m.benefitsedge.com/
216.145.105.7301 Moved Permanently 162 B IP 216.145.105.7:0
ASN #25946 NETACCESS-SYSTEMS
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: m.benefitsedge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 09 Jan 2023 00:51:10 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://m.benefitsedge.com/
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b782882bdabaf3b08e64120922b4a4b7
2035ed7fc9fb5b6ee9715601ba43de5f94d0c0e9
3fe7d1a9a55b86ec25d02634749ccfae11f3477033ba8cd7ac4131b7948ba619
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3FE7D1A9A55B86EC25D02634749CCFAE11F3477033BA8CD7AC4131B7948BA619"
Last-Modified: Sat, 07 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5637
Expires: Mon, 09 Jan 2023 02:25:07 GMT
Date: Mon, 09 Jan 2023 00:51:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e4bdd77c0369662aa71ce2d01fd3edab
0ab1c5857e200e7e7946424c2c844537bfbb9775
a163c19fcc8fcf985e8df6ad4bd7ce73912b3df892d8236c70f9bc80820b26da
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A163C19FCC8FCF985E8DF6AD4BD7CE73912B3DF892D8236C70F9BC80820B26DA"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8582
Expires: Mon, 09 Jan 2023 03:14:12 GMT
Date: Mon, 09 Jan 2023 00:51:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 75f0037a1d53a9a5321a796206ec3e24
70d42c9bf1334f20e1cea4ce3c8212e0e780ee77
80ec1e61f9563e799c9f44ea31e616c37daea1b9670091fbbc6efc39ebafe3d3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "80EC1E61F9563E799C9F44EA31E616C37DAEA1B9670091FBBC6EFC39EBAFE3D3"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6914
Expires: Mon, 09 Jan 2023 02:46:24 GMT
Date: Mon, 09 Jan 2023 00:51:10 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 09 Jan 2023 00:41:34 GMT
content-type: application/json
age: 576
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: UU2wqibnRfGI4sbMqbSwXOZnN8T3ywZ7qgTcazqH8gj99Qu35Hf9EVTKR70UGLLI+Rw0LnOKLdo=
x-amz-request-id: ZS625RAT3SWR76YW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 09 Jan 2023 00:01:01 GMT
age: 3009
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 00:51:10 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9a637896b62663c23101158fd69bc26f
8cdaf9cd8248d9283303262bf026573766664bbf
ace499c93890f27cf7b80e6eee56d47c2f73e625a016945ed11f1d5539f74790
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ACE499C93890F27CF7B80E6EEE56D47C2F73E625A016945ED11F1D5539F74790"
Last-Modified: Sun, 08 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21587
Expires: Mon, 09 Jan 2023 06:50:58 GMT
Date: Mon, 09 Jan 2023 00:51:11 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 09 Jan 2023 00:17:21 GMT
age: 2030
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
m.benefitsedge.com/
216.145.105.7200 OK 1.4 kB IP 216.145.105.7:0
ASN #25946 NETACCESS-SYSTEMS
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (527)
Hash ba8fe93032890ed8f9b9d316b4433cbd
21c3e1451f0ed916d62d26eea5428b98058a939b
c863731e2552ce714d7b431483b7a7090e59484d2598f9021d7a2607ba7c6283
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: m.benefitsedge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 09 Jan 2023 00:51:11 GMT
Content-Type: text/html
Content-Length: 1393
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PHP/5.4.16, PleskLin
m.benefitsedge.com/js/jquery/jquery.mobile.theme-1.1.0.min.css
216.145.105.7200 OK 8.5 kB URL HTTP/1.1 m.benefitsedge.com/js/jquery/jquery.mobile.theme-1.1.0.min.css
IP 216.145.105.7:0
ASN #25946 NETACCESS-SYSTEMS
File type ASCII text, with very long lines (60118)
Hash f9300a9d80de7cc9e49067f557d33099
3e01a379fd118d76ebad6cd29363399a5d0d5ae7
416811e92d4a757288298f1d69395932b6b4792b94511b7de3bb161f2c73ee35
GET /js/jquery/jquery.mobile.theme-1.1.0.min.css HTTP/1.1
Host: m.benefitsedge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.benefitsedge.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 09 Jan 2023 00:51:11 GMT
Content-Type: text/css
Last-Modified: Wed, 08 Sep 2021 19:12:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"61390b12-eb41"
X-Powered-By: PleskLin
Content-Encoding: br
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 54ac41a005cad66e958c904071ea1d4f
66932889be57eb15ab99237a69d292b12090c68d
52545e144a7ca5c37c5369d5f5b566b4e5e820b1920ab7fe8e413e7fe022e21b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4625
Cache-Control: max-age=120764
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 00:51:11 GMT
Etag: "63ba87aa-1d7"
Expires: Tue, 10 Jan 2023 10:23:55 GMT
Last-Modified: Sun, 08 Jan 2023 09:06:50 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash cd1d39135eb079c9842a1696f1c3bacf
ee41d3b22fed5948c20a6d1639b6955a4252fc11
c1f219c13b6c6e622515b78d1549a1dacdc6fab1a2109d540e30d07a52990db5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 00:51:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash cd1d39135eb079c9842a1696f1c3bacf
ee41d3b22fed5948c20a6d1639b6955a4252fc11
c1f219c13b6c6e622515b78d1549a1dacdc6fab1a2109d540e30d07a52990db5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 00:51:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.8.0/jquery.min.js
142.250.74.106200 OK 33 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.8.0/jquery.min.js
IP 142.250.74.106:0
File type Unicode text, UTF-8 text, with very long lines (65481)
Hash 912555c06f2a23f889e88b7aa1ccb92f
5a8c04c1b7d8d65f436d1f58b8b72f259b4ae321
fb4993353e02cfa40d83abd923d3c48bb48e193609c0a9bd4de5c8fd97059abf
GET /ajax/libs/jquery/1.8.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.benefitsedge.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33285
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 05 Jan 2023 10:07:31 GMT
expires: Fri, 05 Jan 2024 10:07:31 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 312220
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
maps.googleapis.com/maps/api/js?sensor=false
142.250.74.106200 OK 55 kB URL HTTP/2 maps.googleapis.com/maps/api/js?sensor=false
IP 142.250.74.106:0
File type ASCII text, with very long lines (2590)
Hash 7dc0396d11e6abd72cca1285007c0296
83407864726d02df7c1095f254723f66bf8bfa29
97773b972b52386907445788c70ee2ea588764a4671b093ee5e0f4dd006bf9cc
GET /maps/api/js?sensor=false HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.benefitsedge.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
date: Mon, 09 Jan 2023 00:51:11 GMT
expires: Mon, 09 Jan 2023 01:21:11 GMT
cache-control: public, max-age=1800
vary: Accept-Language
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 54975
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=11
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash cd1d39135eb079c9842a1696f1c3bacf
ee41d3b22fed5948c20a6d1639b6955a4252fc11
c1f219c13b6c6e622515b78d1549a1dacdc6fab1a2109d540e30d07a52990db5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 00:51:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
m.benefitsedge.com/js/additional-methods.min.js
216.145.105.7200 OK 2.3 kB URL HTTP/1.1 m.benefitsedge.com/js/additional-methods.min.js
IP 216.145.105.7:0
ASN #25946 NETACCESS-SYSTEMS
File type Unicode text, UTF-8 text, with very long lines (1272)
Hash e0efc56341c91a1b62d83cb16dbce714
95afea6416d5546e370b5f0ad22f64ae072d7a7f
382aba2bb652e969cedcbc4985748b3acfd55dce71d535077d239c00aebdba85
Analyzer Verdict Alert fortinet Phishing
GET /js/additional-methods.min.js HTTP/1.1
Host: m.benefitsedge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.benefitsedge.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 09 Jan 2023 00:51:11 GMT
Content-Type: application/javascript
Last-Modified: Wed, 08 Sep 2021 19:12:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"61390b12-21c0"
X-Powered-By: PleskLin
Content-Encoding: br
m.benefitsedge.com/css/social.css
216.145.105.7200 OK 739 B URL HTTP/1.1 m.benefitsedge.com/css/social.css
IP 216.145.105.7:0
ASN #25946 NETACCESS-SYSTEMS
Hash b89a5953ca76fb80396da85249287ac7
091352d5177e2c8112ec0f756febc29ab0115be1
dedd895687bb5b6b7b3856b69004ed7f04c07367ab4a3c7a13e844926dbb93af
GET /css/social.css HTTP/1.1
Host: m.benefitsedge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.benefitsedge.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 09 Jan 2023 00:51:11 GMT
Content-Type: text/css
Last-Modified: Wed, 08 Sep 2021 19:12:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"61390b12-9fe"
X-Powered-By: PleskLin
Content-Encoding: br
push.services.mozilla.com/
54.187.31.159101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.187.31.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +4Zk/MuFxhBazylL/+W0tg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: /50xTxT4B/TxCqHtGjmzEMNTegM=
m.benefitsedge.com/css/mobile-style.css
216.145.105.7200 OK 1.2 kB URL HTTP/1.1 m.benefitsedge.com/css/mobile-style.css
IP 216.145.105.7:0
ASN #25946 NETACCESS-SYSTEMS
File type assembler source, ASCII text
Hash e6c60b63ee2719cc5ba147c12e7f9361
8dcacccc53f8c0a28aa8f96a908c365f119795fb
95c1e164b180c9f7d593c59c4387bd69dd9fe1b81c981d4566f719a3db2eb512
GET /css/mobile-style.css HTTP/1.1
Host: m.benefitsedge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.benefitsedge.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 09 Jan 2023 00:51:11 GMT
Content-Type: text/css
Last-Modified: Wed, 08 Sep 2021 19:12:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"61390b12-1036"
X-Powered-By: PleskLin
Content-Encoding: br
m.benefitsedge.com/css/style.css
216.145.105.7200 OK 1.0 kB URL HTTP/1.1 m.benefitsedge.com/css/style.css
IP 216.145.105.7:0
ASN #25946 NETACCESS-SYSTEMS
File type assembler source, ASCII text, with very long lines (832)
Hash fe321ef20a3c2ac9755c79e3b38f081b
1134ba2e6c513f6d66b66d7b6fad3642aa1c954e
12944198322ff6183bde62899eb5d7f3ef6670bb38814ecb689def9f10583154
GET /css/style.css HTTP/1.1
Host: m.benefitsedge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.benefitsedge.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 09 Jan 2023 00:51:11 GMT
Content-Type: text/css
Last-Modified: Wed, 08 Sep 2021 19:12:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"61390b12-71ea"
X-Powered-By: PleskLin
Content-Encoding: br
m.benefitsedge.com/js/jquery.validate.min.js
216.145.105.7200 OK 6.2 kB URL HTTP/1.1 m.benefitsedge.com/js/jquery.validate.min.js
IP 216.145.105.7:0
ASN #25946 NETACCESS-SYSTEMS
File type Unicode text, UTF-8 text, with very long lines (1290)
Hash 12466d1263663d2be074ff40598ccd0f
863c442a616b547ede1600663e3d2016a3a16dd9
d97f0d3a874e3db508662cd06e17b2fb1cc26350dff5e031f99e71531e4d9e57
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery.validate.min.js HTTP/1.1
Host: m.benefitsedge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.benefitsedge.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 09 Jan 2023 00:51:11 GMT
Content-Type: application/javascript
Last-Modified: Wed, 08 Sep 2021 19:12:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"61390b12-5461"
X-Powered-By: PleskLin
Content-Encoding: br
m.benefitsedge.com/js/so.so.social.feed.js
216.145.105.7200 OK 3.6 kB URL HTTP/1.1 m.benefitsedge.com/js/so.so.social.feed.js
IP 216.145.105.7:0
ASN #25946 NETACCESS-SYSTEMS
File type HTML document, ASCII text
Hash 6e820c5adce7edda6bc7c6de690734e6
73868d66f637335664c317b6628d1c373b5d39c9
3a2095aa080907807eac4f60634fc4541777e360de50776bb85d379b54ae5204
Analyzer Verdict Alert fortinet Phishing
GET /js/so.so.social.feed.js HTTP/1.1
Host: m.benefitsedge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.benefitsedge.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 09 Jan 2023 00:51:11 GMT
Content-Type: application/javascript
Last-Modified: Wed, 08 Sep 2021 19:12:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"61390b12-2d05"
X-Powered-By: PleskLin
Content-Encoding: br
m.benefitsedge.com/js/socialite-1.0.js
216.145.105.7200 OK 3.2 kB URL HTTP/1.1 m.benefitsedge.com/js/socialite-1.0.js
IP 216.145.105.7:0
ASN #25946 NETACCESS-SYSTEMS
Hash 19a3365eb1064dcc2c8db7286cdf1fce
7bd65dcb57b24d6d2c6cc2599e0d278cbd593ac9
fb8cea5e63b259045d3d007932171a655051fdff8735ced15c5163c86df1ebaa
Analyzer Verdict Alert fortinet Phishing
GET /js/socialite-1.0.js HTTP/1.1
Host: m.benefitsedge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.benefitsedge.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 09 Jan 2023 00:51:11 GMT
Content-Type: application/javascript
Last-Modified: Wed, 08 Sep 2021 19:12:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"61390b12-2c8a"
X-Powered-By: PleskLin
Content-Encoding: br
m.benefitsedge.com/js/custom/swipe.js
216.145.105.7200 OK 2.1 kB URL HTTP/1.1 m.benefitsedge.com/js/custom/swipe.js
IP 216.145.105.7:0
ASN #25946 NETACCESS-SYSTEMS
Hash 46ace49fa9b1583013bc3d033e0b43e7
82292724e1d26594ae79cd2b54c19a7509b16f7d
eb4dd73a0db3b111c4271c5c600f5e505ea17ce446754c3199ee5645097b404b
Analyzer Verdict Alert fortinet Phishing
GET /js/custom/swipe.js HTTP/1.1
Host: m.benefitsedge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.benefitsedge.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 09 Jan 2023 00:51:11 GMT
Content-Type: application/javascript
Last-Modified: Wed, 08 Sep 2021 19:12:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"61390b12-1e38"
X-Powered-By: PleskLin
Content-Encoding: br
m.benefitsedge.com/js/jquery/jquery.mobile-1.1.0.min.js
216.145.105.7200 OK 26 kB URL HTTP/1.1 m.benefitsedge.com/js/jquery/jquery.mobile-1.1.0.min.js
IP 216.145.105.7:0
ASN #25946 NETACCESS-SYSTEMS
File type ASCII text, with very long lines (615)
Hash d6e633c3edca08379d40268b21cba693
713352b80549f9b9ea79fed92fff0bf36f39eee8
737e6941c4eb7cfd99cdb000679be712227433f2bb27bbe72f8bdb8019268f08
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery/jquery.mobile-1.1.0.min.js HTTP/1.1
Host: m.benefitsedge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.benefitsedge.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 09 Jan 2023 00:51:11 GMT
Content-Type: application/javascript
Last-Modified: Wed, 08 Sep 2021 19:12:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"61390b12-16342"
X-Powered-By: PleskLin
Content-Encoding: br
m.benefitsedge.com/js/klass.min.js
216.145.105.7200 OK 566 B URL HTTP/1.1 m.benefitsedge.com/js/klass.min.js
IP 216.145.105.7:0
ASN #25946 NETACCESS-SYSTEMS
File type ASCII text, with very long lines (1031)
Hash 60f3461c7603d95fb60250fa48f46c5e
75f2f04ee60bf342e1337f60ebfb1c391da058e7
94b4960ed10267381d341d63421a7513d1edd1ff16c2aad2a454939890f64a9c
Analyzer Verdict Alert fortinet Phishing
GET /js/klass.min.js HTTP/1.1
Host: m.benefitsedge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.benefitsedge.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 09 Jan 2023 00:51:11 GMT
Content-Type: application/javascript
Last-Modified: Wed, 08 Sep 2021 19:12:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"61390b12-4a8"
X-Powered-By: PleskLin
Content-Encoding: br
m.benefitsedge.com/js/mobile-js.js
216.145.105.7200 OK 19 kB URL HTTP/1.1 m.benefitsedge.com/js/mobile-js.js
IP 216.145.105.7:0
ASN #25946 NETACCESS-SYSTEMS
File type HTML document, ASCII text, with very long lines (30968)
Hash 04aac4c3340836622c5e8ac928c16f08
6991eb595b73ac84a452b48b3095ae9d04a36839
78a57495d11c3fbfc7c841090500e47ed7866c6db19d8b61f903226aa302b5bf
Analyzer Verdict Alert fortinet Phishing
GET /js/mobile-js.js HTTP/1.1
Host: m.benefitsedge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.benefitsedge.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 09 Jan 2023 00:51:11 GMT
Content-Type: application/javascript
Last-Modified: Wed, 08 Sep 2021 19:12:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"61390b12-fa48"
X-Powered-By: PleskLin
Content-Encoding: br
m.benefitsedge.com/js/photoswipe.min.js
216.145.105.7200 OK 15 kB URL HTTP/1.1 m.benefitsedge.com/js/photoswipe.min.js
IP 216.145.105.7:0
ASN #25946 NETACCESS-SYSTEMS
File type ASCII text, with very long lines (575)
Hash e65ad33125a7053c41afe1460508399b
33d25f58d648c437afe74dcb7e2f76094a3abce9
242f76b35dfa40235b1b51bbdf14c1953ed6cad60e177c259ce0b14397f70f07
Analyzer Verdict Alert fortinet Phishing
GET /js/photoswipe.min.js HTTP/1.1
Host: m.benefitsedge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.benefitsedge.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 09 Jan 2023 00:51:11 GMT
Content-Type: application/javascript
Last-Modified: Wed, 08 Sep 2021 19:12:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"61390b12-12c88"
X-Powered-By: PleskLin
Content-Encoding: br
m.benefitsedge.com/js/image_slider.js
216.145.105.7200 OK 14 kB URL HTTP/1.1 m.benefitsedge.com/js/image_slider.js
IP 216.145.105.7:0
ASN #25946 NETACCESS-SYSTEMS
File type HTML document, ASCII text, with very long lines (538)
Hash 0ba155f4754e64955cd5eee206d9804d
cfc509717a8096725ab65f74b2abc5088b88a33c
de10078bf235fa98417b992092ae1cbacc30cfa52c3516d18012c5f45586b5f8
Analyzer Verdict Alert fortinet Phishing
GET /js/image_slider.js HTTP/1.1
Host: m.benefitsedge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.benefitsedge.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 09 Jan 2023 00:51:11 GMT
Content-Type: application/javascript
Last-Modified: Wed, 08 Sep 2021 19:12:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"61390b12-12b9d"
X-Powered-By: PleskLin
Content-Encoding: br
m.benefitsedge.com/js/jquery.easing.js
216.145.105.7200 OK 1.9 kB URL HTTP/1.1 m.benefitsedge.com/js/jquery.easing.js
IP 216.145.105.7:0
ASN #25946 NETACCESS-SYSTEMS
Hash 85c3c9e85cbf2065d5fcdaa52c6f8cc4
0616b6def9caa2467748ab1095e0fa887dd1fb44
0ec565298d192c677b8be5e4a0cb841f1c8edd1454b59ece0c95aefb4a2577d9
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery.easing.js HTTP/1.1
Host: m.benefitsedge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.benefitsedge.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 09 Jan 2023 00:51:11 GMT
Content-Type: application/javascript
Last-Modified: Wed, 08 Sep 2021 19:12:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"61390b12-1fa1"
X-Powered-By: PleskLin
Content-Encoding: br
m.benefitsedge.com/js/global.js
216.145.105.7200 OK 0 B URL HTTP/1.1 m.benefitsedge.com/js/global.js
IP 216.145.105.7:0
ASN #25946 NETACCESS-SYSTEMS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /js/global.js HTTP/1.1
Host: m.benefitsedge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.benefitsedge.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 09 Jan 2023 00:51:11 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Wed, 08 Sep 2021 19:12:18 GMT
ETag: "0-5cb80a9337051"
Accept-Ranges: bytes
X-Powered-By: PleskLin
m.benefitsedge.com/js/custom/add2home/add2home.css
216.145.105.7200 OK 2.3 kB URL HTTP/1.1 m.benefitsedge.com/js/custom/add2home/add2home.css
IP 216.145.105.7:0
ASN #25946 NETACCESS-SYSTEMS
File type ASCII text, with very long lines (1227)
Hash c290fdf540365839ee62a26d8d5d3eb1
27ad8d4ec3dcbce6a76e1a8f2c83c7a402d517a9
d597f7f85ed0257fb6596d5aa7504f81f86d173efdc908dde05c83e0e9c76b14
GET /js/custom/add2home/add2home.css HTTP/1.1
Host: m.benefitsedge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.benefitsedge.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 09 Jan 2023 00:51:11 GMT
Content-Type: text/css
Last-Modified: Wed, 08 Sep 2021 19:12:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"61390b12-1312"
X-Powered-By: PleskLin
Content-Encoding: br
m.benefitsedge.com/js/custom/add2home/add2home.js
216.145.105.7200 OK 4.9 kB URL HTTP/1.1 m.benefitsedge.com/js/custom/add2home/add2home.js
IP 216.145.105.7:0
ASN #25946 NETACCESS-SYSTEMS
Hash addd0dddbb51694bfdf6f059eecf850d
9553ec31824ac419cc51cb229744044e41a03df4
e2d449e3bf204be72084e55160318d08245810253049e15627850b0b9225a614
Analyzer Verdict Alert fortinet Phishing
GET /js/custom/add2home/add2home.js HTTP/1.1
Host: m.benefitsedge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.benefitsedge.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 09 Jan 2023 00:51:12 GMT
Content-Type: application/javascript
Last-Modified: Wed, 08 Sep 2021 19:12:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"61390b12-3463"
X-Powered-By: PleskLin
Content-Encoding: br
m.benefitsedge.com/images/facebook-icon1.png
216.145.105.7200 OK 25 kB URL HTTP/1.1 m.benefitsedge.com/images/facebook-icon1.png
IP 216.145.105.7:0
ASN #25946 NETACCESS-SYSTEMS
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash ce74c0ed489193d4b9d11ef5e30f0f43
6e90d8cefc595a12998400c6d7ea7317e7ec69f4
2bb4823f1d9d2802242923acfb67287d6c71d623298b6271e86120dff7734728
GET /images/facebook-icon1.png HTTP/1.1
Host: m.benefitsedge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.benefitsedge.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 09 Jan 2023 00:51:12 GMT
Content-Type: image/png
Content-Length: 24889
Last-Modified: Wed, 08 Sep 2021 19:12:18 GMT
Connection: keep-alive
ETag: "61390b12-6139"
X-Powered-By: PleskLin
Accept-Ranges: bytes
m.benefitsedge.com/images/BusinessOI.jpg
216.145.105.7200 OK 41 kB URL HTTP/1.1 m.benefitsedge.com/images/BusinessOI.jpg
IP 216.145.105.7:0
ASN #25946 NETACCESS-SYSTEMS
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 640x97, components 3\012- data
Hash ff992e4323ca0213a950adaaf189348e
4b3267e87e250049e9b107f81e60bec7ef2a5ae7
2532bfb3541b8ce34599a1493a48736f96d0887866847899376facf3e1d6a8f9
GET /images/BusinessOI.jpg HTTP/1.1
Host: m.benefitsedge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.benefitsedge.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 09 Jan 2023 00:51:12 GMT
Content-Type: image/jpeg
Content-Length: 40912
Last-Modified: Wed, 08 Sep 2021 19:12:18 GMT
Connection: keep-alive
ETag: "61390b12-9fd0"
X-Powered-By: PleskLin
Accept-Ranges: bytes
m.benefitsedge.com/images/linkedin-icon1.png
216.145.105.7200 OK 12 kB URL HTTP/1.1 m.benefitsedge.com/images/linkedin-icon1.png
IP 216.145.105.7:0
ASN #25946 NETACCESS-SYSTEMS
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash 5914ffa5b998864bf3bbdc7f75f9b070
d5bd7fa38258d1366bd66dc5b806d15141477566
2c64516338ab891cd4dee4a32143ec65b45ce82d3beba5586e1c1493e0093087
GET /images/linkedin-icon1.png HTTP/1.1
Host: m.benefitsedge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.benefitsedge.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 09 Jan 2023 00:51:12 GMT
Content-Type: image/png
Content-Length: 12541
Last-Modified: Wed, 08 Sep 2021 19:12:18 GMT
Connection: keep-alive
ETag: "61390b12-30fd"
X-Powered-By: PleskLin
Accept-Ranges: bytes
m.benefitsedge.com/images/email-icon.png
216.145.105.7200 OK 30 kB URL HTTP/1.1 m.benefitsedge.com/images/email-icon.png
IP 216.145.105.7:0
ASN #25946 NETACCESS-SYSTEMS
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash 6c4dea45d53ba5cf73cca43ab4ff8ba4
09c39e6ee3776b2bbd1e2119f22aea5f8d0578be
aadee5b5f4d7054d6a95df1e222bbe33d6500962756adfbdcd3d93f353076e7e
GET /images/email-icon.png HTTP/1.1
Host: m.benefitsedge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.benefitsedge.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 09 Jan 2023 00:51:12 GMT
Content-Type: image/png
Content-Length: 29532
Last-Modified: Wed, 08 Sep 2021 19:12:18 GMT
Connection: keep-alive
ETag: "61390b12-735c"
X-Powered-By: PleskLin
Accept-Ranges: bytes
m.benefitsedge.com/images/phone-icon-as-Smart-Object-1.png
216.145.105.7200 OK 27 kB URL HTTP/1.1 m.benefitsedge.com/images/phone-icon-as-Smart-Object-1.png
IP 216.145.105.7:0
ASN #25946 NETACCESS-SYSTEMS
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash 9ad60895ca72dbe05e80b548a776c452
6ae2c1ce903b8f44902cdcc2870abb2ef8ebc464
abbe8880aaa076624d47313a65e40515b8e7ab8ef7d8beb52408450e5567ac06
GET /images/phone-icon-as-Smart-Object-1.png HTTP/1.1
Host: m.benefitsedge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.benefitsedge.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 09 Jan 2023 00:51:12 GMT
Content-Type: image/png
Content-Length: 26976
Last-Modified: Wed, 08 Sep 2021 19:12:18 GMT
Connection: keep-alive
ETag: "61390b12-6960"
X-Powered-By: PleskLin
Accept-Ranges: bytes
m.benefitsedge.com/images/GroupServices.jpg
216.145.105.7200 OK 30 kB URL HTTP/1.1 m.benefitsedge.com/images/GroupServices.jpg
IP 216.145.105.7:0
ASN #25946 NETACCESS-SYSTEMS
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 640x97, components 3\012- data
Hash 5abae0540858143c712889767660dcb6
bf74343ae76141fe9b7ac3d79635b09aa747c8f5
9bf7f11b420c0b48e561d323f40bd519c949900b6f59ade0e3d344c2d649419a
GET /images/GroupServices.jpg HTTP/1.1
Host: m.benefitsedge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.benefitsedge.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 09 Jan 2023 00:51:12 GMT
Content-Type: image/jpeg
Content-Length: 30015
Last-Modified: Wed, 08 Sep 2021 19:12:18 GMT
Connection: keep-alive
ETag: "61390b12-753f"
X-Powered-By: PleskLin
Accept-Ranges: bytes
m.benefitsedge.com/js/jquery/images/ajax-loader.gif
216.145.105.7200 OK 7.8 kB URL HTTP/1.1 m.benefitsedge.com/js/jquery/images/ajax-loader.gif
IP 216.145.105.7:0
ASN #25946 NETACCESS-SYSTEMS
File type GIF image data, version 89a, 46 x 46\012- data
Hash 08a3028fda91d443f4d5e93307c96fcd
afb5a8d515ec7b2c4e5d8bfccb490fb5b60311c3
6ad159790587aeed2e2598356ea659fe327c99976f7243899b011695b9ad526f
GET /js/jquery/images/ajax-loader.gif HTTP/1.1
Host: m.benefitsedge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.benefitsedge.com/js/jquery/jquery.mobile.theme-1.1.0.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 09 Jan 2023 00:51:12 GMT
Content-Type: image/gif
Content-Length: 7825
Last-Modified: Wed, 08 Sep 2021 19:12:18 GMT
Connection: keep-alive
ETag: "61390b12-1e91"
X-Powered-By: PleskLin
Accept-Ranges: bytes
m.benefitsedge.com/images/BE_Header_4.jpg
216.145.105.7200 OK 153 kB URL HTTP/1.1 m.benefitsedge.com/images/BE_Header_4.jpg
IP 216.145.105.7:0
ASN #25946 NETACCESS-SYSTEMS
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 640x700, components 3\012- data
Size 153 kB (152620 bytes)
Hash 7671bbc488cf291915274053ca1be279
39e5affb06c60ab337fdd4c11dcca895c92b7f7e
6dd48aa05e1f2e4b31e5b5ca60559c6f78451468100ea75c43dde2e2da90a741
GET /images/BE_Header_4.jpg HTTP/1.1
Host: m.benefitsedge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.benefitsedge.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 09 Jan 2023 00:51:12 GMT
Content-Type: image/jpeg
Content-Length: 152620
Last-Modified: Wed, 08 Sep 2021 19:12:18 GMT
Connection: keep-alive
ETag: "61390b12-2542c"
X-Powered-By: PleskLin
Accept-Ranges: bytes
m.benefitsedge.com/images/icon_144.png
216.145.105.7200 OK 24 kB URL HTTP/1.1 m.benefitsedge.com/images/icon_144.png
IP 216.145.105.7:0
ASN #25946 NETACCESS-SYSTEMS
File type PNG image data, 144 x 144, 8-bit/color RGBA, non-interlaced\012- data
Hash 08dfda42501101b36d6ea3ff4ba78927
6d78f0f10bbbbb9a8cf26ab6b7acc9a8527e05a3
3c283f691b4bb7bd98348638a8bc6464d6c99869015c2d45e4fd8e5907eb28db
GET /images/icon_144.png HTTP/1.1
Host: m.benefitsedge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.benefitsedge.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 09 Jan 2023 00:51:12 GMT
Content-Type: image/png
Content-Length: 24098
Last-Modified: Wed, 08 Sep 2021 19:12:18 GMT
Connection: keep-alive
ETag: "61390b12-5e22"
X-Powered-By: PleskLin
Accept-Ranges: bytes
m.benefitsedge.com/images/icon_57.png
216.145.105.7200 OK 5.3 kB URL HTTP/1.1 m.benefitsedge.com/images/icon_57.png
IP 216.145.105.7:0
ASN #25946 NETACCESS-SYSTEMS
File type PNG image data, 57 x 57, 8-bit/color RGBA, non-interlaced\012- data
Hash 01a7479ee8e6f72fb823fc1f087a7024
b171299834c889544130e08376b96f599efc112b
0e10ab3a204704feef3a3b0de92a74f462d8c2283d3a8ce48458488fb0df4979
GET /images/icon_57.png HTTP/1.1
Host: m.benefitsedge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.benefitsedge.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 09 Jan 2023 00:51:12 GMT
Content-Type: image/png
Content-Length: 5324
Last-Modified: Wed, 08 Sep 2021 19:12:18 GMT
Connection: keep-alive
ETag: "61390b12-14cc"
X-Powered-By: PleskLin
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8291
Expires: Mon, 09 Jan 2023 03:09:24 GMT
Date: Mon, 09 Jan 2023 00:51:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8291
Expires: Mon, 09 Jan 2023 03:09:24 GMT
Date: Mon, 09 Jan 2023 00:51:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8291
Expires: Mon, 09 Jan 2023 03:09:24 GMT
Date: Mon, 09 Jan 2023 00:51:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8291
Expires: Mon, 09 Jan 2023 03:09:24 GMT
Date: Mon, 09 Jan 2023 00:51:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8291
Expires: Mon, 09 Jan 2023 03:09:24 GMT
Date: Mon, 09 Jan 2023 00:51:13 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37629fba-d878-4757-bbb5-ec6764ae2a28.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37629fba-d878-4757-bbb5-ec6764ae2a28.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 97daf64b02d7b3d266c7cd921d0684f7
74fa41865d65ef95126bcb1072bbf578bda031b0
bcaaf9e89d8af2bbddd4c000cd2facfadebce0cffb119b7583823190c5cb009e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37629fba-d878-4757-bbb5-ec6764ae2a28.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10768
x-amzn-requestid: 321c3466-ab77-4fff-a022-436634c89dad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ecWFvEXAoAMFltg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bb36f1-55e48ac47077b4a270456423;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 21:34:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: D4QpQCBbnVW8D75nMf2W8M509tXVP0asUWgUbq0LsKMJzxr-cpWbGw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 08 Jan 2023 21:40:49 GMT
etag: "74fa41865d65ef95126bcb1072bbf578bda031b0"
content-type: image/jpeg
age: 11424
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a23d61d610c7b55d943fcb2636a01b65
82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065
28bf3039cc8c1213e64893c71bc150eda573223feb2cc15ad0814a44960d434a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9539
x-amzn-requestid: 9f388939-cfb7-432e-a921-e9188736bb45
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eTw5QGZ6oAMFxQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b7c83b-4f9d5bfc30e5ee126333d54e;Sampled=0
x-amzn-remapped-date: Fri, 06 Jan 2023 07:05:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: b85TTh5GZmQqmHRmmdz9bAw6COe0CeTyHotfElj0qpL9H051dywT3Q==
via: 1.1 1f6e68152880a39d72e6bf2996cd6a60.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sun, 08 Jan 2023 09:29:35 GMT
age: 55298
etag: "82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faede32e1-a6ef-46a9-8048-2bc4b3382d7b.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faede32e1-a6ef-46a9-8048-2bc4b3382d7b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a0473691ea0d4426c66441d3e049b139
2ba1b24cc0f903a534458642236adc8495d87519
5475d4935fea484eabbac57be8e5604952f59374e1ccf26392c3283d39b96a8d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faede32e1-a6ef-46a9-8048-2bc4b3382d7b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 173c95c5-690c-4381-9cf1-cb31e4456f14
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eQd8LF0YoAMFTUg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b676b4-0b9191ab25e33cb436995203;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 07:05:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: IrmxCeYWe4PYICmQKYgocQcPK3iE2QXWP3SJ4RZ5vGKXY46plVTF6w==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Sun, 08 Jan 2023 15:18:11 GMT
age: 34382
etag: "2ba1b24cc0f903a534458642236adc8495d87519"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e2e4caa-f18f-43f7-bbce-461d21b07be2.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e2e4caa-f18f-43f7-bbce-461d21b07be2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2afe6c3864f4dd4661cdf28d845e8a95
431f560fc40b5de4881e5e4692672c977915afd1
040f2289b10935f9c7fc054092153a02e5cb132cbe72f6a53802eab9a2415c4d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e2e4caa-f18f-43f7-bbce-461d21b07be2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8929
x-amzn-requestid: b13a1539-130b-4a12-94e8-3e624eb12e8e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eJ4FdHNkIAMFlnw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b3d3bc-43ec5dcf3921d6247324f994;Sampled=0
x-amzn-remapped-date: Tue, 03 Jan 2023 07:05:32 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QSEl29JtaoxSMIoqxodoFcSbo1muCHaYN-j0HzVCs9a-XgFYHdA6GQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Sun, 08 Jan 2023 12:25:51 GMT
age: 44722
etag: "431f560fc40b5de4881e5e4692672c977915afd1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba1a2529-b52c-4956-93ad-e18515541dfa.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba1a2529-b52c-4956-93ad-e18515541dfa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a287e312b7ea41cf63badb369b85158b
65763688f4b00b498d0e70151a09d4ebb14e2b33
a9dc69148414c0794cfb5b576b5cf74221c465e8dccbe9da71b40521e8cff129
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba1a2529-b52c-4956-93ad-e18515541dfa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7226
x-amzn-requestid: 5b7b8eb4-7a80-4a00-b693-d624ed174108
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eZ0WsHvZIAMF34Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ba342a-19e87b9b175b436e72df3fd9;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 03:10:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XT_wFX0VJ0rbYIlg4uo9n-0_ubkyikpigc5-lm1Rxtw8tcvMuKr3fw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 08 Jan 2023 03:33:41 GMT
age: 76652
etag: "65763688f4b00b498d0e70151a09d4ebb14e2b33"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c35b6f8-ae25-4552-b3cc-44e57542d5ec.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c35b6f8-ae25-4552-b3cc-44e57542d5ec.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 210f951bd43cd838048f3568adb84c8c
db87b6eeaad681f1232c104dd4d0a902a921ed6d
b0d21c80c6c53ba04c8b216f6428a0e8b8eff4ca16f44c31782857d4a2749c39
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c35b6f8-ae25-4552-b3cc-44e57542d5ec.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9407
x-amzn-requestid: 08f125d6-46ed-4a83-98bc-94f688def00c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eP6aMG3loAMFU5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b63dda-06f1fa975f43a24564b86524;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 03:02:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: yxovTp47ZgxF6qqUuREuw43Ty0KDDRt9kYoDv_t_wGuOzUdNw1b5VA==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 08 Jan 2023 05:39:18 GMT
age: 69115
etag: "db87b6eeaad681f1232c104dd4d0a902a921ed6d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2