prenblog.com/promi/pt/pre2?TID=63891986005B7A1B0504075F&host=mandarv.com
212.224.121.236301 Moved Permanently 166 B URL HTTP/1.1 prenblog.com/promi/pt/pre2?TID=63891986005B7A1B0504075F&host=mandarv.com
IP 212.224.121.236:0
ASN #44066 diva-e Datacenters GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3ea1c8d079b38532a6e01a96216ba5e2
598d3ff91d3e252f1e13df8cf0348b270ff2da3f
87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691
GET /promi/pt/pre2?TID=63891986005B7A1B0504075F&host=mandarv.com HTTP/1.1
Host: prenblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 01 Dec 2022 21:16:00 GMT
Content-Type: text/html
Content-Length: 166
Connection: keep-alive
Location: http://prenblog.com/promi/pt/pre2/?TID=63891986005B7A1B0504075F&host=mandarv.com
Expires: Mon, 30 Jan 2023 21:16:00 GMT
Cache-Control: max-age=5184000, public
X-Static-Region: DE
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13139
Expires: Fri, 02 Dec 2022 00:54:59 GMT
Date: Thu, 01 Dec 2022 21:16:00 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2043
Cache-Control: max-age=136155
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 21:16:00 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 11:05:15 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8012
Expires: Thu, 01 Dec 2022 23:29:32 GMT
Date: Thu, 01 Dec 2022 21:16:00 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 01 Dec 2022 20:18:09 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3471
alt-svc: clear
X-Firefox-Spdy: h2
prenblog.com/promi/pt/pre2/?TID=63891986005B7A1B0504075F&host=mandarv.com
212.224.121.236200 OK 10 kB URL HTTP/1.1 prenblog.com/promi/pt/pre2/?TID=63891986005B7A1B0504075F&host=mandarv.com
IP 212.224.121.236:0
ASN #44066 diva-e Datacenters GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2243)
Hash 63910eaad82e768126c8888fab52fbdc
0a21e1dbfea65f98e08e80188924ce62d4468ceb
2ec549c30f578b81f72ea87315b2e71763c03feeb7dbe2aff9d1574b4c68687b
GET /promi/pt/pre2/?TID=63891986005B7A1B0504075F&host=mandarv.com HTTP/1.1
Host: prenblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 21:16:00 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 12:00:32 GMT
ETag: W/"63625be0-93a4"
Expires: Mon, 30 Jan 2023 21:16:00 GMT
Cache-Control: max-age=5184000, public
X-Static-Region: DE
Content-Encoding: gzip
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: i3k/+PyRM+dRLmXB2ZVP0AlfVaTRJnXcZW9teSl720J1s6bEyuTIbRoxROksSUDHx1nr0UWcftc=
x-amz-request-id: WAMKSH64CD5F49NM
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 01 Dec 2022 20:45:48 GMT
age: 1812
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 21:16:00 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
prenblog.com/promi/pt/pre2/style.css
212.224.121.236200 OK 11 kB URL HTTP/1.1 prenblog.com/promi/pt/pre2/style.css
IP 212.224.121.236:0
ASN #44066 diva-e Datacenters GmbH
Hash 9e059cf116efdb0e345e40bc408b1d6e
c9cf025d8a12bfcb130343affd70fb5f10919846
e65c6ac48aabf5fdf253e1876576c731392896d374e1b5cdb1f946c6f5c91e66
GET /promi/pt/pre2/style.css HTTP/1.1
Host: prenblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prenblog.com/promi/pt/pre2/?TID=63891986005B7A1B0504075F&host=mandarv.com
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 21:16:00 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 14 Jul 2020 07:35:09 GMT
ETag: W/"5f0d602d-c0b3"
Expires: Mon, 30 Jan 2023 21:16:00 GMT
Cache-Control: max-age=5184000, public
X-Static-Region: DE
Content-Encoding: gzip
prenblog.com/cdn/js/lr.js
212.224.121.236200 OK 2.6 kB URL HTTP/1.1 prenblog.com/cdn/js/lr.js
IP 212.224.121.236:0
ASN #44066 diva-e Datacenters GmbH
File type ASCII text, with very long lines (6614), with no line terminators
Hash a48e1075b482fc34a02c8cd9b4c88f00
0128eb940411a55247e24ed4e06e124b8ef5a003
4b9d113616f335d61a6a5a7da786ed3b465fc5500dd53dfc388def48814fa7ad
Analyzer Verdict Alert fortinet Phishing
GET /cdn/js/lr.js HTTP/1.1
Host: prenblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prenblog.com/promi/pt/pre2/?TID=63891986005B7A1B0504075F&host=mandarv.com
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 21:16:00 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 12 Jan 2022 12:00:23 GMT
ETag: W/"61dec2d7-19d6"
Expires: Thu, 01 Dec 2022 23:16:00 GMT
Cache-Control: max-age=7200
Content-Encoding: gzip
prenblog.com/promi/pt/pre2/js/translater.js
212.224.121.236200 OK 3.6 kB URL HTTP/1.1 prenblog.com/promi/pt/pre2/js/translater.js
IP 212.224.121.236:0
ASN #44066 diva-e Datacenters GmbH
File type Unicode text, UTF-8 text, with very long lines (375), with CRLF line terminators
Hash 0b2a88aad24b1bc7cc622eb9522f0bc4
32cf7a4f4b28d432ee4f21e7a587a037e616787b
2b6333caf120978786645b1bbe871059a6bb449214201543b358c79696d011e0
Analyzer Verdict Alert fortinet Phishing
GET /promi/pt/pre2/js/translater.js HTTP/1.1
Host: prenblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prenblog.com/promi/pt/pre2/?TID=63891986005B7A1B0504075F&host=mandarv.com
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 21:16:00 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 14 Jul 2020 09:30:40 GMT
ETag: W/"5f0d7b40-1e09"
Expires: Mon, 30 Jan 2023 21:16:00 GMT
Cache-Control: max-age=5184000, public
X-Static-Region: DE
Content-Encoding: gzip
prenblog.com/cdn/js/jquery.js
212.224.121.236200 OK 39 kB URL HTTP/1.1 prenblog.com/cdn/js/jquery.js
IP 212.224.121.236:0
ASN #44066 diva-e Datacenters GmbH
File type ASCII text, with very long lines (65483)
Hash 6b4043a36de9e477727d6997af4e871b
9d38d31969173f681a48bf36c29dc4a6c778a4f7
473ed819d4fe77bf5285600ddf59084aceb71007fd371afe1e3130a8113c5cdd
Analyzer Verdict Alert fortinet Phishing
GET /cdn/js/jquery.js HTTP/1.1
Host: prenblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prenblog.com/promi/pt/pre2/?TID=63891986005B7A1B0504075F&host=mandarv.com
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 21:16:00 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 08 Sep 2015 14:12:04 GMT
ETag: W/"55eeecb4-16dc4"
Expires: Thu, 01 Dec 2022 23:16:00 GMT
Cache-Control: max-age=7200
Content-Encoding: gzip
prenblog.com/promi/pt/pre2/img/6204.jpg
212.224.121.236200 OK 16 kB URL HTTP/1.1 prenblog.com/promi/pt/pre2/img/6204.jpg
IP 212.224.121.236:0
ASN #44066 diva-e Datacenters GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 350x350, segment length 16, progressive, precision 8, 320x187, components 3\012- data
Hash fad52f548b6ef18f102c97f6bf9e29ba
99cf7f5f154f9678c8c67aee91056edbd76b6cf6
210b44ff6d4c073aa6826fb39b78f7a2978091dd849c88720bb8ec39e4a9af46
GET /promi/pt/pre2/img/6204.jpg HTTP/1.1
Host: prenblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prenblog.com/promi/pt/pre2/?TID=63891986005B7A1B0504075F&host=mandarv.com
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 21:16:00 GMT
Content-Type: image/jpeg
Content-Length: 16442
Connection: keep-alive
Last-Modified: Tue, 25 Jun 2019 09:52:52 GMT
ETag: "5d11eef4-403a"
Expires: Mon, 30 Jan 2023 21:16:00 GMT
Cache-Control: max-age=5184000, public
X-Static-Region: DE
Accept-Ranges: bytes
prenblog.com/promi/pt/pre2/img/img1.jpg
212.224.121.236200 OK 36 kB URL HTTP/1.1 prenblog.com/promi/pt/pre2/img/img1.jpg
IP 212.224.121.236:0
ASN #44066 diva-e Datacenters GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 770x508, components 3\012- data
Hash d840c5f4cb43ca442fd8ff0c3c0a5e08
a98cfb46b14e83faedf0cc992ce2761deb5872ce
1a3cc856963f6814d4a1d84c243800e8b323a20583478d2f67d87e4a8b48d7e9
GET /promi/pt/pre2/img/img1.jpg HTTP/1.1
Host: prenblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prenblog.com/promi/pt/pre2/?TID=63891986005B7A1B0504075F&host=mandarv.com
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 21:16:00 GMT
Content-Type: image/jpeg
Content-Length: 36260
Connection: keep-alive
Last-Modified: Fri, 03 Jul 2020 13:03:20 GMT
ETag: "5eff2c98-8da4"
Expires: Mon, 30 Jan 2023 21:16:00 GMT
Cache-Control: max-age=5184000, public
X-Static-Region: DE
Accept-Ranges: bytes
prenblog.com/promi/pt/pre2/img/6364.jpg
212.224.121.236200 OK 34 kB URL HTTP/1.1 prenblog.com/promi/pt/pre2/img/6364.jpg
IP 212.224.121.236:0
ASN #44066 diva-e Datacenters GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 610x344, components 3\012- data
Hash 192c353f251bc4665a7d80fef64eca31
8e5298d84dd30c7f88c65c92444c8b6e30141263
afad0a68df3b3e8ffd51475e4cfc7071e9e834eb211209caf575f6c88cb575c4
GET /promi/pt/pre2/img/6364.jpg HTTP/1.1
Host: prenblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prenblog.com/promi/pt/pre2/?TID=63891986005B7A1B0504075F&host=mandarv.com
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 21:16:00 GMT
Content-Type: image/jpeg
Content-Length: 33478
Connection: keep-alive
Last-Modified: Mon, 26 Aug 2019 14:56:34 GMT
ETag: "5d63f322-82c6"
Expires: Mon, 30 Jan 2023 21:16:00 GMT
Cache-Control: max-age=5184000, public
X-Static-Region: DE
Accept-Ranges: bytes
prenblog.com/promi/pt/pre2/img/6486.jpg
212.224.121.236200 OK 46 kB URL HTTP/1.1 prenblog.com/promi/pt/pre2/img/6486.jpg
IP 212.224.121.236:0
ASN #44066 diva-e Datacenters GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, progressive, precision 8, 320x187, components 3\012- data
Hash e077f3dc3c2bc4a24023e9f2a68c1a22
ff297776bc5a0f417a9f97fb4cbe0b9b51935bbb
c2aada9e227adf8aadf3eb72a883e5bceb277d4df3b2f367b71874372392a01f
GET /promi/pt/pre2/img/6486.jpg HTTP/1.1
Host: prenblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prenblog.com/promi/pt/pre2/?TID=63891986005B7A1B0504075F&host=mandarv.com
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 21:16:00 GMT
Content-Type: image/jpeg
Content-Length: 45800
Connection: keep-alive
Last-Modified: Tue, 25 Jun 2019 09:52:52 GMT
ETag: "5d11eef4-b2e8"
Expires: Mon, 30 Jan 2023 21:16:00 GMT
Cache-Control: max-age=5184000, public
X-Static-Region: DE
Accept-Ranges: bytes
prenblog.com/promi/pt/pre2/img/1.jpg
212.224.121.236200 OK 16 kB URL HTTP/1.1 prenblog.com/promi/pt/pre2/img/1.jpg
IP 212.224.121.236:0
ASN #44066 diva-e Datacenters GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x199, components 3\012- data
Hash 2481a29566e356f95703b61f4dacee24
bbdd62796bf35b5b0bd71c4832fd88ebb2cbcff9
97280047c53190cb8d23ed646ecd946c9ba0f7104293f3ba39950cc03378ff5a
GET /promi/pt/pre2/img/1.jpg HTTP/1.1
Host: prenblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prenblog.com/promi/pt/pre2/?TID=63891986005B7A1B0504075F&host=mandarv.com
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 21:16:01 GMT
Content-Type: image/jpeg
Content-Length: 15696
Connection: keep-alive
Last-Modified: Fri, 03 Jul 2020 13:20:30 GMT
ETag: "5eff309e-3d50"
Expires: Mon, 30 Jan 2023 21:16:00 GMT
Cache-Control: max-age=5184000, public
X-Static-Region: DE
Accept-Ranges: bytes
prenblog.com/promi/pt/pre2/img/6.jpg
212.224.121.236200 OK 15 kB URL HTTP/1.1 prenblog.com/promi/pt/pre2/img/6.jpg
IP 212.224.121.236:0
ASN #44066 diva-e Datacenters GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3\012- data
Hash f32f81f96cd8a1d40e3e339140260c45
40ad5885b31de4448aadd82f8a6ce8548b557d4a
0ff2cd0a5522afe16ac0146ec8124a887ee3fba67f89e46453eb3fa79b071028
GET /promi/pt/pre2/img/6.jpg HTTP/1.1
Host: prenblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prenblog.com/promi/pt/pre2/?TID=63891986005B7A1B0504075F&host=mandarv.com
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 21:16:01 GMT
Content-Type: image/jpeg
Content-Length: 14804
Connection: keep-alive
Last-Modified: Fri, 03 Jul 2020 13:19:48 GMT
ETag: "5eff3074-39d4"
Expires: Mon, 30 Jan 2023 21:16:00 GMT
Cache-Control: max-age=5184000, public
X-Static-Region: DE
Accept-Ranges: bytes
prenblog.com/promi/pt/pre2/img/img4.jpg
212.224.121.236200 OK 117 kB URL HTTP/1.1 prenblog.com/promi/pt/pre2/img/img4.jpg
IP 212.224.121.236:0
ASN #44066 diva-e Datacenters GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=10, manufacturer=Hasselblad, model=Hasselblad H4D-40, orientation=upper-left, xresolution=164, yresolution=172, resolutionunit=2, software=Adobe Photoshop CS5 Windows, datetime=2014:12:11 18:25:26], baseline, precision 8, 1148x861, components 3\012- data
Size 117 kB (116821 bytes)
Hash c903f728a6823175550d3a58be40bb49
4d1534fad1fec063a3f0621156f075f811b6df80
92da9644540bd617d2ff9cf9b1e3956dc1bc45a65a2e4945dc5d582bec26198a
GET /promi/pt/pre2/img/img4.jpg HTTP/1.1
Host: prenblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prenblog.com/promi/pt/pre2/?TID=63891986005B7A1B0504075F&host=mandarv.com
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 21:16:00 GMT
Content-Type: image/jpeg
Content-Length: 116821
Connection: keep-alive
Last-Modified: Fri, 03 Jul 2020 13:06:26 GMT
ETag: "5eff2d52-1c855"
Expires: Mon, 30 Jan 2023 21:16:00 GMT
Cache-Control: max-age=5184000, public
X-Static-Region: DE
Accept-Ranges: bytes
prenblog.com/promi/pt/pre2/img/img3.jpg
212.224.121.236200 OK 156 kB URL HTTP/1.1 prenblog.com/promi/pt/pre2/img/img3.jpg
IP 212.224.121.236:0
ASN #44066 diva-e Datacenters GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 1600x1200, components 3\012- data
Size 156 kB (156340 bytes)
Hash cc39aec1c76e777f5aec4ebde9d54bf9
b9f699f0922031e1447c4acbf2b542a5381a24f3
dc4729c574c0168f9b1708de82a0fdb1bd6b8c96f4f22bfa3d0a3edd9fb4360c
GET /promi/pt/pre2/img/img3.jpg HTTP/1.1
Host: prenblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prenblog.com/promi/pt/pre2/?TID=63891986005B7A1B0504075F&host=mandarv.com
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 21:16:00 GMT
Content-Type: image/jpeg
Content-Length: 156340
Connection: keep-alive
Last-Modified: Fri, 03 Jul 2020 13:05:22 GMT
ETag: "5eff2d12-262b4"
Expires: Mon, 30 Jan 2023 21:16:00 GMT
Cache-Control: max-age=5184000, public
X-Static-Region: DE
Accept-Ranges: bytes
prenblog.com/promi/pt/pre2/img/85157356.png
212.224.121.236200 OK 14 kB URL HTTP/1.1 prenblog.com/promi/pt/pre2/img/85157356.png
IP 212.224.121.236:0
ASN #44066 diva-e Datacenters GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 150x150, segment length 16, progressive, precision 8, 370x370, components 3\012- data
Hash f814547ab1b4e50672857d241642e4cf
e1d10d8a1892f85905bb4d65834f9548ccba44c6
07063bc7ac8b1c00ca232294e78f3d3126bba4fc4fa9e63fa3c643025b989715
GET /promi/pt/pre2/img/85157356.png HTTP/1.1
Host: prenblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prenblog.com/promi/pt/pre2/?TID=63891986005B7A1B0504075F&host=mandarv.com
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 21:16:01 GMT
Content-Type: image/png
Content-Length: 13709
Connection: keep-alive
Last-Modified: Fri, 03 Jul 2020 12:59:51 GMT
ETag: "5eff2bc7-358d"
Expires: Mon, 30 Jan 2023 21:16:00 GMT
Cache-Control: max-age=5184000, public
X-Static-Region: DE
Accept-Ranges: bytes
prenblog.com/promi/pt/pre2/img/4909.jpg
212.224.121.236200 OK 61 kB URL HTTP/1.1 prenblog.com/promi/pt/pre2/img/4909.jpg
IP 212.224.121.236:0
ASN #44066 diva-e Datacenters GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x187, components 3\012- data
Hash ec35cb32125e48bf4ed4a8d073b1eb6a
e50ee060a517d04d66dd2f2676d17618c85d95a2
029771f4cab1a32f46c01a9e1a88f563d24a338a1d3f617eaf7d8cedbff4da02
GET /promi/pt/pre2/img/4909.jpg HTTP/1.1
Host: prenblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prenblog.com/promi/pt/pre2/?TID=63891986005B7A1B0504075F&host=mandarv.com
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 21:16:01 GMT
Content-Type: image/jpeg
Content-Length: 60618
Connection: keep-alive
Last-Modified: Wed, 26 Jun 2019 09:51:48 GMT
ETag: "5d134034-ecca"
Expires: Mon, 30 Jan 2023 21:16:00 GMT
Cache-Control: max-age=5184000, public
X-Static-Region: DE
Accept-Ranges: bytes
prenblog.com/promi/pt/pre2/img/2.jpg
212.224.121.236200 OK 7.6 kB URL HTTP/1.1 prenblog.com/promi/pt/pre2/img/2.jpg
IP 212.224.121.236:0
ASN #44066 diva-e Datacenters GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3\012- data
Hash 46863ff58bf28cef0276bd04fbe57b5b
bb454f8c1897f8ba613b80f69ca71c632a847fad
5820a7ff8ed3c6a2fe129c1c2d8ab556801a5cb608b4a98916c0a87d83599ca7
GET /promi/pt/pre2/img/2.jpg HTTP/1.1
Host: prenblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prenblog.com/promi/pt/pre2/?TID=63891986005B7A1B0504075F&host=mandarv.com
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 21:16:01 GMT
Content-Type: image/jpeg
Content-Length: 7585
Connection: keep-alive
Last-Modified: Fri, 03 Jul 2020 13:21:01 GMT
ETag: "5eff30bd-1da1"
Expires: Mon, 30 Jan 2023 21:16:00 GMT
Cache-Control: max-age=5184000, public
X-Static-Region: DE
Accept-Ranges: bytes
prenblog.com/promi/pt/pre2/img/img2.jpg
212.224.121.236200 OK 107 kB URL HTTP/1.1 prenblog.com/promi/pt/pre2/img/img2.jpg
IP 212.224.121.236:0
ASN #44066 diva-e Datacenters GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 75", baseline, precision 8, 1024x679, components 3\012- data
Size 107 kB (106937 bytes)
Hash 079e492169ae0f2add7ef56ea3691611
ccf9ce4f9a37db19bce3a3be48562e31f1507302
7a77e99504e475cbaf154c24f7340d1aa440a23385167cd777eac8cd5aa8794c
GET /promi/pt/pre2/img/img2.jpg HTTP/1.1
Host: prenblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prenblog.com/promi/pt/pre2/?TID=63891986005B7A1B0504075F&host=mandarv.com
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 21:16:01 GMT
Content-Type: image/jpeg
Content-Length: 106937
Connection: keep-alive
Last-Modified: Fri, 03 Jul 2020 13:04:39 GMT
ETag: "5eff2ce7-1a1b9"
Expires: Mon, 30 Jan 2023 21:16:00 GMT
Cache-Control: max-age=5184000, public
X-Static-Region: DE
Accept-Ranges: bytes
prenblog.com/promi/pt/pre2/img/8.jpg
212.224.121.236200 OK 22 kB URL HTTP/1.1 prenblog.com/promi/pt/pre2/img/8.jpg
IP 212.224.121.236:0
ASN #44066 diva-e Datacenters GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x224, components 3\012- data
Hash 6f0a904bc461538bb28b1d016cb2083b
b725b730a59c088a6cbf52271bbd70def54b6367
16d0d316c2f5a2b6116fcb43e80d313f93c5ed42f8d7cba496745574cf0501c1
GET /promi/pt/pre2/img/8.jpg HTTP/1.1
Host: prenblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prenblog.com/promi/pt/pre2/?TID=63891986005B7A1B0504075F&host=mandarv.com
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 21:16:01 GMT
Content-Type: image/jpeg
Content-Length: 21709
Connection: keep-alive
Last-Modified: Fri, 03 Jul 2020 13:21:31 GMT
ETag: "5eff30db-54cd"
Expires: Mon, 30 Jan 2023 21:16:00 GMT
Cache-Control: max-age=5184000, public
X-Static-Region: DE
Accept-Ranges: bytes
prenblog.com/promi/pt/pre2/img/9.jpg
212.224.121.236200 OK 12 kB URL HTTP/1.1 prenblog.com/promi/pt/pre2/img/9.jpg
IP 212.224.121.236:0
ASN #44066 diva-e Datacenters GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3\012- data
Hash 7f1f6e5886cdcd77df846e663feee861
dbb138f89bf241c470e9c143dd0fd2b4a43d5896
9e4dcc71d45545587760e9a21b5c3ea6c88bec38beec69bcbb2e4443ffaf52fb
GET /promi/pt/pre2/img/9.jpg HTTP/1.1
Host: prenblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prenblog.com/promi/pt/pre2/?TID=63891986005B7A1B0504075F&host=mandarv.com
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 21:16:01 GMT
Content-Type: image/jpeg
Content-Length: 12309
Connection: keep-alive
Last-Modified: Fri, 03 Jul 2020 13:22:00 GMT
ETag: "5eff30f8-3015"
Expires: Mon, 30 Jan 2023 21:16:00 GMT
Cache-Control: max-age=5184000, public
X-Static-Region: DE
Accept-Ranges: bytes
prenblog.com/promi/pt/pre2/fonts/ProximaNova-Regular.woff
212.224.121.236200 OK 52 kB URL HTTP/1.1 prenblog.com/promi/pt/pre2/fonts/ProximaNova-Regular.woff
IP 212.224.121.236:0
ASN #44066 diva-e Datacenters GmbH
File type Web Open Font Format, TrueType, length 52396, version 2.3\012- data
Hash 2d2ae2556b24a45ff8d5ed86b07b5783
0822c310a60c575dc88a74a53df20b46c8c97bd4
81c6d1a13227777d009f275f5ecb80bd6c780d2843b9b18fe2809ff9822a2066
Analyzer Verdict Alert fortinet Phishing
GET /promi/pt/pre2/fonts/ProximaNova-Regular.woff HTTP/1.1
Host: prenblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://prenblog.com/promi/pt/pre2/style.css
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 21:16:01 GMT
Content-Type: font/woff
Content-Length: 52396
Connection: keep-alive
Last-Modified: Tue, 25 Jun 2019 11:38:30 GMT
ETag: "5d1207b6-ccac"
Expires: Mon, 30 Jan 2023 21:16:00 GMT
Cache-Control: max-age=5184000, public
X-Static-Region: DE
Accept-Ranges: bytes
prenblog.com/promi/pt/pre2/fonts/PTSerif-Regular.woff
212.224.121.236200 OK 102 kB URL HTTP/1.1 prenblog.com/promi/pt/pre2/fonts/PTSerif-Regular.woff
IP 212.224.121.236:0
ASN #44066 diva-e Datacenters GmbH
File type Web Open Font Format, TrueType, length 101472, version 0.0\012- data
Size 102 kB (101472 bytes)
Hash 558ff41036614be80fbecae3486b76c7
99a4dd4ecb5fcee23f17ec824bd8dbe9e4ffa83d
658fffcd020e99654f24122f476366b2b945cfa2838845b7259c2fee3e6aeea8
Analyzer Verdict Alert fortinet Phishing
GET /promi/pt/pre2/fonts/PTSerif-Regular.woff HTTP/1.1
Host: prenblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://prenblog.com/promi/pt/pre2/style.css
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 21:16:01 GMT
Content-Type: font/woff
Content-Length: 101472
Connection: keep-alive
Last-Modified: Wed, 27 May 2020 10:57:59 GMT
ETag: "5ece47b7-18c60"
Expires: Mon, 30 Jan 2023 21:16:00 GMT
Cache-Control: max-age=5184000, public
X-Static-Region: DE
Accept-Ranges: bytes
prenblog.com/promi/pt/pre2/img/logo.svg
212.224.121.236200 OK 1.4 kB URL HTTP/1.1 prenblog.com/promi/pt/pre2/img/logo.svg
IP 212.224.121.236:0
ASN #44066 diva-e Datacenters GmbH
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (324), with CRLF line terminators
Hash 3d07794ea2fca4b5f9442f05c19eca31
fff883970e5dd0df24be26a3fb73c591b2c65f42
092066b3ac8a3f7620984f86c4241d0097d253780b8b7523765cc9ab79110e3e
Analyzer Verdict Alert fortinet Phishing
GET /promi/pt/pre2/img/logo.svg HTTP/1.1
Host: prenblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prenblog.com/promi/pt/pre2/style.css
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 21:16:01 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 25 Jun 2019 12:26:50 GMT
ETag: W/"5d12130a-c08"
Expires: Mon, 30 Jan 2023 21:16:00 GMT
Cache-Control: max-age=5184000, public
X-Static-Region: DE
Content-Encoding: gzip
prenblog.com/promi/pt/pre2/img/userinfo_v8.svg
212.224.121.236200 OK 565 B URL HTTP/1.1 prenblog.com/promi/pt/pre2/img/userinfo_v8.svg
IP 212.224.121.236:0
ASN #44066 diva-e Datacenters GmbH
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1304), with no line terminators
Hash dea232427c47e6da506175a84647650d
d9976d75f55db0f952c4a4443b665d48228c1517
203054b38e4bc95ed33f73580dbf9b8af808997dfe61f896b85e6fc627aafd08
Analyzer Verdict Alert fortinet Phishing
GET /promi/pt/pre2/img/userinfo_v8.svg HTTP/1.1
Host: prenblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prenblog.com/promi/pt/pre2/?TID=63891986005B7A1B0504075F&host=mandarv.com
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 21:16:01 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 25 Jun 2019 09:52:52 GMT
ETag: W/"5d11eef4-518"
Expires: Mon, 30 Jan 2023 21:16:00 GMT
Cache-Control: max-age=5184000, public
X-Static-Region: DE
Content-Encoding: gzip
prenblog.com/promi/pt/pre2/img/fire.svg
212.224.121.236200 OK 12 kB URL HTTP/1.1 prenblog.com/promi/pt/pre2/img/fire.svg
IP 212.224.121.236:0
ASN #44066 diva-e Datacenters GmbH
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (16010)
Hash 6e99e65c7fc37dc4a2d6c5608fa8188a
e3b24dec40fd4821f805f27e95ee63f85229ff4f
245f7d726009c58a8da4c65d0b93cc398eac918f5af5e1f5a4c548401e125815
Analyzer Verdict Alert fortinet Phishing
GET /promi/pt/pre2/img/fire.svg HTTP/1.1
Host: prenblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prenblog.com/promi/pt/pre2/style.css
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 21:16:01 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 25 Jun 2019 12:24:30 GMT
ETag: W/"5d12127e-3f13"
Expires: Mon, 30 Jan 2023 21:16:00 GMT
Cache-Control: max-age=5184000, public
X-Static-Region: DE
Content-Encoding: gzip
prenblog.com/promi/pt/pre2/img/thumbs-up.svg
212.224.121.236200 OK 11 kB URL HTTP/1.1 prenblog.com/promi/pt/pre2/img/thumbs-up.svg
IP 212.224.121.236:0
ASN #44066 diva-e Datacenters GmbH
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (14726)
Hash 36237b0b329f77a46db11688b5372127
b26ebdb94b57df0403dd983c843e2bc8b34a33ee
18fecb534c6169623f41902fd514be1dfb727520d87db0db9bfd232aa8fadad2
Analyzer Verdict Alert fortinet Phishing
GET /promi/pt/pre2/img/thumbs-up.svg HTTP/1.1
Host: prenblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prenblog.com/promi/pt/pre2/style.css
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 21:16:01 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 25 Jun 2019 12:34:52 GMT
ETag: W/"5d1214ec-3a0f"
Expires: Mon, 30 Jan 2023 21:16:00 GMT
Cache-Control: max-age=5184000, public
X-Static-Region: DE
Content-Encoding: gzip
prenblog.com/promi/pt/pre2/img/16.jpg
212.224.121.236200 OK 16 kB URL HTTP/1.1 prenblog.com/promi/pt/pre2/img/16.jpg
IP 212.224.121.236:0
ASN #44066 diva-e Datacenters GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x201, components 3\012- data
Hash 610f43f1f7383fccbddfd51067fc7282
e2be6048e0d1e6174d5c0b712aa2355f1f225c41
717486a8cd8f4771713c3ac3e893a78176eb1203cf2d2d2d5508744877a7fc80
GET /promi/pt/pre2/img/16.jpg HTTP/1.1
Host: prenblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prenblog.com/promi/pt/pre2/?TID=63891986005B7A1B0504075F&host=mandarv.com
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 21:16:01 GMT
Content-Type: image/jpeg
Content-Length: 15880
Connection: keep-alive
Last-Modified: Fri, 03 Jul 2020 13:22:36 GMT
ETag: "5eff311c-3e08"
Expires: Mon, 30 Jan 2023 21:16:00 GMT
Cache-Control: max-age=5184000, public
X-Static-Region: DE
Accept-Ranges: bytes
prenblog.com/promi/pt/pre2/img/17.jpg
212.224.121.236200 OK 11 kB URL HTTP/1.1 prenblog.com/promi/pt/pre2/img/17.jpg
IP 212.224.121.236:0
ASN #44066 diva-e Datacenters GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3\012- data
Hash de5d3ae9ddcfe17a8aad06e465c6a7e0
4c63d616b17eeb8d59b835e2d0f6f432edec8968
3102980fd931d129fe08d3e46b66c812378cfad3924c98b860d91e75120fa27f
GET /promi/pt/pre2/img/17.jpg HTTP/1.1
Host: prenblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prenblog.com/promi/pt/pre2/?TID=63891986005B7A1B0504075F&host=mandarv.com
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 21:16:01 GMT
Content-Type: image/jpeg
Content-Length: 10867
Connection: keep-alive
Last-Modified: Fri, 03 Jul 2020 13:23:29 GMT
ETag: "5eff3151-2a73"
Expires: Mon, 30 Jan 2023 21:16:00 GMT
Cache-Control: max-age=5184000, public
X-Static-Region: DE
Accept-Ranges: bytes
prenblog.com/promi/pt/pre2/img/7.jpg
212.224.121.236200 OK 21 kB URL HTTP/1.1 prenblog.com/promi/pt/pre2/img/7.jpg
IP 212.224.121.236:0
ASN #44066 diva-e Datacenters GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3\012- data
Hash 2a735c4487adefb928807902f973c7c8
1201b363e06bda375f4466cb3d3e4d08234b2858
2da408ebf0c27ce8e2accb7ff3608cb9a879ebc5403923de01e312d293e01baa
GET /promi/pt/pre2/img/7.jpg HTTP/1.1
Host: prenblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prenblog.com/promi/pt/pre2/?TID=63891986005B7A1B0504075F&host=mandarv.com
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 21:16:01 GMT
Content-Type: image/jpeg
Content-Length: 20783
Connection: keep-alive
Last-Modified: Fri, 03 Jul 2020 13:23:04 GMT
ETag: "5eff3138-512f"
Expires: Mon, 30 Jan 2023 21:16:00 GMT
Cache-Control: max-age=5184000, public
X-Static-Region: DE
Accept-Ranges: bytes
prenblog.com/promi/pt/pre2/img/18.jpg
212.224.121.236200 OK 9.4 kB URL HTTP/1.1 prenblog.com/promi/pt/pre2/img/18.jpg
IP 212.224.121.236:0
ASN #44066 diva-e Datacenters GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3\012- data
Hash e1c781bb8101501547f19d5f9d0a923c
95700169391b7be0eb114d65f6d85eb4cbe0a430
b3cc45d7be8a8fee73b9d8f3d6edc907c336355c53738a52297384d1380158f7
GET /promi/pt/pre2/img/18.jpg HTTP/1.1
Host: prenblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prenblog.com/promi/pt/pre2/?TID=63891986005B7A1B0504075F&host=mandarv.com
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 21:16:01 GMT
Content-Type: image/jpeg
Content-Length: 9448
Connection: keep-alive
Last-Modified: Fri, 03 Jul 2020 13:23:55 GMT
ETag: "5eff316b-24e8"
Expires: Mon, 30 Jan 2023 21:16:00 GMT
Cache-Control: max-age=5184000, public
X-Static-Region: DE
Accept-Ranges: bytes
prenblog.com/promi/pt/pre2/img/13.jpg
212.224.121.236200 OK 15 kB URL HTTP/1.1 prenblog.com/promi/pt/pre2/img/13.jpg
IP 212.224.121.236:0
ASN #44066 diva-e Datacenters GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x199, components 3\012- data
Hash 19988e83ceb63867454163a72dedd8c6
81eddc9859a70f21a5022f668b252a727e609ae6
44b00538484df4e33daa1020e31a924bfa1753628c619d280a41b36d6adf0f2b
GET /promi/pt/pre2/img/13.jpg HTTP/1.1
Host: prenblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prenblog.com/promi/pt/pre2/?TID=63891986005B7A1B0504075F&host=mandarv.com
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 21:16:01 GMT
Content-Type: image/jpeg
Content-Length: 15031
Connection: keep-alive
Last-Modified: Fri, 03 Jul 2020 13:24:18 GMT
ETag: "5eff3182-3ab7"
Expires: Mon, 30 Jan 2023 21:16:00 GMT
Cache-Control: max-age=5184000, public
X-Static-Region: DE
Accept-Ranges: bytes
mandarv.com/layer-data?callback=App.jsonCallback&v=2&page=prenblog.com%2Fpromi%2Fpt%2Fpre2&iframe=false&callback=App.jsonCallback&TID=63891986005B7A1B0504075F&_=1669929359497
5.187.3.40200 OK 981 B URL HTTP/1.1 mandarv.com/layer-data?callback=App.jsonCallback&v=2&page=prenblog.com%2Fpromi%2Fpt%2Fpre2&iframe=false&callback=App.jsonCallback&TID=63891986005B7A1B0504075F&_=1669929359497
IP 5.187.3.40:0
ASN #44066 diva-e Datacenters GmbH
File type Unicode text, UTF-8 text, with very long lines (975)
Hash 64d3b7c301954ca45e0d5eb63d3d329d
b87f0c8703f37c1dd44dad9713dec0cf2057df27
3fb44cdfb19b0658173c8034d84e0275a7223143b84dbc1a765205dcd8daffbf
GET /layer-data?callback=App.jsonCallback&v=2&page=prenblog.com%2Fpromi%2Fpt%2Fpre2&iframe=false&callback=App.jsonCallback&TID=63891986005B7A1B0504075F&_=1669929359497 HTTP/1.1
Host: mandarv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prenblog.com/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 21:16:01 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
prenblog.com/cdn/js/comebacker/comebacker.js
212.224.121.236200 OK 2.2 kB URL HTTP/1.1 prenblog.com/cdn/js/comebacker/comebacker.js
IP 212.224.121.236:0
ASN #44066 diva-e Datacenters GmbH
File type Unicode text, UTF-8 text, with very long lines (304)
Hash 26d70e58838a0b7541533cce6de32f62
fa938b86233a32b6a6ac299a3492ef6e70893cd3
870ce8acce0724020d6af5027801534869d16a305563add762194a3c081c833c
Analyzer Verdict Alert fortinet Phishing
GET /cdn/js/comebacker/comebacker.js HTTP/1.1
Host: prenblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prenblog.com/promi/pt/pre2/?TID=63891986005B7A1B0504075F&host=mandarv.com
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 21:16:01 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 21 Oct 2016 10:53:22 GMT
ETag: W/"5809f3a2-164f"
Expires: Thu, 01 Dec 2022 23:16:01 GMT
Cache-Control: max-age=7200
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 01 Dec 2022 21:08:56 GMT
cache-control: public,max-age=3600
age: 425
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
cdn.leadbit.com/comebacker/comebacker_all_pt.jpg
212.224.124.77200 OK 40 kB URL HTTP/1.1 cdn.leadbit.com/comebacker/comebacker_all_pt.jpg
IP 212.224.124.77:0
ASN #44066 diva-e Datacenters GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 610x180, components 3\012- data
Hash 495a348ef76c9582d2ac278fabd087a4
6eabbd052a32d6a31931abab3f98784ad18c66c0
8237d5720f98d78a182594a67061bf6032337f3cb988813dfa35b1bb0d9d87d7
GET /comebacker/comebacker_all_pt.jpg HTTP/1.1
Host: cdn.leadbit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prenblog.com/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 21:16:01 GMT
Content-Type: image/jpeg
Content-Length: 40081
Connection: keep-alive
Last-Modified: Tue, 05 Jul 2016 13:30:06 GMT
ETag: "577bb65e-9c91"
Expires: Thu, 01 Dec 2022 23:16:01 GMT
Cache-Control: max-age=7200, public
Accept-Ranges: bytes
cdn.leadbit.com/comebacker/audio/IVR-Portugal-Dry.mp3
212.224.124.77206 Partial Content 139 kB URL HTTP/1.1 cdn.leadbit.com/comebacker/audio/IVR-Portugal-Dry.mp3
IP 212.224.124.77:0
ASN #44066 diva-e Datacenters GmbH
File type Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, JntStereo\012- data
Size 139 kB (138869 bytes)
Hash 954eb06d7e1bd2e33951fcf8de780de8
1354540941b74d5dedcaf9d69579c446498691af
7a2e3b693372a755928d964461b6e0d07a217fe097327069c46b0b1283bc0c2c
GET /comebacker/audio/IVR-Portugal-Dry.mp3 HTTP/1.1
Host: cdn.leadbit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://prenblog.com/
HTTP/1.1 206 Partial Content
Server: nginx
Date: Thu, 01 Dec 2022 21:16:01 GMT
Content-Type: audio/mpeg
Content-Length: 138869
Connection: keep-alive
Last-Modified: Mon, 04 Jul 2016 15:59:02 GMT
ETag: "577a87c6-21e75"
Expires: Thu, 01 Dec 2022 23:16:01 GMT
Cache-Control: max-age=7200, public
Content-Range: bytes 0-138868/138869
prenblog.com/favicon.ico
212.224.121.236200 OK 43 B IP 212.224.121.236:0
ASN #44066 diva-e Datacenters GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /favicon.ico HTTP/1.1
Host: prenblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prenblog.com/promi/pt/pre2/?TID=63891986005B7A1B0504075F&host=mandarv.com
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 21:16:01 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Expires: Mon, 30 Jan 2023 21:16:01 GMT
Cache-Control: max-age=5184000, public
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1f88399f3fdd89dbb9ca1229cb67143a
325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3
831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2043
Cache-Control: max-age=131091
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 21:16:01 GMT
Etag: "63886ea9-1d7"
Expires: Sat, 03 Dec 2022 09:40:52 GMT
Last-Modified: Thu, 01 Dec 2022 09:06:49 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 25b6787c5113bd99d0e80452d9780b71
451248bd11d9c14c3098907750aee22a787df9df
2214277104536d532bd542f73750b032addb76dbe1a4eb93afe3ec9add3434d9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2214277104536D532BD542F73750B032ADDB76DBE1A4EB93AFE3EC9ADD3434D9"
Last-Modified: Thu, 01 Dec 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 02 Dec 2022 03:16:01 GMT
Date: Thu, 01 Dec 2022 21:16:01 GMT
Connection: keep-alive
pt.promiv.com/?TID=63891986005B7A1B0504075F
212.224.118.124302 Found 142 B URL HTTP/2 pt.promiv.com/?TID=63891986005B7A1B0504075F
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /?TID=63891986005B7A1B0504075F HTTP/1.1
Host: pt.promiv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://prenblog.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 01 Dec 2022 21:16:01 GMT
content-type: text/html
content-length: 142
location: https://pt.promiv.com/?TID=63891986005B7A1B0504075F&c=no
expires: Mon, 30 Jan 2023 21:16:01 GMT
cache-control: max-age=5184000, public
x-static-region: DE
X-Firefox-Spdy: h2
pt.promiv.com/?TID=63891986005B7A1B0504075F&c=no
212.224.118.124200 OK 11 kB URL HTTP/2 pt.promiv.com/?TID=63891986005B7A1B0504075F&c=no
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
Hash 703bafe42717ee2564bbe221c83baf08
15a632e8d6399e5365053ff4215f801273129acd
8f1a745d27db949750897e0d189128c9536437ff0f39b5333dc7003c32a92c10
GET /?TID=63891986005B7A1B0504075F&c=no HTTP/1.1
Host: pt.promiv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://prenblog.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 21:16:01 GMT
content-type: text/html; charset=utf-8
last-modified: Wed, 02 Nov 2022 08:25:35 GMT
etag: W/"6362297f-bdb5"
expires: Mon, 30 Jan 2023 21:16:01 GMT
cache-control: max-age=5184000, public
x-static-region: DE
content-encoding: gzip
X-Firefox-Spdy: h2
pt.promiv.com/index_files/sect1-bg-240.png
212.224.118.124200 OK 98 kB URL HTTP/2 pt.promiv.com/index_files/sect1-bg-240.png
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
File type PNG image data, 481 x 812, 8-bit colormap, non-interlaced\012- data
Hash d38588b17b37fdf9e34a90b299f58162
5dfeb9b3fcb3a453189115a7236f922ef7ad4ab8
5cbe93ad375047772d7dca19aa5e7a706e264015a174188df70f2b7ad1fd660d
GET /index_files/sect1-bg-240.png HTTP/1.1
Host: pt.promiv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.promiv.com/css/style.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 21:16:01 GMT
content-type: image/png
content-length: 97662
last-modified: Wed, 27 Jul 2016 14:04:22 GMT
etag: "5798bf66-17d7e"
expires: Mon, 30 Jan 2023 21:16:01 GMT
cache-control: max-age=5184000, public
x-static-region: DE
accept-ranges: bytes
X-Firefox-Spdy: h2
pt.promiv.com/cdn/js/ld.js
212.224.118.124200 OK 10 kB URL HTTP/2 pt.promiv.com/cdn/js/ld.js
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
Hash d5b71d963d28b6097499d67f180920fb
9aa420c4194a64d6bd2047c386ca0a3056d4edb2
c89758e25fcdef7e4592cc5bf1d552aa49caeccae19dbcfad1c78726be6a077b
GET /cdn/js/ld.js HTTP/1.1
Host: pt.promiv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.promiv.com/?TID=63891986005B7A1B0504075F&c=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 21:16:01 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 20 Jul 2022 10:13:37 GMT
etag: W/"62d7d551-6ca9"
expires: Thu, 01 Dec 2022 23:16:01 GMT
cache-control: max-age=7200
content-encoding: gzip
X-Firefox-Spdy: h2
pt.promiv.com/index_files/do-galka-240.png
212.224.118.124200 OK 1.1 kB URL HTTP/2 pt.promiv.com/index_files/do-galka-240.png
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
File type PNG image data, 17 x 17, 8-bit/color RGBA, non-interlaced\012- data
Hash 36332d925658acdfe35b1a08a6973515
4f8ad0f38b92e69daba908539ec4d0eb90b7601d
4a41a539f88f0a23f4b989a2d3fb609f1b6f62a8faaa16dfcba837cd23b777e5
GET /index_files/do-galka-240.png HTTP/1.1
Host: pt.promiv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.promiv.com/css/style.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 21:16:01 GMT
content-type: image/png
content-length: 1148
last-modified: Wed, 27 Jul 2016 14:04:48 GMT
etag: "5798bf80-47c"
expires: Mon, 30 Jan 2023 21:16:01 GMT
cache-control: max-age=5184000, public
x-static-region: DE
accept-ranges: bytes
X-Firefox-Spdy: h2
pt.promiv.com/index_files/sale-bg-240.png
212.224.118.124200 OK 512 B URL HTTP/2 pt.promiv.com/index_files/sale-bg-240.png
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
File type PNG image data, 89 x 89, 8-bit colormap, non-interlaced\012- data
Hash c1ff70dbfd0b5e390912bbfaafa319c9
08af5d67e8be54618be80265faabf5239ef2f9ce
159210f84e43ea3ec1d87027d94c6fa93f3e4c07a0d2436b096820a4ec8d9cbe
GET /index_files/sale-bg-240.png HTTP/1.1
Host: pt.promiv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.promiv.com/css/style.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 21:16:01 GMT
content-type: image/png
content-length: 512
last-modified: Wed, 27 Jul 2016 14:05:06 GMT
etag: "5798bf92-200"
expires: Mon, 30 Jan 2023 21:16:01 GMT
cache-control: max-age=5184000, public
x-static-region: DE
accept-ranges: bytes
X-Firefox-Spdy: h2
pt.promiv.com/index_files/protect.png
212.224.118.124200 OK 3.6 kB URL HTTP/2 pt.promiv.com/index_files/protect.png
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
File type PNG image data, 73 x 22, 8-bit/color RGBA, non-interlaced\012- data
Hash 4f867519ded2a9aeb8a09f7d6edfe995
1ac6d4a66f81d7f159604be0daf2c6c3be5ae5d1
5b6e4228c343ca121533e7adced0fed58ae2831060ef592cc5d9dab0e4f425a5
GET /index_files/protect.png HTTP/1.1
Host: pt.promiv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.promiv.com/css/style.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 21:16:01 GMT
content-type: image/png
content-length: 3579
last-modified: Wed, 27 Jul 2016 13:53:40 GMT
etag: "5798bce4-dfb"
expires: Mon, 30 Jan 2023 21:16:01 GMT
cache-control: max-age=5184000, public
x-static-region: DE
accept-ranges: bytes
X-Firefox-Spdy: h2
pt.promiv.com/index_files/sect2-bg-240.jpg
212.224.118.124200 OK 6.1 kB URL HTTP/2 pt.promiv.com/index_files/sect2-bg-240.jpg
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 481x316, components 3\012- data
Hash ce90c9964dc6de10c062e6fe88a811d8
4cf96bbd2ed637ad7fdffad9a09c8c123f4da685
110a1172ac92237800ed4aad0430e7883f525fd603c482df371b8219d7eff28a
GET /index_files/sect2-bg-240.jpg HTTP/1.1
Host: pt.promiv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.promiv.com/css/style.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 21:16:01 GMT
content-type: image/jpeg
content-length: 6053
last-modified: Wed, 27 Jul 2016 14:05:26 GMT
etag: "5798bfa6-17a5"
expires: Mon, 30 Jan 2023 21:16:01 GMT
cache-control: max-age=5184000, public
x-static-region: DE
accept-ranges: bytes
X-Firefox-Spdy: h2
pt.promiv.com/index_files/symptom-bg.png
212.224.118.124200 OK 1.2 kB URL HTTP/2 pt.promiv.com/index_files/symptom-bg.png
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
File type PNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced\012- data
Hash 3ba13618101bbf2e756f07de01f079c9
6c82ecfc1f06df8e40192d3cccbf74e63fa4cadc
5fb804a5a2cf66479773bc77bac2dd28aa96a2ba58247bcacb84c366c34cce42
GET /index_files/symptom-bg.png HTTP/1.1
Host: pt.promiv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.promiv.com/css/style.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 21:16:01 GMT
content-type: image/png
content-length: 1243
last-modified: Wed, 27 Jul 2016 13:52:44 GMT
etag: "5798bcac-4db"
expires: Mon, 30 Jan 2023 21:16:01 GMT
cache-control: max-age=5184000, public
x-static-region: DE
accept-ranges: bytes
X-Firefox-Spdy: h2
pt.promiv.com/index_files/built_ru_index.js
212.224.118.124200 OK 205 kB URL HTTP/2 pt.promiv.com/index_files/built_ru_index.js
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
Size 205 kB (204946 bytes)
Hash ae0000fc02d0295c9d0e57485d508c16
6a7c997d9d8fdd8c8c191a331dca43cc8fddcca7
f5345d93462c8c1fd1a6ca5a9402ea84b597d2235ba415e1ea37bd04db25904b
GET /index_files/built_ru_index.js HTTP/1.1
Host: pt.promiv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.promiv.com/?TID=63891986005B7A1B0504075F&c=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 21:16:01 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 16 Dec 2016 08:20:32 GMT
etag: W/"5853a3d0-6b803"
expires: Mon, 30 Jan 2023 21:16:01 GMT
cache-control: max-age=5184000, public
x-static-region: DE
content-encoding: gzip
X-Firefox-Spdy: h2
pt.promiv.com/cdn/js/jquery.js
212.224.118.124200 OK 40 kB URL HTTP/2 pt.promiv.com/cdn/js/jquery.js
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
Hash eed120d4317dcef3d9a435c6e0be2330
5f60fe5144fe1cff3b0590476e4c81295cd44232
2f9e0fce1dd720a4c789e0ff0beed6381e848b97a45908bb02ff8aafa0d61de0
GET /cdn/js/jquery.js HTTP/1.1
Host: pt.promiv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.promiv.com/?TID=63891986005B7A1B0504075F&c=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 21:16:01 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 08 Sep 2015 14:12:04 GMT
etag: W/"55eeecb4-16dc4"
expires: Thu, 01 Dec 2022 23:16:01 GMT
cache-control: max-age=7200
content-encoding: gzip
X-Firefox-Spdy: h2
pt.promiv.com/index_files/work-img.png
212.224.118.124200 OK 35 kB URL HTTP/2 pt.promiv.com/index_files/work-img.png
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
File type PNG image data, 600 x 137, 8-bit colormap, non-interlaced\012- data
Hash b9718d9ad746a657a7fccae5aaf7820c
523dc4188ab8bbb8354e205d02fda1beac30e0f6
84ee98c93d2043ceb2784def536a482b366aa2f3496831a34201d13225ec6b2e
GET /index_files/work-img.png HTTP/1.1
Host: pt.promiv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.promiv.com/css/style.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 21:16:01 GMT
content-type: image/png
content-length: 34690
last-modified: Wed, 27 Jul 2016 13:52:38 GMT
etag: "5798bca6-8782"
expires: Mon, 30 Jan 2023 21:16:01 GMT
cache-control: max-age=5184000, public
x-static-region: DE
accept-ranges: bytes
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.148.69.31101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.69.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: lwSc/Si6l5hX03LdIzZWpA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: jkt3a7340a0nmTIZS1c2CaxP6wE=
pt.promiv.com/index_files/sect4-bg-240.png
212.224.118.124200 OK 65 kB URL HTTP/2 pt.promiv.com/index_files/sect4-bg-240.png
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
File type PNG image data, 481 x 681, 8-bit colormap, non-interlaced\012- data
Hash 86ce28b57e0e3844e020f3a18d7fa0ed
c3c28c10abdd7cc3dfa6c387351770c24b619fa6
5bb03264a3adf75c679a8c6f8168a45a1faa9596c713d94f357d7e1ca3bdbd7a
GET /index_files/sect4-bg-240.png HTTP/1.1
Host: pt.promiv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.promiv.com/css/style.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 21:16:01 GMT
content-type: image/png
content-length: 64551
last-modified: Wed, 27 Jul 2016 14:05:46 GMT
etag: "5798bfba-fc27"
expires: Mon, 30 Jan 2023 21:16:01 GMT
cache-control: max-age=5184000, public
x-static-region: DE
accept-ranges: bytes
X-Firefox-Spdy: h2
pt.promiv.com/index_files/better-img-240.jpg
212.224.118.124200 OK 7.9 kB URL HTTP/2 pt.promiv.com/index_files/better-img-240.jpg
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 481x650, components 3\012- data
Hash 223b0bdbd8b78df96c3eb36a42ab9204
6409e139bed500fc6bcaf5be060912710710a701
04e15c2a6833d4abacd0097164eced04de6e5e02c576e6ade149cb8f70468e53
GET /index_files/better-img-240.jpg HTTP/1.1
Host: pt.promiv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.promiv.com/css/style.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 21:16:01 GMT
content-type: image/jpeg
content-length: 7874
last-modified: Wed, 27 Jul 2016 14:08:42 GMT
etag: "5798c06a-1ec2"
expires: Mon, 30 Jan 2023 21:16:01 GMT
cache-control: max-age=5184000, public
x-static-region: DE
accept-ranges: bytes
X-Firefox-Spdy: h2
pt.promiv.com/index_files/expert-img.png
212.224.118.124200 OK 36 kB URL HTTP/2 pt.promiv.com/index_files/expert-img.png
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
File type PNG image data, 292 x 399, 8-bit colormap, non-interlaced\012- data
Hash 58bb0982404d15538a7edf90353fed22
5c97d8e64f16828a23239574a30de1ab2e11f92e
8450a32a729ff49fa497c66dd4bdcb10f2e0ba1d299459eb6c487971b6232aca
GET /index_files/expert-img.png HTTP/1.1
Host: pt.promiv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.promiv.com/css/style.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 21:16:01 GMT
content-type: image/png
content-length: 35488
last-modified: Wed, 27 Jul 2016 13:53:56 GMT
etag: "5798bcf4-8aa0"
expires: Mon, 30 Jan 2023 21:16:01 GMT
cache-control: max-age=5184000, public
x-static-region: DE
accept-ranges: bytes
X-Firefox-Spdy: h2
pt.promiv.com/index_files/slide-1-240.png
212.224.118.124200 OK 7.8 kB URL HTTP/2 pt.promiv.com/index_files/slide-1-240.png
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
File type PNG image data, 101 x 100, 8-bit colormap, non-interlaced\012- data
Hash 45aff0eca14c824b52fdc88f0a937246
d3b0c410a11ef2d2d50691e501b00bb75cb2d697
2191d217b5e7233f9004d67d78ae6a7f728b4a488980d256b14a8221d73504d8
GET /index_files/slide-1-240.png HTTP/1.1
Host: pt.promiv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.promiv.com/css/style.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 21:16:01 GMT
content-type: image/png
content-length: 7814
last-modified: Wed, 27 Jul 2016 14:51:30 GMT
etag: "5798ca72-1e86"
expires: Mon, 30 Jan 2023 21:16:01 GMT
cache-control: max-age=5184000, public
x-static-region: DE
accept-ranges: bytes
X-Firefox-Spdy: h2
pt.promiv.com/index_files/slide-3-240.png
212.224.118.124200 OK 6.8 kB URL HTTP/2 pt.promiv.com/index_files/slide-3-240.png
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
File type PNG image data, 101 x 100, 8-bit colormap, non-interlaced\012- data
Hash 29fc583c21989face5490c84e2be17f7
b13cdea85b7d8ad108b366b35fa6c4865f7d8255
796249595912448b3f1431453972a06a29b3793aea57ba17141adfc409fd90c7
GET /index_files/slide-3-240.png HTTP/1.1
Host: pt.promiv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.promiv.com/css/style.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 21:16:01 GMT
content-type: image/png
content-length: 6776
last-modified: Thu, 28 Jul 2016 06:53:10 GMT
etag: "5799abd6-1a78"
expires: Mon, 30 Jan 2023 21:16:01 GMT
cache-control: max-age=5184000, public
x-static-region: DE
accept-ranges: bytes
X-Firefox-Spdy: h2
pt.promiv.com/index_files/slide-2-240.png
212.224.118.124200 OK 7.2 kB URL HTTP/2 pt.promiv.com/index_files/slide-2-240.png
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
File type PNG image data, 101 x 100, 8-bit colormap, non-interlaced\012- data
Hash f7af6eab26abd6d1d320f32ecff82129
f22f3ef2f39e8898e8a57457ad54da42a060e506
30bab6ea0f9e757b46c86b51c30cb443a302fc2ce81cb5fc3f0078fb79e106ad
GET /index_files/slide-2-240.png HTTP/1.1
Host: pt.promiv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.promiv.com/css/style.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 21:16:01 GMT
content-type: image/png
content-length: 7234
last-modified: Wed, 27 Jul 2016 14:51:24 GMT
etag: "5798ca6c-1c42"
expires: Mon, 30 Jan 2023 21:16:01 GMT
cache-control: max-age=5184000, public
x-static-region: DE
accept-ranges: bytes
X-Firefox-Spdy: h2
pt.promiv.com/index_files/reset.css
212.224.118.124200 OK 7.2 kB URL HTTP/2 pt.promiv.com/index_files/reset.css
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
Hash 94d1bf9a2c6d29a2f84f2599537760ee
96d93ea06c5f115db5b4d19326ecef83d34d25b9
d95997ee6bbb12b6b88c68ceaaf9ecd390356c02d32553ad847723b6d5a9a67e
GET /index_files/reset.css HTTP/1.1
Host: pt.promiv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.promiv.com/?TID=63891986005B7A1B0504075F&c=no
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 21:16:01 GMT
content-type: text/css
last-modified: Wed, 27 Jul 2016 13:37:12 GMT
etag: W/"5798b908-c38"
expires: Mon, 30 Jan 2023 21:16:01 GMT
cache-control: max-age=5184000, public
x-static-region: DE
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 89c0794bd2a77a205684df0076194f63
5d1bec67fa580cc7dfb74775447fad97717fe890
59375f59c09da7b6d9b4da3ff42e77a477cf67fdf0ebe875307ddda3472731cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "59375F59C09DA7B6D9B4DA3FF42E77A477CF67FDF0EBE875307DDDA3472731CF"
Last-Modified: Thu, 01 Dec 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18316
Expires: Fri, 02 Dec 2022 02:21:18 GMT
Date: Thu, 01 Dec 2022 21:16:02 GMT
Connection: keep-alive
leadbit.biz/landing-data?callback=App.jsonCallback&v=2&page=pt.promiv.com&iframe=true&callback=App.jsonCallback&TID=63891986005B7A1B0504075F&_=1669929360321
212.224.121.199200 OK 467 B URL HTTP/1.1 leadbit.biz/landing-data?callback=App.jsonCallback&v=2&page=pt.promiv.com&iframe=true&callback=App.jsonCallback&TID=63891986005B7A1B0504075F&_=1669929360321
IP 212.224.121.199:0
ASN #44066 diva-e Datacenters GmbH
File type ASCII text, with very long lines (466)
Hash 178958a03fd56be6dd68f22ce54b4669
f68c452691b0fcef29bfedf98d42f82815eb677c
840df8379ae57ad73ac42d3bc4151eb6631bd57beccb027b1b70dfe7b5fb881e
GET /landing-data?callback=App.jsonCallback&v=2&page=pt.promiv.com&iframe=true&callback=App.jsonCallback&TID=63891986005B7A1B0504075F&_=1669929360321 HTTP/1.1
Host: leadbit.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.promiv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Thu, 01 Dec 2022 21:16:01 GMT
Content-Type: application/octet-stream
Transfer-Encoding: chunked
Connection: keep-alive
pt.promiv.com/index_files/slide-prev.png
212.224.118.124200 OK 1.5 kB URL HTTP/2 pt.promiv.com/index_files/slide-prev.png
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
File type PNG image data, 21 x 67, 8-bit/color RGBA, non-interlaced\012- data
Hash 088c47e2a5cc01faf4b1d5f39162a7b4
3253f190b2194447ba152eadbbb860c5c73dbc55
94bcb09ce77c2cb144643a8b8f80d981f725a1775520c2c43deb3e2a8e32938b
GET /index_files/slide-prev.png HTTP/1.1
Host: pt.promiv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.promiv.com/css/style.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 21:16:01 GMT
content-type: image/png
content-length: 1465
last-modified: Wed, 27 Jul 2016 13:52:52 GMT
etag: "5798bcb4-5b9"
expires: Mon, 30 Jan 2023 21:16:01 GMT
cache-control: max-age=5184000, public
x-static-region: DE
accept-ranges: bytes
X-Firefox-Spdy: h2
pt.promiv.com/index_files/slide-next.png
212.224.118.124200 OK 1.5 kB URL HTTP/2 pt.promiv.com/index_files/slide-next.png
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
File type PNG image data, 21 x 67, 8-bit/color RGBA, non-interlaced\012- data
Hash 3ea429dda6e3ac91a0c55d7d1987ad9a
e6b2f7656b79fe0e28d5589f2679977d82052207
b528527f4a8452ab3c4599cb9aed6bed7875ad11109e18088eba4ebcebdd9262
GET /index_files/slide-next.png HTTP/1.1
Host: pt.promiv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.promiv.com/css/style.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 21:16:01 GMT
content-type: image/png
content-length: 1455
last-modified: Wed, 27 Jul 2016 13:52:56 GMT
etag: "5798bcb8-5af"
expires: Mon, 30 Jan 2023 21:16:01 GMT
cache-control: max-age=5184000, public
x-static-region: DE
accept-ranges: bytes
X-Firefox-Spdy: h2
pt.promiv.com/js/main.js
212.224.118.124200 OK 179 kB IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
Size 179 kB (178704 bytes)
Hash 82735fc362a608e487a5fccc477f7132
88a570cffcfa50891316f0be381eb7a6717d1906
473191e9bae8d07832a3a9228f596ae249b5f919532c8fe6ac28b41ce2e0ee1f
GET /js/main.js HTTP/1.1
Host: pt.promiv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.promiv.com/?TID=63891986005B7A1B0504075F&c=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 21:16:01 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 16 Dec 2016 10:47:48 GMT
etag: W/"5853c654-18c6"
expires: Mon, 30 Jan 2023 21:16:01 GMT
cache-control: max-age=5184000, public
x-static-region: DE
content-encoding: gzip
X-Firefox-Spdy: h2
pt.promiv.com/index_files/sect5-8-bg-480.png
212.224.118.124200 OK 168 kB URL HTTP/2 pt.promiv.com/index_files/sect5-8-bg-480.png
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
File type PNG image data, 768 x 961, 8-bit/color RGBA, non-interlaced\012- data
Size 168 kB (167607 bytes)
Hash 1e4bcfac4769f213b5e0a33a67876ae4
4d99f103a38cc3445f0fae05568ec8634edeeaee
fba0fe7aaab8fe2d72d25395d15e3b1d63c37095133a01ea3c5987eade3b5ece
GET /index_files/sect5-8-bg-480.png HTTP/1.1
Host: pt.promiv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.promiv.com/css/style.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 21:16:01 GMT
content-type: image/png
content-length: 167607
last-modified: Wed, 27 Jul 2016 13:59:18 GMT
etag: "5798be36-28eb7"
expires: Mon, 30 Jan 2023 21:16:01 GMT
cache-control: max-age=5184000, public
x-static-region: DE
accept-ranges: bytes
X-Firefox-Spdy: h2
prenblog.com/promi/pt/pre2/img/product.png
212.224.121.236200 OK 1.1 MB URL HTTP/1.1 prenblog.com/promi/pt/pre2/img/product.png
IP 212.224.121.236:0
ASN #44066 diva-e Datacenters GmbH
File type PNG image data, 913 x 625, 8-bit/color RGBA, non-interlaced\012- data
Size 1.1 MB (1073284 bytes)
Hash ff54a5b4017b3c8bc7aca42fc6ee0275
6b752c50415ef4989465a1bf483275eab1bd0db3
8765f237289b0ae6b3dc0ad88a9fdc511a42416796643f39687520584e3fb555
GET /promi/pt/pre2/img/product.png HTTP/1.1
Host: prenblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prenblog.com/promi/pt/pre2/?TID=63891986005B7A1B0504075F&host=mandarv.com
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 21:16:00 GMT
Content-Type: image/png
Content-Length: 1073284
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 11:02:54 GMT
ETag: "63624e5e-106084"
Expires: Mon, 30 Jan 2023 21:16:00 GMT
Cache-Control: max-age=5184000, public
X-Static-Region: DE
Accept-Ranges: bytes
pt.promiv.com/index_files/jquery.countdown.css
212.224.118.124200 OK 437 kB URL HTTP/2 pt.promiv.com/index_files/jquery.countdown.css
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
Size 437 kB (437021 bytes)
Hash 80ab081932ee5938609f3aca8d5aeb22
d8bee48a85a93d97e82f306a2ec4da84ab21b0e1
93c0a3589d4085e74ee511fbd7b857761196c360f24c8ca847ef72852000f3d2
GET /index_files/jquery.countdown.css HTTP/1.1
Host: pt.promiv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.promiv.com/?TID=63891986005B7A1B0504075F&c=no
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 21:16:01 GMT
content-type: text/css
last-modified: Wed, 27 Jul 2016 13:37:12 GMT
etag: W/"5798b908-4db"
expires: Mon, 30 Jan 2023 21:16:01 GMT
cache-control: max-age=5184000, public
x-static-region: DE
content-encoding: gzip
X-Firefox-Spdy: h2
pt.promiv.com/index_files/slider.css
212.224.118.124200 OK 472 kB URL HTTP/2 pt.promiv.com/index_files/slider.css
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
Size 472 kB (471560 bytes)
Hash f61da11ef601ffada4cf79de332ac237
02680bdab7995cf1f2a0ac2ab79bafefbc8c3702
795a05e40e159bdb9f2caf169d2d5dca31a49ee8578bc1d637d3f0e24f8727dd
GET /index_files/slider.css HTTP/1.1
Host: pt.promiv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.promiv.com/?TID=63891986005B7A1B0504075F&c=no
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 21:16:01 GMT
content-type: text/css
last-modified: Wed, 27 Jul 2016 13:37:12 GMT
etag: W/"5798b908-13a4"
expires: Mon, 30 Jan 2023 21:16:01 GMT
cache-control: max-age=5184000, public
x-static-region: DE
content-encoding: gzip
X-Firefox-Spdy: h2
pt.promiv.com/index_files/everad.css
212.224.118.124200 OK 447 kB URL HTTP/2 pt.promiv.com/index_files/everad.css
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
Size 447 kB (447108 bytes)
Hash ced5297d6d6e053c97efb765c83c40c9
e926f2261ebda5496c645de3478ce342ea52280a
8d2009f3625352197450ccce766b618ca8ad2698455a3636f32f7845799b3d36
GET /index_files/everad.css HTTP/1.1
Host: pt.promiv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.promiv.com/?TID=63891986005B7A1B0504075F&c=no
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 21:16:01 GMT
content-type: text/css
last-modified: Wed, 27 Jul 2016 13:37:14 GMT
etag: W/"5798b90a-4148"
expires: Mon, 30 Jan 2023 21:16:01 GMT
cache-control: max-age=5184000, public
x-static-region: DE
content-encoding: gzip
X-Firefox-Spdy: h2
pt.promiv.com/cdn/js/geo/pt10.js
212.224.118.124200 OK 788 B URL HTTP/2 pt.promiv.com/cdn/js/geo/pt10.js
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
Hash 801a7955d0697afaafff4de9a9ce4ad5
ef89f120cadf3714b2a538b418741c652f6b031f
4516041e1b40c0e2939dddc4c4aa513df21b5817431a949b260c7b9a1dc3cbf8
GET /cdn/js/geo/pt10.js HTTP/1.1
Host: pt.promiv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.promiv.com/?TID=63891986005B7A1B0504075F&c=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 21:16:01 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 24 May 2022 12:04:47 GMT
etag: W/"628cc9df-1ff"
expires: Thu, 01 Dec 2022 23:16:01 GMT
cache-control: max-age=7200
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15626
Expires: Fri, 02 Dec 2022 01:36:29 GMT
Date: Thu, 01 Dec 2022 21:16:03 GMT
Connection: keep-alive
pt.promiv.com/css/style.min.css
212.224.118.124200 OK 9.6 kB URL HTTP/2 pt.promiv.com/css/style.min.css
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
Hash 7bd8ad28fecb71d761b43a63d7bf883a
0a2713dd7b966fe1aeb24955f23fc722de6988bb
375e6833724cb3e3619eb9177d880a40e2819ccba7f56baad0e15f9cd96820b3
GET /css/style.min.css HTTP/1.1
Host: pt.promiv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.promiv.com/?TID=63891986005B7A1B0504075F&c=no
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 21:16:01 GMT
content-type: text/css
last-modified: Tue, 28 Feb 2017 10:53:38 GMT
etag: W/"58b556b2-955b"
expires: Mon, 30 Jan 2023 21:16:01 GMT
cache-control: max-age=5184000, public
x-static-region: DE
content-encoding: gzip
X-Firefox-Spdy: h2
pt.promiv.com/cdn/js/countries.js
212.224.118.124200 OK 2.1 kB URL HTTP/2 pt.promiv.com/cdn/js/countries.js
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
Hash 3599858ee7900515abaa4433777b0558
05fcfb08c8213dcc03aadaa5a07d4a2606b3e1ba
51d97fb3b8b1b8ec0177f64d17117c6fc843aa759d00657694dfb0182a494864
GET /cdn/js/countries.js HTTP/1.1
Host: pt.promiv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.promiv.com/?TID=63891986005B7A1B0504075F&c=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 21:16:01 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 18 Feb 2020 09:25:30 GMT
etag: W/"5e4bad8a-1013"
expires: Thu, 01 Dec 2022 23:16:01 GMT
cache-control: max-age=7200
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 820cf89fcab8380adff42982c9fb11ed
84241ddddbbfd7de30118307fb1a62800d0a4cb3
0d051495f06ac84de934283b40cbfee7a042d32153a73486dd7c017430e882d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12898
x-amzn-requestid: 9b594c3c-6b8c-4589-8fcb-b3d7518b46f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cQZBNFxToAMF_9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63833ba1-767f510d72eef86d0cc892df;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 10:27:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gsn5uUFEzDZDOMPTvW9UQxtccvRfJKUM4eJ8U99jvUGzNIKkF9SzeA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:49:20 GMT
age: 84403
etag: "84241ddddbbfd7de30118307fb1a62800d0a4cb3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 26d6dffbf400da4803a2e76e2a8ef2f8
2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8
04c6e31623fe48cbe83dc91635bfa47b337590f18919995b08d5bde27e929e03
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8740
x-amzn-requestid: 4823cf63-98eb-40d3-bb8b-e09cd2262f36
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP7SqHjYIAMF8xw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63830c10-316b213c33ce9bc2355c0900;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:04:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tK4wl-g5kcUhVFE3iZGILhZhZSsaMzQD9JTBHj1JXV95yXs_e3gMGw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 12:31:43 GMT
age: 31460
etag: "2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc2b4ec6-0955-4089-983c-0abf7fd13bf2.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc2b4ec6-0955-4089-983c-0abf7fd13bf2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e1e6b6ba4f82221b41c3d9129008c76d
2f9532d698b4c28df23e18bbb66399ec776d5b9f
218c6f41a16e6087c611d4db5784a7cc1d027084d0bf2bd6dc3843ee5dfd560f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc2b4ec6-0955-4089-983c-0abf7fd13bf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9459
x-amzn-requestid: c08f55b2-7ac6-4dec-b53c-fd3f4533f9c9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMpBiGoHIAMFR2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bba3-69c2c2d05e55fd745caf1dce;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:09:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w_Mb-0pBwp-pUyU2bdJ8MhrGHkk6VQgJmcGV9MfHwj_yGUMIYZkyrg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 10:48:24 GMT
age: 37659
etag: "2f9532d698b4c28df23e18bbb66399ec776d5b9f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d2dd5a4bcfd47db8f38544bf39ce3031
fa2217bae05b7beca2e12597eaad835298276b82
3266004f5e73af5359b71622eea31f1e28abb4bbc443b5f9e481b5a8b2e9249e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4762
x-amzn-requestid: b7c0e28a-de0d-443d-8bf4-900a964bf110
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP7uSFcMoAMF2CQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63830cc1-7abade3a670201cf1906b79f;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:07:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: gZSkafSw8cXo9AChLOTVJW7r_hHLW8kaHlA-ED2_zFJwuUk1uS3VRw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 13:29:36 GMT
age: 27987
etag: "fa2217bae05b7beca2e12597eaad835298276b82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ffd12f9c423ffc627d9e3b3145944fe4
5cf9a7a784952e1bb0cbe499104f1774b1269d08
a25f1b752d9af599aefd73073c105853130f1759905269de3d582d2eb35fe167
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16038
x-amzn-requestid: 9d34c42b-ba0c-498f-8f99-d4ab527ffa89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbzMdHXNIAMFgaw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cbe9-376846f31dc9b995797cbd18;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:32:25 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DngCuOTO9fQAwWe_ip6EtBcgruigZN6Bl1_v5BHM2dsWlhqCXCL3gg==
via: 1.1 efcf7b9d0f917f9ebf314db03e52d9b6.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:45:33 GMT
age: 84630
etag: "5cf9a7a784952e1bb0cbe499104f1774b1269d08"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb53953-3f6b-43ee-95d9-fb65d133745f.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb53953-3f6b-43ee-95d9-fb65d133745f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 328ce221bcf3442f88d09373193ff594
63bfa2ea925aa2c188c664a7bf7af7b0e5417e60
21d5b5ec267430dba91b17f89a557aca5cd2a21535da18eb02ec69ed0e1b7371
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb53953-3f6b-43ee-95d9-fb65d133745f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13411
x-amzn-requestid: 17fcc4e1-76c1-4eca-9235-c1a513bca24a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbz80FCQoAMFs1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cd1e-26da4f265d74215f31425eb9;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:37:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MttRByNp1C1ZeFFicFVa0w3XRyXJnUycPy2Izk8hzGEgXGdDqD3L3A==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:48:17 GMT
age: 84466
etag: "63bfa2ea925aa2c188c664a7bf7af7b0e5417e60"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
pt.promiv.com/translater.js
212.224.118.124200 OK 0 B URL HTTP/2 pt.promiv.com/translater.js
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
GET /translater.js HTTP/1.1
Host: pt.promiv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.promiv.com/?TID=63891986005B7A1B0504075F&c=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 21:16:01 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 11 Jul 2022 11:35:53 GMT
etag: W/"62cc0b19-20ce"
expires: Mon, 30 Jan 2023 21:16:01 GMT
cache-control: max-age=5184000, public
x-static-region: DE
content-encoding: gzip
X-Firefox-Spdy: h2
pt.promiv.com/index_files/sect2-bg.png
212.224.118.124200 OK 0 B URL HTTP/2 pt.promiv.com/index_files/sect2-bg.png
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
GET /index_files/sect2-bg.png HTTP/1.1
Host: pt.promiv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.promiv.com/css/style.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 21:16:09 GMT
content-type: image/png
content-length: 27740
last-modified: Wed, 27 Jul 2016 13:53:18 GMT
etag: "5798bcce-6c5c"
expires: Mon, 30 Jan 2023 21:16:09 GMT
cache-control: max-age=5184000, public
x-static-region: DE
accept-ranges: bytes
X-Firefox-Spdy: h2
pt.promiv.com/index_files/sect5-bg.jpg
212.224.118.124200 OK 0 B URL HTTP/2 pt.promiv.com/index_files/sect5-bg.jpg
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
GET /index_files/sect5-bg.jpg HTTP/1.1
Host: pt.promiv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.promiv.com/css/style.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 21:16:09 GMT
content-type: image/jpeg
content-length: 32516
last-modified: Wed, 27 Jul 2016 13:53:12 GMT
etag: "5798bcc8-7f04"
expires: Mon, 30 Jan 2023 21:16:09 GMT
cache-control: max-age=5184000, public
x-static-region: DE
accept-ranges: bytes
X-Firefox-Spdy: h2
pt.promiv.com/index_files/sect1-bg.png
212.224.118.124200 OK 0 B URL HTTP/2 pt.promiv.com/index_files/sect1-bg.png
IP 212.224.118.124:0
ASN #44066 diva-e Datacenters GmbH
GET /index_files/sect1-bg.png HTTP/1.1
Host: pt.promiv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.promiv.com/css/style.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 21:16:09 GMT
content-type: image/png
content-length: 273196
last-modified: Wed, 27 Jul 2016 13:49:34 GMT
etag: "5798bbee-42b2c"
expires: Mon, 30 Jan 2023 21:16:09 GMT
cache-control: max-age=5184000, public
x-static-region: DE
accept-ranges: bytes
X-Firefox-Spdy: h2