{"report_id":"ab65bd1a-4eb4-484b-baec-6acb88b270ea","version":6,"status":"done","tags":[],"date":"2024-07-11T10:22:42Z","url":{"schema":"http","addr":"www.epromodeals.com/signin?t=eyJhbGciOiJIUzI1NiJ9.eyJ0cmFja2luZ190b2tlbiI6ImVmNTA3MTZhLWQwNDQtNGI2Mi05NzE5LThmZTk1OGM5NjhkZiIsImNlbGwiOiJodHRwczovLzIxZzZqZnZoeTYuZXhlY3V0ZS1hcGkudXMtZWFzdC0yLmFtYXpvbmF3cy5jb20vcHJvZC9hcGkvcGhpc2hpbmdjYW1wYWlnbiIsImNhbXBhaWduX3Rva2VuIjoiOGNkYjUwMzAtZjIwYS00MjQ3LTg3NDItYzkzMzY5Mjg0ZTU4IiwidGVzdF90b2tlbiI6ZmFsc2UsImV4dGVybmFsX3RyYWluaW5nIjpmYWxzZSwiZGlyZWN0X2RlbGl2ZXJ5Ijp0cnVlLCJpYXQiOjE3MjA2MjQxMDQsImlzcyI6Imh0dHBzOi8vYXBwLnBoaXNodGhyZWF0LmNvbSIsImV4cCI6MTcyODQwMDEwNH0.kXCptdaR9Oyjifs-3zC0y2PysqzfY1no3xBiK0-7gkY","fqdn":"www.epromodeals.com","domain":"epromodeals.com","tld":"com"},"ip":{"addr":"52.210.37.18","port":0,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"final":{"url":{"schema":"https","addr":"www.epromodeals.com/signin?t=eyJhbGciOiJIUzI1NiJ9.eyJ0cmFja2luZ190b2tlbiI6ImVmNTA3MTZhLWQwNDQtNGI2Mi05NzE5LThmZTk1OGM5NjhkZiIsImNlbGwiOiJodHRwczovLzIxZzZqZnZoeTYuZXhlY3V0ZS1hcGkudXMtZWFzdC0yLmFtYXpvbmF3cy5jb20vcHJvZC9hcGkvcGhpc2hpbmdjYW1wYWlnbiIsImNhbXBhaWduX3Rva2VuIjoiOGNkYjUwMzAtZjIwYS00MjQ3LTg3NDItYzkzMzY5Mjg0ZTU4IiwidGVzdF90b2tlbiI6ZmFsc2UsImV4dGVybmFsX3RyYWluaW5nIjpmYWxzZSwiZGlyZWN0X2RlbGl2ZXJ5Ijp0cnVlLCJpYXQiOjE3MjA2MjQxMDQsImlzcyI6Imh0dHBzOi8vYXBwLnBoaXNodGhyZWF0LmNvbSIsImV4cCI6MTcyODQwMDEwNH0.kXCptdaR9Oyjifs-3zC0y2PysqzfY1no3xBiK0-7gkY","fqdn":"www.epromodeals.com","domain":"epromodeals.com","tld":"com"},"title":"Sophos Phish Threat – Phishing attack simulation and training for end users"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-25T10:07:58Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"ocsp.r2m03.amazontrust.com","ip":{"addr":"143.204.53.97","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2007-05-11","domain_rank":0,"first_seen":"2023-02-21 01:06:24","last_seen":"2024-07-10 12:17:36","alert_count":0,"request_count":1,"received_data":863,"sent_data":338,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.epromodeals.com","ip":{"addr":"54.78.213.247","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"domain_registered":"2017-11-16","domain_rank":0,"first_seen":"2018-10-26 13:31:57","last_seen":"2024-04-08 22:56:04","alert_count":0,"request_count":2,"received_data":2611,"sent_data":2188,"comment":"","tags":null,"fingerprints":null},{"fqdn":"sophos-phish-threat.go-vip.co","ip":{"addr":"192.0.66.2","port":443,"asn":2635,"as":"AUTOMATTIC","country":"United States","country_code":"US"},"domain_registered":"2015-11-17","domain_rank":978959,"first_seen":"2019-04-09 23:34:10","last_seen":"2024-03-04 16:06:49","alert_count":0,"request_count":6,"received_data":174971,"sent_data":3435,"comment":"","tags":null,"fingerprints":null},{"fqdn":"staysafe.sophos.com","ip":{"addr":"192.0.66.2","port":443,"asn":2635,"as":"AUTOMATTIC","country":"United States","country_code":"US"},"domain_registered":"1995-02-17","domain_rank":862467,"first_seen":"2019-03-28 16:23:04","last_seen":"2021-02-24 19:59:22","alert_count":0,"request_count":1,"received_data":551,"sent_data":430,"comment":"","tags":null,"fingerprints":null},{"fqdn":"r10.o.lencr.org","ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-06 21:45:11","last_seen":"2024-07-09 18:12:41","alert_count":0,"request_count":6,"received_data":5324,"sent_data":1962,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"","description":"","date":"2024-07-11T10:22:08Z","timestamp":1720693328,"ip_dst":{"addr":"192.0.66.2","port":443,"asn":2635,"as":"AUTOMATTIC","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":47680,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ETPRO INFO Observed Sophos Phishing Awareness Domain in TLS SNI","source":"{\"timestamp\":\"2024-07-11T10:22:08.794470+0000\",\"flow_id\":601508866480492,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":47680,\"dest_ip\":\"192.0.66.2\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2852998,\"rev\":1,\"signature\":\"ETPRO INFO Observed Sophos Phishing Awareness Domain in TLS SNI\",\"category\":\"Possible Social Engineering Attempted\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2023_01_03\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"SSL_Malicious_Cert\"],\"updated_at\":[\"2023_01_03\"]}},\"tls\":{\"sni\":\"staysafe.sophos.com\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"f4febc55ea12b31ae17cfb7e614afda8\",\"string\":\"771,4865,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":885,\"bytes_toclient\":3566,\"start\":\"2024-07-11T10:22:08.776556+0000\"}}"}]}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-11T10:22:06.402573645Z","timestamp":1720693326402,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"EE690BACDDF55FD12AE0C9C39E330E0A1A18776B9EDC91B4AA6C5BAE28824F1E\"\r\nLast-Modified: Tue, 09 Jul 2024 15:28:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=7792\r\nExpires: Thu, 11 Jul 2024 12:31:58 GMT\r\nDate: Thu, 11 Jul 2024 10:22:06 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"e08576e0904dc9903a9c20fa9e3d15b8","sha1":"74feff76140500fd4a61e89c7e9d8d0a60df1183","sha256":"ee690bacddf55fd12ae0c9c39e330e0a1a18776b9edc91b4aa6c5bae28824f1e","sha512":"ce87a5e7c77473d402b395ff6dfc4697ae83d56b168eccca85aed994fbe8d48ed47831aa316978afcefccc1a8ab551ac5279cfc7f3ffc559b7eaea1b2770e2b3","ssdeep":"","tlshash":"01f07e43242b3f20b7aa120838f8cc0d2e202ab6284408c438b282c33807bea8ee1407","first_seen":"2024-07-09T22:22:49Z","last_seen":"2024-08-19T17:27:32.492818Z","times_seen":16077,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-11T10:22:06.404256386Z","timestamp":1720693326404,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"BE84262BBB3F3AABAE368745BC3E85B816E372B16BC37327A1887D3A19992DF6\"\r\nLast-Modified: Wed, 10 Jul 2024 13:53:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=16232\r\nExpires: Thu, 11 Jul 2024 14:52:38 GMT\r\nDate: Thu, 11 Jul 2024 10:22:06 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"ee5b6dc3e7ab972df60b36582e3eaaf4","sha1":"2a5185acc539fcddac9c33895ec74faf552b62dd","sha256":"be84262bbb3f3aabae368745bc3e85b816e372b16bc37327a1887d3a19992df6","sha512":"2d0acb707055bc8195de5f3885af1f1a96cd02f3eb1eebf31033b997b2a155347ae8a0f1647dcdb23264a7d4694fa8cd8289a4d5f171eb52e0466765fb5d0f9e","ssdeep":"","tlshash":"3cf00553005a7c42d3b20561285cd65a5d0d3d9e35554592f9400ae3f460bf8c5c505f","first_seen":"2024-07-10T17:35:11Z","last_seen":"2024-08-19T17:21:55.116113Z","times_seen":34251,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-11T10:22:06.674446512Z","timestamp":1720693326674,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"5D1BC1C01894FD88A0D4680490977488D6458BB58A98ACE24EF8AA103538BC1F\"\r\nLast-Modified: Tue, 09 Jul 2024 23:47:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=9959\r\nExpires: Thu, 11 Jul 2024 13:08:05 GMT\r\nDate: Thu, 11 Jul 2024 10:22:06 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"e7492695b5254a3a63fcffb4f1ee8cec","sha1":"0361713c6d8129210245347284c7c6babfd28fb7","sha256":"5d1bc1c01894fd88a0d4680490977488d6458bb58a98ace24ef8aa103538bc1f","sha512":"ec0e52128f983dbd74415511de8ce735b2b718b43605e9ac47400438cd5e97c87e35eb9ba74da906afc0cc7f6d28beca431b3cd9f15b958bce49500f659db147","ssdeep":"","tlshash":"d5f0549736b6bc516ab835253dfbda3e7a309924b15049bceca51291ec383a7418040c","first_seen":"2024-07-10T02:50:08Z","last_seen":"2024-08-19T17:26:17.073472Z","times_seen":39709,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-11T10:22:06.750685131Z","timestamp":1720693326750,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"C86804EFF01A7BB9FF866508BFDB1B071CFA4A26617D11094B9F5226E1A4B970\"\r\nLast-Modified: Tue, 09 Jul 2024 16:18:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=10234\r\nExpires: Thu, 11 Jul 2024 13:12:40 GMT\r\nDate: Thu, 11 Jul 2024 10:22:06 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"fc076d7a99abd74b9da6b35304bb93e9","sha1":"9d541501d5141dcf7b4d839d6fcffabec81e1a14","sha256":"c86804eff01a7bb9ff866508bfdb1b071cfa4a26617d11094b9f5226e1a4b970","sha512":"ff10580406ed0db383ff2d2dded09db4544cc042b2e609083d89b33b2d0bf6e77591dffa46e88fc3d5460d288e7416f8d1a145bd1bc80cae5f950955f7d88a14","ssdeep":"","tlshash":"5bf00e0210d8be02933a0f056899e22a6c00d6ac728051f730dc05957672b9b87c8848","first_seen":"2024-07-09T20:48:14Z","last_seen":"2024-08-19T17:28:08.063831Z","times_seen":23416,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ocsp.r2m03.amazontrust.com/","fqdn":"ocsp.r2m03.amazontrust.com","domain":"amazontrust.com","tld":"com"},"ip":{"addr":"143.204.53.97","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-11T10:22:07.441733014Z","timestamp":1720693327441,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: ocsp.r2m03.amazontrust.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 83\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nContent-Length: 471\r\nConnection: keep-alive\r\nCache-Control: max-age=7200\r\nDate: Thu, 11 Jul 2024 10:22:07 GMT\r\nServer: ECAcc (amb/6AB4)\r\nX-Cache: Miss from cloudfront\r\nVia: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)\r\nX-Amz-Cf-Pop: OSL50-C1\r\nX-Amz-Cf-Id: Pne5UIdzozHqs3SmtnKDIJ-OdKHOlgS8_njoN8og4JVTFKCHz2jhQw==\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":471,"size_decoded":471,"mime_type":"application/octet-stream","magic":"data","md5":"9e375a0a2b065438935d9b07f0dd3064","sha1":"56c3dd1dc2dd6e56ba5d5f321d01c53a018f685b","sha256":"b3709a10decbf1efedd46f0a2506fd7eb6032f7edca0d6ba82b317b310dbf19e","sha512":"150f7b7ad758ea5a97d88682e687e2735c4485953fc42558406bff301cca97b4bc34cfe4103b546856d99ac6a3ba2724547ab39cfe2a2bed4a545d25ec7c2172","ssdeep":"","tlshash":"e7f0d44f58e9a9c5432a35304f9a9c713c6641753cc16363241544e79d457eef50609b","first_seen":"2024-08-19T17:17:03.686727Z","last_seen":"2024-08-19T17:17:03.686727Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.epromodeals.com/signin?t=eyJhbGciOiJIUzI1NiJ9.eyJ0cmFja2luZ190b2tlbiI6ImVmNTA3MTZhLWQwNDQtNGI2Mi05NzE5LThmZTk1OGM5NjhkZiIsImNlbGwiOiJodHRwczovLzIxZzZqZnZoeTYuZXhlY3V0ZS1hcGkudXMtZWFzdC0yLmFtYXpvbmF3cy5jb20vcHJvZC9hcGkvcGhpc2hpbmdjYW1wYWlnbiIsImNhbXBhaWduX3Rva2VuIjoiOGNkYjUwMzAtZjIwYS00MjQ3LTg3NDItYzkzMzY5Mjg0ZTU4IiwidGVzdF90b2tlbiI6ZmFsc2UsImV4dGVybmFsX3RyYWluaW5nIjpmYWxzZSwiZGlyZWN0X2RlbGl2ZXJ5Ijp0cnVlLCJpYXQiOjE3MjA2MjQxMDQsImlzcyI6Imh0dHBzOi8vYXBwLnBoaXNodGhyZWF0LmNvbSIsImV4cCI6MTcyODQwMDEwNH0.kXCptdaR9Oyjifs-3zC0y2PysqzfY1no3xBiK0-7gkY","fqdn":"www.epromodeals.com","domain":"epromodeals.com","tld":"com"},"ip":{"addr":"54.78.213.247","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-07-11T10:22:07.057Z","timestamp":1720693327057,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"epromodeals.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M03","organization":"Amazon"},"validity":{"start":"Tue, 19 Dec 2023 00:00:00 GMT","end":"Thu, 16 Jan 2025 23:59:59 GMT"},"fingerprint":{"sha1":"21:35:D5:DE:5F:F0:C1:35:E4:80:0E:2E:41:17:91:BA:69:80:A4:0F","sha256":"3A:B9:18:4D:C9:12:43:86:7F:A7:A0:AC:02:2A:6C:2B:47:78:F7:CB:65:00:4D:6E:84:B5:C1:27:2E:B3:37:E0"}}},"request":{"raw":"GET /signin?t=eyJhbGciOiJIUzI1NiJ9.eyJ0cmFja2luZ190b2tlbiI6ImVmNTA3MTZhLWQwNDQtNGI2Mi05NzE5LThmZTk1OGM5NjhkZiIsImNlbGwiOiJodHRwczovLzIxZzZqZnZoeTYuZXhlY3V0ZS1hcGkudXMtZWFzdC0yLmFtYXpvbmF3cy5jb20vcHJvZC9hcGkvcGhpc2hpbmdjYW1wYWlnbiIsImNhbXBhaWduX3Rva2VuIjoiOGNkYjUwMzAtZjIwYS00MjQ3LTg3NDItYzkzMzY5Mjg0ZTU4IiwidGVzdF90b2tlbiI6ZmFsc2UsImV4dGVybmFsX3RyYWluaW5nIjpmYWxzZSwiZGlyZWN0X2RlbGl2ZXJ5Ijp0cnVlLCJpYXQiOjE3MjA2MjQxMDQsImlzcyI6Imh0dHBzOi8vYXBwLnBoaXNodGhyZWF0LmNvbSIsImV4cCI6MTcyODQwMDEwNH0.kXCptdaR9Oyjifs-3zC0y2PysqzfY1no3xBiK0-7gkY HTTP/1.1\r\nHost: www.epromodeals.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 11 Jul 2024 10:22:08 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nServer: nginx/1.18.0\r\nVary: Accept-Encoding\r\nSet-Cookie: wordpress_sec_756c12a83cfbec080e0017373d6ae55f=ef50716a-d044-4b62-9719-8fe958c968df%7C1720866127%7CZPpo4YuhgUyAetWARqOS6HxqsK6uonF0G2UAejXjsgD%7C485351de2160edf75754bdaa4f8c1bc98c2b3f81e349f468bf3de9891d0424c7; path=/wp-content/plugins; secure; HttpOnly\nwordpress_sec_756c12a83cfbec080e0017373d6ae55f=ef50716a-d044-4b62-9719-8fe958c968df%7C1720866127%7CZPpo4YuhgUyAetWARqOS6HxqsK6uonF0G2UAejXjsgD%7C485351de2160edf75754bdaa4f8c1bc98c2b3f81e349f468bf3de9891d0424c7; path=/wp-admin; secure; HttpOnly\nwordpress_logged_in_756c12a83cfbec080e0017373d6ae55f=ef50716a-d044-4b62-9719-8fe958c968df%7C1720866127%7CZPpo4YuhgUyAetWARqOS6HxqsK6uonF0G2UAejXjsgD%7Cb2fdbd88601db8176273c377c8bd7694986927e155e003653d44b95ecd854b7f; path=/; secure; HttpOnly\r\nContent-Encoding: br\r\nStrict-Transport-Security: max-age=31536000\r\nx-rq: lhr3 111 253 443\r\naccept-ranges: bytes\r\ncache-control: no-cache, must-revalidate, max-age=0, no-store\r\nx-cache: BYPASS\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1093,"size_decoded":3230,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"3c36a8406fa0c02983d5f671cdfac4f7","sha1":"e501026f77ee9cae7f7d48138c0fedf325b87366","sha256":"4b3244253f543b1b92089c4657139373e2c5e9216bb8e2916a96bd50f67b6d5a","sha512":"d62ea4d1389551315e8c2a4388e72ddc9917adcdfd0c746a6f0eb9d4c77a436baaa4078273ecd4af194e2e5fbf449121397a0d7a2391ccac686175f79b44886f","ssdeep":"","tlshash":"f9611e3185d4a52212a3d691e511279affe2c593c74b8912b2fd47ca1fc3f11c7a7398","first_seen":"2024-08-19T17:17:03.687678Z","last_seen":"2026-02-22T00:26:43.992387Z","times_seen":3,"resource_available":true,"data":null}},"time_used":1540,"timings":{"blocked":385,"dns":1,"connect":39,"send":0,"wait":758,"receive":0,"ssl":339},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sophos-phish-threat.go-vip.co/_static/wp-content/themes/phishthreat/assets/images/sophos-logo.png","fqdn":"sophos-phish-threat.go-vip.co","domain":"go-vip.co","tld":"co"},"ip":{"addr":"192.0.66.2","port":443,"asn":2635,"as":"AUTOMATTIC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.epromodeals.com/signin?t=eyJhbGciOiJIUzI1NiJ9.eyJ0cmFja2luZ190b2tlbiI6ImVmNTA3MTZhLWQwNDQtNGI2Mi05NzE5LThmZTk1OGM5NjhkZiIsImNlbGwiOiJodHRwczovLzIxZzZqZnZoeTYuZXhlY3V0ZS1hcGkudXMtZWFzdC0yLmFtYXpvbmF3cy5jb20vcHJvZC9hcGkvcGhpc2hpbmdjYW1wYWlnbiIsImNhbXBhaWduX3Rva2VuIjoiOGNkYjUwMzAtZjIwYS00MjQ3LTg3NDItYzkzMzY5Mjg0ZTU4IiwidGVzdF90b2tlbiI6ZmFsc2UsImV4dGVybmFsX3RyYWluaW5nIjpmYWxzZSwiZGlyZWN0X2RlbGl2ZXJ5Ijp0cnVlLCJpYXQiOjE3MjA2MjQxMDQsImlzcyI6Imh0dHBzOi8vYXBwLnBoaXNodGhyZWF0LmNvbSIsImV4cCI6MTcyODQwMDEwNH0.kXCptdaR9Oyjifs-3zC0y2PysqzfY1no3xBiK0-7gkY","date":"2024-07-11T10:22:08.638Z","timestamp":1720693328638,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.go-vip.co","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Wed, 08 Nov 2023 00:00:00 GMT","end":"Sun, 08 Dec 2024 23:59:59 GMT"},"fingerprint":{"sha1":"8B:CE:A7:A0:5C:47:A7:6A:89:7B:69:D1:C8:38:5A:C5:91:A4:06:E5","sha256":"19:84:5A:38:4C:E1:52:10:D8:76:CD:C3:48:D3:5D:5C:14:87:DB:8D:6E:CF:13:AA:A9:FE:A3:A9:6F:53:43:EA"}}},"request":{"raw":"GET /_static/wp-content/themes/phishthreat/assets/images/sophos-logo.png HTTP/1.1\r\nHost: sophos-phish-threat.go-vip.co\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sophos-phish-threat.go-vip.co/_static/wp-content/themes/phishthreat/assets/css/master.min.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 11 Jul 2024 10:22:08 GMT\r\ncontent-type: image/png\r\ncontent-length: 4316\r\nlast-modified: Wed, 02 Aug 2023 09:39:17 GMT\r\netag: \"64ca2445-10dc\"\r\nstrict-transport-security: max-age=31536000\r\nx-rq: arn2 111 254 443\r\ncache-control: max-age=31536000\r\nx-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4316,"size_decoded":4316,"mime_type":"image/png","magic":"PNG image data, 232 x 79, 8-bit/color RGBA, non-interlaced","md5":"2331489f7bc6b96920dd813763a1429a","sha1":"fc4e8224bfbac7926b78049d2646c3e6d8e21644","sha256":"5940cb8b477258b23e3d3e2136f22ec12ff9d26964e54e81a4d4582ceb032169","sha512":"72769292b599d7933b313b594ff7dd1d05e9bf338a687c85e344745550bc457e2329068a01e3163cc63e31f2e0ee8ef95b8896d8cd9b96c8a8e532fe5c941ccc","ssdeep":"","tlshash":"","first_seen":"2023-05-18T10:29:20Z","last_seen":"2026-03-25T21:58:24.36688Z","times_seen":61,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":10,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sophos-phish-threat.go-vip.co/_static/wp-content/themes/phishthreat/assets/images/secondary-logo.png","fqdn":"sophos-phish-threat.go-vip.co","domain":"go-vip.co","tld":"co"},"ip":{"addr":"192.0.66.2","port":443,"asn":2635,"as":"AUTOMATTIC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.epromodeals.com/signin?t=eyJhbGciOiJIUzI1NiJ9.eyJ0cmFja2luZ190b2tlbiI6ImVmNTA3MTZhLWQwNDQtNGI2Mi05NzE5LThmZTk1OGM5NjhkZiIsImNlbGwiOiJodHRwczovLzIxZzZqZnZoeTYuZXhlY3V0ZS1hcGkudXMtZWFzdC0yLmFtYXpvbmF3cy5jb20vcHJvZC9hcGkvcGhpc2hpbmdjYW1wYWlnbiIsImNhbXBhaWduX3Rva2VuIjoiOGNkYjUwMzAtZjIwYS00MjQ3LTg3NDItYzkzMzY5Mjg0ZTU4IiwidGVzdF90b2tlbiI6ZmFsc2UsImV4dGVybmFsX3RyYWluaW5nIjpmYWxzZSwiZGlyZWN0X2RlbGl2ZXJ5Ijp0cnVlLCJpYXQiOjE3MjA2MjQxMDQsImlzcyI6Imh0dHBzOi8vYXBwLnBoaXNodGhyZWF0LmNvbSIsImV4cCI6MTcyODQwMDEwNH0.kXCptdaR9Oyjifs-3zC0y2PysqzfY1no3xBiK0-7gkY","date":"2024-07-11T10:22:08.641Z","timestamp":1720693328641,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.go-vip.co","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Wed, 08 Nov 2023 00:00:00 GMT","end":"Sun, 08 Dec 2024 23:59:59 GMT"},"fingerprint":{"sha1":"8B:CE:A7:A0:5C:47:A7:6A:89:7B:69:D1:C8:38:5A:C5:91:A4:06:E5","sha256":"19:84:5A:38:4C:E1:52:10:D8:76:CD:C3:48:D3:5D:5C:14:87:DB:8D:6E:CF:13:AA:A9:FE:A3:A9:6F:53:43:EA"}}},"request":{"raw":"GET /_static/wp-content/themes/phishthreat/assets/images/secondary-logo.png HTTP/1.1\r\nHost: sophos-phish-threat.go-vip.co\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sophos-phish-threat.go-vip.co/_static/wp-content/themes/phishthreat/assets/css/master.min.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 11 Jul 2024 10:22:08 GMT\r\ncontent-type: image/png\r\ncontent-length: 12256\r\nlast-modified: Wed, 02 Aug 2023 09:39:17 GMT\r\netag: \"64ca2445-2fe0\"\r\nstrict-transport-security: max-age=31536000\r\nx-rq: arn2 111 253 443\r\ncache-control: max-age=31536000\r\nx-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":12256,"size_decoded":12256,"mime_type":"image/png","magic":"PNG image data, 200 x 198, 8-bit/color RGBA, non-interlaced","md5":"de229b86ddf40ebca0b165a6cb928c61","sha1":"7358e6bd2c4335d570256b9d3d890fb860d0a0f5","sha256":"8a4007fcbdbb05010eeb3b8401048e2c6aef424ff851d25c8409ffe08eb6f526","sha512":"e31178b6e63fe792e89e965c081f24ea7e74a0347007e5ef8f39ed59931b1b949bc0c6b6125f177b06eede7bb26849577cbb1e787f46a5ba2c9fe0d8fc3f78e3","ssdeep":"","tlshash":"","first_seen":"2023-05-18T10:29:20Z","last_seen":"2026-03-25T21:58:24.373994Z","times_seen":59,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":16,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.epromodeals.com/favicon.ico","fqdn":"www.epromodeals.com","domain":"epromodeals.com","tld":"com"},"ip":{"addr":"54.78.213.247","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.epromodeals.com/signin?t=eyJhbGciOiJIUzI1NiJ9.eyJ0cmFja2luZ190b2tlbiI6ImVmNTA3MTZhLWQwNDQtNGI2Mi05NzE5LThmZTk1OGM5NjhkZiIsImNlbGwiOiJodHRwczovLzIxZzZqZnZoeTYuZXhlY3V0ZS1hcGkudXMtZWFzdC0yLmFtYXpvbmF3cy5jb20vcHJvZC9hcGkvcGhpc2hpbmdjYW1wYWlnbiIsImNhbXBhaWduX3Rva2VuIjoiOGNkYjUwMzAtZjIwYS00MjQ3LTg3NDItYzkzMzY5Mjg0ZTU4IiwidGVzdF90b2tlbiI6ZmFsc2UsImV4dGVybmFsX3RyYWluaW5nIjpmYWxzZSwiZGlyZWN0X2RlbGl2ZXJ5Ijp0cnVlLCJpYXQiOjE3MjA2MjQxMDQsImlzcyI6Imh0dHBzOi8vYXBwLnBoaXNodGhyZWF0LmNvbSIsImV4cCI6MTcyODQwMDEwNH0.kXCptdaR9Oyjifs-3zC0y2PysqzfY1no3xBiK0-7gkY","date":"2024-07-11T10:22:08.627Z","timestamp":1720693328627,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"epromodeals.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M03","organization":"Amazon"},"validity":{"start":"Tue, 19 Dec 2023 00:00:00 GMT","end":"Thu, 16 Jan 2025 23:59:59 GMT"},"fingerprint":{"sha1":"21:35:D5:DE:5F:F0:C1:35:E4:80:0E:2E:41:17:91:BA:69:80:A4:0F","sha256":"3A:B9:18:4D:C9:12:43:86:7F:A7:A0:AC:02:2A:6C:2B:47:78:F7:CB:65:00:4D:6E:84:B5:C1:27:2E:B3:37:E0"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: www.epromodeals.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.epromodeals.com/signin?t=eyJhbGciOiJIUzI1NiJ9.eyJ0cmFja2luZ190b2tlbiI6ImVmNTA3MTZhLWQwNDQtNGI2Mi05NzE5LThmZTk1OGM5NjhkZiIsImNlbGwiOiJodHRwczovLzIxZzZqZnZoeTYuZXhlY3V0ZS1hcGkudXMtZWFzdC0yLmFtYXpvbmF3cy5jb20vcHJvZC9hcGkvcGhpc2hpbmdjYW1wYWlnbiIsImNhbXBhaWduX3Rva2VuIjoiOGNkYjUwMzAtZjIwYS00MjQ3LTg3NDItYzkzMzY5Mjg0ZTU4IiwidGVzdF90b2tlbiI6ZmFsc2UsImV4dGVybmFsX3RyYWluaW5nIjpmYWxzZSwiZGlyZWN0X2RlbGl2ZXJ5Ijp0cnVlLCJpYXQiOjE3MjA2MjQxMDQsImlzcyI6Imh0dHBzOi8vYXBwLnBoaXNodGhyZWF0LmNvbSIsImV4cCI6MTcyODQwMDEwNH0.kXCptdaR9Oyjifs-3zC0y2PysqzfY1no3xBiK0-7gkY\r\nCookie: wordpress_logged_in_756c12a83cfbec080e0017373d6ae55f=ef50716a-d044-4b62-9719-8fe958c968df%7C1720866127%7CZPpo4YuhgUyAetWARqOS6HxqsK6uonF0G2UAejXjsgD%7Cb2fdbd88601db8176273c377c8bd7694986927e155e003653d44b95ecd854b7f\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 11 Jul 2024 10:22:08 GMT\r\nContent-Type: text/html\r\nContent-Length: 169\r\nConnection: keep-alive\r\nServer: nginx/1.18.0\r\nLocation: https://staysafe.sophos.com/favicon.ico\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":null,"data":{"size":169,"size_decoded":169,"mime_type":"image/x-icon","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"84855c13836b389d5ec7cfd4c9266173","sha1":"1cf3056ff23c4176fd7ca9816a000ed461d6d323","sha256":"502083c916ae481cdd413b8d93315300653df5fb3dcc5770c01991de19977eae","sha512":"2479112004884d42d4ffe1174dc358c5d1b0fa2b41641d32f2fb67539c4f834d63cfbbf7e98c63b9a64e49b26390c410bb7e50f1ad4a755f32d081367af05fcb","ssdeep":"","tlshash":"ffc012a9ab022ca8a8a73b3860c3a0a0e2ec906022d9491101a0060bb18b1979ec2391","first_seen":"2023-04-05T04:42:14Z","last_seen":"2025-03-02T02:24:41.12819Z","times_seen":4478,"resource_available":false,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-11T10:22:08.668686945Z","timestamp":1720693328668,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"3E28EA2CEDE92DAE0F7BFCD98EAF9BD016AB8ECC4EA81B7E8F7B90BA4E20AA40\"\r\nLast-Modified: Wed, 10 Jul 2024 17:32:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=3803\r\nExpires: Thu, 11 Jul 2024 11:25:31 GMT\r\nDate: Thu, 11 Jul 2024 10:22:08 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"50e4489707989517510128817aedd2ea","sha1":"36a54d7b34a9ac621715b569e5a870f62671c574","sha256":"3e28ea2cede92dae0f7bfcd98eaf9bd016ab8ecc4ea81b7e8f7b90ba4e20aa40","sha512":"ed92692072bbfb8601b1412479f5eda9a2a39f91902dcfd261b22bd27435a591dcee983015bab15f63c3e2af60ced24f6dc0e1f02620ba660eb0c51fb02ac980","ssdeep":"","tlshash":"3ff0c90025e6f80252a6670abcabdb1f2c383e1636199280a0a012a2ed00bdbc3c51cc","first_seen":"2024-07-10T20:38:58Z","last_seen":"2024-08-19T17:21:03.235Z","times_seen":38767,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-11T10:22:08.67159917Z","timestamp":1720693328671,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"3E28EA2CEDE92DAE0F7BFCD98EAF9BD016AB8ECC4EA81B7E8F7B90BA4E20AA40\"\r\nLast-Modified: Wed, 10 Jul 2024 17:32:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=3803\r\nExpires: Thu, 11 Jul 2024 11:25:31 GMT\r\nDate: Thu, 11 Jul 2024 10:22:08 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"50e4489707989517510128817aedd2ea","sha1":"36a54d7b34a9ac621715b569e5a870f62671c574","sha256":"3e28ea2cede92dae0f7bfcd98eaf9bd016ab8ecc4ea81b7e8f7b90ba4e20aa40","sha512":"ed92692072bbfb8601b1412479f5eda9a2a39f91902dcfd261b22bd27435a591dcee983015bab15f63c3e2af60ced24f6dc0e1f02620ba660eb0c51fb02ac980","ssdeep":"","tlshash":"3ff0c90025e6f80252a6670abcabdb1f2c383e1636199280a0a012a2ed00bdbc3c51cc","first_seen":"2024-07-10T20:38:58Z","last_seen":"2024-08-19T17:21:03.235Z","times_seen":38767,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sophos-phish-threat.go-vip.co/_static/wp-content/themes/phishthreat/assets/fonts/flama-light-webfont.ttf","fqdn":"sophos-phish-threat.go-vip.co","domain":"go-vip.co","tld":"co"},"ip":{"addr":"192.0.66.2","port":443,"asn":2635,"as":"AUTOMATTIC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.epromodeals.com/signin?t=eyJhbGciOiJIUzI1NiJ9.eyJ0cmFja2luZ190b2tlbiI6ImVmNTA3MTZhLWQwNDQtNGI2Mi05NzE5LThmZTk1OGM5NjhkZiIsImNlbGwiOiJodHRwczovLzIxZzZqZnZoeTYuZXhlY3V0ZS1hcGkudXMtZWFzdC0yLmFtYXpvbmF3cy5jb20vcHJvZC9hcGkvcGhpc2hpbmdjYW1wYWlnbiIsImNhbXBhaWduX3Rva2VuIjoiOGNkYjUwMzAtZjIwYS00MjQ3LTg3NDItYzkzMzY5Mjg0ZTU4IiwidGVzdF90b2tlbiI6ZmFsc2UsImV4dGVybmFsX3RyYWluaW5nIjpmYWxzZSwiZGlyZWN0X2RlbGl2ZXJ5Ijp0cnVlLCJpYXQiOjE3MjA2MjQxMDQsImlzcyI6Imh0dHBzOi8vYXBwLnBoaXNodGhyZWF0LmNvbSIsImV4cCI6MTcyODQwMDEwNH0.kXCptdaR9Oyjifs-3zC0y2PysqzfY1no3xBiK0-7gkY","date":"2024-07-11T10:22:08.653Z","timestamp":1720693328653,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.go-vip.co","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Wed, 08 Nov 2023 00:00:00 GMT","end":"Sun, 08 Dec 2024 23:59:59 GMT"},"fingerprint":{"sha1":"8B:CE:A7:A0:5C:47:A7:6A:89:7B:69:D1:C8:38:5A:C5:91:A4:06:E5","sha256":"19:84:5A:38:4C:E1:52:10:D8:76:CD:C3:48:D3:5D:5C:14:87:DB:8D:6E:CF:13:AA:A9:FE:A3:A9:6F:53:43:EA"}}},"request":{"raw":"GET /_static/wp-content/themes/phishthreat/assets/fonts/flama-light-webfont.ttf HTTP/1.1\r\nHost: sophos-phish-threat.go-vip.co\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.epromodeals.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sophos-phish-threat.go-vip.co/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 11 Jul 2024 10:22:08 GMT\r\ncontent-type: application/font-ttf\r\nlast-modified: Wed, 02 Aug 2023 09:39:17 GMT\r\nvary: Accept-Encoding\r\netag: W/\"64ca2445-c918\"\r\ncontent-encoding: br\r\nstrict-transport-security: max-age=31536000\r\nx-rq: arn2 111 253 443\r\ncache-control: max-age=31536000\r\naccept-ranges: bytes\r\nx-cache: HIT\r\naccess-control-allow-methods: GET, HEAD\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":27287,"size_decoded":51480,"mime_type":"application/font-ttf","magic":"TrueType Font data, 19 tables, 1st \"FFTM\", 19 names, Microsoft, language 0x409, Copyright (c) 2008 by M�rio Feliciano. All rights reserved.Flama LightRegular3.000;FTF;2008;Flam","md5":"89959a05e65954d1f83878ec49d56e88","sha1":"6948de7ce5d1092b568f37045970df5e850cca0d","sha256":"1eee700208fddc9dbea7fd453e8a1dbaca020a9c0dedb43f985f3fd1ddcbda2d","sha512":"e83ddebd0f784d35cbbb5062ebaa80ce473e920862140a14843ca2c8b21360b7aa339627e72267d5544b78573fc6d5e46d7f7740aad844ceaf327fe33a52af7c","ssdeep":"768:xx3IjIGgzSDnCXlDy8TV0heKWejoNTb30wK8isvkUfFQS3zdh1F:j3IjIGgXXlnV0c9NTb3zK85vkUfp3v","tlshash":"e533e540a3e9270ee7f32e35593011a48db6fd6beeb8c27d5148105d4822ab49eb1f77","first_seen":"2023-05-26T04:53:25Z","last_seen":"2026-03-25T21:58:24.363354Z","times_seen":57,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":3,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sophos-phish-threat.go-vip.co/_static/wp-content/themes/phishthreat/assets/css/master.min.css","fqdn":"sophos-phish-threat.go-vip.co","domain":"go-vip.co","tld":"co"},"ip":{"addr":"192.0.66.2","port":443,"asn":2635,"as":"AUTOMATTIC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.epromodeals.com/signin?t=eyJhbGciOiJIUzI1NiJ9.eyJ0cmFja2luZ190b2tlbiI6ImVmNTA3MTZhLWQwNDQtNGI2Mi05NzE5LThmZTk1OGM5NjhkZiIsImNlbGwiOiJodHRwczovLzIxZzZqZnZoeTYuZXhlY3V0ZS1hcGkudXMtZWFzdC0yLmFtYXpvbmF3cy5jb20vcHJvZC9hcGkvcGhpc2hpbmdjYW1wYWlnbiIsImNhbXBhaWduX3Rva2VuIjoiOGNkYjUwMzAtZjIwYS00MjQ3LTg3NDItYzkzMzY5Mjg0ZTU4IiwidGVzdF90b2tlbiI6ZmFsc2UsImV4dGVybmFsX3RyYWluaW5nIjpmYWxzZSwiZGlyZWN0X2RlbGl2ZXJ5Ijp0cnVlLCJpYXQiOjE3MjA2MjQxMDQsImlzcyI6Imh0dHBzOi8vYXBwLnBoaXNodGhyZWF0LmNvbSIsImV4cCI6MTcyODQwMDEwNH0.kXCptdaR9Oyjifs-3zC0y2PysqzfY1no3xBiK0-7gkY","date":"2024-07-11T10:22:08.539Z","timestamp":1720693328539,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.go-vip.co","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Wed, 08 Nov 2023 00:00:00 GMT","end":"Sun, 08 Dec 2024 23:59:59 GMT"},"fingerprint":{"sha1":"8B:CE:A7:A0:5C:47:A7:6A:89:7B:69:D1:C8:38:5A:C5:91:A4:06:E5","sha256":"19:84:5A:38:4C:E1:52:10:D8:76:CD:C3:48:D3:5D:5C:14:87:DB:8D:6E:CF:13:AA:A9:FE:A3:A9:6F:53:43:EA"}}},"request":{"raw":"GET /_static/wp-content/themes/phishthreat/assets/css/master.min.css HTTP/1.1\r\nHost: sophos-phish-threat.go-vip.co\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.epromodeals.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 11 Jul 2024 10:22:08 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 02 Aug 2023 09:39:17 GMT\r\nvary: Accept-Encoding\r\netag: W/\"64ca2445-160fd\"\r\ncontent-encoding: br\r\nstrict-transport-security: max-age=31536000\r\nx-rq: arn2 111 253 443\r\ncache-control: max-age=31536000\r\naccept-ranges: bytes\r\nx-cache: HIT\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":24805,"size_decoded":90365,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (47535), with CRLF line terminators","md5":"03abbd70554e5c3dc713a45ab0910ccb","sha1":"1ae7a17971e9da45158d1afd47992dd0be5d6545","sha256":"f1dd8f33178fc66764414b4552521f686c8c37dec7f8ffe0b255a66e1a81b246","sha512":"5105d4448e8a6ac67540660fb334f621d3cfbfaac72ad47af5088f122f0cb571182bd2c2d9af96a30c4f24bd434d06fdcb0eb6dc72d7c1743f336fa63b5af05d","ssdeep":"1536:2UL37a/ykrX06PqagM+oICkiBsQaoOfrQ:2UL37a/ykrX06Pqa5+pCkiBsQQ0","tlshash":"759321b2a44a25ec1722c91b93a1b3787136fa31e5934fb4f42fd94c4fc5e0109aab5d","first_seen":"2024-03-21T07:14:54Z","last_seen":"2026-03-25T21:58:24.368517Z","times_seen":39,"resource_available":false,"data":null}},"time_used":71,"timings":{"blocked":29,"dns":10,"connect":7,"send":0,"wait":9,"receive":0,"ssl":13},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"staysafe.sophos.com/favicon.ico","fqdn":"staysafe.sophos.com","domain":"sophos.com","tld":"com"},"ip":{"addr":"192.0.66.2","port":443,"asn":2635,"as":"AUTOMATTIC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.epromodeals.com/signin?t=eyJhbGciOiJIUzI1NiJ9.eyJ0cmFja2luZ190b2tlbiI6ImVmNTA3MTZhLWQwNDQtNGI2Mi05NzE5LThmZTk1OGM5NjhkZiIsImNlbGwiOiJodHRwczovLzIxZzZqZnZoeTYuZXhlY3V0ZS1hcGkudXMtZWFzdC0yLmFtYXpvbmF3cy5jb20vcHJvZC9hcGkvcGhpc2hpbmdjYW1wYWlnbiIsImNhbXBhaWduX3Rva2VuIjoiOGNkYjUwMzAtZjIwYS00MjQ3LTg3NDItYzkzMzY5Mjg0ZTU4IiwidGVzdF90b2tlbiI6ZmFsc2UsImV4dGVybmFsX3RyYWluaW5nIjpmYWxzZSwiZGlyZWN0X2RlbGl2ZXJ5Ijp0cnVlLCJpYXQiOjE3MjA2MjQxMDQsImlzcyI6Imh0dHBzOi8vYXBwLnBoaXNodGhyZWF0LmNvbSIsImV4cCI6MTcyODQwMDEwNH0.kXCptdaR9Oyjifs-3zC0y2PysqzfY1no3xBiK0-7gkY","date":"2024-07-11T10:22:08.740Z","timestamp":1720693328740,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"partnernews.sophos.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 31 May 2024 06:36:20 GMT","end":"Thu, 29 Aug 2024 06:36:19 GMT"},"fingerprint":{"sha1":"B1:E7:03:C1:15:35:DA:FD:A2:7E:C2:58:D9:B9:5D:3C:B6:0F:58:A9","sha256":"78:3E:82:06:DA:D1:F6:D2:EA:9F:99:33:34:01:36:49:15:95:A4:20:E7:13:2F:3F:19:04:09:4F:E7:62:B7:0D"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: staysafe.sophos.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.epromodeals.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 11 Jul 2024 10:22:08 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 198\r\nlast-modified: Wed, 13 Mar 2024 15:17:49 GMT\r\netag: \"65f1c39d-c6\"\r\nstrict-transport-security: max-age=31536000\r\nx-rq: arn2 111 254 443\r\nx-cache: HIT\r\ncache-control: max-age=300, must-revalidate\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":198,"size_decoded":198,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 16x16, 2 colors","md5":"c6acedaff906029fc5455d9ec52c7f42","sha1":"92cbd806ca421aa2c9ff5e1ff76bbc20913a2f81","sha256":"9deb629637088856fe61dc868bf40a7d21ed942e4117659f3d6c3408f59b906b","sha512":"7a8d002ca6b607e38860ad4485493e109cb7d3bef241b0e5bf2a65c2e316e6185ded8ec74e3fcbd78745ab302c6d876657abc178ee028d1b8b9a5572f429d972","ssdeep":"","tlshash":"99d002433104c014c0100635c407dbf407546c018d94274731503f5f7c505c81c64650","first_seen":"2023-04-08T04:59:04Z","last_seen":"2026-04-04T17:00:32.917146Z","times_seen":7147,"resource_available":false,"data":null}},"time_used":70,"timings":{"blocked":-1,"dns":37,"connect":7,"send":0,"wait":8,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sophos-phish-threat.go-vip.co/_static/wp-content/themes/phishthreat/assets/fonts/flama-book-webfont.ttf","fqdn":"sophos-phish-threat.go-vip.co","domain":"go-vip.co","tld":"co"},"ip":{"addr":"192.0.66.2","port":443,"asn":2635,"as":"AUTOMATTIC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.epromodeals.com/signin?t=eyJhbGciOiJIUzI1NiJ9.eyJ0cmFja2luZ190b2tlbiI6ImVmNTA3MTZhLWQwNDQtNGI2Mi05NzE5LThmZTk1OGM5NjhkZiIsImNlbGwiOiJodHRwczovLzIxZzZqZnZoeTYuZXhlY3V0ZS1hcGkudXMtZWFzdC0yLmFtYXpvbmF3cy5jb20vcHJvZC9hcGkvcGhpc2hpbmdjYW1wYWlnbiIsImNhbXBhaWduX3Rva2VuIjoiOGNkYjUwMzAtZjIwYS00MjQ3LTg3NDItYzkzMzY5Mjg0ZTU4IiwidGVzdF90b2tlbiI6ZmFsc2UsImV4dGVybmFsX3RyYWluaW5nIjpmYWxzZSwiZGlyZWN0X2RlbGl2ZXJ5Ijp0cnVlLCJpYXQiOjE3MjA2MjQxMDQsImlzcyI6Imh0dHBzOi8vYXBwLnBoaXNodGhyZWF0LmNvbSIsImV4cCI6MTcyODQwMDEwNH0.kXCptdaR9Oyjifs-3zC0y2PysqzfY1no3xBiK0-7gkY","date":"2024-07-11T10:22:08.688Z","timestamp":1720693328688,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.go-vip.co","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Wed, 08 Nov 2023 00:00:00 GMT","end":"Sun, 08 Dec 2024 23:59:59 GMT"},"fingerprint":{"sha1":"8B:CE:A7:A0:5C:47:A7:6A:89:7B:69:D1:C8:38:5A:C5:91:A4:06:E5","sha256":"19:84:5A:38:4C:E1:52:10:D8:76:CD:C3:48:D3:5D:5C:14:87:DB:8D:6E:CF:13:AA:A9:FE:A3:A9:6F:53:43:EA"}}},"request":{"raw":"GET /_static/wp-content/themes/phishthreat/assets/fonts/flama-book-webfont.ttf HTTP/1.1\r\nHost: sophos-phish-threat.go-vip.co\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.epromodeals.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sophos-phish-threat.go-vip.co/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 11 Jul 2024 10:22:08 GMT\r\ncontent-type: application/font-ttf\r\nlast-modified: Wed, 02 Aug 2023 09:39:17 GMT\r\nvary: Accept-Encoding\r\netag: W/\"64ca2445-c8f0\"\r\ncontent-encoding: br\r\nstrict-transport-security: max-age=31536000\r\nx-rq: arn2 111 253 443\r\ncache-control: max-age=31536000\r\naccept-ranges: bytes\r\nx-cache: HIT\r\naccess-control-allow-methods: GET, HEAD\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":51440,"size_decoded":51440,"mime_type":"application/font-ttf","magic":"TrueType Font data, 19 tables, 1st \"FFTM\", 19 names, Microsoft, language 0x409, Copyright (c) 2008 by M�rio Feliciano. All rights reserved.Flama BookRegular3.000;FTF;2008;Flama","md5":"641edd13d09c2df0f917586436534528","sha1":"5a5f1f414d23344e9f61a4ee351613121ae91f3d","sha256":"d088c5e7ccc85feda2e2f398f4188c8c49f6c0178e75e2e758f9a9c4e3fddff0","sha512":"3e84221952b7b86939715fff7cb98379fcafe638abac9ab8727fe719f77fe3d079bfddff95164252acf5954a3e2e681cb8c91d5e5db15a7f2ca5199fbdd38655","ssdeep":"768:a279y+yFIe4vbiBRKn/9YsCLELoa3tMWAfCnhCyUrQf3+Ph+6/dhmm:X9yF2e4vfl64LoaSjCsyo23+V","tlshash":"b033c641a3e9634ee7f72e30553012649ebafd6bde78c27d508814984861af48db0fa7","first_seen":"2023-04-11T21:44:52Z","last_seen":"2026-03-25T21:58:24.36399Z","times_seen":60,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sophos-phish-threat.go-vip.co/_static/wp-content/themes/phishthreat/assets/fonts/flama-medium-webfont.ttf","fqdn":"sophos-phish-threat.go-vip.co","domain":"go-vip.co","tld":"co"},"ip":{"addr":"192.0.66.2","port":443,"asn":2635,"as":"AUTOMATTIC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.epromodeals.com/signin?t=eyJhbGciOiJIUzI1NiJ9.eyJ0cmFja2luZ190b2tlbiI6ImVmNTA3MTZhLWQwNDQtNGI2Mi05NzE5LThmZTk1OGM5NjhkZiIsImNlbGwiOiJodHRwczovLzIxZzZqZnZoeTYuZXhlY3V0ZS1hcGkudXMtZWFzdC0yLmFtYXpvbmF3cy5jb20vcHJvZC9hcGkvcGhpc2hpbmdjYW1wYWlnbiIsImNhbXBhaWduX3Rva2VuIjoiOGNkYjUwMzAtZjIwYS00MjQ3LTg3NDItYzkzMzY5Mjg0ZTU4IiwidGVzdF90b2tlbiI6ZmFsc2UsImV4dGVybmFsX3RyYWluaW5nIjpmYWxzZSwiZGlyZWN0X2RlbGl2ZXJ5Ijp0cnVlLCJpYXQiOjE3MjA2MjQxMDQsImlzcyI6Imh0dHBzOi8vYXBwLnBoaXNodGhyZWF0LmNvbSIsImV4cCI6MTcyODQwMDEwNH0.kXCptdaR9Oyjifs-3zC0y2PysqzfY1no3xBiK0-7gkY","date":"2024-07-11T10:22:08.706Z","timestamp":1720693328706,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.go-vip.co","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Wed, 08 Nov 2023 00:00:00 GMT","end":"Sun, 08 Dec 2024 23:59:59 GMT"},"fingerprint":{"sha1":"8B:CE:A7:A0:5C:47:A7:6A:89:7B:69:D1:C8:38:5A:C5:91:A4:06:E5","sha256":"19:84:5A:38:4C:E1:52:10:D8:76:CD:C3:48:D3:5D:5C:14:87:DB:8D:6E:CF:13:AA:A9:FE:A3:A9:6F:53:43:EA"}}},"request":{"raw":"GET /_static/wp-content/themes/phishthreat/assets/fonts/flama-medium-webfont.ttf HTTP/1.1\r\nHost: sophos-phish-threat.go-vip.co\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.epromodeals.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sophos-phish-threat.go-vip.co/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 11 Jul 2024 10:22:08 GMT\r\ncontent-type: application/font-ttf\r\nlast-modified: Wed, 02 Aug 2023 09:39:17 GMT\r\nvary: Accept-Encoding\r\netag: W/\"64ca2445-ccf0\"\r\ncontent-encoding: br\r\nstrict-transport-security: max-age=31536000\r\nx-rq: arn2 111 254 443\r\ncache-control: max-age=31536000\r\naccept-ranges: bytes\r\nx-cache: HIT\r\naccess-control-allow-methods: GET, HEAD\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":52464,"size_decoded":52464,"mime_type":"application/font-ttf","magic":"TrueType Font data, 19 tables, 1st \"FFTM\", 19 names, Microsoft, language 0x409, Copyright (c) 2008 by M�rio Feliciano. All rights reserved.Flama MediumRegular3.000;FTF;2008;Fla","md5":"c36c9bff0058169764cdd623d766bbf0","sha1":"4ac0ebdd7220daf6bef31be7f73a81c020ee11fb","sha256":"ec341c00863f513a04b66db10c2180649ab00b68275db6dcd7abdf6bd780b947","sha512":"de0afb71490b147ed3a02136c4fce16bf9142b3a8fc11d2e0e06eccca5f3963970e49acf6de6d29233110dd7968a88a8a504af0f06b9641c4018a0f0cf5d2734","ssdeep":"768:Qe8GteT4PjykglRSKuHqmmjXYeJhpl9BDVc+I/G1FGaVl83Kd1sdhT/V:/8AeCjyAHqmmjIe/bBg0FRo","tlshash":"b733e641a3f92b0ff7b72e34167111599eb6fd67ae78c63c404110998861ab0deb0f7a","first_seen":"2023-04-11T21:44:52Z","last_seen":"2026-03-25T21:58:24.369132Z","times_seen":55,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}