proteamitc.com/lib/uri/uri.js
IP 50.19.16.20:0
File type Unicode text, UTF-8 text, with very long lines (1107)
Hash 64437cd33e2fa1a40e6850ee6388639e
809078716153b491c00852f366ca3f8d6e03df22
96361c580499a6dd7afa83f352fb2a27c159a39daf794e2e6813514be8a8fbe9
Analyzer Verdict Alert fortinet Phishing
GET /lib/uri/uri.js HTTP/1.1
Host: proteamitc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/16803-116808/64169?uid=4fWkaUSZfHziUbQB78vy6PGnYwadqUifCo85ba&prom_type=regular&prom_id=188482&pld=26L81sNgpwNGg5&answer-1=2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Wed, 21 Sep 2022 14:55:32 GMT
Content-Type: application/javascript
Content-Length: 76862
Last-Modified: Mon, 12 Apr 2021 20:19:39 GMT
Connection: keep-alive
ETag: "6074ab5b-12c3e"
Expires: Wed, 21 Sep 2022 14:55:32 GMT
Cache-Control: max-age=0
Accept-Ranges: bytes
lp.infusemedia.com/ckeditor/contents.css?t=M7OE
23.22.88.62200 OK 2.9 kB URL HTTP/1.1 lp.infusemedia.com/ckeditor/contents.css?t=M7OE
IP 23.22.88.62:0
Hash ea34863bd1770c4274d7ed7c58449f2a
1aefe351289c27d7b741cd38baaaad3398e306ba
43b78285c786c968e35d8a44aafb06df291e840e106bd01ddf36df96ce84ff5d
GET /ckeditor/contents.css?t=M7OE HTTP/1.1
Host: lp.infusemedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Wed, 21 Sep 2022 14:55:32 GMT
Content-Type: text/css
Content-Length: 2886
Last-Modified: Mon, 19 Sep 2022 18:46:44 GMT
Connection: keep-alive
ETag: "6328b914-b46"
Expires: Wed, 21 Sep 2022 14:55:32 GMT
Cache-Control: max-age=0
Accept-Ranges: bytes
proteamitc.com/lib/jq/validator/localization/jq_validation_localizations.boundled.js
50.19.16.20200 OK 110 kB URL HTTP/1.1 proteamitc.com/lib/jq/validator/localization/jq_validation_localizations.boundled.js
IP 50.19.16.20:0
Size 110 kB (110384 bytes)
Hash 590cfcdcec421c852434167b135406c7
aa035d2388b6576bbb0657b4347b88ec7d272bd7
90e8f80b16e3b6ee999a5400579399c6207291f3f5476fb3951c5230d75ec3db
Analyzer Verdict Alert fortinet Phishing
GET /lib/jq/validator/localization/jq_validation_localizations.boundled.js HTTP/1.1
Host: proteamitc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/16803-116808/64169?uid=4fWkaUSZfHziUbQB78vy6PGnYwadqUifCo85ba&prom_type=regular&prom_id=188482&pld=26L81sNgpwNGg5&answer-1=2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Wed, 21 Sep 2022 14:55:32 GMT
Content-Type: application/javascript
Content-Length: 110384
Last-Modified: Thu, 14 Jul 2022 12:15:02 GMT
Connection: keep-alive
ETag: "62d008c6-1af30"
Expires: Wed, 21 Sep 2022 14:55:32 GMT
Cache-Control: max-age=0
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 14:55:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://proteamitc.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:34:08 GMT
expires: Thu, 14 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 588084
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Muli
142.250.74.10200 OK 872 B URL HTTP/2 fonts.googleapis.com/css?family=Muli
IP 142.250.74.10:0
Hash 393f6ca582096f350a719f903410af02
e62ab3823811362ba566857dec2c9b254e962358
f294e731e0e390e3ad259f3eac3617d24c65f03e37bfa0ab5ed08217479a4e4a
GET /css?family=Muli HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 21 Sep 2022 14:55:32 GMT
date: Wed, 21 Sep 2022 14:55:32 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
via.placeholder.com/1280x320?text=LOGO
172.64.141.13200 OK 1.8 kB URL HTTP/2 via.placeholder.com/1280x320?text=LOGO
IP 172.64.141.13:0
File type PNG image data, 1280 x 320, 4-bit colormap, non-interlaced\012- data
Hash c901b21688c204362c755b50dd01661c
21d804d25c253dbbebb24e2ec93c20e513d1aca9
cda6d49363c0eb3be56104f772fc8c2c334c132f2829ab30c246ad19f103454a
GET /1280x320?text=LOGO HTTP/1.1
Host: via.placeholder.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 14:55:32 GMT
content-type: image/png
content-length: 1836
last-modified: Wed, 30 Dec 2020 14:00:06 GMT
etag: "5fec87e6-72c"
expires: Wed, 28 Sep 2022 14:55:28 GMT
cache-control: max-age=604800
x-cache: L1
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S2jckmZKiXArMfGjn2wwYTKLVq2M5Z2%2F%2BQPgTznrTxzcc4%2BffrLOeUvEQ2nsXE3YctPNpwHb5WgKllTUM%2FSqYYrmco874qakmYH0tr4rbhMG1sMwxSPMQJUG7wv67FXGzvgY%2B0xu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e3a4750d227509-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap
142.250.74.10200 OK 36 kB URL HTTP/2 fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap
IP 142.250.74.10:0
Hash 9239b9d531496bf1c98e95bfd7efdb59
e36b716c1f54b0f90c6a98ad0c847175b21ae81e
6c5f152edb365a5281137c06ae40cd9af2bbe36bd80ef36ab761f0771241fcc4
GET /css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 21 Sep 2022 14:55:32 GMT
date: Wed, 21 Sep 2022 14:55:32 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
proteamitc.com/16803-116808/64169?uid=4fWkaUSZfHziUbQB78vy6PGnYwadqUifCo85ba&prom_type=regular&prom_id=188482&pld=26L81sNgpwNGg5&answer-1=2
50.19.16.20200 OK 20 B URL HTTP/1.1 proteamitc.com/16803-116808/64169?uid=4fWkaUSZfHziUbQB78vy6PGnYwadqUifCo85ba&prom_type=regular&prom_id=188482&pld=26L81sNgpwNGg5&answer-1=2
IP 50.19.16.20:0
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
POST /16803-116808/64169?uid=4fWkaUSZfHziUbQB78vy6PGnYwadqUifCo85ba&prom_type=regular&prom_id=188482&pld=26L81sNgpwNGg5&answer-1=2 HTTP/1.1
Host: proteamitc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 79
Origin: https://proteamitc.com
Connection: keep-alive
Referer: https://proteamitc.com/16803-116808/64169?uid=4fWkaUSZfHziUbQB78vy6PGnYwadqUifCo85ba&prom_type=regular&prom_id=188482&pld=26L81sNgpwNGg5&answer-1=2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.22.0
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.4.16
Cache-Control: max-age=0, must-revalidate, private
Date: Wed, 21 Sep 2022 14:55:32 GMT
Expires: Wed, 21 Sep 2022 14:55:32 GMT
Content-Encoding: gzip
proteamitc.com/16803-116809-typ/64169?uid=4fWkaUSZfHziUbQB78vy6PGnYwadqUifCo85ba
50.19.16.20200 OK 2.9 kB URL HTTP/1.1 proteamitc.com/16803-116809-typ/64169?uid=4fWkaUSZfHziUbQB78vy6PGnYwadqUifCo85ba
IP 50.19.16.20:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5908)
Hash 486895da2fab1e65ca40d73efa85f495
24070e60d0fd38883be055f113d5b13f8eb38f51
c0f02709a131b38817ee5066a617504444696f2de31e3784ce408dd17d6d169f
Analyzer Verdict Alert fortinet Phishing
GET /16803-116809-typ/64169?uid=4fWkaUSZfHziUbQB78vy6PGnYwadqUifCo85ba HTTP/1.1
Host: proteamitc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/16803-116808/64169?uid=4fWkaUSZfHziUbQB78vy6PGnYwadqUifCo85ba&prom_type=regular&prom_id=188482&pld=26L81sNgpwNGg5&answer-1=2
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.22.0
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.4.16
Cache-Control: no-cache, private
Date: Wed, 21 Sep 2022 14:55:33 GMT
Content-Encoding: gzip
lp.infusemedia.com/ckeditor/contents.css?t=M7OE
23.22.88.62304 Not Modified 0 B URL HTTP/1.1 lp.infusemedia.com/ckeditor/contents.css?t=M7OE
IP 23.22.88.62:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ckeditor/contents.css?t=M7OE HTTP/1.1
Host: lp.infusemedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Mon, 19 Sep 2022 18:46:44 GMT
If-None-Match: "6328b914-b46"
HTTP/1.1 304 Not Modified
Server: nginx/1.22.0
Date: Wed, 21 Sep 2022 14:55:33 GMT
Last-Modified: Mon, 19 Sep 2022 18:46:44 GMT
Connection: keep-alive
ETag: "6328b914-b46"
Expires: Wed, 21 Sep 2022 14:55:33 GMT
Cache-Control: max-age=0
proteamitc.com/lib/uri/uri.js
50.19.16.20304 Not Modified 0 B URL HTTP/1.1 proteamitc.com/lib/uri/uri.js
IP 50.19.16.20:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /lib/uri/uri.js HTTP/1.1
Host: proteamitc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/16803-116809-typ/64169?uid=4fWkaUSZfHziUbQB78vy6PGnYwadqUifCo85ba
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Mon, 12 Apr 2021 20:19:39 GMT
If-None-Match: "6074ab5b-12c3e"
HTTP/1.1 304 Not Modified
Server: nginx/1.22.0
Date: Wed, 21 Sep 2022 14:55:33 GMT
Last-Modified: Mon, 12 Apr 2021 20:19:39 GMT
Connection: keep-alive
ETag: "6074ab5b-12c3e"
Expires: Wed, 21 Sep 2022 14:55:33 GMT
Cache-Control: max-age=0
lp.infusemedia.com/ckeditor/plugins/lpLinkV2/css/styles.css
23.22.88.62304 Not Modified 0 B URL HTTP/1.1 lp.infusemedia.com/ckeditor/plugins/lpLinkV2/css/styles.css
IP 23.22.88.62:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ckeditor/plugins/lpLinkV2/css/styles.css HTTP/1.1
Host: lp.infusemedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Mon, 19 Sep 2022 18:46:45 GMT
If-None-Match: "6328b915-86f"
HTTP/1.1 304 Not Modified
Server: nginx/1.22.0
Date: Wed, 21 Sep 2022 14:55:33 GMT
Last-Modified: Mon, 19 Sep 2022 18:46:45 GMT
Connection: keep-alive
ETag: "6328b915-86f"
Expires: Wed, 21 Sep 2022 14:55:33 GMT
Cache-Control: max-age=0
lp.infusemedia.com/ckeditor/plugins/formBuilder/styles/formBuilder.css?v=1.3.1663273349128
23.22.88.62200 OK 5.2 kB URL HTTP/1.1 lp.infusemedia.com/ckeditor/plugins/formBuilder/styles/formBuilder.css?v=1.3.1663273349128
IP 23.22.88.62:0
Hash e741d2aa47efe7dda9dfe0a5014fef0e
30ebfe60d0832bb8114c6ba155f0ddb15c1a527c
68c2e3489d098db2a6e2ddba9f32ff172d1c0ff0983b9b3c3c0b59c8a850cf20
GET /ckeditor/plugins/formBuilder/styles/formBuilder.css?v=1.3.1663273349128 HTTP/1.1
Host: lp.infusemedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Wed, 21 Sep 2022 14:55:33 GMT
Content-Type: text/css
Content-Length: 5201
Last-Modified: Mon, 19 Sep 2022 18:46:45 GMT
Connection: keep-alive
ETag: "6328b915-1451"
Expires: Wed, 21 Sep 2022 14:55:33 GMT
Cache-Control: max-age=0
Accept-Ranges: bytes
proteamitc.com/lpScripts/assetsBehavior.js?v=1
50.19.16.20304 Not Modified 0 B URL HTTP/1.1 proteamitc.com/lpScripts/assetsBehavior.js?v=1
IP 50.19.16.20:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /lpScripts/assetsBehavior.js?v=1 HTTP/1.1
Host: proteamitc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/16803-116809-typ/64169?uid=4fWkaUSZfHziUbQB78vy6PGnYwadqUifCo85ba
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Mon, 05 Sep 2022 18:13:19 GMT
If-None-Match: "63163c3f-2516"
HTTP/1.1 304 Not Modified
Server: nginx/1.22.0
Date: Wed, 21 Sep 2022 14:55:33 GMT
Last-Modified: Mon, 05 Sep 2022 18:13:19 GMT
Connection: keep-alive
ETag: "63163c3f-2516"
Expires: Wed, 21 Sep 2022 14:55:33 GMT
Cache-Control: max-age=0
proteamitc.com/uploads/uploadedFonts/fontsImport.css?v=1663772133
50.19.16.20200 OK 102 kB URL HTTP/1.1 proteamitc.com/uploads/uploadedFonts/fontsImport.css?v=1663772133
IP 50.19.16.20:0
File type ASCII text, with very long lines (508)
Size 102 kB (101830 bytes)
Hash 6536b36ddf48a6079b54f2b4ae0be765
63ffaf2f552dd2861b7147193dcda3b1ea51ef8d
1bc9d3383234ea5dad3eb27f83541f5328d36437eb6e94a3a70492a46d2d10e6
Analyzer Verdict Alert fortinet Phishing
GET /uploads/uploadedFonts/fontsImport.css?v=1663772133 HTTP/1.1
Host: proteamitc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/16803-116809-typ/64169?uid=4fWkaUSZfHziUbQB78vy6PGnYwadqUifCo85ba
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Wed, 21 Sep 2022 14:55:33 GMT
Content-Type: text/css
Content-Length: 101830
Last-Modified: Mon, 19 Sep 2022 21:25:17 GMT
Connection: keep-alive
ETag: "6328de3d-18dc6"
Expires: Wed, 21 Sep 2022 14:55:33 GMT
Cache-Control: max-age=0
Accept-Ranges: bytes
proteamitc.com/uploads/c_16803/logos/oam_logo_2019-1.png
50.19.16.20200 OK 18 kB URL HTTP/1.1 proteamitc.com/uploads/c_16803/logos/oam_logo_2019-1.png
IP 50.19.16.20:0
File type PNG image data, 257 x 197, 8-bit/color RGBA, non-interlaced\012- data
Hash ddd06b590248da459d1939516406e8db
58428e3393cf8a9e3564e14a9b232b940a1b00b4
0b3d4de9f7a2240b4d72abfa23060ee2c6e38a50500bedd101ff273cfcaf7f9e
GET /uploads/c_16803/logos/oam_logo_2019-1.png HTTP/1.1
Host: proteamitc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/16803-116809-typ/64169?uid=4fWkaUSZfHziUbQB78vy6PGnYwadqUifCo85ba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Wed, 21 Sep 2022 14:55:33 GMT
Content-Type: image/png
Content-Length: 18290
Last-Modified: Thu, 15 Sep 2022 20:17:48 GMT
Connection: keep-alive
ETag: "6323886c-4772"
Expires: Wed, 21 Sep 2022 15:55:33 GMT
Cache-Control: max-age=3600
Accept-Ranges: bytes
proteamitc.com/uploads/c_16803/logos/13123123.jpg
50.19.16.20200 OK 116 kB URL HTTP/1.1 proteamitc.com/uploads/c_16803/logos/13123123.jpg
IP 50.19.16.20:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [\012- TIFF image data, big-endian, direntries=3, orientation=lower-right], comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 1920x1080, components 3\012- data
Size 116 kB (116083 bytes)
Hash 38638cce3fef9a42c231d87c51751b2b
fe4bcb4d2d93f201fc71649c1bb34b2bd2a3d962
267fc829202fcfdd11fbd0557f53c3f9eef33637204eaba896ab147ce8ff15f6
GET /uploads/c_16803/logos/13123123.jpg HTTP/1.1
Host: proteamitc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/16803-116809-typ/64169?uid=4fWkaUSZfHziUbQB78vy6PGnYwadqUifCo85ba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Wed, 21 Sep 2022 14:55:33 GMT
Content-Type: image/jpeg
Content-Length: 116083
Last-Modified: Thu, 15 Sep 2022 20:18:02 GMT
Connection: keep-alive
ETag: "6323887a-1c573"
Expires: Wed, 21 Sep 2022 15:55:33 GMT
Cache-Control: max-age=3600
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2445
Expires: Wed, 21 Sep 2022 15:36:18 GMT
Date: Wed, 21 Sep 2022 14:55:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2445
Expires: Wed, 21 Sep 2022 15:36:18 GMT
Date: Wed, 21 Sep 2022 14:55:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2445
Expires: Wed, 21 Sep 2022 15:36:18 GMT
Date: Wed, 21 Sep 2022 14:55:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2445
Expires: Wed, 21 Sep 2022 15:36:18 GMT
Date: Wed, 21 Sep 2022 14:55:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2445
Expires: Wed, 21 Sep 2022 15:36:18 GMT
Date: Wed, 21 Sep 2022 14:55:33 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0be442b0-65b4-4d6f-bdd3-b9f3847359a1.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0be442b0-65b4-4d6f-bdd3-b9f3847359a1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9556616ca10eb4383b1e15f360fbf6d4
cb328d0f66f4c2779bc64342ef89735636ae5ded
4f945ab342352aea3f4b2242d084d527bb517cf7c6efd0c10a828f0bee9f5d3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0be442b0-65b4-4d6f-bdd3-b9f3847359a1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9227
x-amzn-requestid: 26d977d3-f4d2-4218-a8f4-a56c873e6a26
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YiFzKG2zIAMFoDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6323e9ad-0bfac6c453e6ea5a311a28a8;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 03:12:45 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: pHepBEdMttNsKHcCRBHNSilQTcZLBjRGUkwzCvgzXLmiASW9UKo3Mw==
via: 1.1 33d72803ad26b392c1b578a2b1276580.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 05:24:55 GMT
age: 34238
etag: "cb328d0f66f4c2779bc64342ef89735636ae5ded"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2ed7323b395e757f7766ea0045efdaca
8b91bc3069a3217bc719c27959d578b353b5d9dc
8daf8cb1464daa5f72bc4f1049adb4aba00b2c2dec11cb3ade3454ec2ebbfb63
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11832
x-amzn-requestid: 75065a71-5f2d-4987-915b-9bddc772c76a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugI_EsLIAMFdmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09f-1248d25405209da3353d4a4a;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: gLh2EBTPdXvFtZuYKH1NVZebvnz4Rhs-f_rZPtfJpIWNemEk0upeOQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:07:08 GMT
age: 60505
etag: "8b91bc3069a3217bc719c27959d578b353b5d9dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06a0b4c5-4223-42cf-b012-2e09b250c8c1.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06a0b4c5-4223-42cf-b012-2e09b250c8c1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c2db94039cb675cb250519fe57b2b3c9
37222a70df5d9a69073b4b32ebc3a5da60006001
444f4359ac25747e7c5d7e09202f195d407bc94a4933ac7ebbbaf9839bf59aff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06a0b4c5-4223-42cf-b012-2e09b250c8c1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12048
x-amzn-requestid: 59e98571-f927-44b3-b088-29ec1e4cc3bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYxD-FnIIAMF5Eg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202ee6-14e47d9a3ae47d0f607033a8;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:19:02 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 55e0txtcytlUpcNWSLrHWN3FC1t4dMHGTrHGhNV7YFIhOz6c45UcCQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 12:43:54 GMT
age: 7899
etag: "37222a70df5d9a69073b4b32ebc3a5da60006001"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecaa9082-610c-41c1-ae9a-e453d87828ab.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecaa9082-610c-41c1-ae9a-e453d87828ab.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dab1f2cd68979d2004ba4449d759a341
54ed14436a75ba2aeb8459bad2ce70229aff4203
e782fb5ede547e1b167719068c6821c62414dcb0991bf9ac38285cb3ce8894e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecaa9082-610c-41c1-ae9a-e453d87828ab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10038
x-amzn-requestid: 4cf38a70-a706-4e6a-b854-9404727c599d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yxy1mHDCIAMF5-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a31bd-5aba5b0640221b302a19781b;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:33:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NzOpixfxr2pFiDhF5WUGmjD8r2CTn1grSkCEyWvthxRq0djbDKjknA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:15:05 GMT
age: 60028
etag: "54ed14436a75ba2aeb8459bad2ce70229aff4203"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a692964324dbb9c460a1b855808d02e6
1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54
3fa9e780d62fffb635064aeed542c8e04923ff943c6080476836fab6c24e2426
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9201
x-amzn-requestid: 6dbfae76-f9ab-4f31-9b62-bcf5d9ce4515
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YxzxlEYcoAMFaQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a333d-7d147481402cc46a751b72ed;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:40:13 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JEb0g486u6AjYFbf8rSbreKjh0m1GsAGbvykHl0oahmVN2ciqe5FOw==
via: 1.1 7dcaa43cd0535d889b549e6a30a57aa0.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:14:57 GMT
etag: "1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54"
content-type: image/jpeg
age: 60036
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14e6ddceb639a5f4875aecb796f95c79
b1cd04a66852694284eeef16a1cde38896e33c03
4c0657a00d7fb4caefa64c28340cad94a306cc393cffe692fcc69c65a80f2391
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10244
x-amzn-requestid: 71f08b9e-e977-48de-ad60-5192a43db517
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYwBkGqjIAMFz0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202d3d-0af3334d085ca4a764e31bb5;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: e3MMA-NVstIsR7M9_JGH05i1e8pK17RsjyERrSMlC3uoHsWw_7ABtA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 19:18:32 GMT
age: 70621
etag: "b1cd04a66852694284eeef16a1cde38896e33c03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
proteamitc.com/16803-116809-typ/64169?uid=4fWkaUSZfHziUbQB78vy6PGnYwadqUifCo85ba&mode=file
50.19.16.20200 OK 2.5 MB URL HTTP/1.1 proteamitc.com/16803-116809-typ/64169?uid=4fWkaUSZfHziUbQB78vy6PGnYwadqUifCo85ba&mode=file
IP 50.19.16.20:0
File type PDF document, version 1.3, 2 pages\012- data
Size 2.5 MB (2505035 bytes)
Hash 8d4a6c914656f8313fea6379e526e951
575f7bb0a3a36c332b22cb2136e45923bcdfba48
50f38af99e07004a8e03724def0a099204d956f5459bc81c00e421997b2a0d8f
GET /16803-116809-typ/64169?uid=4fWkaUSZfHziUbQB78vy6PGnYwadqUifCo85ba&mode=file HTTP/1.1
Host: proteamitc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/16803-116809-typ/64169?uid=4fWkaUSZfHziUbQB78vy6PGnYwadqUifCo85ba
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.22.0
Content-Type: application/force-download
Content-Length: 2505035
Connection: keep-alive
X-Powered-By: PHP/7.4.16
Content-transfer-encoding: binary
Content-disposition: attachment; filename="How-Messaging-Apps-Are-Redefining-the-Customer-Experience.pdf"
Cache-Control: no-cache, private
Date: Wed, 21 Sep 2022 14:55:33 GMT
fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
IP 142.250.74.10:0
GET /css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 21 Sep 2022 14:55:32 GMT
date: Wed, 21 Sep 2022 14:55:32 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700;1,900&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700;1,900&display=swap
IP 142.250.74.10:0
GET /css2?family=Source+Sans+Pro:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 21 Sep 2022 14:55:32 GMT
date: Wed, 21 Sep 2022 14:55:32 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
IP 142.250.74.10:0
GET /css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 21 Sep 2022 14:55:32 GMT
date: Wed, 21 Sep 2022 14:55:32 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap
IP 142.250.74.10:0
GET /css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 21 Sep 2022 14:55:32 GMT
date: Wed, 21 Sep 2022 14:55:32 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Ubuntu:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Ubuntu:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap
IP 142.250.74.10:0
GET /css2?family=Ubuntu:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 21 Sep 2022 14:55:32 GMT
date: Wed, 21 Sep 2022 14:55:32 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2