{"report_id":"c16be11a-e905-4b11-8a59-f2801dae80ea","version":6,"status":"done","tags":["microsoft","phishing"],"date":"2026-01-13T01:49:36Z","url":{"schema":"http","addr":"hellpdesk.at/?r=0894fc0a-c625-4d83-86b7-644aef50427c\u0026rg=eu.","fqdn":"hellpdesk.at","domain":"hellpdesk.at","tld":"at"},"ip":{"addr":"3.164.240.50","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"hellpdesk.at/?r=0894fc0a-c625-4d83-86b7-644aef50427c\u0026rg=eu.","fqdn":"hellpdesk.at","domain":"hellpdesk.at","tld":"at"},"title":"Sign in to your account","dom":{"size":12500,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (12497), with no line terminators","md5":"415dcc89c423bea82cb657e3d3380e3c","sha1":"93ab3e823cf8d63614a6909a5b1f3836ee3b4e69","sha256":"0d860f62f66a6f73dc1054a17cb3396542a11f1d3fa6c686d092e573de417a92","sha512":"1c29bd3de5722cb5faa2be46fdc243b6e0ed9840015f1fbfc65e98ee61715326c28dee82425a5a3865059e11bd033b7d8a96ab66f19f213190e9270eeea9911a","ssdeep":"192:ihWjK3pt1X3IOIStcAaxrQeK/2riPovO9V/x0//+/Hv6rTw4:43pt1X3IOIJxsex6Weqw4","tlshash":"26425472d991810b7112c568fbd0be9d3f158342d7070a64f6fc7276ebcaca41da229d","dom_hash":"domhash4c7754b0de6994e0d372f8b93e4268b1","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"hellpdesk.at/?r=0894fc0a-c625-4d83-86b7-644aef50427c\u0026rg=eu.","fqdn":"hellpdesk.at","domain":"hellpdesk.at","tld":"at"},"ip":{"addr":"3.164.240.50","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"tags":["openphish"],"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-17T01:49:36Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":2,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-13","alert":"Sinkholed","trigger":"innermail.co.uk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-13","alert":"Sinkholed","trigger":"hellpdesk.at","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]},"summary":[{"fqdn":"usecure.s3.eu-west-1.amazonaws.com","ip":{"addr":"52.92.17.10","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"domain_registered":"unknown","domain_rank":3954981,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":1,"received_data":11187,"sent_data":453,"comment":"","tags":null,"fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"hellpdesk.at","ip":{"addr":"54.240.174.103","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":10,"request_count":5,"received_data":302716,"sent_data":2313,"comment":"","tags":null,"fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":1,"received_data":49155,"sent_data":553,"comment":"","tags":null,"fingerprints":null},{"fqdn":"s3.eu-west-1.amazonaws.com","ip":{"addr":"3.5.66.191","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":1,"received_data":254863,"sent_data":500,"comment":"","tags":null,"fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":313,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":2,"received_data":15355,"sent_data":862,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"innermail.co.uk","ip":{"addr":"54.240.174.103","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":1837354,"first_seen":"No data","last_seen":"No data","alert_count":4,"request_count":4,"received_data":46867,"sent_data":1926,"comment":"","tags":null,"fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"hellpdesk.at/js/usecure.bundle.js?v=2ed7d291-f585-41c7-a19e-6180ebc8fd07","fqdn":"hellpdesk.at","domain":"hellpdesk.at","tld":"at"},"ip":{"addr":"54.240.174.103","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"30906dd4594317dea0163a66bd72ca92","sha1":"36d13b0c7c21f367cae82513146ef93cb287e4a5","sha256":"97a665a7e529683ec77bd54a06b8f5132561c0c6e625bff0149bddd5325e1c94","sha512":"ab3f70766e9b933f0e665af2deb355d93d258a1655b1a00da880d4650fa4261b2a627f04ab4363cb338d34eb624673d3f77e710b79eace3ee8e7c0fb4ed133da","ssdeep":"3072:v92RGTiCEP9forD/GkW3YN+diO8ymdYr13S0qlQ7aXL7c:00KP92GkW3bdkymywQ7kg","tlshash":"8854b3cdf6c6b0a607e770b4402f560af276a958b44a9590e2a5e8d0bc7c98f5037f3d","size":284635,"data":"","first_seen":"2025-11-20T00:13:25.622295Z","last_seen":"2026-01-21T15:50:46.161563Z","times_seen":54,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Source+Sans+Pro","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hellpdesk.at/?r=0894fc0a-c625-4d83-86b7-644aef50427c\u0026rg=eu.","date":"2026-01-13T01:49:15.401Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"A8:BA:6B:80:7C:EC:B1:6F:C1:C2:03:D7:C9:27:6E:75:DE:4B:AA:47","sha256":"4E:2C:B9:C5:81:56:5E:97:93:07:22:12:66:E2:52:C6:0A:2E:17:72:FF:9B:5F:2A:B9:E1:21:80:05:6D:8B:3D"}}},"request":{"raw":"GET /css?family=Source+Sans+Pro HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Tue, 13 Jan 2026 01:49:15 GMT\r\ndate: Tue, 13 Jan 2026 01:49:15 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2415,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"937c0f60d71292a5a8d1cbdbc6c80621","sha1":"3a15491027d6ba63d9720887c07b9677aa405a16","sha256":"109ce15b2cae910659d99ca36afcbdc552669aac69736f67af8d552e0e292117","sha512":"9c7c3bb34a0cc0ed674bc891e4007e5068c50658f104157ef46ba909230b2eb8901d2436240d7785417347ffc021dcf5786b55d3e6253aab323fd28e33a54beb","ssdeep":"","tlshash":"53419ef3401ea84897a31cca23de3e369e4f65106186d17adffd085cec75c2a5264b1d","first_seen":"2025-09-11T21:22:52.791197Z","last_seen":"2026-06-08T23:26:13.226303Z","times_seen":2688,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":19,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"innermail.co.uk/css-fonts/ExpertSansRegular.css","fqdn":"innermail.co.uk","domain":"innermail.co.uk","tld":"co.uk"},"ip":{"addr":"54.240.174.103","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hellpdesk.at/?r=0894fc0a-c625-4d83-86b7-644aef50427c\u0026rg=eu.","date":"2026-01-13T01:49:14.719Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1nfoclient.fr","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Thu, 04 Dec 2025 00:00:00 GMT","end":"Sat, 02 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"AD:7B:B5:9D:A8:E5:EB:C7:94:C0:4C:D8:BC:B2:87:49:37:3B:3F:09","sha256":"C3:29:D0:61:90:2A:42:CB:1A:F6:7C:17:0F:DE:12:9C:56:3B:44:69:F1:F5:18:97:50:C5:48:A7:7B:7D:7D:0E"}}},"request":{"raw":"GET /css-fonts/ExpertSansRegular.css HTTP/1.1\r\nHost: innermail.co.uk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hellpdesk.at/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/css; charset=UTF-8\r\ncontent-length: 294\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0\r\ndate: Tue, 13 Jan 2026 01:49:14 GMT\r\netag: W/\"126-19a931b4408\"\r\nlast-modified: Mon, 17 Nov 2025 18:37:09 GMT\r\nnel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nreport-to: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=YUGyPkp%2FBOGrHsqf0zNtE4AhNLSKq%2BBIUeIjZg9yRXU%3D\\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\\u0026ts=1768268954\"}],\"max_age\":3600}\r\nreporting-endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=YUGyPkp%2FBOGrHsqf0zNtE4AhNLSKq%2BBIUeIjZg9yRXU%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1768268954\"\r\nserver: Heroku\r\nvia: 1.1 heroku-router, 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)\r\nx-powered-by: Express\r\nx-cache: Miss from cloudfront\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: o4xP3UGF_KGRbCTdJffjv_bJIg800O3t6_FHLoKQ4djau25F2tS-Ug==\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":294,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"7fecbbaa7cebc0886bd0a0d8c291778d","sha1":"75d21ec9b0fab3fa04cece31945021316c72770a","sha256":"96ee9a9eeebce15edd8cf960ff8dd1c2471abd66cca71dc5d73cca827efe9f73","sha512":"d5bfd4f0380f58ba399c2ab43b93195917b9a885a6ffcc131eb6de06f1e005f1dd8d068c7a6156ae5b027b216779ddf6d5e1f5e88ce47990b45fb35c031eded8","ssdeep":"","tlshash":"26e0e6959fd8265502430d5372f957809d5da41c7c0640c2f369d67ed9f161a00a4f1b","first_seen":"2025-07-02T10:14:00.750049Z","last_seen":"2026-01-21T15:50:46.157458Z","times_seen":29,"resource_available":false,"data":null}},"time_used":134,"timings":{"blocked":17,"dns":0,"connect":0,"send":0,"wait":117,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-13","alert":"Sinkholed","trigger":"innermail.co.uk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usecure.s3.eu-west-1.amazonaws.com/wysiwyg1756691268191-Screenshot+%2837%29.png","fqdn":"usecure.s3.eu-west-1.amazonaws.com","domain":"usecure.s3.eu-west-1.amazonaws.com","tld":"s3.eu-west-1.amazonaws.com"},"ip":{"addr":"52.92.17.10","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hellpdesk.at/?r=0894fc0a-c625-4d83-86b7-644aef50427c\u0026rg=eu.","date":"2026-01-13T01:49:14.721Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.s3-eu-west-1.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Fri, 14 Nov 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EE:C4:F5:B6:CD:70:C0:09:00:18:23:8F:88:FB:33:D3:23:96:1A:10","sha256":"C5:0E:B8:3F:83:3B:91:92:9A:4B:DB:BD:B3:68:0B:8C:7A:88:83:69:63:BD:DA:81:53:68:2F:31:44:9D:54:2E"}}},"request":{"raw":"GET /wysiwyg1756691268191-Screenshot+%2837%29.png HTTP/1.1\r\nHost: usecure.s3.eu-west-1.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: xyXw5o2rhs6hkisPg+H7AVjVbDegFociIWUe5VBA9zoi5DUlTBZLNFIXCqSxy4pGD3AWRpFz1/M=\r\nx-amz-request-id: XR4MTAHD0RQYRNMT\r\nDate: Tue, 13 Jan 2026 01:49:15 GMT\r\nLast-Modified: Mon, 01 Sep 2025 01:47:49 GMT\r\nETag: \"2d1f4ad72a5acf321455595efeafffd4\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/png\r\nContent-Length: 10791\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":10791,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 363 x 90, 8-bit/color RGBA, non-interlaced","md5":"2d1f4ad72a5acf321455595efeafffd4","sha1":"be0dca5db1add4d9588650b19e818cd17a96e12d","sha256":"d9fa4088c85a7698706f173eed19f4dbad8669a8a762c80f8490bd96b7268da4","sha512":"407c2291399bc593b340a611b7cc42ed46cc69431988337e6c7e913abb83afda8b103ccd78e34dc07e99adb843ea29f59358211877342df562b47dc07254a7ed","ssdeep":"192:vkX7miTyRZAil0W6eZV7+vDunyGM+nYSHfGc47WFAn2ffS9x8/Ps6l3o:vkXqibiSW6eZobutqxRvn23S9x8s6Jo","tlshash":"8622aebbce8c9ec3a11b1080622361076a7ad3f0e5b252e789ee7e9c5c4dd4141a1f4c","first_seen":"2025-12-16T10:00:58.371813Z","last_seen":"2026-06-08T23:26:13.22257Z","times_seen":140,"resource_available":false,"data":null}},"time_used":391,"timings":{"blocked":163,"dns":46,"connect":32,"send":0,"wait":55,"receive":3,"ssl":87},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hellpdesk.at/js/usecure.bundle.js?v=2ed7d291-f585-41c7-a19e-6180ebc8fd07","fqdn":"hellpdesk.at","domain":"hellpdesk.at","tld":"at"},"ip":{"addr":"54.240.174.103","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hellpdesk.at/?r=0894fc0a-c625-4d83-86b7-644aef50427c\u0026rg=eu.","date":"2026-01-13T01:49:14.724Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1nfoclient.fr","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Thu, 04 Dec 2025 00:00:00 GMT","end":"Sat, 02 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"AD:7B:B5:9D:A8:E5:EB:C7:94:C0:4C:D8:BC:B2:87:49:37:3B:3F:09","sha256":"C3:29:D0:61:90:2A:42:CB:1A:F6:7C:17:0F:DE:12:9C:56:3B:44:69:F1:F5:18:97:50:C5:48:A7:7B:7D:7D:0E"}}},"request":{"raw":"GET /js/usecure.bundle.js?v=2ed7d291-f585-41c7-a19e-6180ebc8fd07 HTTP/1.1\r\nHost: hellpdesk.at\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-amz-cf-pop: OSL50-P1\r\nalt-svc: h3=\":443\"; ma=86400\r\nvary: accept-encoding\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0\r\nx-powered-by: Express\r\ndate: Tue, 13 Jan 2026 01:49:14 GMT\r\ncontent-encoding: gzip\r\nlast-modified: Mon, 17 Nov 2025 18:37:44 GMT\r\nnel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nreport-to: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=YUGyPkp%2FBOGrHsqf0zNtE4AhNLSKq%2BBIUeIjZg9yRXU%3D\\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\\u0026ts=1768268954\"}],\"max_age\":3600}\r\nreporting-endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=YUGyPkp%2FBOGrHsqf0zNtE4AhNLSKq%2BBIUeIjZg9yRXU%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1768268954\"\r\nserver: Heroku\r\nvia: 1.1 heroku-router, 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)\r\netag: W/\"457db-19a931bccc0\"\r\nx-cache: Miss from cloudfront\r\nx-amz-cf-id: K_P-AuN_aYYAGe5dMVS29ICriqhOA5irDMokNeXAv294myOIN9_HzQ==\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":284635,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (33574)","md5":"30906dd4594317dea0163a66bd72ca92","sha1":"36d13b0c7c21f367cae82513146ef93cb287e4a5","sha256":"97a665a7e529683ec77bd54a06b8f5132561c0c6e625bff0149bddd5325e1c94","sha512":"ab3f70766e9b933f0e665af2deb355d93d258a1655b1a00da880d4650fa4261b2a627f04ab4363cb338d34eb624673d3f77e710b79eace3ee8e7c0fb4ed133da","ssdeep":"3072:v92RGTiCEP9forD/GkW3YN+diO8ymdYr13S0qlQ7aXL7c:00KP92GkW3bdkymywQ7kg","tlshash":"8854b3cdf6c6b0a607e770b4402f560af276a958b44a9590e2a5e8d0bc7c98f5037f3d","first_seen":"2025-11-20T00:13:25.622295Z","last_seen":"2026-01-21T15:50:46.161563Z","times_seen":54,"resource_available":true,"data":null}},"time_used":273,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":158,"receive":115,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-13","alert":"Sinkholed","trigger":"hellpdesk.at","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"innermail.co.uk/fonts/expertsans-regular-webfont.woff","fqdn":"innermail.co.uk","domain":"innermail.co.uk","tld":"co.uk"},"ip":{"addr":"54.240.174.103","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://hellpdesk.at/?r=0894fc0a-c625-4d83-86b7-644aef50427c\u0026rg=eu.","date":"2026-01-13T01:49:14.940Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1nfoclient.fr","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Thu, 04 Dec 2025 00:00:00 GMT","end":"Sat, 02 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"AD:7B:B5:9D:A8:E5:EB:C7:94:C0:4C:D8:BC:B2:87:49:37:3B:3F:09","sha256":"C3:29:D0:61:90:2A:42:CB:1A:F6:7C:17:0F:DE:12:9C:56:3B:44:69:F1:F5:18:97:50:C5:48:A7:7B:7D:7D:0E"}}},"request":{"raw":"GET /fonts/expertsans-regular-webfont.woff HTTP/1.1\r\nHost: innermail.co.uk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://hellpdesk.at\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://innermail.co.uk/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: font/woff\r\ncontent-length: 21924\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0\r\ndate: Tue, 13 Jan 2026 01:49:15 GMT\r\netag: W/\"55a4-19a931b4408\"\r\nlast-modified: Mon, 17 Nov 2025 18:37:09 GMT\r\nnel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nreport-to: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=DBS%2BHeHYFeBLvOtolvJoxvC8CzGg1Nf0m0Vidc2AWqk%3D\\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\\u0026ts=1768268955\"}],\"max_age\":3600}\r\nreporting-endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=DBS%2BHeHYFeBLvOtolvJoxvC8CzGg1Nf0m0Vidc2AWqk%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1768268955\"\r\nserver: Heroku\r\nvia: 1.1 heroku-router, 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)\r\nx-powered-by: Express\r\nx-cache: Miss from cloudfront\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: pQsfglOY1yL3983CH1RsYitirifQWbOhQ6pz_Q-rQTbjcM6ODzxGVg==\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":21924,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 21924, version 1.0","md5":"67000909d10e78397a17adc0173df6be","sha1":"6042081c192618b357e4fca22754dcaeb5270cc3","sha256":"4abdda6a86149bc656dd315b0443fea8f11f22a6552e48e843a0f4b3e828ce8f","sha512":"c599ddf89e95fd4b361c94808a3fae9599c4138e42072191c6efb4f9b120c8ea3bee21ead8a38ce323a047a14a133f6bc8c39cb95eed9321fc8190f59a6621f6","ssdeep":"384:WEsnemqjgsSDcxhMt3iS45fiunEixa4U0myZQMAvEebmHn2OLKc0tB3:WjemXsSlBiDa4Ei86bAMH2wK3","tlshash":"3fa2d0cbff188a05f50cb2783bdcad042ee9ed9c8358580b105679d14edc5b8e812af8","first_seen":"2023-04-12T05:16:05Z","last_seen":"2026-05-16T17:36:34.757647Z","times_seen":138,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":117,"receive":36,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-13","alert":"Sinkholed","trigger":"innermail.co.uk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://hellpdesk.at/?r=0894fc0a-c625-4d83-86b7-644aef50427c\u0026rg=eu.","date":"2026-01-13T01:49:14.942Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://hellpdesk.at\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48320\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 10 Jan 2026 05:56:45 GMT\r\nexpires: Sun, 10 Jan 2027 05:56:45 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 15 Sep 2025 16:30:41 GMT\r\ncontent-type: font/woff2\r\nage: 244350\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48320,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48320, version 1.0","md5":"dcf31ebe107435bd68e0164d59e19b87","sha1":"b68160c9333af833fe483928b3ef7128c07a56a0","sha256":"d8e4fe0452aa2076429a9bb5d8757d00a994dd95986cf950e9a1a371b9a072a0","sha512":"130cd52c3cccc36a7029bf92b2ddb363b8b36d206454aacc246739919552fccec5cacbad615ba4ac3817da3e83239371fe51324bdadd08357e3495087f62cb08","ssdeep":"768:Jzqdwl5YV7FVmpudK5a8dF8D8Z7J78VGnNFZEKh02dmSTPe9UiallHcOEi2c0NC1:9q+SYuMaVwZ7oGRNh02dd6UialBcOEpE","tlshash":"1623f218f29471f7edecd4d500a18c72baa528d442f116ed07b8d53ca36ca817a729fb","first_seen":"2025-09-17T00:07:53.723302Z","last_seen":"2026-06-08T23:16:28.038241Z","times_seen":281493,"resource_available":false,"data":null}},"time_used":191,"timings":{"blocked":83,"dns":0,"connect":8,"send":0,"wait":8,"receive":11,"ssl":77},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hellpdesk.at/record-simulation-event","fqdn":"hellpdesk.at","domain":"hellpdesk.at","tld":"at"},"ip":{"addr":"54.240.174.103","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hellpdesk.at/?r=0894fc0a-c625-4d83-86b7-644aef50427c\u0026rg=eu.","date":"2026-01-13T01:49:15.640Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1nfoclient.fr","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Thu, 04 Dec 2025 00:00:00 GMT","end":"Sat, 02 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"AD:7B:B5:9D:A8:E5:EB:C7:94:C0:4C:D8:BC:B2:87:49:37:3B:3F:09","sha256":"C3:29:D0:61:90:2A:42:CB:1A:F6:7C:17:0F:DE:12:9C:56:3B:44:69:F1:F5:18:97:50:C5:48:A7:7B:7D:7D:0E"}}},"request":{"raw":"POST /record-simulation-event HTTP/1.1\r\nHost: hellpdesk.at\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 11547\r\nOrigin: https://hellpdesk.at\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":11547,"data":"eventType=visit\u0026region=eu.\u0026simulationResultId=0894fc0a-c625-4d83-86b7-644aef50427c\u0026simulationId=\u0026learnerId=\u0026companyId=\u0026fingerprint=eyJkYXRhIjp7InBsdWdpbnMiOlsiUERGIFZpZXdlcjo6UG9ydGFibGUgRG9jdW1lbnQgRm9ybWF0OjppbnRlcm5hbC1wZGYtdmlld2VyOjpfX2FwcGxpY2F0aW9uL3BkZn5wZGZ%2BUG9ydGFibGUgRG9jdW1lbnQgRm9ybWF0LHRleHQvcGRmfnBkZn5Qb3J0YWJsZSBEb2N1bWVudCBGb3JtYXQiLCJDaHJvbWUgUERGIFZpZXdlcjo6UG9ydGFibGUgRG9jdW1lbnQgRm9ybWF0OjppbnRlcm5hbC1wZGYtdmlld2VyOjpfX2FwcGxpY2F0aW9uL3BkZn5wZGZ%2BUG9ydGFibGUgRG9jdW1lbnQgRm9ybWF0LHRleHQvcGRmfnBkZn5Qb3J0YWJsZSBEb2N1bWVudCBGb3JtYXQiLCJDaHJvbWl1bSBQREYgVmlld2VyOjpQb3J0YWJsZSBEb2N1bWVudCBGb3JtYXQ6OmludGVybmFsLXBkZi12aWV3ZXI6Ol9fYXBwbGljYXRpb24vcGRmfnBkZn5Qb3J0YWJsZSBEb2N1bWVudCBGb3JtYXQsdGV4dC9wZGZ%2BcGRmflBvcnRhYmxlIERvY3VtZW50IEZvcm1hdCIsIk1pY3Jvc29mdCBFZGdlIFBERiBWaWV3ZXI6OlBvcnRhYmxlIERvY3VtZW50IEZvcm1hdDo6aW50ZXJuYWwtcGRmLXZpZXdlcjo6X19hcHBsaWNhdGlvbi9wZGZ%2BcGRmflBvcnRhYmxlIERvY3VtZW50IEZvcm1hdCx0ZXh0L3BkZn5wZGZ%2BUG9ydGFibGUgRG9jdW1lbnQgRm9ybWF0IiwiV2ViS2l0IGJ1aWx0LWluIFBERjo6UG9ydGFibGUgRG9jdW1lbnQgRm9ybWF0OjppbnRlcm5hbC1wZGYtdmlld2VyOjpfX2FwcGxpY2F0aW9uL3BkZn5wZGZ%2BUG9ydGFibGUgRG9jdW1lbnQgRm9ybWF0LHRleHQvcGRmfnBkZn5Qb3J0YWJsZSBEb2N1bWVudCBGb3JtYXQiXSwibWltZVR5cGVzIjpbIlBvcnRhYmxlIERvY3VtZW50IEZvcm1hdH5%2BYXBwbGljYXRpb24vcGRmfn5wZGYiLCJQb3J0YWJsZSBEb2N1bWVudCBGb3JtYXR%2BfnRleHQvcGRmfn5wZGYiXSwidXNlckFnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTM0LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTM0LjAiLCJwbGF0Zm9ybSI6IldpbjMyIiwibGFuZ3VhZ2VzIjpbImVuLVVTIiwiZW4iXSwic2NyZWVuIjp7IndJbm5lckhlaWdodCI6MTAyNCwid091dGVySGVpZ2h0IjoxMDI0LCJ3T3V0ZXJXaWR0aCI6MTI4MCwid0lubmVyV2lkdGgiOjEyODAsIndTY3JlZW5YIjowLCJ3UGFnZVhPZmZzZXQiOjAsIndQYWdlWU9mZnNldCI6MCwiY1dpZHRoIjoxMjgwLCJjSGVpZ2h0IjoxMDI0LCJzV2lkdGgiOjEyODAsInNIZWlnaHQiOjEwMjQsInNBdmFpbFdpZHRoIjoxMjgwLCJzQXZhaWxIZWlnaHQiOjEwMjQsInNDb2xvckRlcHRoIjoyNCwic1BpeGVsRGVwdGgiOjI0LCJ3RGV2aWNlUGl4ZWxSYXRpbyI6MX0sInRvdWNoU2NyZWVuIjpbMCxmYWxzZSxmYWxzZV0sInZpZGVvQ2FyZCI6WyJNZXNhIiwibGx2bXBpcGUiXSwibXVsdGltZWRpYURldmljZXMiOnsic3BlYWtlcnMiOjAsIm1pY3JvcyI6MCwid2ViY2FtcyI6MH0sInByb2R1Y3RTdWIiOiIyMDEwMDEwMSIsIm5hdmlnYXRvclByb3RvdHlwZSI6WyJ2aWJyYXRlfn5%2BZnVuY3Rpb24gdmlicmF0ZSgpIHtcbiAgICBbbmF0aXZlIGNvZGVdXG59IiwiamF2YUVuYWJsZWR%2Bfn5mdW5jdGlvbiBqYXZhRW5hYmxlZCgpIHtcbiAgICBbbmF0aXZlIGNvZGVdXG59IiwiZ2V0R2FtZXBhZHN%2Bfn5mdW5jdGlvbiBnZXRHYW1lcGFkcygpIHtcbiAgICBbbmF0aXZlIGNvZGVdXG59IiwicmVxdWVzdE1JRElBY2Nlc3N%2Bfn5mdW5jdGlvbiByZXF1ZXN0TUlESUFjY2VzcygpIHtcbiAgICBbbmF0aXZlIGNvZGVdXG59IiwibW96R2V0VXNlck1lZGlhfn5%2BZnVuY3Rpb24gbW96R2V0VXNlck1lZGlhKCkge1xuICAgIFtuYXRpdmUgY29kZV1cbn0iLCJzZW5kQmVhY29ufn5%2BZnVuY3Rpb24gc2VuZEJlYWNvbigpIHtcbiAgICBbbmF0aXZlIGNvZGVdXG59IiwicmVxdWVzdE1lZGlhS2V5U3lzdGVtQWNjZXNzfn5%2BZnVuY3Rpb24gcmVxdWVzdE1lZGlhS2V5U3lzdGVtQWNjZXNzKCkge1xuICAgIFtuYXRpdmUgY29kZV1cbn0iLCJnZXRBdXRvcGxheVBvbGljeX5%2BfmZ1bmN0aW9uIGdldEF1dG9wbGF5UG9saWN5KCkge1xuICAgIFtuYXRpdmUgY29kZV1cbn0iLCJyZWdpc3RlclByb3RvY29sSGFuZGxlcn5%2BfmZ1bmN0aW9uIHJlZ2lzdGVyUHJvdG9jb2xIYW5kbGVyKCkge1xuICAgIFtuYXRpdmUgY29kZV1cbn0iLCJ0YWludEVuYWJsZWR%2Bfn5mdW5jdGlvbiB0YWludEVuYWJsZWQoKSB7XG4gICAgW25hdGl2ZSBjb2RlXVxufSIsInBlcm1pc3Npb25zfn5%2BZnVuY3Rpb24gcGVybWlzc2lvbnMoKSB7XG4gICAgW25hdGl2ZSBjb2RlXVxufSIsIm1pbWVUeXBlc35%2BfmZ1bmN0aW9uIG1pbWVUeXBlcygpIHtcbiAgICBbbmF0aXZlIGNvZGVdXG59IiwicGx1Z2luc35%2BfmZ1bmN0aW9uIHBsdWdpbnMoKSB7XG4gICAgW25hdGl2ZSBjb2RlXVxufSIsInBkZlZpZXdlckVuYWJsZWR%2Bfn5mdW5jdGlvbiBwZGZWaWV3ZXJFbmFibGVkKCkge1xuICAgIFtuYXRpdmUgY29kZV1cbn0iLCJkb05vdFRyYWNrfn5%2BZnVuY3Rpb24gZG9Ob3RUcmFjaygpIHtcbiAgICBbbmF0aXZlIGNvZGVdXG59IiwibWF4VG91Y2hQb2ludHN%2Bfn5mdW5jdGlvbiBtYXhUb3VjaFBvaW50cygpIHtcbiAgICBbbmF0aXZlIGNvZGVdXG59IiwibWVkaWFDYXBhYmlsaXRpZXN%2Bfn5mdW5jdGlvbiBtZWRpYUNhcGFiaWxpdGllcygpIHtcbiAgICBbbmF0aXZlIGNvZGVdXG59Iiwib3NjcHV%2Bfn5mdW5jdGlvbiBvc2NwdSgpIHtcbiAgICBbbmF0aXZlIGNvZGVdXG59IiwidmVuZG9yfn5%2BZnVuY3Rpb24gdmVuZG9yKCkge1xuICAgIFtuYXRpdmUgY29kZV1cbn0iLCJ2ZW5kb3JTdWJ%2Bfn5mdW5jdGlvbiB2ZW5kb3JTdWIoKSB7XG4gICAgW25hdGl2ZSBjb2RlXVxufSIsInByb2R1Y3RTdWJ%2Bfn5mdW5jdGlvbiBwcm9kdWN0U3ViKCkge1xuICAgIFtuYXRpdmUgY29kZV1cbn0iLCJjb29raWVFbmFibGVkfn5%2BZnVuY3Rpb24gY29va2llRW5hYmxlZCgpIHtcbiAgICBbbmF0aXZlIGNvZGVdXG59IiwiYnVpbGRJRH5%2BfmZ1bmN0aW9uIGJ1aWxkSUQoKSB7XG4gICAgW25hdGl2ZSBjb2RlXVxufSIsIm1lZGlhRGV2aWNlc35%2BfmZ1bmN0aW9uIG1lZGlhRGV2aWNlcygpIHtcbiAgICBbbmF0aXZlIGNvZGVdXG59IiwiY3JlZGVudGlhbHN%2Bfn5mdW5jdGlvbiBjcmVkZW50aWFscygpIHtcbiAgICBbbmF0aXZlIGNvZGVdXG59IiwiY2xpcGJvYXJkfn5%2BZnVuY3Rpb24gY2xpcGJvYXJkKCkge1xuICAgIFtuYXRpdmUgY29kZV1cbn0iLCJtZWRpYVNlc3Npb25%2Bfn5mdW5jdGlvbiBtZWRpYVNlc3Npb24oKSB7XG4gICAgW25hdGl2ZSBjb2RlXVxufSIsIndlYmRyaXZlcn5%2BfmZ1bmN0aW9uIHdlYmRyaXZlcigpIHtcbiAgICBbbmF0aXZlIGNvZGVdXG59IiwiaGFyZHdhcmVDb25jdXJyZW5jeX5%2BfmZ1bmN0aW9uIGhhcmR3YXJlQ29uY3VycmVuY3koKSB7XG4gICAgW25hdGl2ZSBjb2RlXVxufSIsImFwcENvZGVOYW1lfn5%2BZnVuY3Rpb24gYXBwQ29kZU5hbWUoKSB7XG4gICAgW25hdGl2ZSBjb2RlXVxufSIsImFwcE5hbWV%2Bfn5mdW5jdGlvbiBhcHBOYW1lKCkge1xuICAgIFtuYXRpdmUgY29kZV1cbn0iLCJhcHBWZXJzaW9ufn5%2BZnVuY3Rpb24gYXBwVmVyc2lvbigpIHtcbiAgICBbbmF0aXZlIGNvZGVdXG59IiwicGxhdGZvcm1%2Bfn5mdW5jdGlvbiBwbGF0Zm9ybSgpIHtcbiAgICBbbmF0aXZlIGNvZGVdXG59IiwidXNlckFnZW50fn5%2BZnVuY3Rpb24gdXNlckFnZW50KCkge1xuICAgIFtuYXRpdmUgY29kZV1cbn0iLCJwcm9kdWN0fn5%2BZnVuY3Rpb24gcHJvZHVjdCgpIHtcbiAgICBbbmF0aXZlIGNvZGVdXG59IiwibGFuZ3VhZ2V%2Bfn5mdW5jdGlvbiBsYW5ndWFnZSgpIHtcbiAgICBbbmF0aXZlIGNvZGVdXG59IiwibGFuZ3VhZ2Vzfn5%2BZnVuY3Rpb24gbGFuZ3VhZ2VzKCkge1xuICAgIFtuYXRpdmUgY29kZV1cbn0iLCJsb2Nrc35%2BfmZ1bmN0aW9uIGxvY2tzKCkge1xuICAgIFtuYXRpdmUgY29kZV1cbn0iLCJvbkxpbmV%2Bfn5mdW5jdGlvbiBvbkxpbmUoKSB7XG4gICAgW25hdGl2ZSBjb2RlXVxufSIsInN0b3JhZ2V%2Bfn5mdW5jdGlvbiBzdG9yYWdlKCkge1xuICAgIFtuYXRpdmUgY29kZV1cbn0iLCJjb25zdHJ1Y3Rvcn5%2BfmZ1bmN0aW9uIE5hdmlnYXRvcigpIHtcbiAgICBbbmF0aXZlIGNvZGVdXG59IiwidG9TdHJpbmd%2Bfn4iLCJ0b0xvY2FsZVN0cmluZ35%2BfiIsInZhbHVlT2Z%2Bfn4iLCJoYXNPd25Qcm9wZXJ0eX5%2BfiIsImlzUHJvdG90eXBlT2Z%2Bfn4iLCJwcm9wZXJ0eUlzRW51bWVyYWJsZX5%2BfiIsIl9fZGVmaW5lR2V0dGVyX19%2Bfn4iLCJfX2RlZmluZVNldHRlcl9ffn5%2BIiwiX19sb29rdXBHZXR0ZXJfX35%2BfiIsIl9fbG9va3VwU2V0dGVyX19%2Bfn4iLCJfX3Byb3RvX19%2Bfn4iLCJjb25zdHJ1Y3Rvcn5%2BfmZ1bmN0aW9uIE5hdmlnYXRvcigpIHtcbiAgICBbbmF0aXZlIGNvZGVdXG59Il0sImV0c2wiOjM3LCJzY3JlZW5EZXNjIjoiZnVuY3Rpb24gd2lkdGgoKSB7XG4gICAgW25hdGl2ZSBjb2RlXVxufSIsInBoYW50b21KUyI6W2ZhbHNlLGZhbHNlLGZhbHNlXSwibmlnaHRtYXJlSlMiOmZhbHNlLCJzZWxlbml1bSI6W2ZhbHNlLGZhbHNlLGZhbHNlLGZhbHNlLGZhbHNlLGZhbHNlLGZhbHNlLGZhbHNlLGZhbHNlLGZhbHNlLGZhbHNlLGZhbHNlLGZhbHNlLGZhbHNlLGZhbHNlLGZhbHNlLGZhbHNlXSwid2ViRHJpdmVyIjp0cnVlLCJ3ZWJEcml2ZXJWYWx1ZSI6ZmFsc2UsImVycm9yc0dlbmVyYXRlZCI6WyJhemVhemUgaXMgbm90IGRlZmluZWQiLCJodHRwczovL2hlbGxwZGVzay5hdC9qcy91c2VjdXJlLmJ1bmRsZS5qcz92PTJlZDdkMjkxLWY1ODUtNDFjNy1hMTllLTYxODBlYmM4ZmQwNyIsMjUsbnVsbCxudWxsLDExODM5MSxudWxsLCJBbiBpbnZhbGlkIG9yIGlsbGVnYWwgc3RyaW5nIHdhcyBzcGVjaWZpZWQiXSwicmVzT3ZlcmZsb3ciOnsiZGVwdGgiOjI0NTIxLCJlcnJvck1lc3NhZ2UiOiJ0b28gbXVjaCByZWN1cnNpb24iLCJlcnJvck5hbWUiOiJJbnRlcm5hbEVycm9yIiwiZXJyb3JTdGFja2xlbmd0aCI6MTE5MDR9LCJhY2NlbGVyb21ldGVyVXNlZCI6ZmFsc2UsInNjcmVlbk1lZGlhUXVlcnkiOnRydWUsImhhc0Nocm9tZSI6ZmFsc2UsImRldGFpbENocm9tZSI6InVua25vd24iLCJwZXJtaXNzaW9ucyI6eyJzdGF0ZSI6InByb21wdCIsInBlcm1pc3Npb24iOiJkZW5pZWQifSwiaWZyYW1lQ2hyb21lIjoidW5kZWZpbmVkIiwiZGVidWdUb29sIjpmYWxzZSwiYmF0dGVyeSI6ZmFsc2UsImRldmljZU1lbW9yeSI6MCwidHBDYW52YXMiOnsiMCI6MCwiMSI6MCwiMiI6MCwiMyI6MH0sInNlcXVlbnR1bSI6ZmFsc2UsImF1ZGlvQ29kZWNzIjp7Im9nZyI6InByb2JhYmx5IiwibXAzIjoibWF5YmUiLCJ3YXYiOiJwcm9iYWJseSIsIm00YSI6Im1heWJlIiwiYWFjIjoibWF5YmUifSwidmlkZW9Db2RlY3MiOnsib2dnIjoicHJvYmFibHkiLCJoMjY0IjoicHJvYmFibHkiLCJ3ZWJtIjoicHJvYmFibHkifX0sInJlc3VsdHMiOnsiUEhBTlRPTV9VQSI6eyJuYW1lIjoiUEhBTlRPTV9VQSIsImNvbnNpc3RlbnQiOjMsImRhdGEiOnsidXNlckFnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTM0LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTM0LjAifX0sIlBIQU5UT01fUFJPUEVSVElFUyI6eyJuYW1lIjoiUEhBTlRPTV9QUk9QRVJUSUVTIiwiY29uc2lzdGVudCI6MywiZGF0YSI6eyJhdHRyaWJ1dGVzRm91bmQiOltmYWxzZSxmYWxzZSxmYWxzZV19fSwiUEhBTlRPTV9FVFNMIjp7Im5hbWUiOiJQSEFOVE9NX0VUU0wiLCJjb25zaXN0ZW50IjozLCJkYXRhIjp7ImV0c2wiOjM3fX0sIlBIQU5UT01fTEFOR1VBR0UiOnsibmFtZSI6IlBIQU5UT01fTEFOR1VBR0UiLCJjb25zaXN0ZW50IjozLCJkYXRhIjp7Imxhbmd1YWdlcyI6WyJlbi1VUyIsImVuIl19fSwiUEhBTlRPTV9XRUJTT0NLRVQiOnsibmFtZSI6IlBIQU5UT01fV0VCU09DS0VUIiwiY29uc2lzdGVudCI6MywiZGF0YSI6eyJlcnJvciI6IkFuIGludmFsaWQgb3IgaWxsZWdhbCBzdHJpbmcgd2FzIHNwZWNpZmllZCJ9fSwiTVFfU0NSRUVOIjp7Im5hbWUiOiJNUV9TQ1JFRU4iLCJjb25zaXN0ZW50IjozLCJkYXRhIjp7fX0sIlBIQU5UT01fT1ZFUkZMT1ciOnsibmFtZSI6IlBIQU5UT01fT1ZFUkZMT1ciLCJjb25zaXN0ZW50IjozLCJkYXRhIjp7ImRlcHRoIjoyNDUyMSwiZXJyb3JNZXNzYWdlIjoidG9vIG11Y2ggcmVjdXJzaW9uIiwiZXJyb3JOYW1lIjoiSW50ZXJuYWxFcnJvciIsImVycm9yU3RhY2tsZW5ndGgiOjExOTA0fX0sIlBIQU5UT01fV0lORE9XX0hFSUdIVCI6eyJuYW1lIjoiUEhBTlRPTV9XSU5ET1dfSEVJR0hUIiwiY29uc2lzdGVudCI6MywiZGF0YSI6eyJ3SW5uZXJIZWlnaHQiOjEwMjQsIndPdXRlckhlaWdodCI6MTAyNCwid091dGVyV2lkdGgiOjEyODAsIndJbm5lcldpZHRoIjoxMjgwLCJ3U2NyZWVuWCI6MCwid1BhZ2VYT2Zmc2V0IjowLCJ3UGFnZVlPZmZzZXQiOjAsImNXaWR0aCI6MTI4MCwiY0hlaWdodCI6MTAyNCwic1dpZHRoIjoxMjgwLCJzSGVpZ2h0IjoxMDI0LCJzQXZhaWxXaWR0aCI6MTI4MCwic0F2YWlsSGVpZ2h0IjoxMDI0LCJzQ29sb3JEZXB0aCI6MjQsInNQaXhlbERlcHRoIjoyNCwid0RldmljZVBpeGVsUmF0aW8iOjF9fSwiSEVBRENIUl9VQSI6eyJuYW1lIjoiSEVBRENIUl9VQSIsImNvbnNpc3RlbnQiOjMsImRhdGEiOnsidXNlckFnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTM0LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTM0LjAifX0sIldFQkRSSVZFUiI6eyJuYW1lIjoiV0VCRFJJVkVSIiwiY29uc2lzdGVudCI6MywiZGF0YSI6e319LCJIRUFEQ0hSX0NIUk9NRV9PQkoiOnsibmFtZSI6IkhFQURDSFJfQ0hST01FX09CSiIsImNvbnNpc3RlbnQiOjMsImRhdGEiOnt9fSwiSEVBRENIUl9QRVJNSVNTSU9OUyI6eyJuYW1lIjoiSEVBRENIUl9QRVJNSVNTSU9OUyIsImNvbnNpc3RlbnQiOjEsImRhdGEiOnt9fSwiSEVBRENIUl9QTFVHSU5TIjp7Im5hbWUiOiJIRUFEQ0hSX1BMVUdJTlMiLCJjb25zaXN0ZW50IjozLCJkYXRhIjp7InBsdWdpbnMiOlsiUERGIFZpZXdlcjo6UG9ydGFibGUgRG9jdW1lbnQgRm9ybWF0OjppbnRlcm5hbC1wZGYtdmlld2VyOjpfX2FwcGxpY2F0aW9uL3BkZn5wZGZ%2BUG9ydGFibGUgRG9jdW1lbnQgRm9ybWF0LHRleHQvcGRmfnBkZn5Qb3J0YWJsZSBEb2N1bWVudCBGb3JtYXQiLCJDaHJvbWUgUERGIFZpZXdlcjo6UG9ydGFibGUgRG9jdW1lbnQgRm9ybWF0OjppbnRlcm5hbC1wZGYtdmlld2VyOjpfX2FwcGxpY2F0aW9uL3BkZn5wZGZ%2BUG9ydGFibGUgRG9jdW1lbnQgRm9ybWF0LHRleHQvcGRmfnBkZn5Qb3J0YWJsZSBEb2N1bWVudCBGb3JtYXQiLCJDaHJvbWl1bSBQREYgVmlld2VyOjpQb3J0YWJsZSBEb2N1bWVudCBGb3JtYXQ6OmludGVybmFsLXBkZi12aWV3ZXI6Ol9fYXBwbGljYXRpb24vcGRmfnBkZn5Qb3J0YWJsZSBEb2N1bWVudCBGb3JtYXQsdGV4dC9wZGZ%2BcGRmflBvcnRhYmxlIERvY3VtZW50IEZvcm1hdCIsIk1pY3Jvc29mdCBFZGdlIFBERiBWaWV3ZXI6OlBvcnRhYmxlIERvY3VtZW50IEZvcm1hdDo6aW50ZXJuYWwtcGRmLXZpZXdlcjo6X19hcHBsaWNhdGlvbi9wZGZ%2BcGRmflBvcnRhYmxlIERvY3VtZW50IEZvcm1hdCx0ZXh0L3BkZn5wZGZ%2BUG9ydGFibGUgRG9jdW1lbnQgRm9ybWF0IiwiV2ViS2l0IGJ1aWx0LWluIFBERjo6UG9ydGFibGUgRG9jdW1lbnQgRm9ybWF0OjppbnRlcm5hbC1wZGYtdmlld2VyOjpfX2FwcGxpY2F0aW9uL3BkZn5wZGZ%2BUG9ydGFibGUgRG9jdW1lbnQgRm9ybWF0LHRleHQvcGRmfnBkZn5Qb3J0YWJsZSBEb2N1bWVudCBGb3JtYXQiXX19LCJIRUFEQ0hSX0lGUkFNRSI6eyJuYW1lIjoiSEVBRENIUl9JRlJBTUUiLCJjb25zaXN0ZW50IjozLCJkYXRhIjp7fX0sIkNIUl9ERUJVR19UT09MUyI6eyJuYW1lIjoiQ0hSX0RFQlVHX1RPT0xTIiwiY29uc2lzdGVudCI6MywiZGF0YSI6e319LCJTRUxFTklVTV9EUklWRVIiOnsibmFtZSI6IlNFTEVOSVVNX0RSSVZFUiIsImNvbnNpc3RlbnQiOjMsImRhdGEiOnsiYXR0cmlidXRlc0ZvdW5kIjpbZmFsc2UsZmFsc2UsZmFsc2UsZmFsc2UsZmFsc2UsZmFsc2UsZmFsc2UsZmFsc2UsZmFsc2UsZmFsc2UsZmFsc2UsZmFsc2UsZmFsc2UsZmFsc2UsZmFsc2UsZmFsc2UsZmFsc2VdfX0sIkNIUl9CQVRURVJZIjp7Im5hbWUiOiJDSFJfQkFUVEVSWSIsImNvbnNpc3RlbnQiOjMsImRhdGEiOnt9fSwiQ0hSX01FTU9SWSI6eyJuYW1lIjoiQ0hSX01FTU9SWSIsImNvbnNpc3RlbnQiOjMsImRhdGEiOnt9fSwiVFJBTlNQQVJFTlRfUElYRUwiOnsibmFtZSI6IlRSQU5TUEFSRU5UX1BJWEVMIiwiY29uc2lzdGVudCI6MywiZGF0YSI6eyIwIjowLCIxIjowLCIyIjowLCIzIjowfX0sIlNFUVVFTlRVTSI6eyJuYW1lIjoiU0VRVUVOVFVNIiwiY29uc2lzdGVudCI6MywiZGF0YSI6e319LCJWSURFT19DT0RFQ1MiOnsibmFtZSI6IlZJREVPX0NPREVDUyIsImNvbnNpc3RlbnQiOjMsImRhdGEiOnsiaDI2NCI6InByb2JhYmx5In19fX0%3D"}},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 124\r\nalt-svc: h3=\":443\"; ma=86400\r\naccess-control-allow-origin: *\r\ndate: Tue, 13 Jan 2026 01:49:15 GMT\r\netag: W/\"7c-B8TTmWAe1hglWYBgNdqCrV4+Wo8\"\r\nnel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nreport-to: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=DBS%2BHeHYFeBLvOtolvJoxvC8CzGg1Nf0m0Vidc2AWqk%3D\\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\\u0026ts=1768268955\"}],\"max_age\":3600}\r\nreporting-endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=DBS%2BHeHYFeBLvOtolvJoxvC8CzGg1Nf0m0Vidc2AWqk%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1768268955\"\r\nserver: Heroku\r\nvia: 1.1 heroku-router, 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)\r\nx-powered-by: Express\r\nx-cache: Miss from cloudfront\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: rN8nCtNc1cYUuBGfWy4oY-en_d5S7zSH66tAUNHg3NoEgytP4b0bhA==\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":124,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"b1c4f5372528e7fef0657278f3b440a1","sha1":"07c4d399601ed6182559806035da82ad5e3e5a8f","sha256":"4617dffa0fe75b67ed71c55aae02bfaf543cd9f640b8d33b906047caccd7e54b","sha512":"0f0fe456ff375e4df706f0a811464d09366df614799dea415ddedc23e490088e4aae6d5692aeeef34c00e54c9e96ec1392a1dd63ae45979719c8baebec6084f0","ssdeep":"","tlshash":"63b09b2197ba6575761514d1865474e6194cf19245064935539953450215a711f30455","first_seen":"2026-01-13T01:49:58.733183Z","last_seen":"2026-01-13T01:49:58.733183Z","times_seen":1,"resource_available":false,"data":null}},"time_used":275,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":275,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-13","alert":"Sinkholed","trigger":"hellpdesk.at","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"hellpdesk.at/?r=0894fc0a-c625-4d83-86b7-644aef50427c\u0026rg=eu.","fqdn":"hellpdesk.at","domain":"hellpdesk.at","tld":"at"},"ip":{"addr":"54.240.174.103","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-13T01:49:14.056Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1nfoclient.fr","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Thu, 04 Dec 2025 00:00:00 GMT","end":"Sat, 02 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"AD:7B:B5:9D:A8:E5:EB:C7:94:C0:4C:D8:BC:B2:87:49:37:3B:3F:09","sha256":"C3:29:D0:61:90:2A:42:CB:1A:F6:7C:17:0F:DE:12:9C:56:3B:44:69:F1:F5:18:97:50:C5:48:A7:7B:7D:7D:0E"}}},"request":{"raw":"GET /?r=0894fc0a-c625-4d83-86b7-644aef50427c\u0026rg=eu. HTTP/1.1\r\nHost: hellpdesk.at\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html; charset=utf-8\r\naccess-control-allow-origin: *\r\nx-powered-by: Express\r\ndate: Tue, 13 Jan 2026 01:49:14 GMT\r\nvary: accept-encoding\r\nnel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nreport-to: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=YUGyPkp%2FBOGrHsqf0zNtE4AhNLSKq%2BBIUeIjZg9yRXU%3D\\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\\u0026ts=1768268954\"}],\"max_age\":3600}\r\nreporting-endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=YUGyPkp%2FBOGrHsqf0zNtE4AhNLSKq%2BBIUeIjZg9yRXU%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1768268954\"\r\nserver: Heroku\r\nvia: 1.1 heroku-router, 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)\r\ncontent-encoding: gzip\r\netag: W/\"309d-pzO+SHxnlWyQ6NIExXb0ebXV3Ok\"\r\nx-cache: Miss from cloudfront\r\nx-amz-cf-pop: OSL50-P1\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-amz-cf-id: FLfcD0fZm5mn_EFULUrqA87EEyDsV_M-wlpgNX-OYQ5FTKL0Kvin_Q==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":12445,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (12445), with no line terminators","md5":"b2ed6b9518a46b1f3a9f149057b38751","sha1":"a733be487c67956c90e8d204c576f479b5d5dce9","sha256":"92f063ce3080d08a5405c05e2b4390c056fdcd74859bfcfa1c3320100cc51661","sha512":"60e1a2a948137c584f8450c0cc154658d1ad7d387d2590a063ffd4077ae0b15ceb0b3b8c9d814bab2870b5c590aa9294d8431787d0c49f3b4ebc07fefea88b04","ssdeep":"192:JhWjK3pt1X3IOISt3Aa0reeK/zoiPSvO9V/x0//6/Kvnr2w4:73pt1X3IOIY0ae5Y6l6w4","tlshash":"cc425572ea91810b7112c568fbd0be993f158341d7070a68f6fc7276eb86ca41da229d","first_seen":"2026-01-13T01:49:58.735405Z","last_seen":"2026-01-13T01:51:32.906443Z","times_seen":6,"resource_available":false,"data":null}},"time_used":476,"timings":{"blocked":58,"dns":48,"connect":1,"send":0,"wait":360,"receive":0,"ssl":7},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-13","alert":"Sinkholed","trigger":"hellpdesk.at","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"innermail.co.uk/css-fonts/ExpertSansBold.css","fqdn":"innermail.co.uk","domain":"innermail.co.uk","tld":"co.uk"},"ip":{"addr":"54.240.174.103","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hellpdesk.at/?r=0894fc0a-c625-4d83-86b7-644aef50427c\u0026rg=eu.","date":"2026-01-13T01:49:14.717Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1nfoclient.fr","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Thu, 04 Dec 2025 00:00:00 GMT","end":"Sat, 02 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"AD:7B:B5:9D:A8:E5:EB:C7:94:C0:4C:D8:BC:B2:87:49:37:3B:3F:09","sha256":"C3:29:D0:61:90:2A:42:CB:1A:F6:7C:17:0F:DE:12:9C:56:3B:44:69:F1:F5:18:97:50:C5:48:A7:7B:7D:7D:0E"}}},"request":{"raw":"GET /css-fonts/ExpertSansBold.css HTTP/1.1\r\nHost: innermail.co.uk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hellpdesk.at/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/css; charset=UTF-8\r\ncontent-length: 279\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0\r\ndate: Tue, 13 Jan 2026 01:49:14 GMT\r\netag: W/\"117-19a931b4408\"\r\nlast-modified: Mon, 17 Nov 2025 18:37:09 GMT\r\nnel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nreport-to: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=YUGyPkp%2FBOGrHsqf0zNtE4AhNLSKq%2BBIUeIjZg9yRXU%3D\\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\\u0026ts=1768268954\"}],\"max_age\":3600}\r\nreporting-endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=YUGyPkp%2FBOGrHsqf0zNtE4AhNLSKq%2BBIUeIjZg9yRXU%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1768268954\"\r\nserver: Heroku\r\nvia: 1.1 heroku-router, 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)\r\nx-powered-by: Express\r\nx-cache: Miss from cloudfront\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: jyeVKPKIVphv4w_ziIhIEcHPLZFz66Cd9D9UQRyEz7HRJ6wfjBvlVw==\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":279,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"6c011a4cb4586ee7d68e43843b85ab91","sha1":"a3cd72839b653e40437b59a6161490eac39d8f08","sha256":"25f70850dc7634ea820bca73a92435bc44f06769c710e5a40f006658c7c33fac","sha512":"d30c541c624d4d110f094f0393c8777915c30f50b3ee8dd95b88f76470780ba29633710b8f631d0eed960a945ec4f69a01ca2305312efe5cb1d598633f6d82a9","ssdeep":"","tlshash":"60d012558f84375502c30f4373f59a98ad5a9004bc1940c26368d469cdf261b0070f2f","first_seen":"2025-02-11T16:50:34.086836Z","last_seen":"2026-01-21T15:50:46.156699Z","times_seen":30,"resource_available":false,"data":null}},"time_used":145,"timings":{"blocked":19,"dns":0,"connect":0,"send":0,"wait":126,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-13","alert":"Sinkholed","trigger":"innermail.co.uk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Open+Sans:400,700","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hellpdesk.at/?r=0894fc0a-c625-4d83-86b7-644aef50427c\u0026rg=eu.","date":"2026-01-13T01:49:14.720Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"A8:BA:6B:80:7C:EC:B1:6F:C1:C2:03:D7:C9:27:6E:75:DE:4B:AA:47","sha256":"4E:2C:B9:C5:81:56:5E:97:93:07:22:12:66:E2:52:C6:0A:2E:17:72:FF:9B:5F:2A:B9:E1:21:80:05:6D:8B:3D"}}},"request":{"raw":"GET /css?family=Open+Sans:400,700 HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hellpdesk.at/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Tue, 13 Jan 2026 01:49:14 GMT\r\ndate: Tue, 13 Jan 2026 01:49:14 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11588,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"28e0e3d1db179a6b0b454a6a42a382b7","sha1":"637e0ca2efa06fb7bcdadb1ed0cade98aa6f6c08","sha256":"f1251b5aa44c40639d940adcbebe2d7d88573dfac9a2ba63d71ca06ea67bbad9","sha512":"bfe57657f404dacdef4e7bed130a8a739fcc007f9f6d6a9a81d57f10a25776048b664cf58ddc935c6dcecd6fb7ac373b74b03367ae91be7e9ce4badf853fbd3a","ssdeep":"192:wCAAN21/rqbnbqGIwV4Razq4CZZE2s6rqmnbqGIwV4YfzvY:TjXqY4nU8qY4Z","tlshash":"bc322ba00017185067431de623de7e34ee0fa2657044d0766bfd8b9beedad6963b431d","first_seen":"2025-09-17T00:46:50.629094Z","last_seen":"2026-06-08T22:16:27.137946Z","times_seen":10649,"resource_available":true,"data":null}},"time_used":231,"timings":{"blocked":99,"dns":1,"connect":7,"send":0,"wait":21,"receive":0,"ssl":99},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hellpdesk.at/js/usecure.env.js?v=2ed7d291-f585-41c7-a19e-6180ebc8fd07","fqdn":"hellpdesk.at","domain":"hellpdesk.at","tld":"at"},"ip":{"addr":"54.240.174.103","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hellpdesk.at/?r=0894fc0a-c625-4d83-86b7-644aef50427c\u0026rg=eu.","date":"2026-01-13T01:49:14.722Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1nfoclient.fr","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Thu, 04 Dec 2025 00:00:00 GMT","end":"Sat, 02 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"AD:7B:B5:9D:A8:E5:EB:C7:94:C0:4C:D8:BC:B2:87:49:37:3B:3F:09","sha256":"C3:29:D0:61:90:2A:42:CB:1A:F6:7C:17:0F:DE:12:9C:56:3B:44:69:F1:F5:18:97:50:C5:48:A7:7B:7D:7D:0E"}}},"request":{"raw":"GET /js/usecure.env.js?v=2ed7d291-f585-41c7-a19e-6180ebc8fd07 HTTP/1.1\r\nHost: hellpdesk.at\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 189\r\nalt-svc: h3=\":443\"; ma=86400\r\naccess-control-allow-origin: *\r\ndate: Tue, 13 Jan 2026 01:49:14 GMT\r\netag: W/\"bd-q+ifm/t1a737L1NUIOELtWJetOI\"\r\nnel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nreport-to: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=YUGyPkp%2FBOGrHsqf0zNtE4AhNLSKq%2BBIUeIjZg9yRXU%3D\\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\\u0026ts=1768268954\"}],\"max_age\":3600}\r\nreporting-endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=YUGyPkp%2FBOGrHsqf0zNtE4AhNLSKq%2BBIUeIjZg9yRXU%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1768268954\"\r\nserver: Heroku\r\nvia: 1.1 heroku-router, 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)\r\nx-powered-by: Express\r\nx-cache: Error from cloudfront\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: 8CGmM28_1gNtwHfqJJKgc5ZVc28C7iOBv6u1GPO20Ri2Vkf2FRhjQw==\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":189,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with no line terminators","md5":"c9f6f82c0b1e2d6eb40294f876eac55e","sha1":"abe89f9bfb756bbdfb2f535420e10bb5625eb4e2","sha256":"9dcc361cf979ea9471e1076ab30724c665229614d2d7432dfe9127c8b6d3a443","sha512":"c9ad3aa05ef29513c47732c46f626674f9b55d9b3b8bd8ce2699b17e4ab02d07a2549505024e1031feb286d92ac4affbdbf8fad07a4b849757c0a62efb535b93","ssdeep":"","tlshash":"1bc080efd187728fd41324e03dc311d1594c03a7b4b645f43d807859e11417dcac659d","first_seen":"2023-04-07T07:54:01Z","last_seen":"2026-06-08T23:26:13.225677Z","times_seen":723,"resource_available":true,"data":null}},"time_used":120,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":120,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-13","alert":"Sinkholed","trigger":"hellpdesk.at","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"s3.eu-west-1.amazonaws.com/usecure/wysiwyg1622122990749-Screenshot+-+2021-05-27T214154.332.png","fqdn":"s3.eu-west-1.amazonaws.com","domain":"s3.eu-west-1.amazonaws.com","tld":""},"ip":{"addr":"3.5.66.191","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hellpdesk.at/?r=0894fc0a-c625-4d83-86b7-644aef50427c\u0026rg=eu.","date":"2026-01-13T01:49:14.929Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.s3-eu-west-1.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sun, 06 Jul 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"10:54:47:0D:5F:A4:58:07:E9:60:05:FB:6F:E5:26:C1:A5:96:CA:E7","sha256":"7C:5F:2C:02:49:7E:D7:01:1C:0C:F9:55:BC:C7:90:97:7F:EF:0C:1B:58:F6:D4:D9:35:6D:8F:32:8B:81:93:C1"}}},"request":{"raw":"GET /usecure/wysiwyg1622122990749-Screenshot+-+2021-05-27T214154.332.png HTTP/1.1\r\nHost: s3.eu-west-1.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hellpdesk.at/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: Wi5bljqA6OQk6PFC8B/yOcjyYdLp5Jshf8G2tk0/X8dJBP/C4hM4aHPP14jeg8GtfCBth9753rzQ4r2riemUSvo1sr4+dGbq\r\nx-amz-request-id: 3TSK8CWGG4Y4FB1E\r\nDate: Tue, 13 Jan 2026 01:49:16 GMT\r\nLast-Modified: Thu, 27 May 2021 13:43:12 GMT\r\nETag: \"fc4caf38bcb0f6c5953a8e0f30ceef7e\"\r\nAccept-Ranges: bytes\r\nContent-Type: image/png\r\nContent-Length: 254484\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":254484,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1437 x 753, 8-bit/color RGBA, non-interlaced","md5":"fc4caf38bcb0f6c5953a8e0f30ceef7e","sha1":"db67d033bb229465489b87769545c3a74aa8a6bb","sha256":"0c9eb93305dde95ad822f58b7176d355935fc1bf55aaefc4dd3fcbecab3705c1","sha512":"d2b8b5a6bb7b81acc567ffa1c5b77cb6ce66fe20da4aa42d133b911d7d2085e0f3c70e6750616d9b800538e0d16d43ec94cd8884d325f997863ea79f133ab288","ssdeep":"6144:ibFA5Yp/PGXvlFuUmVjuRCv5zinu3oJa39//Af:jYPMlFuU2ukvFiZ6/4f","tlshash":"50441237d6e934b86334099d5d50cb382e4f67b935252aebfac404e384fc4486ee562e","first_seen":"2025-02-11T16:50:34.091034Z","last_seen":"2026-05-03T01:52:51.80108Z","times_seen":107,"resource_available":false,"data":null}},"time_used":470,"timings":{"blocked":147,"dns":14,"connect":33,"send":0,"wait":60,"receive":111,"ssl":101},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"innermail.co.uk/fonts/expertsans-bold-webfont.woff","fqdn":"innermail.co.uk","domain":"innermail.co.uk","tld":"co.uk"},"ip":{"addr":"54.240.174.103","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://hellpdesk.at/?r=0894fc0a-c625-4d83-86b7-644aef50427c\u0026rg=eu.","date":"2026-01-13T01:49:14.938Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1nfoclient.fr","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Thu, 04 Dec 2025 00:00:00 GMT","end":"Sat, 02 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"AD:7B:B5:9D:A8:E5:EB:C7:94:C0:4C:D8:BC:B2:87:49:37:3B:3F:09","sha256":"C3:29:D0:61:90:2A:42:CB:1A:F6:7C:17:0F:DE:12:9C:56:3B:44:69:F1:F5:18:97:50:C5:48:A7:7B:7D:7D:0E"}}},"request":{"raw":"GET /fonts/expertsans-bold-webfont.woff HTTP/1.1\r\nHost: innermail.co.uk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://hellpdesk.at\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://innermail.co.uk/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: font/woff\r\ncontent-length: 20080\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0\r\ndate: Tue, 13 Jan 2026 01:49:14 GMT\r\netag: W/\"4e70-19a931b4408\"\r\nlast-modified: Mon, 17 Nov 2025 18:37:09 GMT\r\nnel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nreport-to: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=YUGyPkp%2FBOGrHsqf0zNtE4AhNLSKq%2BBIUeIjZg9yRXU%3D\\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\\u0026ts=1768268954\"}],\"max_age\":3600}\r\nreporting-endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=YUGyPkp%2FBOGrHsqf0zNtE4AhNLSKq%2BBIUeIjZg9yRXU%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1768268954\"\r\nserver: Heroku\r\nvia: 1.1 heroku-router, 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)\r\nx-powered-by: Express\r\nx-cache: Miss from cloudfront\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: SRBslnmbIo-tCZm6YOgiJ5n6dNrY7EEfFZJOiWovGPrgu29kMIjVlw==\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":20080,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 20080, version 1.0","md5":"1a2edb041de9ae5008e582f46c3a0fd7","sha1":"3646a8cf13a9b94051b03a8d1b0b049e7167000f","sha256":"adeb37a325b72a5382a603c575caf390f1fe968f60a266679c18bf6ff61317cc","sha512":"58f089e021e651cefa61f5e6678bedb81eefce0abffe0f842fdc3724fc6c0c9fe68abee3c828697d5e782c6e4aa060791084d7d93afd9912bee831cb808bbf20","ssdeep":"384:T9637862Vp6cnAFVRDoS9KDZipEbBEqYtRecJ+BFLREySTF:Zw7IzzAF2ZQEJsRecULN/Q","tlshash":"0392d041d74272378b129ef57f0b0769cfb13a26a1096b85928e19c4126fad316e18ec","first_seen":"2023-08-29T15:38:14Z","last_seen":"2026-01-21T15:50:46.15364Z","times_seen":36,"resource_available":false,"data":null}},"time_used":83,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":39,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-13","alert":"Sinkholed","trigger":"innermail.co.uk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hellpdesk.at/favicon.ico","fqdn":"hellpdesk.at","domain":"hellpdesk.at","tld":"at"},"ip":{"addr":"54.240.174.103","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hellpdesk.at/?r=0894fc0a-c625-4d83-86b7-644aef50427c\u0026rg=eu.","date":"2026-01-13T01:49:15.276Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1nfoclient.fr","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Thu, 04 Dec 2025 00:00:00 GMT","end":"Sat, 02 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"AD:7B:B5:9D:A8:E5:EB:C7:94:C0:4C:D8:BC:B2:87:49:37:3B:3F:09","sha256":"C3:29:D0:61:90:2A:42:CB:1A:F6:7C:17:0F:DE:12:9C:56:3B:44:69:F1:F5:18:97:50:C5:48:A7:7B:7D:7D:0E"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: hellpdesk.at\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 189\r\nalt-svc: h3=\":443\"; ma=86400\r\naccess-control-allow-origin: *\r\ndate: Tue, 13 Jan 2026 01:49:15 GMT\r\netag: W/\"bd-q+ifm/t1a737L1NUIOELtWJetOI\"\r\nnel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nreport-to: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=DBS%2BHeHYFeBLvOtolvJoxvC8CzGg1Nf0m0Vidc2AWqk%3D\\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\\u0026ts=1768268955\"}],\"max_age\":3600}\r\nreporting-endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=DBS%2BHeHYFeBLvOtolvJoxvC8CzGg1Nf0m0Vidc2AWqk%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1768268955\"\r\nserver: Heroku\r\nvia: 1.1 heroku-router, 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)\r\nx-powered-by: Express\r\nx-cache: Error from cloudfront\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: 0_efbI_ModF0M7N4XKUG8LQlk6ZdU_4tVe6gEFKcvkH4QJGrVKL-DA==\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":189,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with no line terminators","md5":"c9f6f82c0b1e2d6eb40294f876eac55e","sha1":"abe89f9bfb756bbdfb2f535420e10bb5625eb4e2","sha256":"9dcc361cf979ea9471e1076ab30724c665229614d2d7432dfe9127c8b6d3a443","sha512":"c9ad3aa05ef29513c47732c46f626674f9b55d9b3b8bd8ce2699b17e4ab02d07a2549505024e1031feb286d92ac4affbdbf8fad07a4b849757c0a62efb535b93","ssdeep":"","tlshash":"1bc080efd187728fd41324e03dc311d1594c03a7b4b645f43d807859e11417dcac659d","first_seen":"2023-04-07T07:54:01Z","last_seen":"2026-06-08T23:26:13.225677Z","times_seen":723,"resource_available":true,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-13","alert":"Sinkholed","trigger":"hellpdesk.at","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}}]}