Overview

URL curatedpromoinfo.com/16459-120932/62570?uid=K1iiRpRHe4owTsn423RVJyNu2QG9cvZx6hb&prom_type=regular&prom_id=190264&pld=26L81sNgpwNGbf&answer=1
IP23.21.213.51
ASNAMAZON-AES
Location United States
Report completed2022-10-05 22:26:22 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-10-05 2 curatedpromoinfo.com/ckeditor/contents.css?t=M7OE Phishing
2022-10-05 2 curatedpromoinfo.com/ckeditor/plugins/formBuilder/styles/formBuilder.css?v= (...) Phishing
2022-10-05 2 curatedpromoinfo.com/uploads/uploadedFonts/fontsImport.css?v=1665008772 Phishing
2022-10-05 2 curatedpromoinfo.com/lib/jq/validator/fb.validation.js Phishing
2022-10-05 2 curatedpromoinfo.com/lib/jq/cqParams/fb.cqParams.js Phishing
2022-10-05 2 curatedpromoinfo.com/lib/jq/fb.utils.js Phishing
2022-10-05 2 curatedpromoinfo.com/lib/jq/otherInput/fb.otherInput.js Phishing
2022-10-05 2 curatedpromoinfo.com/lib/jq/fb.autoSubmit.js Phishing
2022-10-05 2 curatedpromoinfo.com/lpScripts/assetsBehavior.js?v=1 Phishing
2022-10-05 2 curatedpromoinfo.com/lib/uri/uri.js Phishing
2022-10-05 2 curatedpromoinfo.com/lib/jq/validator/localization/jq_validation_localizati (...) Phishing
2022-10-05 2 curatedpromoinfo.com/16459-120931-typ/62570?uid=K1iiRpRHe4owTsn423RVJyNu2QG (...) Phishing
2022-10-05 2 curatedpromoinfo.com/ckeditor/contents.css?t=M7OE Phishing
2022-10-05 2 curatedpromoinfo.com/ckeditor/plugins/formBuilder/styles/formBuilder.css?v= (...) Phishing
2022-10-05 2 curatedpromoinfo.com/lib/uri/uri.js Phishing
2022-10-05 2 curatedpromoinfo.com/lpScripts/assetsBehavior.js?v=1 Phishing
2022-10-05 2 curatedpromoinfo.com/uploads/c_16459/logos/liferaft_logo_black.svg Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

URL r3.o.lencr.org/
IP  23.36.77.32
Magic gzip compressed data, max compression\012- data
Size 996
MD5 7396a393623a9e415aab96f457dd9359
SHA1 bdbb74c0dc1453848eb11c291764962de6b9f579
SHA256 f913c0283ea0179e0344d838a23c6e0ddfab99e5631b465b92d2d3d63f6ee88d
Analyzer Analysed Verdict Comment
VirusTotal 0/0
URL curatedpromoinfo.com/16459-120931-typ/62570?uid=K1iiRpRHe4owTsn423RVJyNu2QG (...)
IP  23.21.213.51
Magic PDF document, version 1.4, 1 pages\012- data
Size 116557
MD5 c2b528f5f42e61e32332122d8041d465
SHA1 b074c472b1382cdcbf613a746c47cefe1c4608ca
SHA256 588f7fbc4cdc0afb2921e10b3b57e497b462f647cc80d0fc97504e2173ae4054
Analyzer Analysed Verdict Comment
VirusTotal 0/0


Passive DNS (19)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS curatedpromoinfo.com (25) 0 2021-10-30 05:22:17 UTC 2022-10-05 21:26:47 UTC 23.21.213.51 Unknown ranking
mnemonic passive DNS cdn.jsdelivr.net (2) 439 2012-09-30 00:15:09 UTC 2022-10-05 16:29:44 UTC 151.101.85.229
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-10-05 09:14:56 UTC 34.218.168.248
mnemonic passive DNS use.typekit.net (1) 494 2012-07-05 01:42:39 UTC 2022-10-05 05:13:55 UTC 23.36.76.186
mnemonic passive DNS stackpath.bootstrapcdn.com (1) 2467 2018-04-05 04:41:29 UTC 2022-10-05 11:39:56 UTC 104.18.10.207
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-10-05 14:02:21 UTC 54.230.111.35
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-10-05 06:03:19 UTC 54.230.111.99
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-10-05 16:07:29 UTC 93.184.220.29
mnemonic passive DNS ocsp.pki.goog (6) 175 2017-06-14 07:23:31 UTC 2022-10-05 06:59:18 UTC 142.250.74.3
mnemonic passive DNS fonts.googleapis.com (8) 8877 2013-06-10 20:14:26 UTC 2022-10-05 17:39:00 UTC 142.250.74.10
mnemonic passive DNS fonts.gstatic.com (3) 0 2014-08-29 13:43:22 UTC 2022-10-05 11:30:49 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS r3.o.lencr.org (7) 344 2020-12-02 08:52:13 UTC 2022-10-05 07:13:38 UTC 23.36.77.32
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-05 05:01:05 UTC 34.117.237.239
mnemonic passive DNS ocsp.globalsign.com (1) 2075 2012-05-25 06:20:55 UTC 2022-10-05 11:38:58 UTC 104.18.20.226
mnemonic passive DNS via.placeholder.com (1) 26595 2021-04-12 05:15:36 UTC 2022-10-05 16:32:11 UTC 104.21.33.39
mnemonic passive DNS cdnjs.cloudflare.com (2) 235 2020-10-20 10:17:36 UTC 2022-10-05 11:30:49 UTC 104.17.24.14
mnemonic passive DNS polyfill.io (1) 102644 2016-02-12 00:04:58 UTC 2022-10-05 17:51:27 UTC 151.101.1.26
mnemonic passive DNS p.typekit.net (1) 620 2012-05-23 14:28:57 UTC 2022-10-05 07:26:33 UTC 23.36.76.186
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-10-05 12:33:02 UTC 34.120.237.76


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 23.21.213.51

Date UQ / IDS / BL URL IP
2022-12-06 00:45:16 +0000
0 - 0 - 7 curatednetworkit.com/19296-134666/74636?uid=a (...) 23.21.213.51
2022-12-04 10:27:18 +0000
0 - 0 - 4 networkdeliveryitc.com/16788-116598/unsubscri (...) 23.21.213.51
2022-12-04 09:27:59 +0000
0 - 0 - 4 networkdeliveryitc.com/16788-116598/unsubscri (...) 23.21.213.51
2022-12-02 20:05:18 +0000
0 - 0 - 7 itcsyndicateinsights.com/19228-134278/74422?u (...) 23.21.213.51
2022-12-01 23:32:05 +0000
0 - 0 - 6 acuitytechnologycontentcuration.com/14740-101 (...) 23.21.213.51

Last 5 reports on ASN: AMAZON-AES

Date UQ / IDS / BL URL IP
2022-12-06 22:59:17 +0000
0 - 0 - 0 44.200.166.191 44.200.166.191
2022-12-06 22:54:23 +0000
0 - 0 - 2 techfirmsappointmentsetterapp.click/ 52.72.49.79
2022-12-06 21:59:15 +0000
0 - 0 - 10 fundacionmetropolitana.org/ola/index.php?QBOT.zip 52.206.242.122
2022-12-06 20:02:20 +0000
0 - 0 - 1 monthlysweeps.us/go/to/23msee/key/d30b2568234 (...) 54.161.16.68
2022-12-06 20:02:20 +0000
0 - 0 - 1 monthlysweeps.us/go/to/23msee/key/d30b2568234 (...) 54.161.16.68

Last 2 reports on domain: curatedpromoinfo.com

Date UQ / IDS / BL URL IP
2022-10-06 08:40:12 +0000
0 - 0 - 17 curatedpromoinfo.com/16459-120932/62570?uid=K (...) 23.21.213.51
2022-10-05 22:26:22 +0000
0 - 0 - 17 curatedpromoinfo.com/16459-120932/62570?uid=K (...) 23.21.213.51

Last 1 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-10-06 08:40:12 +0000
0 - 0 - 17 curatedpromoinfo.com/16459-120932/62570?uid=K (...) 23.21.213.51


JavaScript

Executed Scripts (16)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (71)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: tHQoa2BSkLWkwbHfe9X0m9X4TK4hiquWT9P_MIcWPmDvJ9d8MvLwMQ==
Age: 23933


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            GET /16459-120932/62570?uid=K1iiRpRHe4owTsn423RVJyNu2QG9cvZx6hb&prom_type=regular&prom_id=190264&pld=26L81sNgpwNGbf&answer=1 HTTP/1.1 
Host: curatedpromoinfo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         23.21.213.51
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx/1.22.0
Date: Wed, 05 Oct 2022 22:26:11 GMT
Content-Length: 169
Connection: keep-alive
Location: https://curatedpromoinfo.com/16459-120932/62570?uid=K1iiRpRHe4owTsn423RVJyNu2QG9cvZx6hb&prom_type=regular&prom_id=190264&pld=26L81sNgpwNGbf&answer=1


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   169
Md5:    b51956ed2a6129f43c5d0ecc011cc5a5
Sha1:   c03157aff80067b6b57903d3843b9fd9e07b33ab
Sha256: 1ac63374d015eee8d9d875502aa63981dbeb9d86a14096de0d504763808e429b
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "AB48F17E54075E1ECF034278E82BCACD2E3689773186CC84FBA9B79AAC907294"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13756
Expires: Thu, 06 Oct 2022 02:15:27 GMT
Date: Wed, 05 Oct 2022 22:26:11 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.99
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 05 Oct 2022 04:02:33 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
x-cache: Hit from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gV52B31F8g_E2FXRnuApQWOhLWkjg63Lyv5BVmnmTWBny8-orAi8dg==
age: 66219
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    67d5a988edcda47bc3b3b3f65d32b4b6
Sha1:   d4f0e0da8b3690cc7da925026d3414b68c7d954f
Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 05 Oct 2022 22:26:11 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "ABD9F5A28BEAA2328B5B8B9940FE32ABD6F88DB344132B4EBB15AE7EC9AD583E"
Last-Modified: Mon, 03 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21498
Expires: Thu, 06 Oct 2022 04:24:30 GMT
Date: Wed, 05 Oct 2022 22:26:12 GMT
Connection: keep-alive

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Wed, 05 Oct 2022 21:55:50 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Wed, 05 Oct 2022 21:49:19 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Ht7EGquPceUfFUXi20yIdK9d2i5bCMmdzw2GCUkqEtRujMFcwjn3tA==
Age: 3399


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /16459-120932/62570?uid=K1iiRpRHe4owTsn423RVJyNu2QG9cvZx6hb&prom_type=regular&prom_id=190264&pld=26L81sNgpwNGbf&answer=1 HTTP/1.1 
Host: curatedpromoinfo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         23.21.213.51
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx/1.22.0
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.4.16
Cache-Control: max-age=0, must-revalidate, private
Date: Wed, 05 Oct 2022 22:26:12 GMT
Expires: Wed, 05 Oct 2022 22:26:12 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (15037)
Size:   8188
Md5:    dad961a0323869a7bd8ceae61c52505a
Sha1:   6b132dc9e4927462926d297cd793922e40c96a2d
Sha256: 21b2662b8b96b865c570d9005917bfded23882dc6eb16650da13ff6cd3a97621
                                        
                                            GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://curatedpromoinfo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.24.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 05 Oct 2022 22:26:12 GMT
content-length: 27958
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb09ed3-15d84"
last-modified: Mon, 04 May 2020 23:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 10452476
expires: Mon, 25 Sep 2023 22:26:12 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CW6%2FEKfu7UiAWCuffZ84xGrPgjR7v2Glqu%2BCADiaRjZU6vxcjnrErwn%2FibM8XOu6TC7CZCtYq9c9RT15Rope2A7kK0d%2FX10eUQiu3AxcRIsZZNC6HR4INoifUxhyPtcw%2FLym0A3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 755993dc7fb4b521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   27958
Md5:    4b5f47439b640180cc3450f7de05d0d8
Sha1:   5a0dc9bcab80ddc409dd35fcb00a88fe6846fee2
Sha256: 1f85e8b327f42c17c025d69849914068536d9aa95412fe473ae90ffb2f4ebd82
                                        
                                            GET /ckeditor/contents.css?t=M7OE HTTP/1.1 
Host: curatedpromoinfo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://curatedpromoinfo.com/16459-120932/62570?uid=K1iiRpRHe4owTsn423RVJyNu2QG9cvZx6hb&prom_type=regular&prom_id=190264&pld=26L81sNgpwNGbf&answer=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         23.21.213.51
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.22.0
Date: Wed, 05 Oct 2022 22:26:12 GMT
Content-Length: 2886
Last-Modified: Wed, 05 Oct 2022 16:51:35 GMT
Connection: keep-alive
ETag: "633db617-b46"
Expires: Wed, 05 Oct 2022 22:26:12 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text
Size:   2886
Md5:    ea34863bd1770c4274d7ed7c58449f2a
Sha1:   1aefe351289c27d7b741cd38baaaad3398e306ba
Sha256: 43b78285c786c968e35d8a44aafb06df291e840e106bd01ddf36df96ce84ff5d

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /ajax/libs/select2/4.0.13/js/select2.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://curatedpromoinfo.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.24.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 05 Oct 2022 22:26:12 GMT
content-length: 16456
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5ecc8659-114c3"
last-modified: Tue, 26 May 2020 03:00:41 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2829145
expires: Mon, 25 Sep 2023 22:26:12 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xSNul29lUbs2TclJML%2BmnH5yGeZ1p0gZLxvd%2FyDJvD9WqQaMcgrZqGT8sEBezQHUNdOTSxTyAa2hzOTbqEtxThLSnXkSDPVP%2BpOCwAXX%2BW4bS%2FJPDQ1EmMCpwbeGj2T6JGb6jk8B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 755993dcbfc7b529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (64131)
Size:   16456
Md5:    e969f2fd683c8d12ccbfa6ec0487dadf
Sha1:   4efb5abd97f96f324fd3bd64902a02e4a8a3d3af
Sha256: 10375c0c9bd1d60f996e3b7eef19ada49ebc3790f78742204cef7026754d2ac2
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5798
Cache-Control: 'max-age=158059'
Date: Wed, 05 Oct 2022 22:26:12 GMT
Last-Modified: Wed, 05 Oct 2022 20:49:34 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v3/polyfill.min.js?version=3.52.1&features=URL%2CURLSearchParams%2Ces5%2Ces6%2Ces7 HTTP/1.1 
Host: polyfill.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://curatedpromoinfo.com
Connection: keep-alive
Referer: https://curatedpromoinfo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.1.26
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
last-modified: Mon, 03 Oct 2022 05:56:05 GMT
content-encoding: br
age: 0
accept-ranges: bytes
useragent_normaliser: firefox/96.0.0
date: Wed, 05 Oct 2022 22:26:12 GMT
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
vary: User-Agent, Accept-Encoding
server-timing: cache-bma1627, PASS, fastly;desc="Edge time";dur=14
content-length: 74
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   74
Md5:    bdb6d8e9b581dfbdb87566776ede0cbd
Sha1:   d18cdeacd5c146b34919955e97e51b7db50d0d9b
Sha256: fe35c33df2fa5edeac1dbbe512a6e92c5b1e7fb5c204df818e23ea07b5121add
                                        
                                            GET /npm/jquery-validation@1.19.1/dist/jquery.validate.min.js HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://curatedpromoinfo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.229
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 1.19.1
x-jsd-version-type: version
etag: W/"5f38-DaTFNbUL203/o7X64+mZru4TfLU"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 05 Oct 2022 22:26:12 GMT
age: 1979042
x-served-by: cache-fra19121-FRA, cache-bma1671-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7815
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (24237)
Size:   7815
Md5:    144d2fdbeb2ac0a55e26fd4d3bcb6aa7
Sha1:   7b00473f6a8170bcb0573cec68acea35684250c7
Sha256: 5e9ecf8613ebbaae3c171d1ba18e6af51d41ed136730e2764784f12679fda526
                                        
                                            POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 22:26:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "66DB4778E007EE41A0B3D349F57312BA9EF2EC87"
Expires: Thu, 06 Oct 2022 09:00:00 GMT
Last-Modified: Wed, 05 Oct 2022 21:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1600
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755993dd19980afe-OSL


--- Additional Info ---
Magic:  data
Size:   1462
Md5:    1c39c9734fe1e01c57e58d561c0e7d9d
Sha1:   ebd83a16e10e43fa0f9d5b16ca44a66bf581e65a
Sha256: 4b97099726dbf2cdea6634a9245f4ba8c2140ba387f664063604bc6c1c14c98f
                                        
                                            GET /ckeditor/plugins/formBuilder/styles/formBuilder.css?v=1.3.1664830988399 HTTP/1.1 
Host: curatedpromoinfo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://curatedpromoinfo.com/16459-120932/62570?uid=K1iiRpRHe4owTsn423RVJyNu2QG9cvZx6hb&prom_type=regular&prom_id=190264&pld=26L81sNgpwNGbf&answer=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         23.21.213.51
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.22.0
Date: Wed, 05 Oct 2022 22:26:12 GMT
Content-Length: 5201
Last-Modified: Wed, 05 Oct 2022 16:51:35 GMT
Connection: keep-alive
ETag: "633db617-1451"
Expires: Wed, 05 Oct 2022 22:26:12 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text
Size:   5201
Md5:    e741d2aa47efe7dda9dfe0a5014fef0e
Sha1:   30ebfe60d0832bb8114c6ba155f0ddb15c1a527c
Sha256: 68c2e3489d098db2a6e2ddba9f32ff172d1c0ff0983b9b3c3c0b59c8a850cf20

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /ckeditor/plugins/lpLinkV2/css/styles.css HTTP/1.1 
Host: curatedpromoinfo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://curatedpromoinfo.com/16459-120932/62570?uid=K1iiRpRHe4owTsn423RVJyNu2QG9cvZx6hb&prom_type=regular&prom_id=190264&pld=26L81sNgpwNGbf&answer=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         23.21.213.51
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.22.0
Date: Wed, 05 Oct 2022 22:26:12 GMT
Content-Length: 2159
Last-Modified: Wed, 05 Oct 2022 16:51:35 GMT
Connection: keep-alive
ETag: "633db617-86f"
Expires: Wed, 05 Oct 2022 22:26:12 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (2158)
Size:   2159
Md5:    20944bcec784ce7e2b95b62808da9869
Sha1:   29fa6fc754e5f8cda684cfcadad4b996f7404e61
Sha256: 479da2477e3d7631c8cca6c411d1b2afad9d5e66bc6bb7acc8b1bdafadd75499
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 395uy8/hzJMuxQInh5P3iQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         34.218.168.248
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: UMqUo7e5J9y7xcx3UddyLs4CYAY=

                                        
                                            GET /uploads/uploadedFonts/fontsImport.css?v=1665008772 HTTP/1.1 
Host: curatedpromoinfo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://curatedpromoinfo.com/16459-120932/62570?uid=K1iiRpRHe4owTsn423RVJyNu2QG9cvZx6hb&prom_type=regular&prom_id=190264&pld=26L81sNgpwNGbf&answer=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         23.21.213.51
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.22.0
Date: Wed, 05 Oct 2022 22:26:12 GMT
Content-Length: 106944
Last-Modified: Fri, 30 Sep 2022 17:07:54 GMT
Connection: keep-alive
ETag: "6337226a-1a1c0"
Expires: Wed, 05 Oct 2022 22:26:12 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (508)
Size:   106944
Md5:    ecb29844ed441bdf0e28380b6f24456f
Sha1:   07efbd1946a2e2247184c77e5a291ef20db3f536
Sha256: 43dfbaa0c54d1d602b8d154ac21ac68ff48d7df10dec661fb0dc83a529241c4c

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /lib/jq/validator/fb.validation.js HTTP/1.1 
Host: curatedpromoinfo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://curatedpromoinfo.com/16459-120932/62570?uid=K1iiRpRHe4owTsn423RVJyNu2QG9cvZx6hb&prom_type=regular&prom_id=190264&pld=26L81sNgpwNGbf&answer=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         23.21.213.51
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.22.0
Date: Wed, 05 Oct 2022 22:26:12 GMT
Content-Length: 2011
Last-Modified: Wed, 09 Jun 2021 11:25:31 GMT
Connection: keep-alive
ETag: "60c0a52b-7db"
Expires: Wed, 05 Oct 2022 22:26:12 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text
Size:   2011
Md5:    60f78449c35e69490026e3f739d322dc
Sha1:   a0f988cad0941c050d4ecbe1d58f450193c604d2
Sha256: ee75b43f5de847b148b9ed76c06b5db9566ba8da3ac35c726ed43ef9f9b2c3e3

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /lib/jq/cqParams/fb.cqParams.js HTTP/1.1 
Host: curatedpromoinfo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://curatedpromoinfo.com/16459-120932/62570?uid=K1iiRpRHe4owTsn423RVJyNu2QG9cvZx6hb&prom_type=regular&prom_id=190264&pld=26L81sNgpwNGbf&answer=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         23.21.213.51
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.22.0
Date: Wed, 05 Oct 2022 22:26:12 GMT
Content-Length: 2815
Last-Modified: Tue, 14 Sep 2021 10:49:24 GMT
Connection: keep-alive
ETag: "61407e34-aff"
Expires: Wed, 05 Oct 2022 22:26:12 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text
Size:   2815
Md5:    55159908ed60d22fd3992732aa7e42d3
Sha1:   57976f1953d1da224e9746296eaac849d69dc5f3
Sha256: c6b1e77cd2f103d2fa292bf088a9680848a4f94b6c1ef6ee2017c2ba530a03c5

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /lib/jq/fb.utils.js HTTP/1.1 
Host: curatedpromoinfo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://curatedpromoinfo.com/16459-120932/62570?uid=K1iiRpRHe4owTsn423RVJyNu2QG9cvZx6hb&prom_type=regular&prom_id=190264&pld=26L81sNgpwNGbf&answer=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         23.21.213.51
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.22.0
Date: Wed, 05 Oct 2022 22:26:12 GMT
Content-Length: 17827
Last-Modified: Mon, 12 Sep 2022 09:24:07 GMT
Connection: keep-alive
ETag: "631efab7-45a3"
Expires: Wed, 05 Oct 2022 22:26:12 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
Accept-Ranges: bytes


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   17827
Md5:    ae4404875fed763d83013c881e85a0ee
Sha1:   b816ad607b6a4a89b901447ad513abbbf7fd16a9
Sha256: 827810c0c757314f1071132a70efabdf940d7a259cf21bc99f008f96f0859637

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 22:26:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 22:26:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 22:26:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 22:26:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /lib/jq/otherInput/fb.otherInput.js HTTP/1.1 
Host: curatedpromoinfo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://curatedpromoinfo.com/16459-120932/62570?uid=K1iiRpRHe4owTsn423RVJyNu2QG9cvZx6hb&prom_type=regular&prom_id=190264&pld=26L81sNgpwNGbf&answer=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         23.21.213.51
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.22.0
Date: Wed, 05 Oct 2022 22:26:12 GMT
Content-Length: 2326
Last-Modified: Tue, 25 May 2021 16:06:10 GMT
Connection: keep-alive
ETag: "60ad2072-916"
Expires: Wed, 05 Oct 2022 22:26:12 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text
Size:   2326
Md5:    f49a975af41186993c4e9375ab2811a9
Sha1:   3ff5af70425851ca10b47e5e9a730466f0ec0d07
Sha256: da384cdad429313cc5b5e7579c3dd5e547273095b9b2f14e598bfc46ed3544c7

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 22:26:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /lib/jq/fb.autoSubmit.js HTTP/1.1 
Host: curatedpromoinfo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://curatedpromoinfo.com/16459-120932/62570?uid=K1iiRpRHe4owTsn423RVJyNu2QG9cvZx6hb&prom_type=regular&prom_id=190264&pld=26L81sNgpwNGbf&answer=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         23.21.213.51
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.22.0
Date: Wed, 05 Oct 2022 22:26:12 GMT
Content-Length: 631
Last-Modified: Mon, 12 Apr 2021 20:19:39 GMT
Connection: keep-alive
ETag: "6074ab5b-277"
Expires: Wed, 05 Oct 2022 22:26:12 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text
Size:   631
Md5:    d1b0ab11f9d2a041be621b97140bd0de
Sha1:   03eb391c2a4ec2e17385afdb695cb458bddb4dba
Sha256: 348cf9886114edd1ab2df04571fd8e6eeb192d2da111b4ef3200caa25ce0ffae

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /lpScripts/assetsBehavior.js?v=1 HTTP/1.1 
Host: curatedpromoinfo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://curatedpromoinfo.com/16459-120932/62570?uid=K1iiRpRHe4owTsn423RVJyNu2QG9cvZx6hb&prom_type=regular&prom_id=190264&pld=26L81sNgpwNGbf&answer=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         23.21.213.51
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.22.0
Date: Wed, 05 Oct 2022 22:26:12 GMT
Content-Length: 9494
Last-Modified: Mon, 05 Sep 2022 18:13:19 GMT
Connection: keep-alive
ETag: "63163c3f-2516"
Expires: Wed, 05 Oct 2022 22:26:12 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text
Size:   9494
Md5:    102f9d4771d6428b1dc3c9884c08b50d
Sha1:   6250988a74cd66becad95baf5065890ad5d129e9
Sha256: 33c3270c9dc5b39942cbd943a9e3b2a10153518f947b41f3e15fb79977be5e59

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /lib/uri/uri.js HTTP/1.1 
Host: curatedpromoinfo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://curatedpromoinfo.com/16459-120932/62570?uid=K1iiRpRHe4owTsn423RVJyNu2QG9cvZx6hb&prom_type=regular&prom_id=190264&pld=26L81sNgpwNGbf&answer=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         23.21.213.51
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.22.0
Date: Wed, 05 Oct 2022 22:26:12 GMT
Content-Length: 76862
Last-Modified: Mon, 12 Apr 2021 20:19:39 GMT
Connection: keep-alive
ETag: "6074ab5b-12c3e"
Expires: Wed, 05 Oct 2022 22:26:12 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
Accept-Ranges: bytes


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (1107)
Size:   76862
Md5:    64437cd33e2fa1a40e6850ee6388639e
Sha1:   809078716153b491c00852f366ca3f8d6e03df22
Sha256: 96361c580499a6dd7afa83f352fb2a27c159a39daf794e2e6813514be8a8fbe9

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 22:26:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /lib/jq/validator/localization/jq_validation_localizations.boundled.js HTTP/1.1 
Host: curatedpromoinfo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://curatedpromoinfo.com/16459-120932/62570?uid=K1iiRpRHe4owTsn423RVJyNu2QG9cvZx6hb&prom_type=regular&prom_id=190264&pld=26L81sNgpwNGbf&answer=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         23.21.213.51
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.22.0
Date: Wed, 05 Oct 2022 22:26:12 GMT
Content-Length: 110384
Last-Modified: Thu, 14 Jul 2022 12:15:02 GMT
Connection: keep-alive
ETag: "62d008c6-1af30"
Expires: Wed, 05 Oct 2022 22:26:12 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
Accept-Ranges: bytes


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   110384
Md5:    590cfcdcec421c852434167b135406c7
Sha1:   aa035d2388b6576bbb0657b4347b88ec7d272bd7
Sha256: 90e8f80b16e3b6ee999a5400579399c6207291f3f5476fb3951c5230d75ec3db

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /mgr2odi.css HTTP/1.1 
Host: use.typekit.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://curatedpromoinfo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.76.186
HTTP/2 200 OK
content-type: text/css;charset=utf-8
                                        
server: nginx
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 4083
date: Wed, 05 Oct 2022 22:26:13 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (520)
Size:   4083
Md5:    609b64c6359e37c88bbd245ba638b89f
Sha1:   dd850df3bcab5430f55c233b626cd8f446de3ba2
Sha256: bfee3862850ad498e1f660bd51f135340cd36894b836ea0e4ae04dbdb9abc72b
                                        
                                            GET /p.css?s=1&k=mgr2odi&ht=tk&f=137.138.139.140.169.170.171.172.173.174.175.176.5474.5475.25136.25137.143.144.147.148.156.157.161.162.2003.2004.2005.2006.2007.2008.2009.2010.2011.2012.9938.9939.39002.39004.12046.12047.12048.12049.12050.12051.12053.12054.12055.12056.17398.17399.17400.17401.22618.22619.14032.14033.14034.14035.26425.26426.35617.35620.26435.35615.26438.26439.35630.35633.26448.35628.26893.26894.26897.26898.26909.26910.26913.26914.29382.29383&a=14392602&app=typekit&e=css HTTP/1.1 
Host: p.typekit.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         23.36.76.186
HTTP/2 200 OK
content-type: text/css
                                        
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
etag: "613bee4d-5"
last-modified: Fri, 10 Sep 2021 23:46:21 GMT
server: nginx
content-length: 5
unused62: 8096267
date: Wed, 05 Oct 2022 22:26:13 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   5
Md5:    83d24d4b43cc7eef2b61e66c95f3d158
Sha1:   f0cafc285ee23bb6c28c5166f305493c4331c84d
Sha256: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
                                        
                                            GET /css2?family=Source+Sans+Pro:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700;1,900&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://curatedpromoinfo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 05 Oct 2022 22:26:12 GMT
date: Wed, 05 Oct 2022 22:26:12 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1624
Md5:    cdb020b8b25396e5ed9d61629ae2b7b2
Sha1:   c16ee7d9f154f06796cd1ee402fb4943ace9f550
Sha256: 2d5934eedb991ad0f75c6ae142a6f88200d28b51f2db639a68ef8742eb96a162
                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://curatedpromoinfo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 19:34:08 GMT
expires: Thu, 05 Oct 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 10325
last-modified: Wed, 11 May 2022 19:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            GET /1280x320?text=LOGO HTTP/1.1 
Host: via.placeholder.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://curatedpromoinfo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.33.39
HTTP/2 200 OK
content-type: image/png
                                        
date: Wed, 05 Oct 2022 22:26:13 GMT
content-length: 1836
last-modified: Wed, 30 Dec 2020 14:00:06 GMT
etag: "5fec87e6-72c"
expires: Wed, 12 Oct 2022 22:26:07 GMT
cache-control: max-age=604800
x-cache: L1
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8QGNIRWqQjCTpZzIBkcN7L9OQygrXh3fiICbxOTRSojmSqonRR8Xh1jZLwRdqv%2BH5hk5zMFEDDWiNQ1Gu3pC5kVxt%2BlBOj6xS8rzDaqfLhWQCAswUt9PPXQabs%2BFGHWFDVi3Vegp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 755993dfc98db50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1280 x 320, 4-bit colormap, non-interlaced\012- data
Size:   1836
Md5:    c901b21688c204362c755b50dd01661c
Sha1:   21d804d25c253dbbebb24e2ec93c20e513d1aca9
Sha256: cda6d49363c0eb3be56104f772fc8c2c334c132f2829ab30c246ad19f103454a
                                        
                                            GET /css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://curatedpromoinfo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 05 Oct 2022 22:26:12 GMT
date: Wed, 05 Oct 2022 22:26:12 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1640
Md5:    d377b90c1e05c2802c9cc9d3306c488c
Sha1:   7d316db9512b63d2a5440ca743ab4f062576cfa4
Sha256: b2167f1974424809a92d4bc7c5b47e63d65582147d1b243c27f692617ae065ec
                                        
                                            POST /16459-120932/62570?uid=K1iiRpRHe4owTsn423RVJyNu2QG9cvZx6hb&prom_type=regular&prom_id=190264&pld=26L81sNgpwNGbf&answer=1 HTTP/1.1 
Host: curatedpromoinfo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 102
Origin: https://curatedpromoinfo.com
Connection: keep-alive
Referer: https://curatedpromoinfo.com/16459-120932/62570?uid=K1iiRpRHe4owTsn423RVJyNu2QG9cvZx6hb&prom_type=regular&prom_id=190264&pld=26L81sNgpwNGbf&answer=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         23.21.213.51
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx/1.22.0
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.4.16
Cache-Control: max-age=0, must-revalidate, private
Date: Wed, 05 Oct 2022 22:26:13 GMT
Expires: Wed, 05 Oct 2022 22:26:13 GMT
Content-Encoding: gzip

                                        
                                            GET /16459-120931-typ/62570?uid=K1iiRpRHe4owTsn423RVJyNu2QG9cvZx6hb HTTP/1.1 
Host: curatedpromoinfo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://curatedpromoinfo.com/16459-120932/62570?uid=K1iiRpRHe4owTsn423RVJyNu2QG9cvZx6hb&prom_type=regular&prom_id=190264&pld=26L81sNgpwNGbf&answer=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

                                         
                                         23.21.213.51
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx/1.22.0
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.4.16
Cache-Control: no-cache, private
Date: Wed, 05 Oct 2022 22:26:13 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1343)
Size:   5127
Md5:    499e03c3c9fda925101d633f46a8e3b4
Sha1:   84c30c931008d3d51b290aa2b0b278c009ace63b
Sha256: 958aac357ec4bc1e346e88346365223e6400bfdb41e1da908263145a8349c51d

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /npm/bootstrap@5.1.3/dist/css/bootstrap.min.css HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://curatedpromoinfo.com
Connection: keep-alive
Referer: https://curatedpromoinfo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.229
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 5.1.3
x-jsd-version-type: version
etag: W/"28021-7Ba9Gb9K6bwuIzasQJpQO7varK0"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 05 Oct 2022 22:26:13 GMT
age: 13810929
x-served-by: cache-fra19136-FRA, cache-bma1622-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23938
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65306)
Size:   23938
Md5:    57a992194d8a5b4bbd4ade561fd348bb
Sha1:   bb66f00fe168c6df50af51abdededdfceb15c59f
Sha256: be95ec6ab71f5fa87401a698cb9566490258fa9012bb0e8467920b0f74163a0a
                                        
                                            GET /ckeditor/contents.css?t=M7OE HTTP/1.1 
Host: curatedpromoinfo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://curatedpromoinfo.com/16459-120931-typ/62570?uid=K1iiRpRHe4owTsn423RVJyNu2QG9cvZx6hb
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Wed, 05 Oct 2022 16:51:35 GMT
If-None-Match: "633db617-b46"

                                         
                                         23.21.213.51
HTTP/1.1 304 Not Modified
                                        
Server: nginx/1.22.0
Date: Wed, 05 Oct 2022 22:26:13 GMT
Last-Modified: Wed, 05 Oct 2022 16:51:35 GMT
Connection: keep-alive
ETag: "633db617-b46"
Expires: Wed, 05 Oct 2022 22:26:13 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /ckeditor/plugins/formBuilder/styles/formBuilder.css?v=1.3.1664830751847 HTTP/1.1 
Host: curatedpromoinfo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://curatedpromoinfo.com/16459-120931-typ/62570?uid=K1iiRpRHe4owTsn423RVJyNu2QG9cvZx6hb
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         23.21.213.51
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.22.0
Date: Wed, 05 Oct 2022 22:26:13 GMT
Content-Length: 5201
Last-Modified: Wed, 05 Oct 2022 16:51:35 GMT
Connection: keep-alive
ETag: "633db617-1451"
Expires: Wed, 05 Oct 2022 22:26:13 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text
Size:   5201
Md5:    e741d2aa47efe7dda9dfe0a5014fef0e
Sha1:   30ebfe60d0832bb8114c6ba155f0ddb15c1a527c
Sha256: 68c2e3489d098db2a6e2ddba9f32ff172d1c0ff0983b9b3c3c0b59c8a850cf20

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /ckeditor/plugins/lpLinkV2/css/styles.css HTTP/1.1 
Host: curatedpromoinfo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://curatedpromoinfo.com/16459-120931-typ/62570?uid=K1iiRpRHe4owTsn423RVJyNu2QG9cvZx6hb
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Wed, 05 Oct 2022 16:51:35 GMT
If-None-Match: "633db617-86f"

                                         
                                         23.21.213.51
HTTP/1.1 304 Not Modified
                                        
Server: nginx/1.22.0
Date: Wed, 05 Oct 2022 22:26:13 GMT
Last-Modified: Wed, 05 Oct 2022 16:51:35 GMT
Connection: keep-alive
ETag: "633db617-86f"
Expires: Wed, 05 Oct 2022 22:26:13 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *

                                        
                                            GET /lib/uri/uri.js HTTP/1.1 
Host: curatedpromoinfo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://curatedpromoinfo.com/16459-120931-typ/62570?uid=K1iiRpRHe4owTsn423RVJyNu2QG9cvZx6hb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Mon, 12 Apr 2021 20:19:39 GMT
If-None-Match: "6074ab5b-12c3e"

                                         
                                         23.21.213.51
HTTP/1.1 304 Not Modified
                                        
Server: nginx/1.22.0
Date: Wed, 05 Oct 2022 22:26:13 GMT
Last-Modified: Mon, 12 Apr 2021 20:19:39 GMT
Connection: keep-alive
ETag: "6074ab5b-12c3e"
Expires: Wed, 05 Oct 2022 22:26:13 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /lpScripts/assetsBehavior.js?v=1 HTTP/1.1 
Host: curatedpromoinfo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://curatedpromoinfo.com/16459-120931-typ/62570?uid=K1iiRpRHe4owTsn423RVJyNu2QG9cvZx6hb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Mon, 05 Sep 2022 18:13:19 GMT
If-None-Match: "63163c3f-2516"

                                         
                                         23.21.213.51
HTTP/1.1 304 Not Modified
                                        
Server: nginx/1.22.0
Date: Wed, 05 Oct 2022 22:26:13 GMT
Last-Modified: Mon, 05 Sep 2022 18:13:19 GMT
Connection: keep-alive
ETag: "63163c3f-2516"
Expires: Wed, 05 Oct 2022 22:26:13 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://curatedpromoinfo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 05 Oct 2022 22:26:12 GMT
date: Wed, 05 Oct 2022 22:26:12 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   107943
Md5:    fac32b57989df48ede13cb6c4516e79a
Sha1:   539da050207d191bb5a79b67ed88a363679137b1
Sha256: dbf7801f3733c2e1b853bfa9c23a19e87be13b48e059acb3744dccd9002f7c47
                                        
                                            GET /s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://curatedpromoinfo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13036
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 19:26:57 GMT
expires: Thu, 05 Oct 2023 19:26:57 GMT
cache-control: public, max-age=31536000
age: 10756
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 13036, version 1.0\012- data
Size:   13036
Md5:    0ad032b3d07aaf33b160ac4799dda40f
Sha1:   06b931e0d0bf37f5037d9e66d6feedfddd21c0ba
Sha256: c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
                                        
                                            GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://curatedpromoinfo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Sep 2022 16:40:18 GMT
expires: Fri, 29 Sep 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 539155
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size:   30928
Md5:    ac0d2859ea5f8fd6bcb3c305c08ec184
Sha1:   7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
Sha256: ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
                                        
                                            GET /uploads/c_16459/logos/liferaft_logo_black.svg HTTP/1.1 
Host: curatedpromoinfo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://curatedpromoinfo.com/16459-120931-typ/62570?uid=K1iiRpRHe4owTsn423RVJyNu2QG9cvZx6hb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         23.21.213.51
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Server: nginx/1.22.0
Date: Wed, 05 Oct 2022 22:26:13 GMT
Content-Length: 8561
Last-Modified: Thu, 01 Sep 2022 13:47:06 GMT
Connection: keep-alive
ETag: "6310b7da-2171"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1465)
Size:   8561
Md5:    a2fd63a297f0227ba601ce1a4e50e407
Sha1:   7e2ee68d4719f4a5326a276796aa31ba53369ddb
Sha256: 6f3fec5b12e3cc31c274a82e7995f28b7550fa735a85ba88ab022b0a5cd2bea6

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6406
Expires: Thu, 06 Oct 2022 00:13:00 GMT
Date: Wed, 05 Oct 2022 22:26:14 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6406
Expires: Thu, 06 Oct 2022 00:13:00 GMT
Date: Wed, 05 Oct 2022 22:26:14 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6406
Expires: Thu, 06 Oct 2022 00:13:00 GMT
Date: Wed, 05 Oct 2022 22:26:14 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, max compression\012- data
Size:   996
Md5:    7396a393623a9e415aab96f457dd9359
Sha1:   bdbb74c0dc1453848eb11c291764962de6b9f579
Sha256: f913c0283ea0179e0344d838a23c6e0ddfab99e5631b465b92d2d3d63f6ee88d

Alerts:
  File Analyzers:
    - virustotal: 0/0
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6406
Expires: Thu, 06 Oct 2022 00:13:00 GMT
Date: Wed, 05 Oct 2022 22:26:14 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6406
Expires: Thu, 06 Oct 2022 00:13:00 GMT
Date: Wed, 05 Oct 2022 22:26:14 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F913c841b-40a5-4fa4-bc55-0e9d1369640e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10809
x-amzn-requestid: db4d1d2a-05b8-403e-a7ca-8b8a6a0a4087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjQb-HrTIAMFtNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633dfab2-74f184406a48e42c0ecc4ec9;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:44:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: tv80OXQUu13gDuuFESnEnXMuFdNBmGc1y592euL7QnfZW5PwJym9-g==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:53:39 GMT
age: 1955
etag: "8c7ecefe6908387e2128dc849a6ba857991ba0ab"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10809
Md5:    a508ac9cd743bec987b2a24454418265
Sha1:   8c7ecefe6908387e2128dc849a6ba857991ba0ab
Sha256: afb2c2b51f2ce445ada599068901551beee594b15c152ed7551ab7a8835dde6d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10158
x-amzn-requestid: def1fc7e-8008-466f-9271-20fa1ab0fa5a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaqZCH7doAMFcPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a8aa0-7fd2fb1249366f2277d719d6;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 07:09:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: szhtD9f4RuQaDKXe7LElSR0yOKo9cYa1i2YMeG3eSpBXP8ePcdzQig==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 07:29:32 GMT
age: 53802
etag: "bbe71936b78a8c34d03ab87948dc840b35c6948f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10158
Md5:    4fc2ddd86450d64d3fb659ab4e78be58
Sha1:   bbe71936b78a8c34d03ab87948dc840b35c6948f
Sha256: 84a760397a5912bd05f61bc8a953c13a88a677e2d17fbbf74bdf7d7ff4d3942f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fac259b-7a22-4aa2-ba3f-682cb749091c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11080
x-amzn-requestid: 8fa4d19d-87a5-46c5-96c5-4aec793daad9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO7xE5eoAMFQLw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df84b-5c422c7a168c014f57559037;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:34:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: TlEKsCdhNhlKmA2Yhz8FarEUG18gQZMKGRD6SnzCnUMiKyGS9-UeOQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 73b60e9a9fd08eae9e034cedba707280.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:38:04 GMT
etag: "531d9e4ec9078cd2d7376a19fcb287084af36c82"
age: 2890
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11080
Md5:    2277f8f2d93b4bc3b05d348343177892
Sha1:   531d9e4ec9078cd2d7376a19fcb287084af36c82
Sha256: 62907648de4a2ed390232a71ab7dce49f1e9c3363cde6a2f30ecae10ab67f93a
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbffd8689-87c3-4efb-b880-4109e3dc9294.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7919
x-amzn-requestid: 01497827-07e5-4129-abf2-120b00eed8c0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjPs5F1LoAMF8Ww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df985-4b0c175142a6ace915d5e5d2;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:39:17 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: QElSCxuAj2dM9Psp2_fPTSi1goaNKkylf7D9ITOplorOFLIGIV332g==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 d8d9c12d1a621129f4bc739038e7c72e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:52:46 GMT
age: 2008
etag: "a9cd62230d4aabfcc2e8b2494e687d854254113e"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7919
Md5:    72ad6f9b79e7a3d11e3ace6b0e969614
Sha1:   a9cd62230d4aabfcc2e8b2494e687d854254113e
Sha256: 1d59cd22b3316da6f1d44076089ba983faed5327d174ddb3cb3d58f487ccae51
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6476b35e-8b14-44b0-a85a-4793280f25c1.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3777
x-amzn-requestid: 093c576f-e1f7-4d45-9f8c-7ca3e7539313
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjPtDEpSIAMF_Nw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df986-3cbcc83c1db24bbf193c3047;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:39:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: GXneoYCI_hqJxLyI-RAxkJJf08pBsc6usoQlztb3HHPQSd1PDh7kgQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:52:47 GMT
age: 2007
etag: "0e1d6cefe5ffe1994f26322962df8b0a13743339"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3777
Md5:    1a1a279f8386262762dcf70621e06ed5
Sha1:   0e1d6cefe5ffe1994f26322962df8b0a13743339
Sha256: a4146e8a0561009b63c55d0c13673958546b96f684a9c5a43a1f3200782798e9
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4aaf2d0a-832d-4fe3-85f6-f6f55993a48e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8192
x-amzn-requestid: b61498b4-22cd-4860-98e0-c7aad18a4d96
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO6sGTXoAMFZpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df844-23d0f24731d3bfab253f2677;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:33:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: dQIy6UCVx9quf2joR_GopPrlSMyy0s8TN-xQqmY38u7ho2jIvTV7gw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:36:41 GMT
age: 2973
etag: "f2f4664206335b080db6a5608b463945e89de346"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8192
Md5:    83c37f49b9fb5eeb70a244a759a4ce0d
Sha1:   f2f4664206335b080db6a5608b463945e89de346
Sha256: cbb8e24144c2118f3e2f2f9db09f2b4d582bca01da68fc2fb29b4d8a6df4dab5
                                        
                                            GET /16459-120931-typ/62570?uid=K1iiRpRHe4owTsn423RVJyNu2QG9cvZx6hb&mode=file HTTP/1.1 
Host: curatedpromoinfo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://curatedpromoinfo.com/16459-120931-typ/62570?uid=K1iiRpRHe4owTsn423RVJyNu2QG9cvZx6hb
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

                                         
                                         23.21.213.51
HTTP/1.1 200 OK
Content-Type: application/force-download
                                        
Server: nginx/1.22.0
Content-Length: 116557
Connection: keep-alive
X-Powered-By: PHP/7.4.16
Content-transfer-encoding: binary
Content-disposition: attachment; filename="LifeRaft-Case-Study-on-Insider-Threat-1.pdf"
Cache-Control: no-cache, private
Date: Wed, 05 Oct 2022 22:26:14 GMT


--- Additional Info ---
Magic:  PDF document, version 1.4, 1 pages\012- data
Size:   116557
Md5:    c2b528f5f42e61e32332122d8041d465
Sha1:   b074c472b1382cdcbf613a746c47cefe1c4608ca
Sha256: 588f7fbc4cdc0afb2921e10b3b57e497b462f647cc80d0fc97504e2173ae4054

Alerts:
  File Analyzers:
    - virustotal: 0/0
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: curatedpromoinfo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://curatedpromoinfo.com/16459-120931-typ/62570?uid=K1iiRpRHe4owTsn423RVJyNu2QG9cvZx6hb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         23.21.213.51
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: nginx/1.22.0
Date: Wed, 05 Oct 2022 22:26:14 GMT
Content-Length: 34494
Last-Modified: Wed, 14 Sep 2022 11:51:00 GMT
Connection: keep-alive
ETag: "6321c024-86be"
Expires: Wed, 05 Oct 2022 23:26:14 GMT
Cache-Control: max-age=3600
Accept-Ranges: bytes


--- Additional Info ---
Magic:  MS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel\012- data
Size:   34494
Md5:    d4a95c780824be97bc45a187ab7ad24b
Sha1:   53aeb2d44190d91ec2006379b3ddbd202b865d24
Sha256: 502322d8592de8395d6e7c2c37b18e04904e62d8f8b3caaa53858e4ebc64b692
                                        
                                            GET /uploads/c_16459/backgrounds/Group-4.png HTTP/1.1 
Host: curatedpromoinfo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://curatedpromoinfo.com/16459-120931-typ/62570?uid=K1iiRpRHe4owTsn423RVJyNu2QG9cvZx6hb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         23.21.213.51
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.22.0
Date: Wed, 05 Oct 2022 22:26:13 GMT
Content-Length: 1297796
Last-Modified: Thu, 01 Sep 2022 16:46:05 GMT
Connection: keep-alive
ETag: "6310e1cd-13cd84"
Expires: Wed, 05 Oct 2022 23:26:13 GMT
Cache-Control: max-age=3600
Access-Control-Allow-Origin: *
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 1800 x 2349, 8-bit/color RGBA, non-interlaced\012- data
Size:   1297796
Md5:    04ed645ec1b7ca051575ad39c20e6c08
Sha1:   468f465e9766db0acee74916776c4391b92db627
Sha256: 35a4a10bf39e9c19a95c53116b5f699933e078b31cbc3bb384726d55886395bf
                                        
                                            GET /bootstrap/4.4.1/css/bootstrap.min.css HTTP/1.1 
Host: stackpath.bootstrapcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://curatedpromoinfo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.10.207
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Wed, 05 Oct 2022 22:26:12 GMT
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:09 GMT
cdn-cachedat: 08/03/2021 15:16:56
cdn-edgestorageid: 601
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-proxyver: 1.0
cdn-status: 200
cdn-requestid: d6b43e13ddbcd4f60dded6d39b2abed5
cdn-cache: HIT
cf-cache-status: HIT
age: 10449760
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 755993dc5b6b0afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://curatedpromoinfo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 05 Oct 2022 22:26:12 GMT
date: Wed, 05 Oct 2022 22:26:12 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css2?family=Noto+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://curatedpromoinfo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 05 Oct 2022 22:26:12 GMT
date: Wed, 05 Oct 2022 22:26:12 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://curatedpromoinfo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 05 Oct 2022 22:26:12 GMT
date: Wed, 05 Oct 2022 22:26:12 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css2?family=Ubuntu:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://curatedpromoinfo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 05 Oct 2022 22:26:12 GMT
date: Wed, 05 Oct 2022 22:26:12 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css?family=Muli HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://curatedpromoinfo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 05 Oct 2022 22:26:13 GMT
date: Wed, 05 Oct 2022 22:26:13 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---