Report - proitcteam.com/18202-126877/70477?uid=4g5a3ZqRyphuBQqRuN8d5HKXeZP9o9ZQer&prom_type=regular&prom

Report Overview

Submitted URL
proitcteam.com/18202-126877/70477?uid=4g5a3ZqRyphuBQqRuN8d5HKXeZP9o9ZQer&prom_type=regular&prom_id=194926&pld=26L81sNgpwNGg5&answer=2
IP
23.21.213.51
ASN
#14618 AMAZON-AES
Submitted
2022-11-12 05:51:22
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
88

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-10T05:09:10Z	2.7 kB	7.1 kB	23.36.77.32
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-10T05:11:21Z	368 B	2.0 kB	151.101.86.133
via.placeholder.com	26595	2017-06-01T17:41:00Z	2023-03-10T11:53:46Z	393 B	2.6 kB	172.67.158.148
p.typekit.net	620	2012-05-23T16:28:57Z	2023-03-10T05:27:57Z	858 B	357 B	23.36.76.186
stackpath.bootstrapcdn.com	2467	2018-06-15T22:36:43Z	2023-03-10T09:31:27Z	412 B	903 B	104.18.10.207
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-10T05:10:00Z	782 B	2.4 kB	34.102.187.140
polyfill.io	102644	2016-02-12T01:04:58Z	2023-03-10T13:52:49Z	457 B	644 B	151.101.65.26
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-10T05:10:02Z	606 B	127 B	54.189.157.130
use.typekit.net	494	2012-07-05T03:42:39Z	2023-03-10T05:27:57Z	375 B	4.5 kB	23.36.76.186
proitcteam.com	unknown	2022-05-20T05:40:11Z	2023-02-23T11:01:31Z	14 kB	3.8 MB	23.21.213.51
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-10T13:49:44Z	2.0 kB	4.0 kB	93.184.220.29
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-10T05:12:35Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-10T05:10:00Z	333 B	229 B	34.117.237.239
cdnjs.cloudflare.com	235	2015-04-17T22:46:33Z	2023-03-10T08:04:05Z	783 B	47 kB	104.17.24.14
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-10T05:11:10Z	2.1 kB	4.2 kB	142.250.74.35
cdn.jsdelivr.net	439	2012-09-30T02:15:09Z	2023-03-10T11:13:22Z	407 B	8.6 kB	151.101.85.229
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-10T12:25:49Z	3.7 kB	8.5 kB	142.250.74.10
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-10T14:37:36Z	478 B	17 kB	216.58.207.195
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-10T05:10:04Z	3.2 kB	57 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-12	medium	proitcteam.com/ckeditor/contents.css?t=M9RE	Phishing
2022-11-12	medium	proitcteam.com/ckeditor/plugins/formBuilder/styles/formBuilder.css?v=1.3.1667334567956	Phishing
2022-11-12	medium	proitcteam.com/lib/jq/validator/fb.validation.js	Phishing
2022-11-12	medium	proitcteam.com/lib/jq/cqParams/fb.cqParams.js	Phishing
2022-11-12	medium	proitcteam.com/lib/jq/otherInput/fb.otherInput.js	Phishing
2022-11-12	medium	proitcteam.com/lib/jq/fb.utils.js	Phishing
2022-11-12	medium	proitcteam.com/lib/jq/fb.autoSubmit.js	Phishing
2022-11-12	medium	proitcteam.com/lpScripts/assetsBehavior.js?v=1	Phishing
2022-11-12	medium	proitcteam.com/lib/uri/uri.js	Phishing
2022-11-12	medium	proitcteam.com/uploads/uploadedFonts/fontsImport.css?v=1668232270	Phishing
2022-11-12	medium	proitcteam.com/lib/jq/validator/localization/jq_validation_localizations.boundled.js	Phishing
2022-11-12	medium	proitcteam.com/18202-126876-typ/70477?uid=4g5a3ZqRyphuBQqRuN8d5HKXeZP9o9ZQer	Phishing
2022-11-12	medium	proitcteam.com/ckeditor/contents.css?t=M9RE	Phishing
2022-11-12	medium	proitcteam.com/ckeditor/plugins/formBuilder/styles/formBuilder.css?v=1.3.1666964509113	Phishing
2022-11-12	medium	proitcteam.com/lib/uri/uri.js	Phishing
2022-11-12	medium	proitcteam.com/lpScripts/assetsBehavior.js?v=1	Phishing
2022-11-12	medium	proitcteam.com/uploads/uploadedFonts/fontsImport.css?v=1668232271	Phishing
2022-11-12	medium	proitcteam.com/uploads/cl_2472/logotypes/logo.svg	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-11-11	medium	proitcteam.com	Sinkholed
2022-11-11	medium	proitcteam.com	Sinkholed
2022-11-11	medium	proitcteam.com	Sinkholed
2022-11-11	medium	proitcteam.com	Sinkholed
2022-11-11	medium	proitcteam.com	Sinkholed
2022-11-11	medium	proitcteam.com	Sinkholed
2022-11-11	medium	proitcteam.com	Sinkholed
2022-11-11	medium	proitcteam.com	Sinkholed
2022-11-11	medium	proitcteam.com	Sinkholed
2022-11-11	medium	proitcteam.com	Sinkholed
2022-11-11	medium	proitcteam.com	Sinkholed
2022-11-11	medium	proitcteam.com	Sinkholed
2022-11-11	medium	proitcteam.com	Sinkholed
2022-11-11	medium	proitcteam.com	Sinkholed
2022-11-11	medium	proitcteam.com	Sinkholed
2022-11-11	medium	proitcteam.com	Sinkholed
2022-11-11	medium	proitcteam.com	Sinkholed
2022-11-11	medium	proitcteam.com	Sinkholed
2022-11-11	medium	proitcteam.com	Sinkholed
2022-11-11	medium	proitcteam.com	Sinkholed
2022-11-11	medium	proitcteam.com	Sinkholed
2022-11-11	medium	proitcteam.com	Sinkholed
2022-11-11	medium	proitcteam.com	Sinkholed
2022-11-11	medium	proitcteam.com	Sinkholed
2022-11-11	medium	proitcteam.com	Sinkholed
2022-11-11	medium	proitcteam.com	Sinkholed

Files detected

URL
proitcteam.com/18202-126876-typ/70477?uid=4g5a3ZqRyphuBQqRuN8d5HKXeZP9o9ZQer&mode=file
IP
23.21.213.51
ASN
#14618 AMAZON-AES

File type
PDF document, version 1.7, 0 pages\012- data
Size
2.0 MB (2033870 bytes)
Hash
7227097e2f4fc212b456c4ee02ac19d3
2ffea6ba53c6c663fb43194ce735fcbf9974b6ce
319cbeae7398ba481c0091ede6a01dba1aea15d651f19428699ff2f9fa029cfa

Detections

Analyzer	Verdict	Alert
VirusTotal	0/0

JavaScript (16)

	URL	Size	First Seen	Last Seen
	cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js	90 kB	2023-03-07	2024-04-26
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-26 21:34:01 Times Seen139424 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	proitcteam.com/18202-126877/70477?uid=4g5a3ZqRyphuBQqRuN8d5HKXeZP9o9ZQer&prom_type=regular&prom_id=194926&pld=26L81sNgpwNGg5&answer=2	98 B	2023-03-07	2024-04-26
Pretty URL proitcteam.com/18202-126877/70477?uid=4g5a3ZqRyphuBQqRuN8d5HKXeZP9o9ZQer&prom_type=regular&prom_id=194926&pld=26L81sNgpwNGg5&answer=2 IP 23.21.213.51 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:32:08 Last Seen2024-04-26 00:44:25 Times Seen67 Hash bd1bb06e1eb2513d80d713f827f44a47 e16d34af3ee95682c44aea25471460209bf69f61 a415cd8038dc4ff7548175717a3c9d05be601ac83c010f17066c33bbaa9da799 Loading...

	proitcteam.com/lib/jq/otherInput/fb.otherInput.js	2.3 kB	2023-03-08	2024-04-26
Pretty URL proitcteam.com/lib/jq/otherInput/fb.otherInput.js IP 23.21.213.51 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 08:30:02 Last Seen2024-04-26 00:44:26 Times Seen204 Hash 98ddf73de28f5fef1378553ea90dc407 9c76c82d52e3512a2fe53c754b135c5a91f1e97c 0bf7b8a2f9d4ebc076ca6ecbfad616bca4bb4d489ab2d021d935c4854585a0d0 Loading...

	cdnjs.cloudflare.com/ajax/libs/select2/4.0.13/js/select2.min.js	71 kB	2023-03-07	2024-04-26
Pretty URL cdnjs.cloudflare.com/ajax/libs/select2/4.0.13/js/select2.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:39 Last Seen2024-04-26 14:40:37 Times Seen4285 Hash 0f64f3a3a0c620a6756d36abaff1b4a6 4738d7f9885db2cb9370766974c8f6b22e9ec29d 00501810e93307a8882a74d864e7547fd1458deea539361dc1124ac133799a4b Loading...

	proitcteam.com/lpScripts/assetsBehavior.js?v=1	9.5 kB	2023-03-08	2023-03-12
Pretty URL proitcteam.com/lpScripts/assetsBehavior.js?v=1 IP 23.21.213.51 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 08:30:02 Last Seen2023-03-12 14:00:59 Times Seen1 Hash b3d79c3fb1a09ffcead07bd732d7d81a d73f923eea8f386c4d441a076e1e77e59f0f7cf4 01f6570da4691ac14aa5f882167414fa699581b41cacfa07f8f7731663392cd4 Loading...

	proitcteam.com/lib/uri/uri.js	77 kB	2023-03-07	2024-04-26
Pretty URL proitcteam.com/lib/uri/uri.js IP 23.21.213.51 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:25 Last Seen2024-04-26 00:44:26 Times Seen1499 Hash 64437cd33e2fa1a40e6850ee6388639e 809078716153b491c00852f366ca3f8d6e03df22 96361c580499a6dd7afa83f352fb2a27c159a39daf794e2e6813514be8a8fbe9 Loading...

	polyfill.io/v3/polyfill.min.js?version=3.52.1&features=URL%2CURLSearchParams%2Ces5%2Ces6%2Ces7	72 B	2023-03-07	2024-04-26
Pretty URL polyfill.io/v3/polyfill.min.js?version=3.52.1&features=URL%2CURLSearchParams%2Ces5%2Ces6%2Ces7 IP 151.101.65.26 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:35 Last Seen2024-04-26 17:55:07 Times Seen291 Hash 7bf5fb2fd30cea050be6a48b90343984 e3d8fc7eec3e4338218b844d40a1ae86cc8581c6 aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11 Loading...

	proitcteam.com/18202-126877/70477?uid=4g5a3ZqRyphuBQqRuN8d5HKXeZP9o9ZQer&prom_type=regular&prom_id=194926&pld=26L81sNgpwNGg5&answer=2	58 B	2023-03-07	2024-04-26
Pretty URL proitcteam.com/18202-126877/70477?uid=4g5a3ZqRyphuBQqRuN8d5HKXeZP9o9ZQer&prom_type=regular&prom_id=194926&pld=26L81sNgpwNGg5&answer=2 IP 23.21.213.51 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:32:08 Last Seen2024-04-26 00:44:25 Times Seen67 Hash ea4cdd05ea02fc381650389e3513ec3a ae902087b2cde7a4e0d58c1a5eb3fc8310b2c755 f2738345b1d22b55dbcfbd3c3fd7ed8ed4e9ed7ca68e35b86135c2a9211ef4ed Loading...

	cdn.jsdelivr.net/npm/jquery-validation@1.19.1/dist/jquery.validate.min.js	24 kB	2023-03-07	2024-04-26
Pretty URL cdn.jsdelivr.net/npm/jquery-validation@1.19.1/dist/jquery.validate.min.js IP 151.101.85.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:26 Last Seen2024-04-26 00:44:26 Times Seen1190 Hash 8a25965d822705f957a243443d219787 0da4c535b50bdb4dffa3b5fae3e999aeee137cb5 b0f074179d185032b4a2d0e7b1f3476b0626039334a638d47f84ef44990616b2 Loading...

	proitcteam.com/lib/jq/fb.utils.js	18 kB	2023-03-07	2023-03-17
Pretty URL proitcteam.com/lib/jq/fb.utils.js IP 23.21.213.51 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:13:30 Last Seen2023-03-17 12:45:25 Times Seen1 Hash ae4404875fed763d83013c881e85a0ee b816ad607b6a4a89b901447ad513abbbf7fd16a9 827810c0c757314f1071132a70efabdf940d7a259cf21bc99f008f96f0859637 Loading...

	proitcteam.com/lib/jq/validator/localization/jq_validation_localizations.boundled.js	110 kB	2023-03-07	2023-03-17
Pretty URL proitcteam.com/lib/jq/validator/localization/jq_validation_localizations.boundled.js IP 23.21.213.51 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:37 Last Seen2023-03-17 12:45:25 Times Seen1 Hash 590cfcdcec421c852434167b135406c7 aa035d2388b6576bbb0657b4347b88ec7d272bd7 90e8f80b16e3b6ee999a5400579399c6207291f3f5476fb3951c5230d75ec3db Loading...

	proitcteam.com/lib/jq/validator/fb.validation.js	2.0 kB	2023-03-07	2023-03-26
Pretty URL proitcteam.com/lib/jq/validator/fb.validation.js IP 23.21.213.51 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:32:08 Last Seen2023-03-26 08:44:40 Times Seen28 Hash 60f78449c35e69490026e3f739d322dc a0f988cad0941c050d4ecbe1d58f450193c604d2 ee75b43f5de847b148b9ed76c06b5db9566ba8da3ac35c726ed43ef9f9b2c3e3 Loading...

	proitcteam.com/lib/jq/cqParams/fb.cqParams.js	2.8 kB	2023-03-07	2024-04-26
Pretty URL proitcteam.com/lib/jq/cqParams/fb.cqParams.js IP 23.21.213.51 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:32:08 Last Seen2024-04-26 00:44:26 Times Seen186 Hash 55159908ed60d22fd3992732aa7e42d3 57976f1953d1da224e9746296eaac849d69dc5f3 c6b1e77cd2f103d2fa292bf088a9680848a4f94b6c1ef6ee2017c2ba530a03c5 Loading...

	proitcteam.com/lib/jq/fb.autoSubmit.js	631 B	2023-03-07	2023-03-17
Pretty URL proitcteam.com/lib/jq/fb.autoSubmit.js IP 23.21.213.51 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:32:08 Last Seen2023-03-17 12:45:25 Times Seen1 Hash d1b0ab11f9d2a041be621b97140bd0de 03eb391c2a4ec2e17385afdb695cb458bddb4dba 348cf9886114edd1ab2df04571fd8e6eeb192d2da111b4ef3200caa25ce0ffae Loading...

	pdf.js/build/pdf.js	322 kB	2023-03-07	2023-04-05
Pretty URL pdf.js/build/pdf.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:22 Last Seen2023-04-05 02:12:01 Times Seen1311 Hash 42ee10ee09176e186c5846bab608c4a8 03d49a21c62fc1e134d08cd62593dac460e9981b 7049dcd5d0dc1e88a111356c01ccf1098990dbece884a0d8f3b5f3cafd9f0e81 Loading...

	pdf.js/web/viewer.js	374 kB	2023-03-07	2023-04-05
Pretty URL pdf.js/web/viewer.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:22 Last Seen2023-04-05 02:12:01 Times Seen1357 Hash 7f28003dcd68438eee3f0fb20757243c 7f119fdc77292f13ea6d6a72d0e16373e1d7bb23 f9a11592ab64edfa8c23f7f97c7ab331c689185292fdb490d039b89c70fb01b0 Loading...

HTTP Transactions (75)

URL IP Response Size

proitcteam.com/18202-126877/70477?uid=4g5a3ZqRyphuBQqRuN8d5HKXeZP9o9ZQer&prom_type=regular&prom_id=194926&pld=26L81sNgpwNGg5&answer=2

23.21.213.51

301 Moved Permanently

169 B

URL HTTP/1.1
proitcteam.com/18202-126877/70477?uid=4g5a3ZqRyphuBQqRuN8d5HKXeZP9o9ZQer&prom_type=regular&prom_id=194926&pld=26L81sNgpwNGg5&answer=2
IP
23.21.213.51:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
169 B (169 bytes)
Hash
b51956ed2a6129f43c5d0ecc011cc5a5
c03157aff80067b6b57903d3843b9fd9e07b33ab
1ac63374d015eee8d9d875502aa63981dbeb9d86a14096de0d504763808e429b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /18202-126877/70477?uid=4g5a3ZqRyphuBQqRuN8d5HKXeZP9o9ZQer&prom_type=regular&prom_id=194926&pld=26L81sNgpwNGg5&answer=2 HTTP/1.1
Host: proitcteam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx/1.22.0
Date: Sat, 12 Nov 2022 05:51:09 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://proitcteam.com/18202-126877/70477?uid=4g5a3ZqRyphuBQqRuN8d5HKXeZP9o9ZQer&prom_type=regular&prom_id=194926&pld=26L81sNgpwNGg5&answer=2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3d0727e32cd103ddd4b73f28c81758aa
197a7bf43d63723fc532c23c6dced68d5cc36652
d3f75d03561d6a47d19370292e821a86e58381466f0c69386a21175de55882ff

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3F75D03561D6A47D19370292E821A86E58381466F0C69386A21175DE55882FF"
Last-Modified: Fri, 11 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2434
Expires: Sat, 12 Nov 2022 06:31:43 GMT
Date: Sat, 12 Nov 2022 05:51:09 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
4edf853c470fcec0ab277c78527f3c2d
de93530ce15337e671c488d9fe05e7091d4956f0
b9d7976b398b1243ff8a571ddd3975d3a1317d69101061bdb1a755b3b56620e6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1316
Cache-Control: max-age=104534
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 05:51:09 GMT
Etag: "636e247f-1d7"
Expires: Sun, 13 Nov 2022 10:53:23 GMT
Last-Modified: Fri, 11 Nov 2022 10:31:27 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5076aaa9f4ccd602540286ce0590cb9a
bbf7936a8413a564478971d9e19beb6338cbc869
00e3b967c579b0ccf709b78d497a43d95646b16eb50925fef1e2694c58f290b2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "00E3B967C579B0CCF709B78D497A43D95646B16EB50925FEF1E2694C58F290B2"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4749
Expires: Sat, 12 Nov 2022 07:10:18 GMT
Date: Sat, 12 Nov 2022 05:51:09 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
4736bac84ca28f2b1e961159fb4ea098
1319612979f53896fcfeacd4215c2715d4951e4c
5e81213e111ddf68c7f884f72b4e06fc4dc95eb902c3cf0762236b2418840dba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 12 Nov 2022 05:44:09 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 420
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: HDm4Q3kDLW7tyTyPBFSUtOiEW+qWYY8kI9DcSX6kG5uZOsFxGoH3HU7LCWf7adILSyV1zfXFrtE=
x-amz-request-id: KKVA6ZXK35S54GW8
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 12 Nov 2022 05:50:08 GMT
age: 61
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 05:51:09 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e7dacfaa5b512acafa79fa16865ffb7c
d3065ae03e6f327f40208fb1651f777af0f5384a
55bc642d05b2010868a04eccb0a57a2f840440c9bcff9d516282abb37f1bea4a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "55BC642D05B2010868A04ECCB0A57A2F840440C9BCFF9D516282ABB37F1BEA4A"
Last-Modified: Thu, 10 Nov 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 12 Nov 2022 11:51:10 GMT
Date: Sat, 12 Nov 2022 05:51:10 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Cache-Control, Retry-After, Content-Length, Expires, ETag, Pragma, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 12 Nov 2022 05:44:48 GMT
cache-control: public,max-age=3600
age: 382
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

proitcteam.com/18202-126877/70477?uid=4g5a3ZqRyphuBQqRuN8d5HKXeZP9o9ZQer&prom_type=regular&prom_id=194926&pld=26L81sNgpwNGg5&answer=2

23.21.213.51

200 OK

8.0 kB

URL HTTP/1.1
proitcteam.com/18202-126877/70477?uid=4g5a3ZqRyphuBQqRuN8d5HKXeZP9o9ZQer&prom_type=regular&prom_id=194926&pld=26L81sNgpwNGg5&answer=2
IP
23.21.213.51:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (15037)
Size
8.0 kB (8041 bytes)
Hash
c275e70bd5c42a877da711324462cd3a
829d4bc3456986d11bf7acd260b08960b57c4743
5d26ed8a99e358eaff86c0b210b5601e01619490a69fd1e6bcaff88c9ee82765

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /18202-126877/70477?uid=4g5a3ZqRyphuBQqRuN8d5HKXeZP9o9ZQer&prom_type=regular&prom_id=194926&pld=26L81sNgpwNGg5&answer=2 HTTP/1.1
Host: proitcteam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Server: nginx/1.22.0
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.4.16
Cache-Control: max-age=0, must-revalidate, private
Date: Sat, 12 Nov 2022 05:51:10 GMT
Expires: Sat, 12 Nov 2022 05:51:10 GMT
Content-Encoding: gzip

cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

104.17.24.14

200 OK

28 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65451)
Size
28 kB (27958 bytes)
Hash
4b5f47439b640180cc3450f7de05d0d8
5a0dc9bcab80ddc409dd35fcb00a88fe6846fee2
1f85e8b327f42c17c025d69849914068536d9aa95412fe473ae90ffb2f4ebd82

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proitcteam.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 12 Nov 2022 05:51:10 GMT
content-type: application/javascript; charset=utf-8
content-length: 27958
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb09ed3-15d84"
last-modified: Mon, 04 May 2020 23:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 13675974
expires: Thu, 02 Nov 2023 05:51:10 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L%2FpQvTUclNY1JETNxLnaNW42JSG7%2FdISx9jUf8lMlGfGdE%2B%2FETKTlOTJeJAofXvIVP74rPoffs%2FSdZZ%2FB1v3ueseV%2Ftd7KHYTtn7zgAvm6SlCgMJanZGB4E5c7oYIhSFnH6h9Zps"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 768cfe8acb14b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/select2/4.0.13/js/select2.min.js

104.17.24.14

200 OK

16 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/select2/4.0.13/js/select2.min.js
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (64131)
Size
16 kB (16456 bytes)
Hash
e969f2fd683c8d12ccbfa6ec0487dadf
4efb5abd97f96f324fd3bd64902a02e4a8a3d3af
10375c0c9bd1d60f996e3b7eef19ada49ebc3790f78742204cef7026754d2ac2

HTTP Headers

GET /ajax/libs/select2/4.0.13/js/select2.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://proitcteam.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 12 Nov 2022 05:51:10 GMT
content-type: application/javascript; charset=utf-8
content-length: 16456
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5ecc8659-114c3"
last-modified: Tue, 26 May 2020 03:00:41 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 6052643
expires: Thu, 02 Nov 2023 05:51:10 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sxmHhVvCekiwVe%2Bl%2BnjvsKWck9%2FfFPlMvsNIROvDkDcEf4vdIcQO6mDKPXPoKOaIwVfj6nPqupBapkWgA1rGwhU%2B367aKMXS3O%2BzEGYAgvTWYXrfyndDYFWb%2FAbrBVktXRGgMFJA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 768cfe8adaca0afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/jquery-validation@1.19.1/dist/jquery.validate.min.js

151.101.85.229

200 OK

7.8 kB

URL HTTP/2
cdn.jsdelivr.net/npm/jquery-validation@1.19.1/dist/jquery.validate.min.js
IP
151.101.85.229:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (24237)
Size
7.8 kB (7815 bytes)
Hash
144d2fdbeb2ac0a55e26fd4d3bcb6aa7
7b00473f6a8170bcb0573cec68acea35684250c7
5e9ecf8613ebbaae3c171d1ba18e6af51d41ed136730e2764784f12679fda526

HTTP Headers

GET /npm/jquery-validation@1.19.1/dist/jquery.validate.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proitcteam.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.19.1
x-jsd-version-type: version
etag: W/"5f38-DaTFNbUL203/o7X64+mZru4TfLU"
content-encoding: gzip
accept-ranges: bytes
date: Sat, 12 Nov 2022 05:51:10 GMT
age: 5202540
x-served-by: cache-fra19121-FRA, cache-bma1667-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7815
X-Firefox-Spdy: h2

polyfill.io/v3/polyfill.min.js?version=3.52.1&features=URL%2CURLSearchParams%2Ces5%2Ces6%2Ces7

151.101.65.26

200 OK

74 B

URL HTTP/2
polyfill.io/v3/polyfill.min.js?version=3.52.1&features=URL%2CURLSearchParams%2Ces5%2Ces6%2Ces7
IP
151.101.65.26:0
ASN
#54113 FASTLY

File type
ASCII text
Size
74 B (74 bytes)
Hash
bdb6d8e9b581dfbdb87566776ede0cbd
d18cdeacd5c146b34919955e97e51b7db50d0d9b
fe35c33df2fa5edeac1dbbe512a6e92c5b1e7fb5c204df818e23ea07b5121add

HTTP Headers

GET /v3/polyfill.min.js?version=3.52.1&features=URL%2CURLSearchParams%2Ces5%2Ces6%2Ces7 HTTP/1.1
Host: polyfill.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://proitcteam.com
Connection: keep-alive
Referer: https://proitcteam.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
content-type: text/javascript; charset=utf-8
last-modified: Wed, 09 Nov 2022 06:55:17 GMT
content-encoding: br
age: 0
accept-ranges: bytes
useragent_normaliser: firefox/105.0.0
date: Sat, 12 Nov 2022 05:51:10 GMT
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
vary: User-Agent, Accept-Encoding
server-timing: cache-bma1624, PASS, fastly;desc="Edge time";dur=14
content-length: 74
X-Firefox-Spdy: h2

proitcteam.com/ckeditor/contents.css?t=M9RE

23.21.213.51

200 OK

2.9 kB

URL HTTP/1.1
proitcteam.com/ckeditor/contents.css?t=M9RE
IP
23.21.213.51:0
ASN
#14618 AMAZON-AES

File type
ASCII text
Size
2.9 kB (2886 bytes)
Hash
ea34863bd1770c4274d7ed7c58449f2a
1aefe351289c27d7b741cd38baaaad3398e306ba
43b78285c786c968e35d8a44aafb06df291e840e106bd01ddf36df96ce84ff5d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /ckeditor/contents.css?t=M9RE HTTP/1.1
Host: proitcteam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proitcteam.com/18202-126877/70477?uid=4g5a3ZqRyphuBQqRuN8d5HKXeZP9o9ZQer&prom_type=regular&prom_id=194926&pld=26L81sNgpwNGg5&answer=2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 12 Nov 2022 05:51:10 GMT
Content-Type: text/css
Content-Length: 2886
Last-Modified: Tue, 08 Nov 2022 19:32:11 GMT
Connection: keep-alive
ETag: "636aaebb-b46"
Expires: Sat, 12 Nov 2022 05:51:10 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
8cc49d9ae01c2191254808e4639cb186
959f94f6522b041fb0247ddf9fbf779623108444
e0549a3b21a7ce29d448ccff3ad8e829b21a5f8bf249a00664c3f196c0dc3097

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1828
Cache-Control: max-age=92436
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 05:51:10 GMT
Etag: "636df33e-117"
Expires: Sun, 13 Nov 2022 07:31:46 GMT
Last-Modified: Fri, 11 Nov 2022 07:01:18 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
f7ff606fbc8634c858bbc04b69f55cf6
2441de2cba649239efd0dae7a878d7ef2245c0b4
95154e0dbb7e827b8f893cc141f986c29634ead618256470d753429aa65a0548

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4059
Cache-Control: max-age=102201
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 05:51:10 GMT
Etag: "636e10ac-1d7"
Expires: Sun, 13 Nov 2022 10:14:31 GMT
Last-Modified: Fri, 11 Nov 2022 09:06:52 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
8cc49d9ae01c2191254808e4639cb186
959f94f6522b041fb0247ddf9fbf779623108444
e0549a3b21a7ce29d448ccff3ad8e829b21a5f8bf249a00664c3f196c0dc3097

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1828
Cache-Control: max-age=92436
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 05:51:10 GMT
Etag: "636df33e-117"
Expires: Sun, 13 Nov 2022 07:31:46 GMT
Last-Modified: Fri, 11 Nov 2022 07:01:18 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1

151.101.86.133

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
151.101.86.133:0
ASN
#54113 FASTLY

File type
data
Size
1.5 kB (1462 bytes)
Hash
8732318cbd8f0ef86bf8bc83507a6594
0397130ff4f8c2bd3a4e3ceebcba33eb13b6db73
8708ab9751a16f5ea63dfed7104d8ba2c13e03c9bdca88c4c13873fe28ddaece

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1462
Content-Type: application/ocsp-response
Etag: "AC9CCA61A0913E2738F523FD62AF3C6879C7ACBA"
Expires: Sat, 12 Nov 2022 17:00:00 UTC
Last-Modified: Sat, 12 Nov 2022 05:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
Accept-Ranges: bytes
Date: Sat, 12 Nov 2022 05:51:10 GMT
Via: 1.1 varnish
Age: 359
X-Served-By: cache-bma1661-BMA
X-Cache: HIT
X-Cache-Hits: 1
X-Timer: S1668232271.655845,VS0,VE1

proitcteam.com/ckeditor/plugins/formBuilder/styles/formBuilder.css?v=1.3.1667334567956

23.21.213.51

200 OK

5.2 kB

URL HTTP/1.1
proitcteam.com/ckeditor/plugins/formBuilder/styles/formBuilder.css?v=1.3.1667334567956
IP
23.21.213.51:0
ASN
#14618 AMAZON-AES

File type
ASCII text
Size
5.2 kB (5201 bytes)
Hash
e741d2aa47efe7dda9dfe0a5014fef0e
30ebfe60d0832bb8114c6ba155f0ddb15c1a527c
68c2e3489d098db2a6e2ddba9f32ff172d1c0ff0983b9b3c3c0b59c8a850cf20

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /ckeditor/plugins/formBuilder/styles/formBuilder.css?v=1.3.1667334567956 HTTP/1.1
Host: proitcteam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proitcteam.com/18202-126877/70477?uid=4g5a3ZqRyphuBQqRuN8d5HKXeZP9o9ZQer&prom_type=regular&prom_id=194926&pld=26L81sNgpwNGg5&answer=2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 12 Nov 2022 05:51:10 GMT
Content-Type: text/css
Content-Length: 5201
Last-Modified: Tue, 08 Nov 2022 19:32:11 GMT
Connection: keep-alive
ETag: "636aaebb-1451"
Expires: Sat, 12 Nov 2022 05:51:10 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

proitcteam.com/lib/jq/validator/fb.validation.js

23.21.213.51

200 OK

2.0 kB

URL HTTP/1.1
proitcteam.com/lib/jq/validator/fb.validation.js
IP
23.21.213.51:0
ASN
#14618 AMAZON-AES

File type
ASCII text
Size
2.0 kB (2011 bytes)
Hash
60f78449c35e69490026e3f739d322dc
a0f988cad0941c050d4ecbe1d58f450193c604d2
ee75b43f5de847b148b9ed76c06b5db9566ba8da3ac35c726ed43ef9f9b2c3e3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /lib/jq/validator/fb.validation.js HTTP/1.1
Host: proitcteam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proitcteam.com/18202-126877/70477?uid=4g5a3ZqRyphuBQqRuN8d5HKXeZP9o9ZQer&prom_type=regular&prom_id=194926&pld=26L81sNgpwNGg5&answer=2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 12 Nov 2022 05:51:10 GMT
Content-Type: application/javascript
Content-Length: 2011
Last-Modified: Wed, 09 Jun 2021 11:25:31 GMT
Connection: keep-alive
ETag: "60c0a52b-7db"
Expires: Sat, 12 Nov 2022 05:51:10 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

proitcteam.com/ckeditor/plugins/lpLinkV2/css/styles.css

23.21.213.51

200 OK

2.2 kB

URL HTTP/1.1
proitcteam.com/ckeditor/plugins/lpLinkV2/css/styles.css
IP
23.21.213.51:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (2158)
Size
2.2 kB (2159 bytes)
Hash
20944bcec784ce7e2b95b62808da9869
29fa6fc754e5f8cda684cfcadad4b996f7404e61
479da2477e3d7631c8cca6c411d1b2afad9d5e66bc6bb7acc8b1bdafadd75499

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ckeditor/plugins/lpLinkV2/css/styles.css HTTP/1.1
Host: proitcteam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proitcteam.com/18202-126877/70477?uid=4g5a3ZqRyphuBQqRuN8d5HKXeZP9o9ZQer&prom_type=regular&prom_id=194926&pld=26L81sNgpwNGg5&answer=2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 12 Nov 2022 05:51:10 GMT
Content-Type: text/css
Content-Length: 2159
Last-Modified: Tue, 08 Nov 2022 19:32:11 GMT
Connection: keep-alive
ETag: "636aaebb-86f"
Expires: Sat, 12 Nov 2022 05:51:10 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

proitcteam.com/lib/jq/cqParams/fb.cqParams.js

23.21.213.51

200 OK

2.8 kB

URL HTTP/1.1
proitcteam.com/lib/jq/cqParams/fb.cqParams.js
IP
23.21.213.51:0
ASN
#14618 AMAZON-AES

File type
ASCII text
Size
2.8 kB (2815 bytes)
Hash
55159908ed60d22fd3992732aa7e42d3
57976f1953d1da224e9746296eaac849d69dc5f3
c6b1e77cd2f103d2fa292bf088a9680848a4f94b6c1ef6ee2017c2ba530a03c5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /lib/jq/cqParams/fb.cqParams.js HTTP/1.1
Host: proitcteam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proitcteam.com/18202-126877/70477?uid=4g5a3ZqRyphuBQqRuN8d5HKXeZP9o9ZQer&prom_type=regular&prom_id=194926&pld=26L81sNgpwNGg5&answer=2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 12 Nov 2022 05:51:10 GMT
Content-Type: application/javascript
Content-Length: 2815
Last-Modified: Tue, 14 Sep 2021 10:49:24 GMT
Connection: keep-alive
ETag: "61407e34-aff"
Expires: Sat, 12 Nov 2022 05:51:10 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

proitcteam.com/lib/jq/otherInput/fb.otherInput.js

23.21.213.51

200 OK

2.3 kB

URL HTTP/1.1
proitcteam.com/lib/jq/otherInput/fb.otherInput.js
IP
23.21.213.51:0
ASN
#14618 AMAZON-AES

File type
ASCII text
Size
2.3 kB (2332 bytes)
Hash
98ddf73de28f5fef1378553ea90dc407
9c76c82d52e3512a2fe53c754b135c5a91f1e97c
0bf7b8a2f9d4ebc076ca6ecbfad616bca4bb4d489ab2d021d935c4854585a0d0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /lib/jq/otherInput/fb.otherInput.js HTTP/1.1
Host: proitcteam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proitcteam.com/18202-126877/70477?uid=4g5a3ZqRyphuBQqRuN8d5HKXeZP9o9ZQer&prom_type=regular&prom_id=194926&pld=26L81sNgpwNGg5&answer=2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 12 Nov 2022 05:51:10 GMT
Content-Type: application/javascript
Content-Length: 2332
Last-Modified: Fri, 07 Oct 2022 13:13:57 GMT
Connection: keep-alive
ETag: "63402615-91c"
Expires: Sat, 12 Nov 2022 05:51:10 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

proitcteam.com/lib/jq/fb.utils.js

23.21.213.51

200 OK

18 kB

URL HTTP/1.1
proitcteam.com/lib/jq/fb.utils.js
IP
23.21.213.51:0
ASN
#14618 AMAZON-AES

File type
Unicode text, UTF-8 text
Size
18 kB (17827 bytes)
Hash
ae4404875fed763d83013c881e85a0ee
b816ad607b6a4a89b901447ad513abbbf7fd16a9
827810c0c757314f1071132a70efabdf940d7a259cf21bc99f008f96f0859637

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /lib/jq/fb.utils.js HTTP/1.1
Host: proitcteam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proitcteam.com/18202-126877/70477?uid=4g5a3ZqRyphuBQqRuN8d5HKXeZP9o9ZQer&prom_type=regular&prom_id=194926&pld=26L81sNgpwNGg5&answer=2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 12 Nov 2022 05:51:10 GMT
Content-Type: application/javascript
Content-Length: 17827
Last-Modified: Mon, 12 Sep 2022 09:24:07 GMT
Connection: keep-alive
ETag: "631efab7-45a3"
Expires: Sat, 12 Nov 2022 05:51:10 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

push.services.mozilla.com/

54.189.157.130

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.189.157.130:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: HWBkdyyZS/v08/6pJRwPDw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: jiL1bC0dTPMETfUJOt8Yk1V/29s=

proitcteam.com/lib/jq/fb.autoSubmit.js

23.21.213.51

200 OK

631 B

URL HTTP/1.1
proitcteam.com/lib/jq/fb.autoSubmit.js
IP
23.21.213.51:0
ASN
#14618 AMAZON-AES

File type
ASCII text
Size
631 B (631 bytes)
Hash
d1b0ab11f9d2a041be621b97140bd0de
03eb391c2a4ec2e17385afdb695cb458bddb4dba
348cf9886114edd1ab2df04571fd8e6eeb192d2da111b4ef3200caa25ce0ffae

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /lib/jq/fb.autoSubmit.js HTTP/1.1
Host: proitcteam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proitcteam.com/18202-126877/70477?uid=4g5a3ZqRyphuBQqRuN8d5HKXeZP9o9ZQer&prom_type=regular&prom_id=194926&pld=26L81sNgpwNGg5&answer=2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 12 Nov 2022 05:51:10 GMT
Content-Type: application/javascript
Content-Length: 631
Last-Modified: Mon, 12 Apr 2021 20:19:39 GMT
Connection: keep-alive
ETag: "6074ab5b-277"
Expires: Sat, 12 Nov 2022 05:51:10 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

proitcteam.com/lpScripts/assetsBehavior.js?v=1

23.21.213.51

200 OK

9.5 kB

URL HTTP/1.1
proitcteam.com/lpScripts/assetsBehavior.js?v=1
IP
23.21.213.51:0
ASN
#14618 AMAZON-AES

File type
ASCII text
Size
9.5 kB (9493 bytes)
Hash
b3d79c3fb1a09ffcead07bd732d7d81a
d73f923eea8f386c4d441a076e1e77e59f0f7cf4
01f6570da4691ac14aa5f882167414fa699581b41cacfa07f8f7731663392cd4

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /lpScripts/assetsBehavior.js?v=1 HTTP/1.1
Host: proitcteam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proitcteam.com/18202-126877/70477?uid=4g5a3ZqRyphuBQqRuN8d5HKXeZP9o9ZQer&prom_type=regular&prom_id=194926&pld=26L81sNgpwNGg5&answer=2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 12 Nov 2022 05:51:10 GMT
Content-Type: application/javascript
Content-Length: 9493
Last-Modified: Fri, 07 Oct 2022 13:13:57 GMT
Connection: keep-alive
ETag: "63402615-2515"
Expires: Sat, 12 Nov 2022 05:51:10 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

proitcteam.com/lib/uri/uri.js

23.21.213.51

200 OK

77 kB

URL HTTP/1.1
proitcteam.com/lib/uri/uri.js
IP
23.21.213.51:0
ASN
#14618 AMAZON-AES

File type
Unicode text, UTF-8 text, with very long lines (1107)
Size
77 kB (76862 bytes)
Hash
64437cd33e2fa1a40e6850ee6388639e
809078716153b491c00852f366ca3f8d6e03df22
96361c580499a6dd7afa83f352fb2a27c159a39daf794e2e6813514be8a8fbe9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /lib/uri/uri.js HTTP/1.1
Host: proitcteam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proitcteam.com/18202-126877/70477?uid=4g5a3ZqRyphuBQqRuN8d5HKXeZP9o9ZQer&prom_type=regular&prom_id=194926&pld=26L81sNgpwNGg5&answer=2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 12 Nov 2022 05:51:10 GMT
Content-Type: application/javascript
Content-Length: 76862
Last-Modified: Mon, 12 Apr 2021 20:19:39 GMT
Connection: keep-alive
ETag: "6074ab5b-12c3e"
Expires: Sat, 12 Nov 2022 05:51:10 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

proitcteam.com/uploads/uploadedFonts/fontsImport.css?v=1668232270

23.21.213.51

200 OK

108 kB

URL HTTP/1.1
proitcteam.com/uploads/uploadedFonts/fontsImport.css?v=1668232270
IP
23.21.213.51:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (508)
Size
108 kB (107812 bytes)
Hash
04c4345fbdec69b31374695998265c93
e27ee9d192e6ce16e33e387efc02db19c1c74ac4
d5afaff231f5024edd23393f959e850f752bdd45185d2e4e3113428413d1d615

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /uploads/uploadedFonts/fontsImport.css?v=1668232270 HTTP/1.1
Host: proitcteam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proitcteam.com/18202-126877/70477?uid=4g5a3ZqRyphuBQqRuN8d5HKXeZP9o9ZQer&prom_type=regular&prom_id=194926&pld=26L81sNgpwNGg5&answer=2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 12 Nov 2022 05:51:10 GMT
Content-Type: text/css
Content-Length: 107812
Last-Modified: Mon, 10 Oct 2022 19:00:14 GMT
Connection: keep-alive
ETag: "63446bbe-1a524"
Expires: Sat, 12 Nov 2022 05:51:10 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

proitcteam.com/lib/jq/validator/localization/jq_validation_localizations.boundled.js

23.21.213.51

200 OK

110 kB

URL HTTP/1.1
proitcteam.com/lib/jq/validator/localization/jq_validation_localizations.boundled.js
IP
23.21.213.51:0
ASN
#14618 AMAZON-AES

File type
Unicode text, UTF-8 text
Size
110 kB (110384 bytes)
Hash
590cfcdcec421c852434167b135406c7
aa035d2388b6576bbb0657b4347b88ec7d272bd7
90e8f80b16e3b6ee999a5400579399c6207291f3f5476fb3951c5230d75ec3db

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /lib/jq/validator/localization/jq_validation_localizations.boundled.js HTTP/1.1
Host: proitcteam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proitcteam.com/18202-126877/70477?uid=4g5a3ZqRyphuBQqRuN8d5HKXeZP9o9ZQer&prom_type=regular&prom_id=194926&pld=26L81sNgpwNGg5&answer=2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 12 Nov 2022 05:51:10 GMT
Content-Type: application/javascript
Content-Length: 110384
Last-Modified: Thu, 14 Jul 2022 12:15:02 GMT
Connection: keep-alive
ETag: "62d008c6-1af30"
Expires: Sat, 12 Nov 2022 05:51:10 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
471d1cb0549d3e58c62390dff8afcd8e
af6f6680c796aa6c8d0236c2b3086519cb00e56a
1cdf1b83882c94d0871b316129f1fdd0f6889b5924bcf2b6909c9bff50e344bc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5962
Cache-Control: max-age=151630
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 05:51:11 GMT
Etag: "636eca53-117"
Expires: Sun, 13 Nov 2022 23:58:21 GMT
Last-Modified: Fri, 11 Nov 2022 22:18:59 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4b46bbcd35c85c4678b0e3e409bba3bc
bb0705335e28414345ad5fcdd61104cf2fbbbbc4
6c3df7e6d0a8491fe24c03df2ccba059ba2f84155a680a4a22f217d3870cff95

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 05:51:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4b46bbcd35c85c4678b0e3e409bba3bc
bb0705335e28414345ad5fcdd61104cf2fbbbbc4
6c3df7e6d0a8491fe24c03df2ccba059ba2f84155a680a4a22f217d3870cff95

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 05:51:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4b46bbcd35c85c4678b0e3e409bba3bc
bb0705335e28414345ad5fcdd61104cf2fbbbbc4
6c3df7e6d0a8491fe24c03df2ccba059ba2f84155a680a4a22f217d3870cff95

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 05:51:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4b46bbcd35c85c4678b0e3e409bba3bc
bb0705335e28414345ad5fcdd61104cf2fbbbbc4
6c3df7e6d0a8491fe24c03df2ccba059ba2f84155a680a4a22f217d3870cff95

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 05:51:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4b46bbcd35c85c4678b0e3e409bba3bc
bb0705335e28414345ad5fcdd61104cf2fbbbbc4
6c3df7e6d0a8491fe24c03df2ccba059ba2f84155a680a4a22f217d3870cff95

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 05:51:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

142.250.74.10

200 OK

1.6 kB

URL HTTP/2
fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
1.6 kB (1641 bytes)
Hash
1376947341acc389e632a34f428e9b7e
3dbb69972d7f95db73439cb7c14c6ebb5778fbc4
0a47456233986d28f032e79d396d25fc2a3ecb7c3ace842ca508b52eed7a4c16

HTTP Headers

GET /css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proitcteam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 12 Nov 2022 05:51:11 GMT
date: Sat, 12 Nov 2022 05:51:11 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

via.placeholder.com/1280x320?text=LOGO

172.67.158.148

200 OK

1.8 kB

URL HTTP/2
via.placeholder.com/1280x320?text=LOGO
IP
172.67.158.148:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1280 x 320, 4-bit colormap, non-interlaced\012- data
Size
1.8 kB (1836 bytes)
Hash
c901b21688c204362c755b50dd01661c
21d804d25c253dbbebb24e2ec93c20e513d1aca9
cda6d49363c0eb3be56104f772fc8c2c334c132f2829ab30c246ad19f103454a

HTTP Headers

GET /1280x320?text=LOGO HTTP/1.1
Host: via.placeholder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proitcteam.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 12 Nov 2022 05:51:11 GMT
content-type: image/png
content-length: 1836
last-modified: Wed, 30 Dec 2020 14:00:06 GMT
etag: "5fec87e6-72c"
expires: Sat, 19 Nov 2022 05:51:01 GMT
cache-control: max-age=604800
x-cache: L1
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nawK54dTz%2FhRNCEPK95oChFqgZHao0aX3Sn9J9HyPIOzUJd8dR9Z2Y3TWkePEim8cwp8jWX34IUidxewITW4QZkWVIzmEeGm0lGSr9aPM6y5Y4KyYGkUPUUyDdbBt5Mc5LEz%2FwRr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 768cfe8e88c0b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
471d1cb0549d3e58c62390dff8afcd8e
af6f6680c796aa6c8d0236c2b3086519cb00e56a
1cdf1b83882c94d0871b316129f1fdd0f6889b5924bcf2b6909c9bff50e344bc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5962
Cache-Control: max-age=151630
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 05:51:11 GMT
Etag: "636eca53-117"
Expires: Sun, 13 Nov 2022 23:58:21 GMT
Last-Modified: Fri, 11 Nov 2022 22:18:59 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279

use.typekit.net/mgr2odi.css

23.36.76.186

200 OK

4.1 kB

URL HTTP/2
use.typekit.net/mgr2odi.css
IP
23.36.76.186:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 text, with very long lines (520)
Size
4.1 kB (4083 bytes)
Hash
609b64c6359e37c88bbd245ba638b89f
dd850df3bcab5430f55c233b626cd8f446de3ba2
bfee3862850ad498e1f660bd51f135340cd36894b836ea0e4ae04dbdb9abc72b

HTTP Headers

GET /mgr2odi.css HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proitcteam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-type: text/css;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 4083
date: Sat, 12 Nov 2022 05:51:11 GMT
X-Firefox-Spdy: h2

p.typekit.net/p.css?s=1&k=mgr2odi&ht=tk&f=137.138.139.140.169.170.171.172.173.174.175.176.5474.5475.25136.25137.143.144.147.148.156.157.161.162.2003.2004.2005.2006.2007.2008.2009.2010.2011.2012.9938.9939.39002.39004.12046.12047.12048.12049.12050.12051.12053.12054.12055.12056.17398.17399.17400.17401.22618.22619.14032.14033.14034.14035.26425.26426.35617.35620.26435.35615.26438.26439.35630.35633.26448.35628.26893.26894.26897.26898.26909.26910.26913.26914.29382.29383&a=14392602&app=typekit&e=css

23.36.76.186

200 OK

5 B

URL HTTP/2
p.typekit.net/p.css?s=1&k=mgr2odi&ht=tk&f=137.138.139.140.169.170.171.172.173.174.175.176.5474.5475.25136.25137.143.144.147.148.156.157.161.162.2003.2004.2005.2006.2007.2008.2009.2010.2011.2012.9938.9939.39002.39004.12046.12047.12048.12049.12050.12051.12053.12054.12055.12056.17398.17399.17400.17401.22618.22619.14032.14033.14034.14035.26425.26426.35617.35620.26435.35615.26438.26439.35630.35633.26448.35628.26893.26894.26897.26898.26909.26910.26913.26914.29382.29383&a=14392602&app=typekit&e=css
IP
23.36.76.186:0
ASN
#20940 Akamai International B.V.

File type
ASCII text
Size
5 B (5 bytes)
Hash
83d24d4b43cc7eef2b61e66c95f3d158
f0cafc285ee23bb6c28c5166f305493c4331c84d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

HTTP Headers

GET /p.css?s=1&k=mgr2odi&ht=tk&f=137.138.139.140.169.170.171.172.173.174.175.176.5474.5475.25136.25137.143.144.147.148.156.157.161.162.2003.2004.2005.2006.2007.2008.2009.2010.2011.2012.9938.9939.39002.39004.12046.12047.12048.12049.12050.12051.12053.12054.12055.12056.17398.17399.17400.17401.22618.22619.14032.14033.14034.14035.26425.26426.35617.35620.26435.35615.26438.26439.35630.35633.26448.35628.26893.26894.26897.26898.26909.26910.26913.26914.29382.29383&a=14392602&app=typekit&e=css HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: text/css
cross-origin-resource-policy: cross-origin
etag: "613bee4d-5"
last-modified: Fri, 10 Sep 2021 23:46:21 GMT
server: nginx
content-length: 5
unused62: 8096267
date: Sat, 12 Nov 2022 05:51:11 GMT
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Muli

142.250.74.10

200 OK

872 B

URL HTTP/2
fonts.googleapis.com/css?family=Muli
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
872 B (872 bytes)
Hash
c3a3a04c165df04367dc2d6d955b1cad
12c62a44cd4af0316a0f6b264057a18a50e1a96d
0e816212d21299412409137d0da3c530e9908da032fc28ef1080fc7a9f2ddce3

HTTP Headers

GET /css?family=Muli HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proitcteam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 12 Nov 2022 05:51:11 GMT
date: Sat, 12 Nov 2022 05:51:11 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://proitcteam.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 19:34:08 GMT
expires: Thu, 09 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 209823
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e3f9965225cba49c71506d7dee4c1647
d1d30248236cfe679fa182860d69634d30f5b0ca
8a2641a2fa1026f8893b4acf7f7c78c633a1408779f3063c87ad292729300d97

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 05:51:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

proitcteam.com/18202-126877/70477?uid=4g5a3ZqRyphuBQqRuN8d5HKXeZP9o9ZQer&prom_type=regular&prom_id=194926&pld=26L81sNgpwNGg5&answer=2

23.21.213.51

200 OK

20 B

URL HTTP/1.1
proitcteam.com/18202-126877/70477?uid=4g5a3ZqRyphuBQqRuN8d5HKXeZP9o9ZQer&prom_type=regular&prom_id=194926&pld=26L81sNgpwNGg5&answer=2
IP
23.21.213.51:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /18202-126877/70477?uid=4g5a3ZqRyphuBQqRuN8d5HKXeZP9o9ZQer&prom_type=regular&prom_id=194926&pld=26L81sNgpwNGg5&answer=2 HTTP/1.1
Host: proitcteam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 72
Origin: https://proitcteam.com
Connection: keep-alive
Referer: https://proitcteam.com/18202-126877/70477?uid=4g5a3ZqRyphuBQqRuN8d5HKXeZP9o9ZQer&prom_type=regular&prom_id=194926&pld=26L81sNgpwNGg5&answer=2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.22.0
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.4.16
Cache-Control: max-age=0, must-revalidate, private
Date: Sat, 12 Nov 2022 05:51:11 GMT
Expires: Sat, 12 Nov 2022 05:51:11 GMT
Content-Encoding: gzip

proitcteam.com/18202-126876-typ/70477?uid=4g5a3ZqRyphuBQqRuN8d5HKXeZP9o9ZQer

23.21.213.51

200 OK

2.3 kB

URL HTTP/1.1
proitcteam.com/18202-126876-typ/70477?uid=4g5a3ZqRyphuBQqRuN8d5HKXeZP9o9ZQer
IP
23.21.213.51:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (739), with CR, LF line terminators
Size
2.3 kB (2298 bytes)
Hash
0c02587af58bef79d29b1445f23ea4e2
43cef9b9bd1eb00b89dcc0358de5535e4878dc07
9fa456ea1989c3b0039a9b8b4cbd8b0d9fd5ded449f082118981f8d615e794bf

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /18202-126876-typ/70477?uid=4g5a3ZqRyphuBQqRuN8d5HKXeZP9o9ZQer HTTP/1.1
Host: proitcteam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proitcteam.com/18202-126877/70477?uid=4g5a3ZqRyphuBQqRuN8d5HKXeZP9o9ZQer&prom_type=regular&prom_id=194926&pld=26L81sNgpwNGg5&answer=2
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.22.0
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.4.16
Cache-Control: no-cache, private
Date: Sat, 12 Nov 2022 05:51:11 GMT
Content-Encoding: gzip

proitcteam.com/ckeditor/contents.css?t=M9RE

23.21.213.51

304 Not Modified

0 B

URL HTTP/1.1
proitcteam.com/ckeditor/contents.css?t=M9RE
IP
23.21.213.51:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /ckeditor/contents.css?t=M9RE HTTP/1.1
Host: proitcteam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proitcteam.com/18202-126876-typ/70477?uid=4g5a3ZqRyphuBQqRuN8d5HKXeZP9o9ZQer
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Tue, 08 Nov 2022 19:32:11 GMT
If-None-Match: "636aaebb-b46"

HTTP/1.1 304 Not Modified
Server: nginx/1.22.0
Date: Sat, 12 Nov 2022 05:51:11 GMT
Last-Modified: Tue, 08 Nov 2022 19:32:11 GMT
Connection: keep-alive
ETag: "636aaebb-b46"
Expires: Sat, 12 Nov 2022 05:51:11 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *

proitcteam.com/ckeditor/plugins/formBuilder/styles/formBuilder.css?v=1.3.1666964509113

23.21.213.51

200 OK

5.2 kB

URL HTTP/1.1
proitcteam.com/ckeditor/plugins/formBuilder/styles/formBuilder.css?v=1.3.1666964509113
IP
23.21.213.51:0
ASN
#14618 AMAZON-AES

File type
ASCII text
Size
5.2 kB (5201 bytes)
Hash
e741d2aa47efe7dda9dfe0a5014fef0e
30ebfe60d0832bb8114c6ba155f0ddb15c1a527c
68c2e3489d098db2a6e2ddba9f32ff172d1c0ff0983b9b3c3c0b59c8a850cf20

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /ckeditor/plugins/formBuilder/styles/formBuilder.css?v=1.3.1666964509113 HTTP/1.1
Host: proitcteam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proitcteam.com/18202-126876-typ/70477?uid=4g5a3ZqRyphuBQqRuN8d5HKXeZP9o9ZQer
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 12 Nov 2022 05:51:11 GMT
Content-Type: text/css
Content-Length: 5201
Last-Modified: Tue, 08 Nov 2022 19:32:11 GMT
Connection: keep-alive
ETag: "636aaebb-1451"
Expires: Sat, 12 Nov 2022 05:51:11 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

proitcteam.com/ckeditor/plugins/lpLinkV2/css/styles.css

23.21.213.51

304 Not Modified

0 B

URL HTTP/1.1
proitcteam.com/ckeditor/plugins/lpLinkV2/css/styles.css
IP
23.21.213.51:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ckeditor/plugins/lpLinkV2/css/styles.css HTTP/1.1
Host: proitcteam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proitcteam.com/18202-126876-typ/70477?uid=4g5a3ZqRyphuBQqRuN8d5HKXeZP9o9ZQer
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Tue, 08 Nov 2022 19:32:11 GMT
If-None-Match: "636aaebb-86f"

HTTP/1.1 304 Not Modified
Server: nginx/1.22.0
Date: Sat, 12 Nov 2022 05:51:11 GMT
Last-Modified: Tue, 08 Nov 2022 19:32:11 GMT
Connection: keep-alive
ETag: "636aaebb-86f"
Expires: Sat, 12 Nov 2022 05:51:11 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *

proitcteam.com/lib/uri/uri.js

23.21.213.51

304 Not Modified

0 B

URL HTTP/1.1
proitcteam.com/lib/uri/uri.js
IP
23.21.213.51:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /lib/uri/uri.js HTTP/1.1
Host: proitcteam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proitcteam.com/18202-126876-typ/70477?uid=4g5a3ZqRyphuBQqRuN8d5HKXeZP9o9ZQer
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Mon, 12 Apr 2021 20:19:39 GMT
If-None-Match: "6074ab5b-12c3e"

HTTP/1.1 304 Not Modified
Server: nginx/1.22.0
Date: Sat, 12 Nov 2022 05:51:11 GMT
Last-Modified: Mon, 12 Apr 2021 20:19:39 GMT
Connection: keep-alive
ETag: "6074ab5b-12c3e"
Expires: Sat, 12 Nov 2022 05:51:11 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *

proitcteam.com/lpScripts/assetsBehavior.js?v=1

23.21.213.51

304 Not Modified

0 B

URL HTTP/1.1
proitcteam.com/lpScripts/assetsBehavior.js?v=1
IP
23.21.213.51:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /lpScripts/assetsBehavior.js?v=1 HTTP/1.1
Host: proitcteam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proitcteam.com/18202-126876-typ/70477?uid=4g5a3ZqRyphuBQqRuN8d5HKXeZP9o9ZQer
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Fri, 07 Oct 2022 13:13:57 GMT
If-None-Match: "63402615-2515"

HTTP/1.1 304 Not Modified
Server: nginx/1.22.0
Date: Sat, 12 Nov 2022 05:51:11 GMT
Last-Modified: Fri, 07 Oct 2022 13:13:57 GMT
Connection: keep-alive
ETag: "63402615-2515"
Expires: Sat, 12 Nov 2022 05:51:11 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *

proitcteam.com/uploads/uploadedFonts/fontsImport.css?v=1668232271

23.21.213.51

200 OK

108 kB

URL HTTP/1.1
proitcteam.com/uploads/uploadedFonts/fontsImport.css?v=1668232271
IP
23.21.213.51:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (508)
Size
108 kB (107812 bytes)
Hash
04c4345fbdec69b31374695998265c93
e27ee9d192e6ce16e33e387efc02db19c1c74ac4
d5afaff231f5024edd23393f959e850f752bdd45185d2e4e3113428413d1d615

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /uploads/uploadedFonts/fontsImport.css?v=1668232271 HTTP/1.1
Host: proitcteam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proitcteam.com/18202-126876-typ/70477?uid=4g5a3ZqRyphuBQqRuN8d5HKXeZP9o9ZQer
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 12 Nov 2022 05:51:11 GMT
Content-Type: text/css
Content-Length: 107812
Last-Modified: Mon, 10 Oct 2022 19:00:14 GMT
Connection: keep-alive
ETag: "63446bbe-1a524"
Expires: Sat, 12 Nov 2022 05:51:11 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fb29db48daab83bcaed56b72093619cc
e0e0a09d729ffb1c41411419768896f1e1eb3346
08e24124f809f1ab7e6960355efcb419e13dd5fb6063c31caf04e11ebdb7a5cf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7567
Expires: Sat, 12 Nov 2022 07:57:19 GMT
Date: Sat, 12 Nov 2022 05:51:12 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fb29db48daab83bcaed56b72093619cc
e0e0a09d729ffb1c41411419768896f1e1eb3346
08e24124f809f1ab7e6960355efcb419e13dd5fb6063c31caf04e11ebdb7a5cf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7567
Expires: Sat, 12 Nov 2022 07:57:19 GMT
Date: Sat, 12 Nov 2022 05:51:12 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fb29db48daab83bcaed56b72093619cc
e0e0a09d729ffb1c41411419768896f1e1eb3346
08e24124f809f1ab7e6960355efcb419e13dd5fb6063c31caf04e11ebdb7a5cf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7567
Expires: Sat, 12 Nov 2022 07:57:19 GMT
Date: Sat, 12 Nov 2022 05:51:12 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fb29db48daab83bcaed56b72093619cc
e0e0a09d729ffb1c41411419768896f1e1eb3346
08e24124f809f1ab7e6960355efcb419e13dd5fb6063c31caf04e11ebdb7a5cf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7567
Expires: Sat, 12 Nov 2022 07:57:19 GMT
Date: Sat, 12 Nov 2022 05:51:12 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fb29db48daab83bcaed56b72093619cc
e0e0a09d729ffb1c41411419768896f1e1eb3346
08e24124f809f1ab7e6960355efcb419e13dd5fb6063c31caf04e11ebdb7a5cf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7567
Expires: Sat, 12 Nov 2022 07:57:19 GMT
Date: Sat, 12 Nov 2022 05:51:12 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F073ec866-b693-4f96-82bf-76ba051797c9.jpeg

34.120.237.76

200 OK

6.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F073ec866-b693-4f96-82bf-76ba051797c9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.6 kB (6577 bytes)
Hash
faa8e3cf2ab3c1d53a1735def5bb7476
ccc1ec5ebb5090c6255dcb1e8899e95cdd91e12f
e81a8fa312ec478871427f1d04ba7fe563573c683809153f75dec8df979d6efe

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F073ec866-b693-4f96-82bf-76ba051797c9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6577
x-amzn-requestid: b4587cfb-6041-453c-9e74-fa35ecd31448
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMjIGHRoAMF26g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec147-29e7ec741b0e6f6f674aef75;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hsMmHIBEt_4cL455goPqDKQVQA75u4oGFbSxsGP_e_0uG7SZmSLBhQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 22:00:57 GMT
age: 28215
etag: "ccc1ec5ebb5090c6255dcb1e8899e95cdd91e12f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11715 bytes)
Hash
cd5bdc050716bb76afe8090fc81617e7
5109c156b180727767fc03c411190ccc0d3fb5fc
9b13e7838946c6654dda17886c2ca8d42de934acb93f4bddb1008dfa1bd1ea99

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11715
x-amzn-requestid: 20e508bd-6568-4225-9bee-c683a49d44f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhUHkpIAMFfJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-7dc726b94a37fc667e2e6646;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: X3SUo1LP97TxraRav0ftskBhzWkTJInHaS44PW26yloF-dgD-bHBuA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:45:12 GMT
etag: "5109c156b180727767fc03c411190ccc0d3fb5fc"
content-type: image/jpeg
age: 29160
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84f5d648-d178-4f63-98ef-7a2f4504174e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7493 bytes)
Hash
93d01c3c2422df3f7994d3496069dc37
96a4243e7f538fdd4e0aec4f39b058a08a4898e9
1fbc7efb3dfb058984abf1fbe60021212ff1bca8e366f03b1752c615e5249e55

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84f5d648-d178-4f63-98ef-7a2f4504174e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7493
x-amzn-requestid: 077e815e-bbfc-472c-9d22-a9f0e7cda511
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdNDhGYvIAMFygQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec216-3a8a5a6f41b8ade53ff48dce;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:43:50 GMT
x-amz-cf-pop: YVR50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4OOiKELCGHOkACWtRl9DqyfkKqKzqa1FwNJKQ5aOq2Ivb6pDfPYLWw==
via: 1.1 feda34dcbf6a00e232656b7983c2c7f0.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 22:00:55 GMT
age: 28217
etag: "96a4243e7f538fdd4e0aec4f39b058a08a4898e9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1c82c0c-226f-4611-8f71-7008a26329d4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.8 kB (7753 bytes)
Hash
8d11673991a9fe0eb431fa7d7d60c8a4
a5b2808681a3a5c181ca4686b2bd004cce3f9374
3fa3569b07acad3ffb2e1655ad40aacd4c1dd2738596735def18723dca6256c2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1c82c0c-226f-4611-8f71-7008a26329d4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7753
x-amzn-requestid: 94f6f121-05f6-4a30-a2f8-0c889c12cfb3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdNMGE_qIAMF1YQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec24d-2c974fd346d2d5c83d04e4a3;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:44:45 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5JllMu67q1dI-gKl2lQ8-1OT38uEfvZsNpYyAo_R5a3Wz77qg6Xx1Q==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 22:15:22 GMT
etag: "a5b2808681a3a5c181ca4686b2bd004cce3f9374"
content-type: image/jpeg
age: 27350
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Facfcee70-832e-4f2d-8fc7-55d2bfff651e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8633 bytes)
Hash
eac2ed4bece6282c8273a58a88371e2e
2d90ff66079e8ffbaaa367a6bfc08927e7cc424d
aea97fd7d90302edcb3e0c08507d682e02166e8ddd4d082fc4f5435af438594c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Facfcee70-832e-4f2d-8fc7-55d2bfff651e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8633
x-amzn-requestid: 8bdfbfbb-5193-4c62-ba1b-c906f7548676
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhSEC1oAMF8tw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-39b4c2954dbc8e4c40a2c9d8;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: lxrfhO5oOGvECIrlZYKsfXOTZZksAIIHAafyRM-FdRXAaBVZs5cEQA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:45:21 GMT
age: 29151
etag: "2d90ff66079e8ffbaaa367a6bfc08927e7cc424d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b650f84-0cd0-4921-bc04-f0ea0459e4d1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8482 bytes)
Hash
084ca839d34b15916cd2f5034440a1ef
7764777ce9a862c1590712ef33032df72edefffd
b8893d7f327f88316cb909ded7fd8f4e1809190a7da807677785bf953f6e33fb

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b650f84-0cd0-4921-bc04-f0ea0459e4d1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8482
x-amzn-requestid: 79e5e211-afc8-4531-b361-6f6f3386f16e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhUGJsIAMF7Mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-5a0ba4a93eba91c81ba3a9bc;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CxrOwBRw0YlwOnKPJZI7h7YEwOAYS3ZtFa8q2o5rDvQct6pehCAFAg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:51:43 GMT
age: 28769
etag: "7764777ce9a862c1590712ef33032df72edefffd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

proitcteam.com/uploads/cl_2472/logotypes/logo.svg

23.21.213.51

200 OK

9.1 kB

URL HTTP/1.1
proitcteam.com/uploads/cl_2472/logotypes/logo.svg
IP
23.21.213.51:0
ASN
#14618 AMAZON-AES

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (1531), with CRLF line terminators
Size
9.1 kB (9126 bytes)
Hash
ec2f3f63377c887b518f5a4a33b1ea56
c2ff6b514f9761ba8ff2ac109c9d311f84db301c
a32e426aca199c580cf677920033d86b24dd3e8b81766123f8c1d696d3b535a0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /uploads/cl_2472/logotypes/logo.svg HTTP/1.1
Host: proitcteam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proitcteam.com/18202-126876-typ/70477?uid=4g5a3ZqRyphuBQqRuN8d5HKXeZP9o9ZQer
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 12 Nov 2022 05:51:12 GMT
Content-Type: image/svg+xml
Content-Length: 9126
Last-Modified: Fri, 28 Oct 2022 13:21:41 GMT
Connection: keep-alive
ETag: "635bd765-23a6"
Accept-Ranges: bytes

proitcteam.com/favicon.ico

23.21.213.51

200 OK

34 kB

URL HTTP/1.1
proitcteam.com/favicon.ico
IP
23.21.213.51:0
ASN
#14618 AMAZON-AES

File type
MS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel\012- data
Size
34 kB (34494 bytes)
Hash
d4a95c780824be97bc45a187ab7ad24b
53aeb2d44190d91ec2006379b3ddbd202b865d24
502322d8592de8395d6e7c2c37b18e04904e62d8f8b3caaa53858e4ebc64b692

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: proitcteam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proitcteam.com/18202-126876-typ/70477?uid=4g5a3ZqRyphuBQqRuN8d5HKXeZP9o9ZQer
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 12 Nov 2022 05:51:12 GMT
Content-Type: image/x-icon
Content-Length: 34494
Last-Modified: Wed, 14 Sep 2022 11:51:00 GMT
Connection: keep-alive
ETag: "6321c024-86be"
Expires: Sat, 12 Nov 2022 06:51:12 GMT
Cache-Control: max-age=3600
Accept-Ranges: bytes

proitcteam.com/uploads/c_18202/logos/white-waves.png

23.21.213.51

200 OK

1.3 MB

URL HTTP/1.1
proitcteam.com/uploads/c_18202/logos/white-waves.png
IP
23.21.213.51:0
ASN
#14618 AMAZON-AES

File type
PNG image data, 1920 x 1071, 8-bit/color RGBA, non-interlaced\012- data
Size
1.3 MB (1263922 bytes)
Hash
682f3af0e49e47d67579b4be2678ca92
5a8e115809f0d1f4b1d3d75fc57339c9f08b7617
ac7e29b395620bf30b1f185578a74204faa4d10f8437378aa930ffebd62ed5b2

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /uploads/c_18202/logos/white-waves.png HTTP/1.1
Host: proitcteam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proitcteam.com/18202-126876-typ/70477?uid=4g5a3ZqRyphuBQqRuN8d5HKXeZP9o9ZQer
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 12 Nov 2022 05:51:12 GMT
Content-Type: image/png
Content-Length: 1263922
Last-Modified: Fri, 28 Oct 2022 13:32:00 GMT
Connection: keep-alive
ETag: "635bd9d0-134932"
Expires: Sat, 12 Nov 2022 06:51:12 GMT
Cache-Control: max-age=3600
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

proitcteam.com/18202-126876-typ/70477?uid=4g5a3ZqRyphuBQqRuN8d5HKXeZP9o9ZQer&mode=file

23.21.213.51

200 OK

2.0 MB

URL HTTP/1.1
proitcteam.com/18202-126876-typ/70477?uid=4g5a3ZqRyphuBQqRuN8d5HKXeZP9o9ZQer&mode=file
IP
23.21.213.51:0
ASN
#14618 AMAZON-AES

File type
PDF document, version 1.7, 0 pages\012- data
Size
2.0 MB (2033870 bytes)
Hash
7227097e2f4fc212b456c4ee02ac19d3
2ffea6ba53c6c663fb43194ce735fcbf9974b6ce
319cbeae7398ba481c0091ede6a01dba1aea15d651f19428699ff2f9fa029cfa

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /18202-126876-typ/70477?uid=4g5a3ZqRyphuBQqRuN8d5HKXeZP9o9ZQer&mode=file HTTP/1.1
Host: proitcteam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proitcteam.com/18202-126876-typ/70477?uid=4g5a3ZqRyphuBQqRuN8d5HKXeZP9o9ZQer
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.22.0
Content-Type: application/force-download
Content-Length: 2033870
Connection: keep-alive
X-Powered-By: PHP/7.4.16
Content-transfer-encoding: binary
Content-disposition: attachment; filename="Ebook-How-to-maximize-savings-and-traveler-satisfaction-through-personalized-travel-shopping.pdf"
Cache-Control: no-cache, private
Date: Sat, 12 Nov 2022 05:51:12 GMT

fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proitcteam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 12 Nov 2022 05:51:11 GMT
date: Sat, 12 Nov 2022 05:51:11 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proitcteam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 12 Nov 2022 05:51:11 GMT
date: Sat, 12 Nov 2022 05:51:11 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Ubuntu:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Ubuntu:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Ubuntu:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proitcteam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 12 Nov 2022 05:51:11 GMT
date: Sat, 12 Nov 2022 05:51:11 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Noto+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Noto+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Noto+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proitcteam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 12 Nov 2022 05:51:11 GMT
date: Sat, 12 Nov 2022 05:51:11 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proitcteam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 12 Nov 2022 05:51:11 GMT
date: Sat, 12 Nov 2022 05:51:11 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css

104.18.10.207

200 OK

0 B

URL HTTP/2
stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css
IP
104.18.10.207:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bootstrap/4.4.1/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proitcteam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 12 Nov 2022 05:51:10 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:09 GMT
cdn-cachedat: 08/03/2021 15:16:56
cdn-edgestorageid: 601
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-proxyver: 1.0
cdn-status: 200
cdn-requestid: d6b43e13ddbcd4f60dded6d39b2abed5
cdn-cache: HIT
cf-cache-status: HIT
age: 13673258
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 768cfe8b5cdfb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700;1,900&display=swap

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700;1,900&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Source+Sans+Pro:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proitcteam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 12 Nov 2022 05:51:11 GMT
date: Sat, 12 Nov 2022 05:51:11 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files detected

URL

IP

ASN

File type

Size

Hash

Detections

JavaScript (16)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML