Report - infopromoitc.com/dc53213-jamf/79494?uid=Eom3J2HmgvZVNB6cnkqKo6Gw2LeJ9b81KXPotAu&prom_type=regular&prom

Report Overview

Submitted URL
infopromoitc.com/dc53213-jamf/79494?uid=Eom3J2HmgvZVNB6cnkqKo6Gw2LeJ9b81KXPotAu&prom_type=regular&prom_id=201059&pld=26L81sNgpwNGXF&answer=4
IP
54.85.103.102
ASN
#14618 AMAZON-AES
Submitted
2023-01-20 19:23:04
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
20

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
infopromoitc.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	14 kB	3.5 MB	54.85.103.102
p.typekit.net	620	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	844 B	338 B	95.101.11.112
stackpath.bootstrapcdn.com	2467	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	414 B	26 kB	104.18.11.207
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	4.2 kB	142.250.74.163
use.typekit.net	494	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	377 B	4.5 kB	23.33.119.19
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
polyfill.io	102644	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	461 B	702 B	151.101.65.26
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	736 B	3.8 kB	104.18.21.226
via.placeholder.com	26595	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	395 B	2.6 kB	172.64.103.30
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	56 kB	34.120.237.76
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
cdn.jsdelivr.net	439	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	409 B	8.6 kB	151.101.129.229
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	8.4 kB	142.250.74.138
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	1.8 kB	93.184.220.29
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	787 B	46 kB	104.17.25.14
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.162.121.89
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	480 B	17 kB	216.58.207.227

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-20	medium	infopromoitc.com/lib/jq/validator/fb.validation.js	Phishing
2023-01-20	medium	infopromoitc.com/lib/jq/fb.utils.js	Phishing
2023-01-20	medium	infopromoitc.com/lib/jq/cqParams/fb.cqParams.js	Phishing
2023-01-20	medium	infopromoitc.com/lib/jq/otherInput/fb.otherInput.js	Phishing
2023-01-20	medium	infopromoitc.com/lib/uri/uri.js	Phishing
2023-01-20	medium	infopromoitc.com/lib/jq/fb.autoSubmit.js	Phishing
2023-01-20	medium	infopromoitc.com/uploads/uploadedFonts/fontsImport.css?v=1674242573	Phishing
2023-01-20	medium	infopromoitc.com/lib/jq/validator/localization/jq_validation_localizations.boundled.js	Phishing
2023-01-20	medium	infopromoitc.com/lib/uri/uri.js	Phishing
2023-01-20	medium	infopromoitc.com/uploads/uploadedFonts/fontsImport.css?v=1674242575	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
infopromoitc.com/19628-136641-typ-jamf-single-touch-enterprise/79494?uid=Eom3J2HmgvZVNB6cnkqKo6Gw2LeJ9b81KXPotAu&mode=file
IP
54.85.103.102
ASN
#14618 AMAZON-AES

File type
PDF document, version 1.4, 0 pages\012- data
Size
2.7 MB (2738653 bytes)
Hash
62bf2300110a4f4185667b386f5c3799
7afafb6952c8a7900f35b8722fb915c4ba6fd8b5
94bee4a623f4b58cd09340d1520a857357934ab64e8a1f820f8450ff729f1d17

JavaScript (16)

	URL	Size	First Seen	Last Seen
	infopromoitc.com/lib/uri/uri.js	77 kB	2023-03-07	2024-04-24
Pretty URL infopromoitc.com/lib/uri/uri.js IP 54.85.103.102 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:25 Last Seen2024-04-24 17:52:51 Times Seen1497 Hash 64437cd33e2fa1a40e6850ee6388639e 809078716153b491c00852f366ca3f8d6e03df22 96361c580499a6dd7afa83f352fb2a27c159a39daf794e2e6813514be8a8fbe9 Loading...

	infopromoitc.com/lib/jq/validator/localization/jq_validation_localizations.boundled.js	110 kB	2023-03-12	2023-05-26
Pretty URL infopromoitc.com/lib/jq/validator/localization/jq_validation_localizations.boundled.js IP 54.85.103.102 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 16:32:49 Last Seen2023-05-26 19:04:31 Times Seen159 Hash 0316503c9195ac855edffa261d07d42b d1d0da53a844c2f517f598418eaf05b257590266 03e0bf480bf30758d96d540e13a4086d7011b09d88179305355509d9b2f2576a Loading...

	infopromoitc.com/lib/jq/otherInput/fb.otherInput.js	2.3 kB	2023-03-08	2024-02-26
Pretty URL infopromoitc.com/lib/jq/otherInput/fb.otherInput.js IP 54.85.103.102 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 08:30:02 Last Seen2024-02-26 20:40:06 Times Seen202 Hash 98ddf73de28f5fef1378553ea90dc407 9c76c82d52e3512a2fe53c754b135c5a91f1e97c 0bf7b8a2f9d4ebc076ca6ecbfad616bca4bb4d489ab2d021d935c4854585a0d0 Loading...

	pdf.js/build/pdf.js	322 kB	2023-03-07	2023-04-05
Pretty URL pdf.js/build/pdf.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:22 Last Seen2023-04-05 02:12:01 Times Seen1311 Hash 42ee10ee09176e186c5846bab608c4a8 03d49a21c62fc1e134d08cd62593dac460e9981b 7049dcd5d0dc1e88a111356c01ccf1098990dbece884a0d8f3b5f3cafd9f0e81 Loading...

	cdn.jsdelivr.net/npm/jquery-validation@1.19.1/dist/jquery.validate.min.js	24 kB	2023-03-07	2024-04-24
Pretty URL cdn.jsdelivr.net/npm/jquery-validation@1.19.1/dist/jquery.validate.min.js IP 151.101.129.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:26 Last Seen2024-04-24 14:57:56 Times Seen1188 Hash 8a25965d822705f957a243443d219787 0da4c535b50bdb4dffa3b5fae3e999aeee137cb5 b0f074179d185032b4a2d0e7b1f3476b0626039334a638d47f84ef44990616b2 Loading...

	infopromoitc.com/lpScripts/assetsBehavior.js?v=1	9.8 kB	2023-03-13	2023-03-13
Pretty URL infopromoitc.com/lpScripts/assetsBehavior.js?v=1 IP 54.85.103.102 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 02:23:15 Last Seen2023-03-13 05:05:08 Times Seen1 Hash bd63ccb7d2c541fa2245706210f8854b 5a1f7dffd69934229aec7a8497f00fa4739ac5d1 8b65524a53e893c6d6f95a8ea5bb4a85597ede5525bcf0b9cf65b5006dc7c777 Loading...

	infopromoitc.com/lib/jq/cqParams/fb.cqParams.js	2.8 kB	2023-03-07	2024-02-26
Pretty URL infopromoitc.com/lib/jq/cqParams/fb.cqParams.js IP 54.85.103.102 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:32:08 Last Seen2024-02-26 20:40:06 Times Seen184 Hash 55159908ed60d22fd3992732aa7e42d3 57976f1953d1da224e9746296eaac849d69dc5f3 c6b1e77cd2f103d2fa292bf088a9680848a4f94b6c1ef6ee2017c2ba530a03c5 Loading...

	infopromoitc.com/dc53213-jamf/79494?uid=Eom3J2HmgvZVNB6cnkqKo6Gw2LeJ9b81KXPotAu&prom_type=regular&prom_id=201059&pld=26L81sNgpwNGXF&answer=4	98 B	2023-03-07	2023-05-24
Pretty URL infopromoitc.com/dc53213-jamf/79494?uid=Eom3J2HmgvZVNB6cnkqKo6Gw2LeJ9b81KXPotAu&prom_type=regular&prom_id=201059&pld=26L81sNgpwNGXF&answer=4 IP 54.85.103.102 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:32:08 Last Seen2023-05-24 08:12:57 Times Seen66 Hash bd1bb06e1eb2513d80d713f827f44a47 e16d34af3ee95682c44aea25471460209bf69f61 a415cd8038dc4ff7548175717a3c9d05be601ac83c010f17066c33bbaa9da799 Loading...

	pdf.js/web/viewer.js	374 kB	2023-03-07	2023-04-05
Pretty URL pdf.js/web/viewer.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:22 Last Seen2023-04-05 02:12:01 Times Seen1357 Hash 7f28003dcd68438eee3f0fb20757243c 7f119fdc77292f13ea6d6a72d0e16373e1d7bb23 f9a11592ab64edfa8c23f7f97c7ab331c689185292fdb490d039b89c70fb01b0 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js	90 kB	2023-03-07	2024-04-25
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-25 01:48:41 Times Seen139046 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	polyfill.io/v3/polyfill.min.js?version=3.52.1&features=URL%2CURLSearchParams%2Ces5%2Ces6%2Ces7	72 B	2023-03-07	2024-04-21
Pretty URL polyfill.io/v3/polyfill.min.js?version=3.52.1&features=URL%2CURLSearchParams%2Ces5%2Ces6%2Ces7 IP 151.101.65.26 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:35 Last Seen2024-04-21 06:42:33 Times Seen290 Hash 7bf5fb2fd30cea050be6a48b90343984 e3d8fc7eec3e4338218b844d40a1ae86cc8581c6 aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11 Loading...

	infopromoitc.com/dc53213-jamf/79494?uid=Eom3J2HmgvZVNB6cnkqKo6Gw2LeJ9b81KXPotAu&prom_type=regular&prom_id=201059&pld=26L81sNgpwNGXF&answer=4	58 B	2023-03-07	2023-05-24
Pretty URL infopromoitc.com/dc53213-jamf/79494?uid=Eom3J2HmgvZVNB6cnkqKo6Gw2LeJ9b81KXPotAu&prom_type=regular&prom_id=201059&pld=26L81sNgpwNGXF&answer=4 IP 54.85.103.102 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:32:08 Last Seen2023-05-24 08:12:57 Times Seen66 Hash ea4cdd05ea02fc381650389e3513ec3a ae902087b2cde7a4e0d58c1a5eb3fc8310b2c755 f2738345b1d22b55dbcfbd3c3fd7ed8ed4e9ed7ca68e35b86135c2a9211ef4ed Loading...

	infopromoitc.com/lib/jq/validator/fb.validation.js	2.0 kB	2023-03-07	2023-03-26
Pretty URL infopromoitc.com/lib/jq/validator/fb.validation.js IP 54.85.103.102 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:32:08 Last Seen2023-03-26 08:44:40 Times Seen28 Hash 60f78449c35e69490026e3f739d322dc a0f988cad0941c050d4ecbe1d58f450193c604d2 ee75b43f5de847b148b9ed76c06b5db9566ba8da3ac35c726ed43ef9f9b2c3e3 Loading...

	infopromoitc.com/lib/jq/fb.autoSubmit.js	604 B	2023-03-12	2024-02-26
Pretty URL infopromoitc.com/lib/jq/fb.autoSubmit.js IP 54.85.103.102 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 16:32:49 Last Seen2024-02-26 20:40:06 Times Seen202 Hash 0a52231b24a9f8a0f2489261a3aac5db a2d0829b6030e795da8f556c17acedce1fb58a5a aa704c7c7552d95db32e393c6002b674df0e2fe05e586f891e631d9213794813 Loading...

	unknown	0 B	2023-03-07	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 03:07:53 Times Seen37053126 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	infopromoitc.com/lib/jq/fb.utils.js	23 kB	2023-03-12	2023-03-26
Pretty URL infopromoitc.com/lib/jq/fb.utils.js IP 54.85.103.102 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 16:32:49 Last Seen2023-03-26 08:44:40 Times Seen28 Hash 90995dadf563467d686de6798c30f552 471b35162ebdd89ce3cf5d434dc85fe22d44d866 e4430f968a8fc38f43bc77f4e7174b82609bc4cb6efb32c223f235449c018d36 Loading...

HTTP Transactions (72)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
37284a837312d6586460a3b86bbe7bd0
6ac0847abd48eb8607597218aaa2cb2d434c012b
6a0e11bb042555d72b397ae0cc3d5e242d3a3fe04418e28ffd222decca7d16ca

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A0E11BB042555D72B397AE0CC3D5E242D3A3FE04418E28FFD222DECCA7D16CA"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3878
Expires: Fri, 20 Jan 2023 20:27:30 GMT
Date: Fri, 20 Jan 2023 19:22:52 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8a5e416451617846248067d72b675125
995b0346adefaf5f2e167d1b81e60cc9afc4f19e
c5fafb9127b71cbd4f7b1a44f755fc4aa0e2f47bbc50de4b15c870a22bf160d9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5FAFB9127B71CBD4F7B1A44F755FC4AA0E2F47BBC50DE4B15C870A22BF160D9"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7299
Expires: Fri, 20 Jan 2023 21:24:31 GMT
Date: Fri, 20 Jan 2023 19:22:52 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 20 Jan 2023 18:49:34 GMT
content-type: application/json
age: 1998
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7afaa97fbfa9baa1485c892eac8e114d
8c17c707c218e28ac14197ce8e5eef873207a732
59db16baacb452453dbf44fc2a24f25ab09c4dbaec3a9271fda84230d8f11925

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "59DB16BAACB452453DBF44FC2A24F25AB09C4DBAEC3A9271FDA84230D8F11925"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14541
Expires: Fri, 20 Jan 2023 23:25:13 GMT
Date: Fri, 20 Jan 2023 19:22:52 GMT
Connection: keep-alive

infopromoitc.com/dc53213-jamf/79494?uid=Eom3J2HmgvZVNB6cnkqKo6Gw2LeJ9b81KXPotAu&prom_type=regular&prom_id=201059&pld=26L81sNgpwNGXF&answer=4

54.85.103.102

301 Moved Permanently

169 B

URL HTTP/1.1
infopromoitc.com/dc53213-jamf/79494?uid=Eom3J2HmgvZVNB6cnkqKo6Gw2LeJ9b81KXPotAu&prom_type=regular&prom_id=201059&pld=26L81sNgpwNGXF&answer=4
IP
54.85.103.102:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
169 B (169 bytes)
Hash
130d1009f10d4fb1cede97de52442d1f
20a7a05cc7df967bae4e1b71f5e8f299eb556003
c389e590871a87f27ad27393cf7f2947c3ede6ba1cca818cbcff4131e0d0eac4

HTTP Headers

GET /dc53213-jamf/79494?uid=Eom3J2HmgvZVNB6cnkqKo6Gw2LeJ9b81KXPotAu&prom_type=regular&prom_id=201059&pld=26L81sNgpwNGXF&answer=4 HTTP/1.1
Host: infopromoitc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx/1.22.1
Date: Fri, 20 Jan 2023 19:22:52 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://infopromoitc.com/dc53213-jamf/79494?uid=Eom3J2HmgvZVNB6cnkqKo6Gw2LeJ9b81KXPotAu&prom_type=regular&prom_id=201059&pld=26L81sNgpwNGXF&answer=4

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 2Y4dusb+YcWvy5qVvdf6VzyU2VZnRFSXI8UuPJf1QFQbXz/NK5g2J1LAN71iCSGBDrG7qwIip24=
x-amz-request-id: 2D96C9GHJV41SV79
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 20 Jan 2023 18:46:28 GMT
age: 2184
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 20 Jan 2023 19:22:52 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8c69a7b14bad21214b680b4b54c24758
bbc94a280df1143a705d549421a300db19c7f6eb
f2628ac3e8fd739ea85fd929181d73d34c2af54050de1dc7f3faf08b20cddcc3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F2628AC3E8FD739EA85FD929181D73D34C2AF54050DE1DC7F3FAF08B20CDDCC3"
Last-Modified: Wed, 18 Jan 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21551
Expires: Sat, 21 Jan 2023 01:22:04 GMT
Date: Fri, 20 Jan 2023 19:22:53 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 20 Jan 2023 19:17:28 GMT
age: 325
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

infopromoitc.com/dc53213-jamf/79494?uid=Eom3J2HmgvZVNB6cnkqKo6Gw2LeJ9b81KXPotAu&prom_type=regular&prom_id=201059&pld=26L81sNgpwNGXF&answer=4

54.85.103.102

200 OK

8.3 kB

URL HTTP/1.1
infopromoitc.com/dc53213-jamf/79494?uid=Eom3J2HmgvZVNB6cnkqKo6Gw2LeJ9b81KXPotAu&prom_type=regular&prom_id=201059&pld=26L81sNgpwNGXF&answer=4
IP
54.85.103.102:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (15037)
Size
8.3 kB (8267 bytes)
Hash
f4b334ff0673d6c663f8665f628dc8fe
8927c3a31c3238469b5791e1b41d816b17036b43
17cd469e5f235ac59e0b8487fe78cc69ee53adf61b5673fde127f8ffcc2462fd

HTTP Headers

GET /dc53213-jamf/79494?uid=Eom3J2HmgvZVNB6cnkqKo6Gw2LeJ9b81KXPotAu&prom_type=regular&prom_id=201059&pld=26L81sNgpwNGXF&answer=4 HTTP/1.1
Host: infopromoitc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Fri, 20 Jan 2023 19:22:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.4.16
Cache-Control: max-age=0, must-revalidate, private
pragma: no-cache
Expires: Fri, 20 Jan 2023 19:22:53 GMT
SSLSN: /infopromoitc.com
Content-Encoding: gzip

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
bdb8a13dfce39d6e151a9ef185a772a1
037a680510f9dbce3c7cc3c0f9115fd587dbcd1d
98c8b7f269b9aad73b73fd946788ebfd7a4d7afbdd5347b56c67f73b947f5ff6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5292
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 19:22:53 GMT
Last-Modified: Fri, 20 Jan 2023 17:54:41 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

104.17.25.14

200 OK

28 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65451)
Size
28 kB (27958 bytes)
Hash
4b5f47439b640180cc3450f7de05d0d8
5a0dc9bcab80ddc409dd35fcb00a88fe6846fee2
1f85e8b327f42c17c025d69849914068536d9aa95412fe473ae90ffb2f4ebd82

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infopromoitc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 20 Jan 2023 19:22:53 GMT
content-type: application/javascript; charset=utf-8
content-length: 27958
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb09ed3-15d84"
last-modified: Mon, 04 May 2020 23:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 89032
expires: Wed, 10 Jan 2024 19:22:53 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FxQdgsNHc7eHOfYLfsLcbYwN6XnzLJxTknczdGQ9ih3E3imPEVWpng8beEXK8l2nPIWFM7uzGje9aXyJFBMztmVR36bbh1HZk%2BXDQX6Bs5bJEpYQ2xFJCmB94E%2FwyXnXz%2FoCpK7G"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78ca2e75ce3a0b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/select2/4.0.13/js/select2.min.js

104.17.25.14

200 OK

16 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/select2/4.0.13/js/select2.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (64131)
Size
16 kB (16456 bytes)
Hash
e969f2fd683c8d12ccbfa6ec0487dadf
4efb5abd97f96f324fd3bd64902a02e4a8a3d3af
10375c0c9bd1d60f996e3b7eef19ada49ebc3790f78742204cef7026754d2ac2

HTTP Headers

GET /ajax/libs/select2/4.0.13/js/select2.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://infopromoitc.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 20 Jan 2023 19:22:53 GMT
content-type: application/javascript; charset=utf-8
content-length: 16456
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5ecc8659-114c3"
last-modified: Tue, 26 May 2020 03:00:41 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1305648
expires: Wed, 10 Jan 2024 19:22:53 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oxFzlvMzoo%2FXJ2mzHVkHTKHSw%2Bgo1214PyNvTnuDaRvrTzf%2FBELa6beSzJoB%2FPUozeNZKN4vIPm0ae1iyB71rAyfShjjAkRlsTpg%2B1TKdKGV2Ex%2BEiNJyhSw%2B3%2ByjaYQAlopomFN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78ca2e75cc7e0b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

infopromoitc.com/ckeditor/contents.css?t=MBSF

54.85.103.102

200 OK

2.9 kB

URL HTTP/1.1
infopromoitc.com/ckeditor/contents.css?t=MBSF
IP
54.85.103.102:0
ASN
#14618 AMAZON-AES

File type
ASCII text
Size
2.9 kB (2886 bytes)
Hash
ea34863bd1770c4274d7ed7c58449f2a
1aefe351289c27d7b741cd38baaaad3398e306ba
43b78285c786c968e35d8a44aafb06df291e840e106bd01ddf36df96ce84ff5d

HTTP Headers

GET /ckeditor/contents.css?t=MBSF HTTP/1.1
Host: infopromoitc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infopromoitc.com/dc53213-jamf/79494?uid=Eom3J2HmgvZVNB6cnkqKo6Gw2LeJ9b81KXPotAu&prom_type=regular&prom_id=201059&pld=26L81sNgpwNGXF&answer=4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Fri, 20 Jan 2023 19:22:53 GMT
Content-Type: text/css
Content-Length: 2886
Connection: keep-alive
Last-Modified: Fri, 20 Jan 2023 13:46:58 GMT
ETag: "63ca9b52-b46"
Expires: Fri, 20 Jan 2023 19:22:53 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
SSLSN: /infopromoitc.com

polyfill.io/v3/polyfill.min.js?version=3.52.1&features=URL%2CURLSearchParams%2Ces5%2Ces6%2Ces7

151.101.65.26

200 OK

74 B

URL HTTP/2
polyfill.io/v3/polyfill.min.js?version=3.52.1&features=URL%2CURLSearchParams%2Ces5%2Ces6%2Ces7
IP
151.101.65.26:0
ASN
#54113 FASTLY

File type
ASCII text
Size
74 B (74 bytes)
Hash
bdb6d8e9b581dfbdb87566776ede0cbd
d18cdeacd5c146b34919955e97e51b7db50d0d9b
fe35c33df2fa5edeac1dbbe512a6e92c5b1e7fb5c204df818e23ea07b5121add

HTTP Headers

GET /v3/polyfill.min.js?version=3.52.1&features=URL%2CURLSearchParams%2Ces5%2Ces6%2Ces7 HTTP/1.1
Host: polyfill.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://infopromoitc.com
Connection: keep-alive
Referer: https://infopromoitc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
content-type: text/javascript; charset=UTF-8
last-modified: Wed, 11 Jan 2023 11:21:48 GMT
content-encoding: br
age: 0
accept-ranges: bytes
useragent_normaliser: firefox/105.0.0
date: Fri, 20 Jan 2023 19:22:53 GMT
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
vary: User-Agent, Accept-Encoding
server-timing: PASS, fastly;desc="Edge time";dur=14
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 74
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/jquery-validation@1.19.1/dist/jquery.validate.min.js

151.101.129.229

200 OK

7.8 kB

URL HTTP/2
cdn.jsdelivr.net/npm/jquery-validation@1.19.1/dist/jquery.validate.min.js
IP
151.101.129.229:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (24237)
Size
7.8 kB (7815 bytes)
Hash
144d2fdbeb2ac0a55e26fd4d3bcb6aa7
7b00473f6a8170bcb0573cec68acea35684250c7
5e9ecf8613ebbaae3c171d1ba18e6af51d41ed136730e2764784f12679fda526

HTTP Headers

GET /npm/jquery-validation@1.19.1/dist/jquery.validate.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infopromoitc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.19.1
x-jsd-version-type: version
etag: W/"5f38-DaTFNbUL203/o7X64+mZru4TfLU"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 20 Jan 2023 19:22:53 GMT
age: 823884
x-served-by: cache-fra-eddf8230052-FRA, cache-bma1657-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7815
X-Firefox-Spdy: h2

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
3e21ce61f5661b5ada373c4cf4cffe15
00c3db7a0a4988bdd5e1fcdbf1bfa62b5203e7da
2ac0577768337dbda93f0c32c41896237588dfde02f51a68c8cdd0252e0edd04

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 20 Jan 2023 19:22:53 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "7FE9082AA2B5C12A480868C27733D74DCD44252E"
Expires: Sat, 21 Jan 2023 05:00:00 GMT
Last-Modified: Fri, 20 Jan 2023 17:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1549
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78ca2e766cc2b50c-OSL

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
80031a153815e75f05faa152bd3cee0f
cbc2cce81c98446fdae43d576ae3947abd018322
e29eede3044f4de8cc8cb90f13f75fd47d98d5a40d315b7e858f5c94e6b33867

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 20 Jan 2023 19:22:53 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "AAB810CDBD48576575CF08A68D6B74FE6897CC10"
Expires: Sat, 21 Jan 2023 05:00:00 GMT
Last-Modified: Fri, 20 Jan 2023 17:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3565
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78ca2e766c6bb521-OSL

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
a14558836cdd154e38d745b780f845f2
b14541c48d6522fd7b54f589fe344260e3874529
53370da335862dbc0b95831deff8326a3c1b2521278a87e8febf7823d249e7da

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5044
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 19:22:53 GMT
Last-Modified: Fri, 20 Jan 2023 17:58:49 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279

infopromoitc.com/ckeditor/plugins/formBuilder/styles/formBuilder.css?v=1.3.1673026587607

54.85.103.102

200 OK

5.2 kB

URL HTTP/1.1
infopromoitc.com/ckeditor/plugins/formBuilder/styles/formBuilder.css?v=1.3.1673026587607
IP
54.85.103.102:0
ASN
#14618 AMAZON-AES

File type
ASCII text
Size
5.2 kB (5201 bytes)
Hash
e741d2aa47efe7dda9dfe0a5014fef0e
30ebfe60d0832bb8114c6ba155f0ddb15c1a527c
68c2e3489d098db2a6e2ddba9f32ff172d1c0ff0983b9b3c3c0b59c8a850cf20

HTTP Headers

GET /ckeditor/plugins/formBuilder/styles/formBuilder.css?v=1.3.1673026587607 HTTP/1.1
Host: infopromoitc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infopromoitc.com/dc53213-jamf/79494?uid=Eom3J2HmgvZVNB6cnkqKo6Gw2LeJ9b81KXPotAu&prom_type=regular&prom_id=201059&pld=26L81sNgpwNGXF&answer=4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Fri, 20 Jan 2023 19:22:53 GMT
Content-Type: text/css
Content-Length: 5201
Connection: keep-alive
Last-Modified: Fri, 20 Jan 2023 13:46:58 GMT
ETag: "63ca9b52-1451"
Expires: Fri, 20 Jan 2023 19:22:53 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
SSLSN: /infopromoitc.com

push.services.mozilla.com/

35.162.121.89

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.162.121.89:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ripYx4k3bqkR8lkEyGmG8g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ZL0E7gjHSOHKMOidI0pLbZL9Kck=

infopromoitc.com/lib/jq/validator/fb.validation.js

54.85.103.102

200 OK

2.0 kB

URL HTTP/1.1
infopromoitc.com/lib/jq/validator/fb.validation.js
IP
54.85.103.102:0
ASN
#14618 AMAZON-AES

File type
ASCII text
Size
2.0 kB (2011 bytes)
Hash
60f78449c35e69490026e3f739d322dc
a0f988cad0941c050d4ecbe1d58f450193c604d2
ee75b43f5de847b148b9ed76c06b5db9566ba8da3ac35c726ed43ef9f9b2c3e3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lib/jq/validator/fb.validation.js HTTP/1.1
Host: infopromoitc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infopromoitc.com/dc53213-jamf/79494?uid=Eom3J2HmgvZVNB6cnkqKo6Gw2LeJ9b81KXPotAu&prom_type=regular&prom_id=201059&pld=26L81sNgpwNGXF&answer=4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Fri, 20 Jan 2023 19:22:53 GMT
Content-Type: application/javascript
Content-Length: 2011
Connection: keep-alive
Last-Modified: Wed, 09 Jun 2021 11:25:31 GMT
ETag: "60c0a52b-7db"
Expires: Fri, 20 Jan 2023 19:22:53 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
SSLSN: /infopromoitc.com

infopromoitc.com/ckeditor/plugins/lpLinkV2/css/styles.css

54.85.103.102

200 OK

2.2 kB

URL HTTP/1.1
infopromoitc.com/ckeditor/plugins/lpLinkV2/css/styles.css
IP
54.85.103.102:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (2158)
Size
2.2 kB (2159 bytes)
Hash
20944bcec784ce7e2b95b62808da9869
29fa6fc754e5f8cda684cfcadad4b996f7404e61
479da2477e3d7631c8cca6c411d1b2afad9d5e66bc6bb7acc8b1bdafadd75499

HTTP Headers

GET /ckeditor/plugins/lpLinkV2/css/styles.css HTTP/1.1
Host: infopromoitc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infopromoitc.com/dc53213-jamf/79494?uid=Eom3J2HmgvZVNB6cnkqKo6Gw2LeJ9b81KXPotAu&prom_type=regular&prom_id=201059&pld=26L81sNgpwNGXF&answer=4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Fri, 20 Jan 2023 19:22:53 GMT
Content-Type: text/css
Content-Length: 2159
Connection: keep-alive
Last-Modified: Fri, 20 Jan 2023 13:46:58 GMT
ETag: "63ca9b52-86f"
Expires: Fri, 20 Jan 2023 19:22:53 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
SSLSN: /infopromoitc.com

infopromoitc.com/lib/jq/fb.utils.js

54.85.103.102

200 OK

23 kB

URL HTTP/1.1
infopromoitc.com/lib/jq/fb.utils.js
IP
54.85.103.102:0
ASN
#14618 AMAZON-AES

File type
Unicode text, UTF-8 text
Size
23 kB (23118 bytes)
Hash
90995dadf563467d686de6798c30f552
471b35162ebdd89ce3cf5d434dc85fe22d44d866
e4430f968a8fc38f43bc77f4e7174b82609bc4cb6efb32c223f235449c018d36

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lib/jq/fb.utils.js HTTP/1.1
Host: infopromoitc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infopromoitc.com/dc53213-jamf/79494?uid=Eom3J2HmgvZVNB6cnkqKo6Gw2LeJ9b81KXPotAu&prom_type=regular&prom_id=201059&pld=26L81sNgpwNGXF&answer=4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Fri, 20 Jan 2023 19:22:53 GMT
Content-Type: application/javascript
Content-Length: 23118
Connection: keep-alive
Last-Modified: Wed, 04 Jan 2023 12:09:12 GMT
ETag: "63b56c68-5a4e"
Expires: Fri, 20 Jan 2023 19:22:53 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
SSLSN: /infopromoitc.com

infopromoitc.com/lib/jq/cqParams/fb.cqParams.js

54.85.103.102

200 OK

2.8 kB

URL HTTP/1.1
infopromoitc.com/lib/jq/cqParams/fb.cqParams.js
IP
54.85.103.102:0
ASN
#14618 AMAZON-AES

File type
ASCII text
Size
2.8 kB (2815 bytes)
Hash
55159908ed60d22fd3992732aa7e42d3
57976f1953d1da224e9746296eaac849d69dc5f3
c6b1e77cd2f103d2fa292bf088a9680848a4f94b6c1ef6ee2017c2ba530a03c5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lib/jq/cqParams/fb.cqParams.js HTTP/1.1
Host: infopromoitc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infopromoitc.com/dc53213-jamf/79494?uid=Eom3J2HmgvZVNB6cnkqKo6Gw2LeJ9b81KXPotAu&prom_type=regular&prom_id=201059&pld=26L81sNgpwNGXF&answer=4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Fri, 20 Jan 2023 19:22:54 GMT
Content-Type: application/javascript
Content-Length: 2815
Connection: keep-alive
Last-Modified: Tue, 14 Sep 2021 10:49:24 GMT
ETag: "61407e34-aff"
Expires: Fri, 20 Jan 2023 19:22:54 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
SSLSN: /infopromoitc.com

infopromoitc.com/lib/jq/otherInput/fb.otherInput.js

54.85.103.102

200 OK

2.3 kB

URL HTTP/1.1
infopromoitc.com/lib/jq/otherInput/fb.otherInput.js
IP
54.85.103.102:0
ASN
#14618 AMAZON-AES

File type
ASCII text
Size
2.3 kB (2332 bytes)
Hash
98ddf73de28f5fef1378553ea90dc407
9c76c82d52e3512a2fe53c754b135c5a91f1e97c
0bf7b8a2f9d4ebc076ca6ecbfad616bca4bb4d489ab2d021d935c4854585a0d0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lib/jq/otherInput/fb.otherInput.js HTTP/1.1
Host: infopromoitc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infopromoitc.com/dc53213-jamf/79494?uid=Eom3J2HmgvZVNB6cnkqKo6Gw2LeJ9b81KXPotAu&prom_type=regular&prom_id=201059&pld=26L81sNgpwNGXF&answer=4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Fri, 20 Jan 2023 19:22:54 GMT
Content-Type: application/javascript
Content-Length: 2332
Connection: keep-alive
Last-Modified: Fri, 07 Oct 2022 13:13:57 GMT
ETag: "63402615-91c"
Expires: Fri, 20 Jan 2023 19:22:54 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
SSLSN: /infopromoitc.com

infopromoitc.com/lib/uri/uri.js

54.85.103.102

200 OK

77 kB

URL HTTP/1.1
infopromoitc.com/lib/uri/uri.js
IP
54.85.103.102:0
ASN
#14618 AMAZON-AES

File type
Unicode text, UTF-8 text, with very long lines (1107)
Size
77 kB (76862 bytes)
Hash
64437cd33e2fa1a40e6850ee6388639e
809078716153b491c00852f366ca3f8d6e03df22
96361c580499a6dd7afa83f352fb2a27c159a39daf794e2e6813514be8a8fbe9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lib/uri/uri.js HTTP/1.1
Host: infopromoitc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infopromoitc.com/dc53213-jamf/79494?uid=Eom3J2HmgvZVNB6cnkqKo6Gw2LeJ9b81KXPotAu&prom_type=regular&prom_id=201059&pld=26L81sNgpwNGXF&answer=4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Fri, 20 Jan 2023 19:22:53 GMT
Content-Type: application/javascript
Content-Length: 76862
Connection: keep-alive
Last-Modified: Mon, 12 Apr 2021 20:19:39 GMT
ETag: "6074ab5b-12c3e"
Expires: Fri, 20 Jan 2023 19:22:53 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
SSLSN: /infopromoitc.com

infopromoitc.com/lib/jq/fb.autoSubmit.js

54.85.103.102

200 OK

604 B

URL HTTP/1.1
infopromoitc.com/lib/jq/fb.autoSubmit.js
IP
54.85.103.102:0
ASN
#14618 AMAZON-AES

File type
ASCII text
Size
604 B (604 bytes)
Hash
0a52231b24a9f8a0f2489261a3aac5db
a2d0829b6030e795da8f556c17acedce1fb58a5a
aa704c7c7552d95db32e393c6002b674df0e2fe05e586f891e631d9213794813

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lib/jq/fb.autoSubmit.js HTTP/1.1
Host: infopromoitc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infopromoitc.com/dc53213-jamf/79494?uid=Eom3J2HmgvZVNB6cnkqKo6Gw2LeJ9b81KXPotAu&prom_type=regular&prom_id=201059&pld=26L81sNgpwNGXF&answer=4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Fri, 20 Jan 2023 19:22:54 GMT
Content-Type: application/javascript
Content-Length: 604
Connection: keep-alive
Last-Modified: Wed, 04 Jan 2023 12:09:12 GMT
ETag: "63b56c68-25c"
Expires: Fri, 20 Jan 2023 19:22:54 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
SSLSN: /infopromoitc.com

infopromoitc.com/lpScripts/assetsBehavior.js?v=1

54.85.103.102

200 OK

9.8 kB

URL HTTP/1.1
infopromoitc.com/lpScripts/assetsBehavior.js?v=1
IP
54.85.103.102:0
ASN
#14618 AMAZON-AES

File type
ASCII text
Size
9.8 kB (9809 bytes)
Hash
bd63ccb7d2c541fa2245706210f8854b
5a1f7dffd69934229aec7a8497f00fa4739ac5d1
8b65524a53e893c6d6f95a8ea5bb4a85597ede5525bcf0b9cf65b5006dc7c777

HTTP Headers

GET /lpScripts/assetsBehavior.js?v=1 HTTP/1.1
Host: infopromoitc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infopromoitc.com/dc53213-jamf/79494?uid=Eom3J2HmgvZVNB6cnkqKo6Gw2LeJ9b81KXPotAu&prom_type=regular&prom_id=201059&pld=26L81sNgpwNGXF&answer=4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Fri, 20 Jan 2023 19:22:54 GMT
Content-Type: application/javascript
Content-Length: 9809
Connection: keep-alive
Last-Modified: Wed, 18 Jan 2023 12:43:50 GMT
ETag: "63c7e986-2651"
Expires: Fri, 20 Jan 2023 19:22:54 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
SSLSN: /infopromoitc.com

infopromoitc.com/uploads/uploadedFonts/fontsImport.css?v=1674242573

54.85.103.102

200 OK

110 kB

URL HTTP/1.1
infopromoitc.com/uploads/uploadedFonts/fontsImport.css?v=1674242573
IP
54.85.103.102:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (508)
Size
110 kB (110196 bytes)
Hash
3af02269b88f2e49d90a29e298b0d617
72dff55c74159b8b3aa4ea32438d19edfa915033
c6690ac21b45495662a03c76cd4248bcd19ecd1559c3dd8750b56fc7eaf82fbd

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /uploads/uploadedFonts/fontsImport.css?v=1674242573 HTTP/1.1
Host: infopromoitc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infopromoitc.com/dc53213-jamf/79494?uid=Eom3J2HmgvZVNB6cnkqKo6Gw2LeJ9b81KXPotAu&prom_type=regular&prom_id=201059&pld=26L81sNgpwNGXF&answer=4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Fri, 20 Jan 2023 19:22:53 GMT
Content-Type: text/css
Content-Length: 110196
Connection: keep-alive
Last-Modified: Tue, 27 Dec 2022 15:43:31 GMT
ETag: "63ab12a3-1ae74"
Expires: Fri, 20 Jan 2023 19:22:53 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
SSLSN: /infopromoitc.com

infopromoitc.com/lib/jq/validator/localization/jq_validation_localizations.boundled.js

54.85.103.102

200 OK

110 kB

URL HTTP/1.1
infopromoitc.com/lib/jq/validator/localization/jq_validation_localizations.boundled.js
IP
54.85.103.102:0
ASN
#14618 AMAZON-AES

File type
Unicode text, UTF-8 text
Size
110 kB (110412 bytes)
Hash
0316503c9195ac855edffa261d07d42b
d1d0da53a844c2f517f598418eaf05b257590266
03e0bf480bf30758d96d540e13a4086d7011b09d88179305355509d9b2f2576a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lib/jq/validator/localization/jq_validation_localizations.boundled.js HTTP/1.1
Host: infopromoitc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infopromoitc.com/dc53213-jamf/79494?uid=Eom3J2HmgvZVNB6cnkqKo6Gw2LeJ9b81KXPotAu&prom_type=regular&prom_id=201059&pld=26L81sNgpwNGXF&answer=4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Fri, 20 Jan 2023 19:22:53 GMT
Content-Type: application/javascript
Content-Length: 110412
Connection: keep-alive
Last-Modified: Wed, 04 Jan 2023 12:09:12 GMT
ETag: "63b56c68-1af4c"
Expires: Fri, 20 Jan 2023 19:22:53 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
SSLSN: /infopromoitc.com

stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css

104.18.11.207

200 OK

25 kB

URL HTTP/2
stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css
IP
104.18.11.207:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65324)
Size
25 kB (25256 bytes)
Hash
dc95291d4697d4a6a98e095cffc10bf7
77b68c8875e71658b3ae5b0759700494af3ecb2c
af7bc916648c094f9f9179daf5695561fc824c0e2f5cb775ec44e38237a4ded7

HTTP Headers

GET /bootstrap/4.4.1/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infopromoitc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 20 Jan 2023 19:22:53 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:09 GMT
cdn-cachedat: 08/03/2021 15:16:56
cdn-edgestorageid: 601
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-proxyver: 1.0
cdn-status: 200
cdn-requestid: d6b43e13ddbcd4f60dded6d39b2abed5
cdn-cache: HIT
cf-cache-status: HIT
age: 19683561
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 78ca2e7639adb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
bd9ed9c3f88cda5456e13a134e27b268
aaa82eb935ce140174b2392ac7f7d80e2ddff1c5
a5621fa38dc23d545f834fc7331e59fc61825004b2c599c11c89628175333ca6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 19:22:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
bd9ed9c3f88cda5456e13a134e27b268
aaa82eb935ce140174b2392ac7f7d80e2ddff1c5
a5621fa38dc23d545f834fc7331e59fc61825004b2c599c11c89628175333ca6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 19:22:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
bd9ed9c3f88cda5456e13a134e27b268
aaa82eb935ce140174b2392ac7f7d80e2ddff1c5
a5621fa38dc23d545f834fc7331e59fc61825004b2c599c11c89628175333ca6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 19:22:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5422c49666fc195ae94aa0f5cf837bfc
e0f1dd926cd9328ccf9cc99389337056c62f1043
f639aad2dc85708fa922b793660f13ae597f275a8ebf61e7e72fb2bce257cc76

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 19:22:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
181f94afdeb63f9b2c1e571c3f2d042c
1b41dc960ed18072d5396bb4f04a8fe15e5aa074
52c301a74cfa31fb006b573d27f814c791795021f92304bd6599c647f06d457b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3317
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 19:22:54 GMT
Last-Modified: Fri, 20 Jan 2023 18:27:39 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 280

fonts.googleapis.com/css2?family=Ubuntu:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap

142.250.74.138

200 OK

1.3 kB

URL HTTP/2
fonts.googleapis.com/css2?family=Ubuntu:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap
IP
142.250.74.138:0
ASN
#15169 GOOGLE

File type
data
Size
1.3 kB (1316 bytes)
Hash
f74b73503290fb029a1639096d1e51e3
893ae10e11b7fc1f836f082c02183a3b5ddee68b
da43669d9798dfd14ab15042a93993611b3813ac4b542e08a94b7931b7292d27

HTTP Headers

GET /css2?family=Ubuntu:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infopromoitc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 20 Jan 2023 19:22:54 GMT
date: Fri, 20 Jan 2023 19:22:54 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

via.placeholder.com/1280x320?text=LOGO

172.64.103.30

200 OK

1.8 kB

URL HTTP/2
via.placeholder.com/1280x320?text=LOGO
IP
172.64.103.30:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1280 x 320, 4-bit colormap, non-interlaced\012- data
Size
1.8 kB (1836 bytes)
Hash
c901b21688c204362c755b50dd01661c
21d804d25c253dbbebb24e2ec93c20e513d1aca9
cda6d49363c0eb3be56104f772fc8c2c334c132f2829ab30c246ad19f103454a

HTTP Headers

GET /1280x320?text=LOGO HTTP/1.1
Host: via.placeholder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infopromoitc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 20 Jan 2023 19:22:54 GMT
content-type: image/png
content-length: 1836
last-modified: Wed, 30 Dec 2020 14:00:06 GMT
etag: "5fec87e6-72c"
expires: Fri, 27 Jan 2023 19:22:36 GMT
cache-control: max-age=604800
x-cache: L1
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2B3w9cAHYE%2F1ooPn%2Bndo4mfMtuvg1WyZODcvlXXvRg6dDHwN3AUS3jBO5WiR9GP9HdDlkxQF%2BNgXirWS%2FWuTbiodgs9T4JnXDbNW7Po2Mntn5xbEMXfpF22b1sO%2FqGvFk6UTFVqA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78ca2e7a1bda76f6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

use.typekit.net/mgr2odi.css

23.33.119.19

200 OK

4.1 kB

URL HTTP/2
use.typekit.net/mgr2odi.css
IP
23.33.119.19:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 text, with very long lines (520)
Size
4.1 kB (4083 bytes)
Hash
609b64c6359e37c88bbd245ba638b89f
dd850df3bcab5430f55c233b626cd8f446de3ba2
bfee3862850ad498e1f660bd51f135340cd36894b836ea0e4ae04dbdb9abc72b

HTTP Headers

GET /mgr2odi.css HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infopromoitc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-type: text/css;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 4083
date: Fri, 20 Jan 2023 19:22:54 GMT
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Noto+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap

142.250.74.138

200 OK

1.1 kB

URL HTTP/2
fonts.googleapis.com/css2?family=Noto+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap
IP
142.250.74.138:0
ASN
#15169 GOOGLE

File type
data
Size
1.1 kB (1143 bytes)
Hash
68d2f37954e1702da439b33d50bed5f6
c5579ea9d23a2b16b7973e8c04ce2c2a10d8e038
8e41323adfd97c21263883ac0cfea11bf286a9a13a3dfa4daf574db5edd19589

HTTP Headers

GET /css2?family=Noto+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infopromoitc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 20 Jan 2023 19:22:54 GMT
date: Fri, 20 Jan 2023 19:22:54 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

p.typekit.net/p.css?s=1&k=mgr2odi&ht=tk&f=137.138.139.140.169.170.171.172.173.174.175.176.5474.5475.25136.25137.143.144.147.148.156.157.161.162.2003.2004.2005.2006.2007.2008.2009.2010.2011.2012.9938.9939.39002.39004.12046.12047.12048.12049.12050.12051.12053.12054.12055.12056.17398.17399.17400.17401.22618.22619.14032.14033.14034.14035.26425.26426.35617.35620.26435.35615.26438.26439.35630.35633.26448.35628.26893.26894.26897.26898.26909.26910.26913.26914.29382.29383&a=14392602&app=typekit&e=css

95.101.11.112

200 OK

5 B

URL HTTP/2
p.typekit.net/p.css?s=1&k=mgr2odi&ht=tk&f=137.138.139.140.169.170.171.172.173.174.175.176.5474.5475.25136.25137.143.144.147.148.156.157.161.162.2003.2004.2005.2006.2007.2008.2009.2010.2011.2012.9938.9939.39002.39004.12046.12047.12048.12049.12050.12051.12053.12054.12055.12056.17398.17399.17400.17401.22618.22619.14032.14033.14034.14035.26425.26426.35617.35620.26435.35615.26438.26439.35630.35633.26448.35628.26893.26894.26897.26898.26909.26910.26913.26914.29382.29383&a=14392602&app=typekit&e=css
IP
95.101.11.112:0
ASN
#20940 Akamai International B.V.

File type
ASCII text
Size
5 B (5 bytes)
Hash
83d24d4b43cc7eef2b61e66c95f3d158
f0cafc285ee23bb6c28c5166f305493c4331c84d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

HTTP Headers

GET /p.css?s=1&k=mgr2odi&ht=tk&f=137.138.139.140.169.170.171.172.173.174.175.176.5474.5475.25136.25137.143.144.147.148.156.157.161.162.2003.2004.2005.2006.2007.2008.2009.2010.2011.2012.9938.9939.39002.39004.12046.12047.12048.12049.12050.12051.12053.12054.12055.12056.17398.17399.17400.17401.22618.22619.14032.14033.14034.14035.26425.26426.35617.35620.26435.35615.26438.26439.35630.35633.26448.35628.26893.26894.26897.26898.26909.26910.26913.26914.29382.29383&a=14392602&app=typekit&e=css HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
server: nginx
content-type: text/css
content-length: 5
last-modified: Thu, 28 Jul 2022 22:24:50 GMT
etag: "62e30cb2-5"
cache-control: public, max-age=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
date: Fri, 20 Jan 2023 19:22:54 GMT
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
61162a42e6bf5415f3d80ceac5e25ad2
2c2a987ab75a008682a5defd50d20be737912b23
4260bef1cd37c1f0372c9a5aae4ca0a6564c6473f68a4f4181ed83ed3d6b2d48

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 19:22:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://infopromoitc.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 18 Jan 2023 19:33:54 GMT
expires: Thu, 18 Jan 2024 19:33:54 GMT
cache-control: public, max-age=31536000
age: 172140
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e6d21eff1927f7a74984663b16cfe21a
b747f7d42cdf7cfea6900348cd257066b2634222
a4343acb5bda29aa0d6d64bbefd6bc07a1c5e0166646171be74f4a1d266e3c92

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 20 Jan 2023 19:22:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

infopromoitc.com/dc53213-jamf/79494?uid=Eom3J2HmgvZVNB6cnkqKo6Gw2LeJ9b81KXPotAu&prom_type=regular&prom_id=201059&pld=26L81sNgpwNGXF&answer=4

54.85.103.102

200 OK

20 B

URL HTTP/1.1
infopromoitc.com/dc53213-jamf/79494?uid=Eom3J2HmgvZVNB6cnkqKo6Gw2LeJ9b81KXPotAu&prom_type=regular&prom_id=201059&pld=26L81sNgpwNGXF&answer=4
IP
54.85.103.102:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

POST /dc53213-jamf/79494?uid=Eom3J2HmgvZVNB6cnkqKo6Gw2LeJ9b81KXPotAu&prom_type=regular&prom_id=201059&pld=26L81sNgpwNGXF&answer=4 HTTP/1.1
Host: infopromoitc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 119
Origin: https://infopromoitc.com
Connection: keep-alive
Referer: https://infopromoitc.com/dc53213-jamf/79494?uid=Eom3J2HmgvZVNB6cnkqKo6Gw2LeJ9b81KXPotAu&prom_type=regular&prom_id=201059&pld=26L81sNgpwNGXF&answer=4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Fri, 20 Jan 2023 19:22:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.4.16
Cache-Control: max-age=0, must-revalidate, private
pragma: no-cache
Expires: Fri, 20 Jan 2023 19:22:54 GMT
SSLSN: /infopromoitc.com
Content-Encoding: gzip

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
89055b1f42119cc1e7a33ce2fc364e76
20550fd56bf49a8aa30e18a923be22cda3f2ba7b
7698e9bb59f46011dbd3b6b74fc5784ac60d64c9d8403e8fe3aa18a60c17393d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7698E9BB59F46011DBD3B6B74FC5784AC60D64C9D8403E8FE3AA18A60C17393D"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7171
Expires: Fri, 20 Jan 2023 21:22:26 GMT
Date: Fri, 20 Jan 2023 19:22:55 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
89055b1f42119cc1e7a33ce2fc364e76
20550fd56bf49a8aa30e18a923be22cda3f2ba7b
7698e9bb59f46011dbd3b6b74fc5784ac60d64c9d8403e8fe3aa18a60c17393d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7698E9BB59F46011DBD3B6B74FC5784AC60D64C9D8403E8FE3AA18A60C17393D"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7171
Expires: Fri, 20 Jan 2023 21:22:26 GMT
Date: Fri, 20 Jan 2023 19:22:55 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
89055b1f42119cc1e7a33ce2fc364e76
20550fd56bf49a8aa30e18a923be22cda3f2ba7b
7698e9bb59f46011dbd3b6b74fc5784ac60d64c9d8403e8fe3aa18a60c17393d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7698E9BB59F46011DBD3B6B74FC5784AC60D64C9D8403E8FE3AA18A60C17393D"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7171
Expires: Fri, 20 Jan 2023 21:22:26 GMT
Date: Fri, 20 Jan 2023 19:22:55 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0c09209-bc9e-43f8-ace4-c90a39c75c63.jpeg

34.120.237.76

200 OK

6.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0c09209-bc9e-43f8-ace4-c90a39c75c63.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.6 kB (6557 bytes)
Hash
5553b06c7dde4dc377f9f4e65bc8ace7
9dca5486485416d1aef199be08a50abd717addc7
33a5d1a21738218e0a6fe16d79045bd390af2e84073330a0a94c03812e1ba3ba

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0c09209-bc9e-43f8-ace4-c90a39c75c63.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6557
x-amzn-requestid: 70710215-b8fd-44eb-8b50-f0948f98366c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fAmQWFNvoAMF3ZQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c9b735-19e7e3865ce991cb5447f0f2;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 21:33:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Fc9dIiT5QQaTowAA6lp8ffJl4Niq3i_iVe54lYhAV52kJ8Q98EMJqQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 19 Jan 2023 22:04:44 GMT
age: 76691
etag: "9dca5486485416d1aef199be08a50abd717addc7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F035e7b24-d861-44e8-ac81-1dcc5e3a0e2a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.6 kB (5588 bytes)
Hash
6889019ec9c1155e9e4b4eeb6a86760d
59c6f3a313efba4a67a63c9ae725db8d17c08c03
378510ecdbbb2b6248391195eace1dc3120d18b6f13e52033a3e88024592cac4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F035e7b24-d861-44e8-ac81-1dcc5e3a0e2a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5588
x-amzn-requestid: c9d6f09b-2cd9-4137-9369-0295836e06e0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fAnT0FkNIAMF7Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c9b8e5-5c6360c025826ed06525c67e;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 21:40:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ruj2jeo2zhuDhIPufqckFmqP0Cx7ECNYRyxBYgQbHhkWH4o3m1L-OQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 19 Jan 2023 22:12:29 GMT
age: 76226
etag: "59c6f3a313efba4a67a63c9ae725db8d17c08c03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbb60a79-f6ba-46cb-8679-5da65b53c107.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10867 bytes)
Hash
3638dc76d0638625ac9a31c038df3a44
deff1903d591273a96d538ae77988d8a080e228c
8382af3843ebeca8e5c13fdd60f7fb92b479915416f36686fce40566fd87ce68

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbb60a79-f6ba-46cb-8679-5da65b53c107.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10867
x-amzn-requestid: 8d882e21-d4c5-49ac-b76a-198cec065377
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fAnVTEfpoAMFgJA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c9b8ee-6579537e6a82269f4bc99395;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 21:41:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 83ssVBkpe4gl1kI8bKYu90Vee3r32V_IiqQxtvt_TfAFk6DsDfyoTw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Thu, 19 Jan 2023 22:09:52 GMT
age: 76383
etag: "deff1903d591273a96d538ae77988d8a080e228c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

infopromoitc.com/19628-136641-typ-jamf-single-touch-enterprise/79494?uid=Eom3J2HmgvZVNB6cnkqKo6Gw2LeJ9b81KXPotAu

54.85.103.102

200 OK

2.3 kB

URL HTTP/1.1
infopromoitc.com/19628-136641-typ-jamf-single-touch-enterprise/79494?uid=Eom3J2HmgvZVNB6cnkqKo6Gw2LeJ9b81KXPotAu
IP
54.85.103.102:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1310)
Size
2.3 kB (2299 bytes)
Hash
87531eab5d52e487c2619959a1233dfd
087dba7a42a787bb4e0848ca732ad167b3910703
acfcb8117bc253602dd98955c968c2cf6b890cc71aada4a0e02318a3377e295f

HTTP Headers

GET /19628-136641-typ-jamf-single-touch-enterprise/79494?uid=Eom3J2HmgvZVNB6cnkqKo6Gw2LeJ9b81KXPotAu HTTP/1.1
Host: infopromoitc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infopromoitc.com/dc53213-jamf/79494?uid=Eom3J2HmgvZVNB6cnkqKo6Gw2LeJ9b81KXPotAu&prom_type=regular&prom_id=201059&pld=26L81sNgpwNGXF&answer=4
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Fri, 20 Jan 2023 19:22:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.4.16
Cache-Control: private, must-revalidate
pragma: no-cache
expires: -1
SSLSN: /infopromoitc.com
Content-Encoding: gzip

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa19e2681-f167-4577-b7db-9afc7bd1ccf2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (13812 bytes)
Hash
d3af2d51fb89ef0261ba025d76169261
9b3f4e3f63b64030624e02ad6ab8ef43a676dd66
c3d5a6f829dc59db8ed27a92fcfc6d387633bb43388e2c19d68b89356a13b1cf

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa19e2681-f167-4577-b7db-9afc7bd1ccf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13812
x-amzn-requestid: c80287a0-4ce9-47bf-9658-693431f30a49
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fAmQWFEvIAMF1lw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c9b735-6d73a53e2ffc2ec505dff89b;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 21:33:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: y8DaJvgqntmOKzXMdwFwsibvll4D9YUqDz0XsbbhcKKiYEazXiag7A==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 19 Jan 2023 22:12:36 GMT
age: 76219
etag: "9b3f4e3f63b64030624e02ad6ab8ef43a676dd66"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1122c75-908d-4e51-8a61-b64f7ab77c76.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.1 kB (7111 bytes)
Hash
f5195ac5d83278bed049661c0d1aaa4a
74b3e81e1dfc9f0a50aa936ba02b357c0df3aa9e
30af8f591b2d4f7c8de7d52ea53bb170ca426ef0550001c7802a7f993a6344df

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1122c75-908d-4e51-8a61-b64f7ab77c76.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7111
x-amzn-requestid: d9b5e6b0-3995-4c70-be84-0b1b457b7143
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fAmRlHtkIAMFiGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c9b73d-37d253ee68fe1b7e483097dd;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 21:33:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 86-hgCgiYN-PYLZgXJO79kM9Vm6DIiRixaz-kQZFaY0m5481x8GWlw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 19 Jan 2023 22:12:54 GMT
etag: "74b3e81e1dfc9f0a50aa936ba02b357c0df3aa9e"
content-type: image/jpeg
age: 76201
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F03285c30-851a-4892-8ad6-994296dfce51.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.4 kB (5351 bytes)
Hash
1eff6cdee4c98a6f806c5b417b12cdf2
4b4b817055dc2c0699c6e01d85841638e63d9c0e
2f2fdd1e829e4175e8cf915794ffc16e24dac72ab425448cd0ac5165b1b87b2f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F03285c30-851a-4892-8ad6-994296dfce51.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5351
x-amzn-requestid: 86ba43bc-0b0f-40ba-9015-463371baf673
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3foQFg_IAMFSZA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c61301-0c1461622a361a5d0ab35cbb;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XH59pHdrdzBmByq_DN9OlVh-Y3MGiR-V9KzWnaR9QR_7evQt--UOdA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Fri, 20 Jan 2023 07:09:42 GMT
age: 43993
etag: "4b4b817055dc2c0699c6e01d85841638e63d9c0e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

infopromoitc.com/ckeditor/plugins/formBuilder/styles/formBuilder.css?v=1.3.1673025807760

54.85.103.102

200 OK

5.2 kB

URL HTTP/1.1
infopromoitc.com/ckeditor/plugins/formBuilder/styles/formBuilder.css?v=1.3.1673025807760
IP
54.85.103.102:0
ASN
#14618 AMAZON-AES

File type
ASCII text
Size
5.2 kB (5201 bytes)
Hash
e741d2aa47efe7dda9dfe0a5014fef0e
30ebfe60d0832bb8114c6ba155f0ddb15c1a527c
68c2e3489d098db2a6e2ddba9f32ff172d1c0ff0983b9b3c3c0b59c8a850cf20

HTTP Headers

GET /ckeditor/plugins/formBuilder/styles/formBuilder.css?v=1.3.1673025807760 HTTP/1.1
Host: infopromoitc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infopromoitc.com/19628-136641-typ-jamf-single-touch-enterprise/79494?uid=Eom3J2HmgvZVNB6cnkqKo6Gw2LeJ9b81KXPotAu
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Fri, 20 Jan 2023 19:22:55 GMT
Content-Type: text/css
Content-Length: 5201
Connection: keep-alive
Last-Modified: Fri, 20 Jan 2023 13:46:58 GMT
ETag: "63ca9b52-1451"
Expires: Fri, 20 Jan 2023 19:22:55 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
SSLSN: /infopromoitc.com

infopromoitc.com/ckeditor/contents.css?t=MBSF

54.85.103.102

304 Not Modified

0 B

URL HTTP/1.1
infopromoitc.com/ckeditor/contents.css?t=MBSF
IP
54.85.103.102:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ckeditor/contents.css?t=MBSF HTTP/1.1
Host: infopromoitc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infopromoitc.com/19628-136641-typ-jamf-single-touch-enterprise/79494?uid=Eom3J2HmgvZVNB6cnkqKo6Gw2LeJ9b81KXPotAu
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Fri, 20 Jan 2023 13:46:58 GMT
If-None-Match: "63ca9b52-b46"

HTTP/1.1 304 Not Modified
Server: nginx/1.22.1
Date: Fri, 20 Jan 2023 19:22:55 GMT
Connection: keep-alive
Last-Modified: Fri, 20 Jan 2023 13:46:58 GMT
ETag: "63ca9b52-b46"
Expires: Fri, 20 Jan 2023 19:22:55 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
SSLSN: /infopromoitc.com

infopromoitc.com/ckeditor/plugins/lpLinkV2/css/styles.css

54.85.103.102

304 Not Modified

0 B

URL HTTP/1.1
infopromoitc.com/ckeditor/plugins/lpLinkV2/css/styles.css
IP
54.85.103.102:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ckeditor/plugins/lpLinkV2/css/styles.css HTTP/1.1
Host: infopromoitc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infopromoitc.com/19628-136641-typ-jamf-single-touch-enterprise/79494?uid=Eom3J2HmgvZVNB6cnkqKo6Gw2LeJ9b81KXPotAu
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Fri, 20 Jan 2023 13:46:58 GMT
If-None-Match: "63ca9b52-86f"

HTTP/1.1 304 Not Modified
Server: nginx/1.22.1
Date: Fri, 20 Jan 2023 19:22:55 GMT
Connection: keep-alive
Last-Modified: Fri, 20 Jan 2023 13:46:58 GMT
ETag: "63ca9b52-86f"
Expires: Fri, 20 Jan 2023 19:22:55 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
SSLSN: /infopromoitc.com

infopromoitc.com/lib/uri/uri.js

54.85.103.102

304 Not Modified

0 B

URL HTTP/1.1
infopromoitc.com/lib/uri/uri.js
IP
54.85.103.102:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lib/uri/uri.js HTTP/1.1
Host: infopromoitc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infopromoitc.com/19628-136641-typ-jamf-single-touch-enterprise/79494?uid=Eom3J2HmgvZVNB6cnkqKo6Gw2LeJ9b81KXPotAu
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Mon, 12 Apr 2021 20:19:39 GMT
If-None-Match: "6074ab5b-12c3e"

HTTP/1.1 304 Not Modified
Server: nginx/1.22.1
Date: Fri, 20 Jan 2023 19:22:55 GMT
Connection: keep-alive
Last-Modified: Mon, 12 Apr 2021 20:19:39 GMT
ETag: "6074ab5b-12c3e"
Expires: Fri, 20 Jan 2023 19:22:55 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
SSLSN: /infopromoitc.com

infopromoitc.com/lpScripts/assetsBehavior.js?v=1

54.85.103.102

304 Not Modified

0 B

URL HTTP/1.1
infopromoitc.com/lpScripts/assetsBehavior.js?v=1
IP
54.85.103.102:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /lpScripts/assetsBehavior.js?v=1 HTTP/1.1
Host: infopromoitc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infopromoitc.com/19628-136641-typ-jamf-single-touch-enterprise/79494?uid=Eom3J2HmgvZVNB6cnkqKo6Gw2LeJ9b81KXPotAu
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Wed, 18 Jan 2023 12:43:50 GMT
If-None-Match: "63c7e986-2651"

HTTP/1.1 304 Not Modified
Server: nginx/1.22.1
Date: Fri, 20 Jan 2023 19:22:55 GMT
Connection: keep-alive
Last-Modified: Wed, 18 Jan 2023 12:43:50 GMT
ETag: "63c7e986-2651"
Expires: Fri, 20 Jan 2023 19:22:55 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
SSLSN: /infopromoitc.com

infopromoitc.com/uploads/uploadedFonts/fontsImport.css?v=1674242575

54.85.103.102

200 OK

110 kB

URL HTTP/1.1
infopromoitc.com/uploads/uploadedFonts/fontsImport.css?v=1674242575
IP
54.85.103.102:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (508)
Size
110 kB (110196 bytes)
Hash
3af02269b88f2e49d90a29e298b0d617
72dff55c74159b8b3aa4ea32438d19edfa915033
c6690ac21b45495662a03c76cd4248bcd19ecd1559c3dd8750b56fc7eaf82fbd

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /uploads/uploadedFonts/fontsImport.css?v=1674242575 HTTP/1.1
Host: infopromoitc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infopromoitc.com/19628-136641-typ-jamf-single-touch-enterprise/79494?uid=Eom3J2HmgvZVNB6cnkqKo6Gw2LeJ9b81KXPotAu
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Fri, 20 Jan 2023 19:22:55 GMT
Content-Type: text/css
Content-Length: 110196
Connection: keep-alive
Last-Modified: Tue, 27 Dec 2022 15:43:31 GMT
ETag: "63ab12a3-1ae74"
Expires: Fri, 20 Jan 2023 19:22:55 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
SSLSN: /infopromoitc.com

infopromoitc.com/uploads/cl_15/logotypes/jamf-og-image.jpg

54.85.103.102

200 OK

9.9 kB

URL HTTP/1.1
infopromoitc.com/uploads/cl_15/logotypes/jamf-og-image.jpg
IP
54.85.103.102:0
ASN
#14618 AMAZON-AES

File type
JPEG image data, progressive, precision 8, 600x600, components 3\012- data
Size
9.9 kB (9938 bytes)
Hash
4971d41da3109ca4140c6311208fcd5d
33eef86d7fb4b9b10e8afba3c6c59bf43d387579
ce97cabec2904e3958ac00ccc6a53c4af13afaa6309e0b7a98584c72e7d6723b

HTTP Headers

GET /uploads/cl_15/logotypes/jamf-og-image.jpg HTTP/1.1
Host: infopromoitc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infopromoitc.com/19628-136641-typ-jamf-single-touch-enterprise/79494?uid=Eom3J2HmgvZVNB6cnkqKo6Gw2LeJ9b81KXPotAu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Fri, 20 Jan 2023 19:22:55 GMT
Content-Type: image/jpeg
Content-Length: 9938
Connection: keep-alive
Last-Modified: Wed, 12 Oct 2022 17:14:38 GMT
ETag: "6346f5fe-26d2"
Expires: Fri, 20 Jan 2023 20:22:55 GMT
Cache-Control: max-age=3600
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
SSLSN: /infopromoitc.com

infopromoitc.com/uploads/cl_15/backgrounds/5665239-white-abstract-wallpapers-1.jpg

54.85.103.102

200 OK

212 kB

URL HTTP/1.1
infopromoitc.com/uploads/cl_15/backgrounds/5665239-white-abstract-wallpapers-1.jpg
IP
54.85.103.102:0
ASN
#14618 AMAZON-AES

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 3000x2311, components 3\012- data
Size
212 kB (211986 bytes)
Hash
0485ad908ad0ca3334074a11cd31a0df
8200ed189207b1f8b398e59a2851e18d4833d4d4
5d3abd49018b72e095dd31fe3a32b59cb4d1de1a855f41ad5e6f131d8da79d65

HTTP Headers

GET /uploads/cl_15/backgrounds/5665239-white-abstract-wallpapers-1.jpg HTTP/1.1
Host: infopromoitc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infopromoitc.com/19628-136641-typ-jamf-single-touch-enterprise/79494?uid=Eom3J2HmgvZVNB6cnkqKo6Gw2LeJ9b81KXPotAu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Fri, 20 Jan 2023 19:22:55 GMT
Content-Type: image/jpeg
Content-Length: 211986
Connection: keep-alive
Last-Modified: Fri, 13 May 2022 17:21:20 GMT
ETag: "627e9390-33c12"
Expires: Fri, 20 Jan 2023 20:22:55 GMT
Cache-Control: max-age=3600
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
SSLSN: /infopromoitc.com

infopromoitc.com/favicon.ico

54.85.103.102

200 OK

34 kB

URL HTTP/1.1
infopromoitc.com/favicon.ico
IP
54.85.103.102:0
ASN
#14618 AMAZON-AES

File type
MS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel\012- data
Size
34 kB (34494 bytes)
Hash
d4a95c780824be97bc45a187ab7ad24b
53aeb2d44190d91ec2006379b3ddbd202b865d24
502322d8592de8395d6e7c2c37b18e04904e62d8f8b3caaa53858e4ebc64b692

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: infopromoitc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infopromoitc.com/19628-136641-typ-jamf-single-touch-enterprise/79494?uid=Eom3J2HmgvZVNB6cnkqKo6Gw2LeJ9b81KXPotAu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Fri, 20 Jan 2023 19:22:55 GMT
Content-Type: image/x-icon
Content-Length: 34494
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 11:51:00 GMT
ETag: "6321c024-86be"
Expires: Fri, 20 Jan 2023 20:22:55 GMT
Cache-Control: max-age=3600
Accept-Ranges: bytes
SSLSN: /infopromoitc.com

infopromoitc.com/19628-136641-typ-jamf-single-touch-enterprise/79494?uid=Eom3J2HmgvZVNB6cnkqKo6Gw2LeJ9b81KXPotAu&mode=file

54.85.103.102

200 OK

2.7 MB

URL HTTP/1.1
infopromoitc.com/19628-136641-typ-jamf-single-touch-enterprise/79494?uid=Eom3J2HmgvZVNB6cnkqKo6Gw2LeJ9b81KXPotAu&mode=file
IP
54.85.103.102:0
ASN
#14618 AMAZON-AES

File type
PDF document, version 1.4, 0 pages\012- data
Size
2.7 MB (2738653 bytes)
Hash
62bf2300110a4f4185667b386f5c3799
7afafb6952c8a7900f35b8722fb915c4ba6fd8b5
94bee4a623f4b58cd09340d1520a857357934ab64e8a1f820f8450ff729f1d17

HTTP Headers

GET /19628-136641-typ-jamf-single-touch-enterprise/79494?uid=Eom3J2HmgvZVNB6cnkqKo6Gw2LeJ9b81KXPotAu&mode=file HTTP/1.1
Host: infopromoitc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infopromoitc.com/19628-136641-typ-jamf-single-touch-enterprise/79494?uid=Eom3J2HmgvZVNB6cnkqKo6Gw2LeJ9b81KXPotAu
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Fri, 20 Jan 2023 19:22:55 GMT
Content-Type: application/force-download
Content-Length: 2738653
Connection: keep-alive
X-Powered-By: PHP/7.4.16
Content-transfer-encoding: binary
Content-disposition: attachment; filename="Mac-Management-For-Beginners-2022-2.pdf"
Cache-Control: private, must-revalidate
pragma: no-cache
expires: -1
SSLSN: /infopromoitc.com

fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

142.250.74.138

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
IP
142.250.74.138:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infopromoitc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 20 Jan 2023 19:22:54 GMT
date: Fri, 20 Jan 2023 19:22:54 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700;1,900&display=swap

142.250.74.138

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700;1,900&display=swap
IP
142.250.74.138:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Source+Sans+Pro:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infopromoitc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 20 Jan 2023 19:22:54 GMT
date: Fri, 20 Jan 2023 19:22:54 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap

142.250.74.138

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap
IP
142.250.74.138:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infopromoitc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 20 Jan 2023 19:22:54 GMT
date: Fri, 20 Jan 2023 19:22:54 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Muli

142.250.74.138

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Muli
IP
142.250.74.138:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Muli HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infopromoitc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 20 Jan 2023 19:22:54 GMT
date: Fri, 20 Jan 2023 19:22:54 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap

142.250.74.138

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap
IP
142.250.74.138:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infopromoitc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 20 Jan 2023 19:22:54 GMT
date: Fri, 20 Jan 2023 19:22:54 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

142.250.74.138

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
IP
142.250.74.138:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infopromoitc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 20 Jan 2023 19:22:54 GMT
date: Fri, 20 Jan 2023 19:22:54 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

JavaScript (16)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML