Overview

URL proteamitc.com/16803-116808/64169?uid=CU46JYu4G6LNsTT1BDKCM8uGBuVKqU&prom_type=regular&prom_id=188482&pld=26L81sNgpwNGbf&answer-1=1
IP50.19.16.20
ASNAMAZON-AES
Location United States
Report completed2022-09-26 22:16:07 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-26 2 proteamitc.com/uploads/uploadedFonts/fontsImport.css?v=1664230557 Phishing
2022-09-26 2 proteamitc.com/lib/jq/validator/fb.validation.js Phishing
2022-09-26 2 proteamitc.com/lib/jq/cqParams/fb.cqParams.js Phishing
2022-09-26 2 proteamitc.com/lib/jq/otherInput/fb.otherInput.js Phishing
2022-09-26 2 proteamitc.com/lib/jq/fb.utils.js Phishing
2022-09-26 2 proteamitc.com/lpScripts/assetsBehavior.js?v=1 Phishing
2022-09-26 2 proteamitc.com/lib/jq/fb.autoSubmit.js Phishing
2022-09-26 2 proteamitc.com/lib/uri/uri.js Phishing
2022-09-26 2 proteamitc.com/lib/jq/validator/localization/jq_validation_localizations.bo (...) Phishing
2022-09-26 2 proteamitc.com/16803-116809-typ/64169?uid=CU46JYu4G6LNsTT1BDKCM8uGBuVKqU Phishing
2022-09-26 2 proteamitc.com/lib/uri/uri.js Phishing
2022-09-26 2 proteamitc.com/lpScripts/assetsBehavior.js?v=1 Phishing
2022-09-26 2 proteamitc.com/uploads/uploadedFonts/fontsImport.css?v=1664230558 Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

URL proteamitc.com/16803-116809-typ/64169?uid=CU46JYu4G6LNsTT1BDKCM8uGBuVKqU&mo (...)
IP  50.19.16.20
Magic PDF document, version 1.3, 2 pages\012- data
Size 2505035
MD5 8d4a6c914656f8313fea6379e526e951
SHA1 575f7bb0a3a36c332b22cb2136e45923bcdfba48
SHA256 50f38af99e07004a8e03724def0a099204d956f5459bc81c00e421997b2a0d8f
Analyzer Analysed Verdict Comment
VirusTotal 0/0


Passive DNS (19)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS cdn.jsdelivr.net (1) 439 2012-09-30 00:15:09 UTC 2022-09-26 11:58:20 UTC 151.101.85.229
mnemonic passive DNS ocsp.digicert.com (3) 86 2012-05-21 07:02:23 UTC 2022-09-26 16:08:16 UTC 93.184.220.29
mnemonic passive DNS ocsp.globalsign.com (1) 2075 2012-05-25 06:20:55 UTC 2022-09-26 04:28:35 UTC 104.18.21.226
mnemonic passive DNS fonts.googleapis.com (8) 8877 2013-06-10 20:14:26 UTC 2022-09-26 16:59:48 UTC 142.250.74.10
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-28 17:26:30 UTC 2022-09-26 12:59:20 UTC 143.204.55.35
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-26 04:26:56 UTC 143.204.55.110
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-26 04:28:07 UTC 34.117.237.239
mnemonic passive DNS ocsp.pki.goog (6) 175 2017-06-14 07:23:31 UTC 2022-09-26 04:27:13 UTC 142.250.74.3
mnemonic passive DNS fonts.gstatic.com (1) 0 2014-08-29 13:43:22 UTC 2022-09-26 04:26:58 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS stackpath.bootstrapcdn.com (1) 2467 2018-04-05 04:41:29 UTC 2022-09-26 19:13:07 UTC 104.18.10.207
mnemonic passive DNS r3.o.lencr.org (9) 344 2020-12-02 08:52:13 UTC 2022-09-26 04:35:11 UTC 23.36.77.32
mnemonic passive DNS cdnjs.cloudflare.com (2) 235 2020-10-20 10:17:36 UTC 2022-09-26 06:09:43 UTC 104.17.24.14
mnemonic passive DNS via.placeholder.com (1) 26595 2021-04-12 05:15:36 UTC 2022-09-26 18:54:25 UTC 104.21.33.39
mnemonic passive DNS proteamitc.com (20) 0 2022-05-20 03:22:30 UTC 2022-09-26 11:58:58 UTC 50.19.16.20 Unknown ranking
mnemonic passive DNS polyfill.io (1) 102644 2016-02-12 00:04:58 UTC 2022-09-26 06:30:36 UTC 151.101.1.26
mnemonic passive DNS lp.infusemedia.com (6) 837609 2020-05-28 14:59:51 UTC 2022-09-26 19:21:22 UTC 23.22.88.62
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-26 05:45:55 UTC 52.41.98.34
mnemonic passive DNS use.typekit.net (1) 494 2012-07-05 01:42:39 UTC 2022-09-26 04:43:54 UTC 23.36.76.122
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-26 12:15:18 UTC 34.120.237.76


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 50.19.16.20

Date UQ / IDS / BL URL IP
2022-11-30 09:11:16 +0000
0 - 0 - 4 insightswebitc.com/14774-101473/55259?uid=4oj (...) 50.19.16.20
2022-11-30 02:44:18 +0000
0 - 0 - 11 techreportscuratedreport.com/18849-131445/731 (...) 50.19.16.20
2022-11-30 02:44:18 +0000
0 - 0 - 2 techreportscuratedreport.com/follow-trail 50.19.16.20
2022-11-29 22:44:25 +0000
0 - 0 - 11 techreportscuratedreport.com/18849-131445/731 (...) 50.19.16.20
2022-11-29 21:03:20 +0000
0 - 0 - 5 insightscuratedteam.com/18025-125791/69770?ui (...) 50.19.16.20

Last 5 reports on ASN: AMAZON-AES

Date UQ / IDS / BL URL IP
2022-12-04 16:02:29 +0000
0 - 0 - 1 probable-coherent-node.glitch.me/NFUOONLINEUP (...) 44.196.165.201
2022-12-04 16:01:49 +0000
0 - 0 - 14 ecomhdnmkt.com/?a=8929&c=141878&s1=pp1664&s2= (...) 52.0.212.192
2022-12-04 15:46:32 +0000
0 - 0 - 3 different-abaft-handsaw.glitch.me/gwavs.HTM 44.199.49.219
2022-12-04 15:45:53 +0000
0 - 0 - 3 shimmer-jasper-capacity.glitch.me/gwavs.HTM 52.4.141.177
2022-12-04 15:27:06 +0000
24 - 0 - 12 officehagr5dnhris.edns.biz/ 54.86.10.46

Last 2 reports on domain: proteamitc.com

Date UQ / IDS / BL URL IP
2022-09-26 22:16:07 +0000
0 - 0 - 13 proteamitc.com/16803-116808/64169?uid=CU46JYu (...) 50.19.16.20
2022-09-21 14:55:42 +0000
0 - 0 - 13 proteamitc.com/16803-116808/64169?uid=4fWkaUS (...) 50.19.16.20

Last 1 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-09-21 14:55:42 +0000
0 - 0 - 13 proteamitc.com/16803-116808/64169?uid=4fWkaUS (...) 50.19.16.20


JavaScript

Executed Scripts (16)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (72)


Request Response
                                        
                                            GET /16803-116808/64169?uid=CU46JYu4G6LNsTT1BDKCM8uGBuVKqU&prom_type=regular&prom_id=188482&pld=26L81sNgpwNGbf&answer-1=1 HTTP/1.1 
Host: proteamitc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         50.19.16.20
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx/1.22.0
Date: Mon, 26 Sep 2022 22:15:56 GMT
Content-Length: 169
Connection: keep-alive
Location: https://proteamitc.com/16803-116808/64169?uid=CU46JYu4G6LNsTT1BDKCM8uGBuVKqU&prom_type=regular&prom_id=188482&pld=26L81sNgpwNGbf&answer-1=1


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   169
Md5:    b51956ed2a6129f43c5d0ecc011cc5a5
Sha1:   c03157aff80067b6b57903d3843b9fd9e07b33ab
Sha256: 1ac63374d015eee8d9d875502aa63981dbeb9d86a14096de0d504763808e429b
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 26 Sep 2022 22:15:24 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Ba2XSln_gUVvV2OG9UynoSQoGI1sK9WUjczY_D1c75ZSQ_CXoX_LVQ==
Age: 32


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12327
Expires: Tue, 27 Sep 2022 01:41:23 GMT
Date: Mon, 26 Sep 2022 22:15:56 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.110
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Sep 2022 04:35:16 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 5-JLud_dexbr7xjg4VhaXmlxP-SR3CQe-N0ha6efOUt1MHOGEYcQ8A==
age: 63641
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Mon, 26 Sep 2022 22:15:56 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6DB44AD2A1FD7F5F82FF4EF859B4DB33140C76652494FA2400F8D6B77ABD1FF2"
Last-Modified: Mon, 26 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21592
Expires: Tue, 27 Sep 2022 04:15:49 GMT
Date: Mon, 26 Sep 2022 22:15:57 GMT
Connection: keep-alive

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Mon, 26 Sep 2022 22:10:46 GMT
Expires: Mon, 26 Sep 2022 22:39:20 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: DUcieTNmLZK-d4DOjUuciCHucp1cn_6cfo9AJm_fK6Pfcu3KggwSXA==
Age: 311


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /16803-116808/64169?uid=CU46JYu4G6LNsTT1BDKCM8uGBuVKqU&prom_type=regular&prom_id=188482&pld=26L81sNgpwNGbf&answer-1=1 HTTP/1.1 
Host: proteamitc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         50.19.16.20
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx/1.22.0
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.4.16
Cache-Control: max-age=0, must-revalidate, private
Date: Mon, 26 Sep 2022 22:15:57 GMT
Expires: Mon, 26 Sep 2022 22:15:57 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (15037)
Size:   8626
Md5:    a8167fa11c57d7d7e5fed41fffa789c8
Sha1:   69c869da53b2ffc3155a6e0225afd0e4ba2ef910
Sha256: 5d881440a6ddec4c5c428b5da295e3cec1673e59fceb4ea2b10a588babeccbd9
                                        
                                            GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.24.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Mon, 26 Sep 2022 22:15:57 GMT
content-length: 27958
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb09ed3-15d84"
last-modified: Mon, 04 May 2020 23:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 9674261
expires: Sat, 16 Sep 2023 22:15:57 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mdTZRyCufj6jhFl82JWZUmKqte0brVc0LC%2B0ATuqTEuEWS%2BEPhmrYZi5pSkk7zM9Cx8CKEa5%2FwR7mVsBQUGSCPGsLhe7COsLC0FXNlkl0Jt82ASVb2xyKhXiFmJ5nHAsNoY1x1EX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 750f5c77aca2b4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   27958
Md5:    4b5f47439b640180cc3450f7de05d0d8
Sha1:   5a0dc9bcab80ddc409dd35fcb00a88fe6846fee2
Sha256: 1f85e8b327f42c17c025d69849914068536d9aa95412fe473ae90ffb2f4ebd82
                                        
                                            GET /ajax/libs/select2/4.0.13/js/select2.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://proteamitc.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.24.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Mon, 26 Sep 2022 22:15:57 GMT
content-length: 16456
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5ecc8659-114c3"
last-modified: Tue, 26 May 2020 03:00:41 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2050930
expires: Sat, 16 Sep 2023 22:15:57 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OiH%2F0qwMrubE1%2F5eLxMtDfn8Ej1ZLO%2BmstjYIQ6UOd7Tsx2gLgtMA3wUO47fIltM29qac410oARoKwuFjODfX2Mfo9N0XwT%2BfBHZT7vRu%2BP2CoGwCI%2Bike0tSQtunYhZ%2B%2FqjgjG9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 750f5c77bdf8b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (64131)
Size:   16456
Md5:    e969f2fd683c8d12ccbfa6ec0487dadf
Sha1:   4efb5abd97f96f324fd3bd64902a02e4a8a3d3af
Sha256: 10375c0c9bd1d60f996e3b7eef19ada49ebc3790f78742204cef7026754d2ac2
                                        
                                            GET /npm/jquery-validation@1.19.1/dist/jquery.validate.min.js HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.229
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 1.19.1
x-jsd-version-type: version
etag: W/"5f38-DaTFNbUL203/o7X64+mZru4TfLU"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 26 Sep 2022 22:15:57 GMT
age: 3620543
x-served-by: cache-fra19165-FRA, cache-bma1653-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7815
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (24237)
Size:   7815
Md5:    144d2fdbeb2ac0a55e26fd4d3bcb6aa7
Sha1:   7b00473f6a8170bcb0573cec68acea35684250c7
Sha256: 5e9ecf8613ebbaae3c171d1ba18e6af51d41ed136730e2764784f12679fda526
                                        
                                            GET /v3/polyfill.min.js?version=3.52.1&features=URL%2CURLSearchParams%2Ces5%2Ces6%2Ces7 HTTP/1.1 
Host: polyfill.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://proteamitc.com
Connection: keep-alive
Referer: https://proteamitc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.1.26
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
last-modified: Wed, 21 Sep 2022 18:47:57 GMT
content-encoding: br
age: 0
accept-ranges: bytes
useragent_normaliser: firefox/96.0.0
date: Mon, 26 Sep 2022 22:15:57 GMT
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
vary: User-Agent, Accept-Encoding
server-timing: cache-bma1672, PASS, fastly;desc="Edge time";dur=16
content-length: 74
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   74
Md5:    bdb6d8e9b581dfbdb87566776ede0cbd
Sha1:   d18cdeacd5c146b34919955e97e51b7db50d0d9b
Sha256: fe35c33df2fa5edeac1dbbe512a6e92c5b1e7fb5c204df818e23ea07b5121add
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2860
Cache-Control: 'max-age=158059'
Date: Mon, 26 Sep 2022 22:15:57 GMT
Last-Modified: Mon, 26 Sep 2022 21:28:17 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5052
Cache-Control: max-age=126905
Date: Mon, 26 Sep 2022 22:15:57 GMT
Etag: "63315d9a-1d7"
Expires: Wed, 28 Sep 2022 09:31:02 GMT
Last-Modified: Mon, 26 Sep 2022 08:06:50 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 22:15:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "43AE3E80ABEEDB67669C0B327FCCF1583B6372FD"
Expires: Tue, 27 Sep 2022 09:00:00 GMT
Last-Modified: Mon, 26 Sep 2022 21:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1174
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 750f5c783f710b65-OSL


--- Additional Info ---
Magic:  data
Size:   1462
Md5:    c949b695978e4b3a28e654de2513ca21
Sha1:   ddf515441bfb165ab3ce191ed5754eb2b30e32b1
Sha256: 214490a27a0ae554067c8e233854ea6f73ac37688465b6d78adad7f3fed0acee
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2860
Cache-Control: 'max-age=158059'
Date: Mon, 26 Sep 2022 22:15:57 GMT
Last-Modified: Mon, 26 Sep 2022 21:28:17 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C24E2071567A4BFA4FD77A4FE0CC7E907DD9206196307ABF92ED9DFE327D0C38"
Last-Modified: Mon, 26 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11095
Expires: Tue, 27 Sep 2022 01:20:52 GMT
Date: Mon, 26 Sep 2022 22:15:57 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C24E2071567A4BFA4FD77A4FE0CC7E907DD9206196307ABF92ED9DFE327D0C38"
Last-Modified: Mon, 26 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11095
Expires: Tue, 27 Sep 2022 01:20:52 GMT
Date: Mon, 26 Sep 2022 22:15:57 GMT
Connection: keep-alive

                                        
                                            GET /uploads/uploadedFonts/fontsImport.css?v=1664230557 HTTP/1.1 
Host: proteamitc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/16803-116808/64169?uid=CU46JYu4G6LNsTT1BDKCM8uGBuVKqU&prom_type=regular&prom_id=188482&pld=26L81sNgpwNGbf&answer-1=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         50.19.16.20
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.22.0
Date: Mon, 26 Sep 2022 22:15:57 GMT
Content-Length: 101830
Last-Modified: Mon, 19 Sep 2022 21:25:17 GMT
Connection: keep-alive
ETag: "6328de3d-18dc6"
Expires: Mon, 26 Sep 2022 22:15:57 GMT
Cache-Control: max-age=0
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (508)
Size:   101830
Md5:    6536b36ddf48a6079b54f2b4ae0be765
Sha1:   63ffaf2f552dd2861b7147193dcda3b1ea51ef8d
Sha256: 1bc9d3383234ea5dad3eb27f83541f5328d36437eb6e94a3a70492a46d2d10e6

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /ckeditor/contents.css?t=M7OE HTTP/1.1 
Host: lp.infusemedia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.22.88.62
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.22.0
Date: Mon, 26 Sep 2022 22:15:57 GMT
Content-Length: 2886
Last-Modified: Mon, 19 Sep 2022 18:46:44 GMT
Connection: keep-alive
ETag: "6328b914-b46"
Expires: Mon, 26 Sep 2022 22:15:57 GMT
Cache-Control: max-age=0
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text
Size:   2886
Md5:    ea34863bd1770c4274d7ed7c58449f2a
Sha1:   1aefe351289c27d7b741cd38baaaad3398e306ba
Sha256: 43b78285c786c968e35d8a44aafb06df291e840e106bd01ddf36df96ce84ff5d
                                        
                                            GET /ckeditor/plugins/lpLinkV2/css/styles.css HTTP/1.1 
Host: lp.infusemedia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.22.88.62
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.22.0
Date: Mon, 26 Sep 2022 22:15:57 GMT
Content-Length: 2159
Last-Modified: Mon, 19 Sep 2022 18:46:45 GMT
Connection: keep-alive
ETag: "6328b915-86f"
Expires: Mon, 26 Sep 2022 22:15:57 GMT
Cache-Control: max-age=0
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (2158)
Size:   2159
Md5:    20944bcec784ce7e2b95b62808da9869
Sha1:   29fa6fc754e5f8cda684cfcadad4b996f7404e61
Sha256: 479da2477e3d7631c8cca6c411d1b2afad9d5e66bc6bb7acc8b1bdafadd75499
                                        
                                            GET /ckeditor/plugins/formBuilder/styles/formBuilder.css?v=1.3.1663274522602 HTTP/1.1 
Host: lp.infusemedia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.22.88.62
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.22.0
Date: Mon, 26 Sep 2022 22:15:57 GMT
Content-Length: 5201
Last-Modified: Mon, 19 Sep 2022 18:46:45 GMT
Connection: keep-alive
ETag: "6328b915-1451"
Expires: Mon, 26 Sep 2022 22:15:57 GMT
Cache-Control: max-age=0
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text
Size:   5201
Md5:    e741d2aa47efe7dda9dfe0a5014fef0e
Sha1:   30ebfe60d0832bb8114c6ba155f0ddb15c1a527c
Sha256: 68c2e3489d098db2a6e2ddba9f32ff172d1c0ff0983b9b3c3c0b59c8a850cf20
                                        
                                            GET /lib/jq/validator/fb.validation.js HTTP/1.1 
Host: proteamitc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/16803-116808/64169?uid=CU46JYu4G6LNsTT1BDKCM8uGBuVKqU&prom_type=regular&prom_id=188482&pld=26L81sNgpwNGbf&answer-1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         50.19.16.20
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.22.0
Date: Mon, 26 Sep 2022 22:15:57 GMT
Content-Length: 2011
Last-Modified: Wed, 09 Jun 2021 11:25:31 GMT
Connection: keep-alive
ETag: "60c0a52b-7db"
Expires: Mon, 26 Sep 2022 22:15:57 GMT
Cache-Control: max-age=0
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text
Size:   2011
Md5:    60f78449c35e69490026e3f739d322dc
Sha1:   a0f988cad0941c050d4ecbe1d58f450193c604d2
Sha256: ee75b43f5de847b148b9ed76c06b5db9566ba8da3ac35c726ed43ef9f9b2c3e3

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /lib/jq/cqParams/fb.cqParams.js HTTP/1.1 
Host: proteamitc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/16803-116808/64169?uid=CU46JYu4G6LNsTT1BDKCM8uGBuVKqU&prom_type=regular&prom_id=188482&pld=26L81sNgpwNGbf&answer-1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         50.19.16.20
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.22.0
Date: Mon, 26 Sep 2022 22:15:57 GMT
Content-Length: 2815
Last-Modified: Tue, 14 Sep 2021 10:49:24 GMT
Connection: keep-alive
ETag: "61407e34-aff"
Expires: Mon, 26 Sep 2022 22:15:57 GMT
Cache-Control: max-age=0
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text
Size:   2815
Md5:    55159908ed60d22fd3992732aa7e42d3
Sha1:   57976f1953d1da224e9746296eaac849d69dc5f3
Sha256: c6b1e77cd2f103d2fa292bf088a9680848a4f94b6c1ef6ee2017c2ba530a03c5

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /lib/jq/otherInput/fb.otherInput.js HTTP/1.1 
Host: proteamitc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/16803-116808/64169?uid=CU46JYu4G6LNsTT1BDKCM8uGBuVKqU&prom_type=regular&prom_id=188482&pld=26L81sNgpwNGbf&answer-1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         50.19.16.20
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.22.0
Date: Mon, 26 Sep 2022 22:15:57 GMT
Content-Length: 2326
Last-Modified: Tue, 25 May 2021 16:06:10 GMT
Connection: keep-alive
ETag: "60ad2072-916"
Expires: Mon, 26 Sep 2022 22:15:57 GMT
Cache-Control: max-age=0
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text
Size:   2326
Md5:    f49a975af41186993c4e9375ab2811a9
Sha1:   3ff5af70425851ca10b47e5e9a730466f0ec0d07
Sha256: da384cdad429313cc5b5e7579c3dd5e547273095b9b2f14e598bfc46ed3544c7

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /lib/jq/fb.utils.js HTTP/1.1 
Host: proteamitc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/16803-116808/64169?uid=CU46JYu4G6LNsTT1BDKCM8uGBuVKqU&prom_type=regular&prom_id=188482&pld=26L81sNgpwNGbf&answer-1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         50.19.16.20
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.22.0
Date: Mon, 26 Sep 2022 22:15:57 GMT
Content-Length: 17827
Last-Modified: Mon, 12 Sep 2022 09:24:07 GMT
Connection: keep-alive
ETag: "631efab7-45a3"
Expires: Mon, 26 Sep 2022 22:15:57 GMT
Cache-Control: max-age=0
Accept-Ranges: bytes


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   17827
Md5:    ae4404875fed763d83013c881e85a0ee
Sha1:   b816ad607b6a4a89b901447ad513abbbf7fd16a9
Sha256: 827810c0c757314f1071132a70efabdf940d7a259cf21bc99f008f96f0859637

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Lw7lnJtvgiLIAO8G9/2Jzw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.41.98.34
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: fH2bLC7264YbJcPEafwS5+5beec=

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 22:15:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 22:15:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 22:15:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /lpScripts/assetsBehavior.js?v=1 HTTP/1.1 
Host: proteamitc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/16803-116808/64169?uid=CU46JYu4G6LNsTT1BDKCM8uGBuVKqU&prom_type=regular&prom_id=188482&pld=26L81sNgpwNGbf&answer-1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         50.19.16.20
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.22.0
Date: Mon, 26 Sep 2022 22:15:57 GMT
Content-Length: 9494
Last-Modified: Mon, 05 Sep 2022 18:13:19 GMT
Connection: keep-alive
ETag: "63163c3f-2516"
Expires: Mon, 26 Sep 2022 22:15:57 GMT
Cache-Control: max-age=0
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text
Size:   9494
Md5:    102f9d4771d6428b1dc3c9884c08b50d
Sha1:   6250988a74cd66becad95baf5065890ad5d129e9
Sha256: 33c3270c9dc5b39942cbd943a9e3b2a10153518f947b41f3e15fb79977be5e59

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /lib/jq/fb.autoSubmit.js HTTP/1.1 
Host: proteamitc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/16803-116808/64169?uid=CU46JYu4G6LNsTT1BDKCM8uGBuVKqU&prom_type=regular&prom_id=188482&pld=26L81sNgpwNGbf&answer-1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         50.19.16.20
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.22.0
Date: Mon, 26 Sep 2022 22:15:57 GMT
Content-Length: 631
Last-Modified: Mon, 12 Apr 2021 20:19:39 GMT
Connection: keep-alive
ETag: "6074ab5b-277"
Expires: Mon, 26 Sep 2022 22:15:57 GMT
Cache-Control: max-age=0
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text
Size:   631
Md5:    d1b0ab11f9d2a041be621b97140bd0de
Sha1:   03eb391c2a4ec2e17385afdb695cb458bddb4dba
Sha256: 348cf9886114edd1ab2df04571fd8e6eeb192d2da111b4ef3200caa25ce0ffae

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 22:15:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 22:15:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /lib/uri/uri.js HTTP/1.1 
Host: proteamitc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/16803-116808/64169?uid=CU46JYu4G6LNsTT1BDKCM8uGBuVKqU&prom_type=regular&prom_id=188482&pld=26L81sNgpwNGbf&answer-1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         50.19.16.20
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.22.0
Date: Mon, 26 Sep 2022 22:15:57 GMT
Content-Length: 76862
Last-Modified: Mon, 12 Apr 2021 20:19:39 GMT
Connection: keep-alive
ETag: "6074ab5b-12c3e"
Expires: Mon, 26 Sep 2022 22:15:57 GMT
Cache-Control: max-age=0
Accept-Ranges: bytes


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (1107)
Size:   76862
Md5:    64437cd33e2fa1a40e6850ee6388639e
Sha1:   809078716153b491c00852f366ca3f8d6e03df22
Sha256: 96361c580499a6dd7afa83f352fb2a27c159a39daf794e2e6813514be8a8fbe9

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 26 Sep 2022 22:15:57 GMT
date: Mon, 26 Sep 2022 22:15:57 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1640
Md5:    6b57bc24ee2184920db5b4ccb91002ee
Sha1:   1772d4bd1bd7e18756fc6386be38620e02a379cd
Sha256: cc73b314366fe146f3189a53eafcf9421265b4750d9a0ea7fbcde7d40a642356
                                        
                                            GET /mgr2odi.css HTTP/1.1 
Host: use.typekit.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.76.122
HTTP/2 200 OK
content-type: text/css;charset=utf-8
                                        
server: nginx
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 4083
date: Mon, 26 Sep 2022 22:15:57 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (520)
Size:   4083
Md5:    609b64c6359e37c88bbd245ba638b89f
Sha1:   dd850df3bcab5430f55c233b626cd8f446de3ba2
Sha256: bfee3862850ad498e1f660bd51f135340cd36894b836ea0e4ae04dbdb9abc72b
                                        
                                            GET /css2?family=Ubuntu:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 26 Sep 2022 22:15:57 GMT
date: Mon, 26 Sep 2022 22:15:57 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /lib/jq/validator/localization/jq_validation_localizations.boundled.js HTTP/1.1 
Host: proteamitc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/16803-116808/64169?uid=CU46JYu4G6LNsTT1BDKCM8uGBuVKqU&prom_type=regular&prom_id=188482&pld=26L81sNgpwNGbf&answer-1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         50.19.16.20
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.22.0
Date: Mon, 26 Sep 2022 22:15:57 GMT
Content-Length: 110384
Last-Modified: Thu, 14 Jul 2022 12:15:02 GMT
Connection: keep-alive
ETag: "62d008c6-1af30"
Expires: Mon, 26 Sep 2022 22:15:57 GMT
Cache-Control: max-age=0
Accept-Ranges: bytes


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   110384
Md5:    590cfcdcec421c852434167b135406c7
Sha1:   aa035d2388b6576bbb0657b4347b88ec7d272bd7
Sha256: 90e8f80b16e3b6ee999a5400579399c6207291f3f5476fb3951c5230d75ec3db

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 22:15:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://proteamitc.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 441710
last-modified: Wed, 11 May 2022 19:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            GET /1280x320?text=LOGO HTTP/1.1 
Host: via.placeholder.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.33.39
HTTP/2 200 OK
content-type: image/png
                                        
date: Mon, 26 Sep 2022 22:15:58 GMT
content-length: 1836
last-modified: Wed, 30 Dec 2020 14:00:06 GMT
etag: "5fec87e6-72c"
expires: Mon, 03 Oct 2022 22:15:53 GMT
cache-control: max-age=604800
x-cache: L1
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AM0uUJds6d1Hg1xMU9uiyetfKPaTEP%2B%2BFXBPkUDjtObDp3FTYsNspOvb1bS2MuZh8l0BgwB7DrbbrNmH0%2FZw8C6eVyx4d7vokhVqbCYEe5KTQ5u9bspt2rcU7KdBU8vtmY1UTtfi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750f5c7ac9380b65-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1280 x 320, 4-bit colormap, non-interlaced\012- data
Size:   1836
Md5:    c901b21688c204362c755b50dd01661c
Sha1:   21d804d25c253dbbebb24e2ec93c20e513d1aca9
Sha256: cda6d49363c0eb3be56104f772fc8c2c334c132f2829ab30c246ad19f103454a
                                        
                                            GET /css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 26 Sep 2022 22:15:57 GMT
date: Mon, 26 Sep 2022 22:15:57 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1036
Md5:    139d09782dcf0b50363e42fe7cf10e0e
Sha1:   a61cde33f949e7f614c57a11b6b52a63a330b548
Sha256: f99c2c9df6eb7286f14d2fb7236de82605a98ed8ce85604f21b08459eebf4c5d
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: proteamitc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/16803-116808/64169?uid=CU46JYu4G6LNsTT1BDKCM8uGBuVKqU&prom_type=regular&prom_id=188482&pld=26L81sNgpwNGbf&answer-1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         50.19.16.20
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: nginx/1.22.0
Date: Mon, 26 Sep 2022 22:15:58 GMT
Content-Length: 34494
Last-Modified: Wed, 14 Sep 2022 11:51:00 GMT
Connection: keep-alive
ETag: "6321c024-86be"
Expires: Mon, 26 Sep 2022 23:15:58 GMT
Cache-Control: max-age=3600
Accept-Ranges: bytes


--- Additional Info ---
Magic:  MS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel\012- data
Size:   34494
Md5:    d4a95c780824be97bc45a187ab7ad24b
Sha1:   53aeb2d44190d91ec2006379b3ddbd202b865d24
Sha256: 502322d8592de8395d6e7c2c37b18e04904e62d8f8b3caaa53858e4ebc64b692
                                        
                                            POST /16803-116808/64169?uid=CU46JYu4G6LNsTT1BDKCM8uGBuVKqU&prom_type=regular&prom_id=188482&pld=26L81sNgpwNGbf&answer-1=1 HTTP/1.1 
Host: proteamitc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 71
Origin: https://proteamitc.com
Connection: keep-alive
Referer: https://proteamitc.com/16803-116808/64169?uid=CU46JYu4G6LNsTT1BDKCM8uGBuVKqU&prom_type=regular&prom_id=188482&pld=26L81sNgpwNGbf&answer-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         50.19.16.20
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx/1.22.0
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.4.16
Cache-Control: max-age=0, must-revalidate, private
Date: Mon, 26 Sep 2022 22:15:58 GMT
Expires: Mon, 26 Sep 2022 22:15:58 GMT
Content-Encoding: gzip

                                        
                                            GET /16803-116809-typ/64169?uid=CU46JYu4G6LNsTT1BDKCM8uGBuVKqU HTTP/1.1 
Host: proteamitc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/16803-116808/64169?uid=CU46JYu4G6LNsTT1BDKCM8uGBuVKqU&prom_type=regular&prom_id=188482&pld=26L81sNgpwNGbf&answer-1=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

                                         
                                         50.19.16.20
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx/1.22.0
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.4.16
Cache-Control: no-cache, private
Date: Mon, 26 Sep 2022 22:15:58 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5908)
Size:   2894
Md5:    0ad59dd7bace5102438523214196f6bb
Sha1:   12e9119543d2a722ce0fd988c68f0f46bc2599e0
Sha256: c6c23607a9b9f5a4a30a3e4de9f22c1b126d30a132046c5ea4a8ed0d60c16b93

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /ckeditor/contents.css?t=M7OE HTTP/1.1 
Host: lp.infusemedia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Mon, 19 Sep 2022 18:46:44 GMT
If-None-Match: "6328b914-b46"

                                         
                                         23.22.88.62
HTTP/1.1 304 Not Modified
                                        
Server: nginx/1.22.0
Date: Mon, 26 Sep 2022 22:15:58 GMT
Last-Modified: Mon, 19 Sep 2022 18:46:44 GMT
Connection: keep-alive
ETag: "6328b914-b46"
Expires: Mon, 26 Sep 2022 22:15:58 GMT
Cache-Control: max-age=0

                                        
                                            GET /ckeditor/plugins/formBuilder/styles/formBuilder.css?v=1.3.1663273349128 HTTP/1.1 
Host: lp.infusemedia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.22.88.62
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.22.0
Date: Mon, 26 Sep 2022 22:15:58 GMT
Content-Length: 5201
Last-Modified: Mon, 19 Sep 2022 18:46:45 GMT
Connection: keep-alive
ETag: "6328b915-1451"
Expires: Mon, 26 Sep 2022 22:15:58 GMT
Cache-Control: max-age=0
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text
Size:   5201
Md5:    e741d2aa47efe7dda9dfe0a5014fef0e
Sha1:   30ebfe60d0832bb8114c6ba155f0ddb15c1a527c
Sha256: 68c2e3489d098db2a6e2ddba9f32ff172d1c0ff0983b9b3c3c0b59c8a850cf20
                                        
                                            GET /ckeditor/plugins/lpLinkV2/css/styles.css HTTP/1.1 
Host: lp.infusemedia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Mon, 19 Sep 2022 18:46:45 GMT
If-None-Match: "6328b915-86f"

                                         
                                         23.22.88.62
HTTP/1.1 304 Not Modified
                                        
Server: nginx/1.22.0
Date: Mon, 26 Sep 2022 22:15:58 GMT
Last-Modified: Mon, 19 Sep 2022 18:46:45 GMT
Connection: keep-alive
ETag: "6328b915-86f"
Expires: Mon, 26 Sep 2022 22:15:58 GMT
Cache-Control: max-age=0

                                        
                                            GET /lib/uri/uri.js HTTP/1.1 
Host: proteamitc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/16803-116809-typ/64169?uid=CU46JYu4G6LNsTT1BDKCM8uGBuVKqU
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Mon, 12 Apr 2021 20:19:39 GMT
If-None-Match: "6074ab5b-12c3e"

                                         
                                         50.19.16.20
HTTP/1.1 304 Not Modified
                                        
Server: nginx/1.22.0
Date: Mon, 26 Sep 2022 22:15:58 GMT
Last-Modified: Mon, 12 Apr 2021 20:19:39 GMT
Connection: keep-alive
ETag: "6074ab5b-12c3e"
Expires: Mon, 26 Sep 2022 22:15:58 GMT
Cache-Control: max-age=0


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /lpScripts/assetsBehavior.js?v=1 HTTP/1.1 
Host: proteamitc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/16803-116809-typ/64169?uid=CU46JYu4G6LNsTT1BDKCM8uGBuVKqU
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Mon, 05 Sep 2022 18:13:19 GMT
If-None-Match: "63163c3f-2516"

                                         
                                         50.19.16.20
HTTP/1.1 304 Not Modified
                                        
Server: nginx/1.22.0
Date: Mon, 26 Sep 2022 22:15:58 GMT
Last-Modified: Mon, 05 Sep 2022 18:13:19 GMT
Connection: keep-alive
ETag: "63163c3f-2516"
Expires: Mon, 26 Sep 2022 22:15:58 GMT
Cache-Control: max-age=0


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /uploads/uploadedFonts/fontsImport.css?v=1664230558 HTTP/1.1 
Host: proteamitc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/16803-116809-typ/64169?uid=CU46JYu4G6LNsTT1BDKCM8uGBuVKqU
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         50.19.16.20
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.22.0
Date: Mon, 26 Sep 2022 22:15:58 GMT
Content-Length: 101830
Last-Modified: Mon, 19 Sep 2022 21:25:17 GMT
Connection: keep-alive
ETag: "6328de3d-18dc6"
Expires: Mon, 26 Sep 2022 22:15:58 GMT
Cache-Control: max-age=0
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (508)
Size:   101830
Md5:    6536b36ddf48a6079b54f2b4ae0be765
Sha1:   63ffaf2f552dd2861b7147193dcda3b1ea51ef8d
Sha256: 1bc9d3383234ea5dad3eb27f83541f5328d36437eb6e94a3a70492a46d2d10e6

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /uploads/c_16803/logos/oam_logo_2019-1.png HTTP/1.1 
Host: proteamitc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/16803-116809-typ/64169?uid=CU46JYu4G6LNsTT1BDKCM8uGBuVKqU
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         50.19.16.20
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.22.0
Date: Mon, 26 Sep 2022 22:15:58 GMT
Content-Length: 18290
Last-Modified: Thu, 15 Sep 2022 20:17:48 GMT
Connection: keep-alive
ETag: "6323886c-4772"
Expires: Mon, 26 Sep 2022 23:15:58 GMT
Cache-Control: max-age=3600
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 257 x 197, 8-bit/color RGBA, non-interlaced\012- data
Size:   18290
Md5:    ddd06b590248da459d1939516406e8db
Sha1:   58428e3393cf8a9e3564e14a9b232b940a1b00b4
Sha256: 0b3d4de9f7a2240b4d72abfa23060ee2c6e38a50500bedd101ff273cfcaf7f9e
                                        
                                            GET /uploads/c_16803/logos/13123123.jpg HTTP/1.1 
Host: proteamitc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/16803-116809-typ/64169?uid=CU46JYu4G6LNsTT1BDKCM8uGBuVKqU
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         50.19.16.20
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx/1.22.0
Date: Mon, 26 Sep 2022 22:15:58 GMT
Content-Length: 116083
Last-Modified: Thu, 15 Sep 2022 20:18:02 GMT
Connection: keep-alive
ETag: "6323887a-1c573"
Expires: Mon, 26 Sep 2022 23:15:58 GMT
Cache-Control: max-age=3600
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [\012- TIFF image data, big-endian, direntries=3, orientation=lower-right], comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 1920x1080, components 3\012- data
Size:   116083
Md5:    38638cce3fef9a42c231d87c51751b2b
Sha1:   fe4bcb4d2d93f201fc71649c1bb34b2bd2a3d962
Sha256: 267fc829202fcfdd11fbd0557f53c3f9eef33637204eaba896ab147ce8ff15f6
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4519
Expires: Mon, 26 Sep 2022 23:31:18 GMT
Date: Mon, 26 Sep 2022 22:15:59 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4519
Expires: Mon, 26 Sep 2022 23:31:18 GMT
Date: Mon, 26 Sep 2022 22:15:59 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4519
Expires: Mon, 26 Sep 2022 23:31:18 GMT
Date: Mon, 26 Sep 2022 22:15:59 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4519
Expires: Mon, 26 Sep 2022 23:31:18 GMT
Date: Mon, 26 Sep 2022 22:15:59 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4519
Expires: Mon, 26 Sep 2022 23:31:18 GMT
Date: Mon, 26 Sep 2022 22:15:59 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae177cf-4ac0-4f54-8ede-a8325edeeae3.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9988
x-amzn-requestid: 5fb999ab-0ca6-463f-8798-79bb76b78123
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YswHTHDYoAMF6Bg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63282d61-28ed6d22293443a115c114db;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 08:50:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5IAvtj-mFlqCTikRd9IlAP66vnJG3vcCOxmZyk-MvBYsBfQNxvDZkw==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:48:10 GMT
age: 1669
etag: "de603f1d3d4b6e3e6c088e8a935975dcffa147fd"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9988
Md5:    72216fd204ede0d6ce0c62c12a1dd49d
Sha1:   de603f1d3d4b6e3e6c088e8a935975dcffa147fd
Sha256: 8fbd3ce81f46ce1c158260aaf59ca20b5f0c9466de08e370c7501799c73bc0dd
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 13213
x-amzn-requestid: fe9ec409-2757-4910-8443-5b4d3be7efd3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlATEp8oAMFd9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b9b-3230e97a4fe34413285eb578;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:37:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kRSg9NTTAgeAJgIZ_C9_rRodCX4bzGduJEvNPNHUya0Moa2vsmWSoQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:38:57 GMT
age: 2222
etag: "3d4fa8701f17e8818c25584ef5f04bfbee8440cd"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   13213
Md5:    62e68c3cd08dd94d910507512a67e85f
Sha1:   3d4fa8701f17e8818c25584ef5f04bfbee8440cd
Sha256: 058d798963f83f5fb88ab728185f755c5353fa981d93e1b6ff869089f501586b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe39ddaa9-a775-40b9-af3a-870507ff4d52.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5142
x-amzn-requestid: 5b86b092-ff60-476c-855a-d32d5f10f115
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yvz1CGInoAMF0Vw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63296686-79e9a4cb75289e1b0785d4fc;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 07:06:46 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7k1682yCSjI5mtQhFZ8S1eSMo2qYEd7HF2T58X3cbCV2112QE46zXQ==
via: 1.1 2a44ef7b9d28e74c78ffadeedcbb887c.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:49:33 GMT
age: 1586
etag: "8fbe2856a3e05ae7c45f4e35944d2835d47e4284"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5142
Md5:    e56f576ce4c320252cd028a38a1e4bde
Sha1:   8fbe2856a3e05ae7c45f4e35944d2835d47e4284
Sha256: dc5783e5d50e89d2b9c72dea55751a64157dbc9ec9be85383a6df10b5ec1a602
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffffd9a36-7835-4249-a213-06720f62ce54.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4327
x-amzn-requestid: 59493149-3c46-42c6-96aa-92c945fb4c40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlA1HzioAMFzxw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b9e-5bd13d5719a119a25650f405;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:37:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5XQYaLxNwxhN9NCIoDYRbt8U-2Tsxcx-2SqPNr64Z4YV8Bk7Eayjfg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:38:57 GMT
age: 2222
etag: "a92af0438aa2b6637c0f69dabd0be00b3a43caf8"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4327
Md5:    f9bc23ab347b5f2e2ec15d69f41f0cf0
Sha1:   a92af0438aa2b6637c0f69dabd0be00b3a43caf8
Sha256: 4382f21ee6727d4b4d21bd7d16b1821a57d9fec6c78dbf7e74bfdfbde51ec206
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9163
x-amzn-requestid: 8ccd9b1f-bef9-4591-be32-e6dd98f4ee78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlKpEZrIAMFS1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bdd-4a40b9c8281b64c725fec0f1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:38:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: bs6HOUmHOoYKDuzBoVHhcr8d4HP4bBmwUF3EtOmwKXo7ozhfaIYEvw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:39:07 GMT
age: 2212
etag: "84f5a4c8b38acde814bc790e5b514347718d5bb9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9163
Md5:    deb8d1e3b6d7fbc8c8ba478269621676
Sha1:   84f5a4c8b38acde814bc790e5b514347718d5bb9
Sha256: ed14fa766f0708b4166e83b61f160db5671af430917b7c67184bf18d9208742b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bf02f4e-91c0-455b-8378-5eae82174db7.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9737
x-amzn-requestid: a06488e4-22bb-4149-adac-b6696ab91923
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlATHzUIAMFtcw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b9b-238f1b945a8b549872c85f2a;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:37:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: qkfz02g1BMeZhFonJAWyqyQ9jBnZC4i-2ZHzO2wgJBVjC4YfvtlxCA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:38:57 GMT
age: 2222
etag: "932c74fa24b61ee1b1c672b6c19b1e736caab8d3"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9737
Md5:    3140ec95f33c36599de95b25cdade940
Sha1:   932c74fa24b61ee1b1c672b6c19b1e736caab8d3
Sha256: f7488246ca75fddc504812f4c5944a5a2494cdb14b6ef1db5fb28beca5cff194
                                        
                                            GET /16803-116809-typ/64169?uid=CU46JYu4G6LNsTT1BDKCM8uGBuVKqU&mode=file HTTP/1.1 
Host: proteamitc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/16803-116809-typ/64169?uid=CU46JYu4G6LNsTT1BDKCM8uGBuVKqU
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

                                         
                                         50.19.16.20
HTTP/1.1 200 OK
Content-Type: application/force-download
                                        
Server: nginx/1.22.0
Content-Length: 2505035
Connection: keep-alive
X-Powered-By: PHP/7.4.16
Content-transfer-encoding: binary
Content-disposition: attachment; filename="How-Messaging-Apps-Are-Redefining-the-Customer-Experience.pdf"
Cache-Control: no-cache, private
Date: Mon, 26 Sep 2022 22:15:58 GMT


--- Additional Info ---
Magic:  PDF document, version 1.3, 2 pages\012- data
Size:   2505035
Md5:    8d4a6c914656f8313fea6379e526e951
Sha1:   575f7bb0a3a36c332b22cb2136e45923bcdfba48
Sha256: 50f38af99e07004a8e03724def0a099204d956f5459bc81c00e421997b2a0d8f

Alerts:
  File Analyzers:
    - virustotal: 0/0
                                        
                                            GET /css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 26 Sep 2022 22:15:57 GMT
date: Mon, 26 Sep 2022 22:15:57 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css2?family=Noto+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 26 Sep 2022 22:15:57 GMT
date: Mon, 26 Sep 2022 22:15:57 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css2?family=Source+Sans+Pro:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700;1,900&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 26 Sep 2022 22:15:57 GMT
date: Mon, 26 Sep 2022 22:15:57 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /bootstrap/4.4.1/css/bootstrap.min.css HTTP/1.1 
Host: stackpath.bootstrapcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.10.207
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Mon, 26 Sep 2022 22:15:57 GMT
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:09 GMT
cdn-cachedat: 08/03/2021 15:16:56
cdn-edgestorageid: 601
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-proxyver: 1.0
cdn-status: 200
cdn-requestid: d6b43e13ddbcd4f60dded6d39b2abed5
cdn-cache: HIT
cf-cache-status: HIT
age: 9671545
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 750f5c783972b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 26 Sep 2022 22:15:57 GMT
date: Mon, 26 Sep 2022 22:15:57 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css?family=Muli HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proteamitc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 26 Sep 2022 22:15:57 GMT
date: Mon, 26 Sep 2022 22:15:57 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---