r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9845
Expires: Sat, 28 Jan 2023 16:37:09 GMT
Date: Sat, 28 Jan 2023 13:53:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2405562765b49b2782ebd2e2994851d5
be7ac8e558f7875bb1fb86ab5ec674424a5ff269
422cfa907461cb7b93b9089d600052f9e94951e5e0c93d97651905002e48ad3e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "422CFA907461CB7B93B9089D600052F9E94951E5E0C93D97651905002E48AD3E"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13262
Expires: Sat, 28 Jan 2023 17:34:06 GMT
Date: Sat, 28 Jan 2023 13:53:04 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 28 Jan 2023 13:35:30 GMT
content-type: application/json
age: 1054
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 69f73ac59327cd9ad7d99816ccfcc03e
c54844f82dbee0d5ee4c8ce344eb0139373e6c6b
e81c685b2d8f0e31b89e5cfc911a2c5a99a556646830ac5a8468d991b5e871a3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E81C685B2D8F0E31B89E5CFC911A2C5A99A556646830AC5A8468D991B5E871A3"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7350
Expires: Sat, 28 Jan 2023 15:55:34 GMT
Date: Sat, 28 Jan 2023 13:53:04 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: SlPMqLIMryWAkuFi3c6RvBDqSVgqnF0C7tFgOIxJgsDXnqskkcId/s9bRTP/4eHS7YaN12EgDVA=
x-amz-request-id: Q7XQF9QM1KWS3XMH
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 28 Jan 2023 13:20:59 GMT
age: 1925
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ees.co.rw/
172.67.129.93200 OK 5.7 kB IP 172.67.129.93:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (366), with CRLF line terminators
Hash 53f9b61e14e848ef8a10db0970a6910b
e58bcea5d9727b0858f20c0f92a52800cda42960
7391812a4c757b072d1a9e7871ecd6e098803ff02c021c2afa1f5f474a1f6bf3
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: ees.co.rw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 13:53:04 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 04 Aug 2022 09:28:16 GMT
Vary: Accept-Encoding,User-Agent
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ge2o9Ga6KaDIzl%2FvoiuzNrSibnGYQSxokeSAn8mcGsZrzqEx7S2G%2B5CRUJ3rob%2BHS2O3xX3%2BBs6dzrJInShZBYaUZg3yta1BuXXE5eEZVXBj8TaMbfvIbdwAdVY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790a3651abc1b4f3-OSL
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 13:53:04 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/waypoints/2.0.3/waypoints.min.js
104.17.25.14200 OK 2.6 kB URL HTTP/1.1 cdnjs.cloudflare.com/ajax/libs/waypoints/2.0.3/waypoints.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (7808)
Hash 77c871b359e63c5522474874ae7c24e5
d4fdc396616d8d3366861af11b64af3af3f37078
b836e3198322067c33aeb98ad8d474c91776873c134d7cd72b596e3e452d0989
GET /ajax/libs/waypoints/2.0.3/waypoints.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ees.co.rw/
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 13:53:04 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 2612
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=30672000
Content-Encoding: gzip
ETag: "5eb0402f-1f6c"
Last-Modified: Mon, 04 May 2020 16:17:51 GMT
cf-cdnjs-via: cfworker/kv
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 793723
Expires: Thu, 18 Jan 2024 13:53:04 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cVlOa6EySXACyXir%2Bf4WHfIpItt7PzYoM00KLAUWGBB27d1abf0B0Z5Fny37FhASZ7EGcCuKDVITRoNNB607vdBegczZzhUonRC1w98XM34BroF%2FWfv3zvp%2Bb28IkTspgz3qwsHY"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790a3654da850b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ees.co.rw/font-awesome/css/font-awesome.min.css
172.67.129.93200 OK 7.1 kB URL HTTP/1.1 ees.co.rw/font-awesome/css/font-awesome.min.css
IP 172.67.129.93:0
File type ASCII text, with very long lines (30837), with CRLF line terminators
Hash bf03b8f20ac9063cd68fdaad99f33471
b7ed452624cf0ad672802f062a90c32cfbcc33fc
47ab379a793e73b136a795ef9e1d1a4fc95e7109a74863c3a6df40d0f9086c13
GET /font-awesome/css/font-awesome.min.css HTTP/1.1
Host: ees.co.rw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ees.co.rw/
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 13:53:05 GMT
Content-Type: text/css
Content-Length: 7057
Connection: keep-alive
Last-Modified: Fri, 10 Jun 2022 21:23:42 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=al2VU7fgJEwK7MLOdmweysDHY05f88zSYX%2B%2FxKx3fQGKs5cTlDTJscp5Xx1J0J9hG4IHRgH4cXhXsnp6X83cHXkZ58lzfVpDq6eQVUiTBt7YbCHQ%2Btj1jfGZnVo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790a36549f21b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ees.co.rw/css/style_hero.css
172.67.129.93200 OK 3.3 kB URL HTTP/1.1 ees.co.rw/css/style_hero.css
IP 172.67.129.93:0
File type ASCII text, with CRLF line terminators
Hash a7ebf48006734ed553b7b49bf0a1a4b3
742a90a59da721629d5fbb3b32d65ef2384c7260
b625e67b353386d11b0f7f2e171e5c13f4b243f6af053af135a99207db558905
GET /css/style_hero.css HTTP/1.1
Host: ees.co.rw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ees.co.rw/
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 13:53:05 GMT
Content-Type: text/css
Content-Length: 3326
Connection: keep-alive
Last-Modified: Fri, 10 Jun 2022 21:23:48 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DKyLJKPbsjTw56k8%2Fd9phw3LWp8TMY4HgqDuVR4EKem6UYlzHCxEnje3MU70joyaUv4AiXKEub1t0wBSsVQn%2FyylMzK%2BM%2B1RZEbi3vIwXSX8qgkAjaUdldU37Vs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790a3654af04b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ees.co.rw/css/owl.theme.default.css
172.67.129.93200 OK 538 B URL HTTP/1.1 ees.co.rw/css/owl.theme.default.css
IP 172.67.129.93:0
Hash aa4b8ebd30ead93534a20af162dfe18f
6e3062bccc72824582183e7af9e3c654a4056810
7676700e5ac302aacaed5402e9e2b4a30e8147f50bdb829ab6d73e13248f0753
GET /css/owl.theme.default.css HTTP/1.1
Host: ees.co.rw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ees.co.rw/
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 13:53:05 GMT
Content-Type: text/css
Content-Length: 538
Connection: keep-alive
Last-Modified: Fri, 10 Jun 2022 21:23:48 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1sC7xXmIpaiyt6aZS7HOgRw9F6pbngGR9%2FOuijE1qwDslfUG1qQEl1Ex618xIEiX0xmsFSGvKl0GVGMxIDaLM4WhC%2FgkDequjhoUcXJAlxw6RydzgQhrIRzszRU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790a3654af2bb4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ees.co.rw/css/hover.css
172.67.129.93200 OK 8.8 kB IP 172.67.129.93:0
File type ASCII text, with CRLF line terminators
Hash 5cac45ca9a3f8b9b3e1e29b9029552c1
56dad2ca0ee5775999a69a0572d76ec95cf3dc21
d2948ed8d57ce57624435fde5a3d2173c21583e3b3caf8a92e8ba0f6d17845ef
GET /css/hover.css HTTP/1.1
Host: ees.co.rw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ees.co.rw/
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 13:53:05 GMT
Content-Type: text/css
Content-Length: 8759
Connection: keep-alive
Last-Modified: Fri, 10 Jun 2022 21:23:48 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a9lubIvsD1Bd377LteUmayK0LuEzkgGQd8IB1Z9eQpC8CPJfm3h5%2FOR0xzlxhXuMqJJ0bjbzo8ChPEq4K4zw9yLU8PHeCNWTRmk8KbtxR9HhGoZRmc0VQBVNBc4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790a3654a9511bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ees.co.rw/css/owl.carousel.css
172.67.129.93200 OK 1.1 kB URL HTTP/1.1 ees.co.rw/css/owl.carousel.css
IP 172.67.129.93:0
Hash c8be3cc1be2d456be7df4945fa9af084
7f475dc9b5764696098d8bff176a2cab4c0b6195
213d5ff2521f25820e061648165284ea243d7fddaf941ee4af615344c174906b
GET /css/owl.carousel.css HTTP/1.1
Host: ees.co.rw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ees.co.rw/
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 13:53:05 GMT
Content-Type: text/css
Content-Length: 1129
Connection: keep-alive
Last-Modified: Fri, 10 Jun 2022 21:23:48 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=10u4AoeIvTTG13yoF40r8G52vlQUJscx%2BzNHJGiHiLnzbKAKdHd%2BQlaEv6Dy688fh8eXTqateifJZkMQEuAojY6Q1NB07Quy4LnNYhz68mo1At6aAJr%2BA41U7cM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790a36549eeeb4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ees.co.rw/css/animate.css
172.67.129.93200 OK 4.5 kB URL HTTP/1.1 ees.co.rw/css/animate.css
IP 172.67.129.93:0
File type ASCII text, with CRLF line terminators
Hash ecd2b2bbd79dd812cba147a47d1f8b38
edb6730f7b51de9107bc8566d94839b40f36c3da
d6042c722afedab2982477a4b94972d79a160a8a2c2d02a220c1b679b8952935
GET /css/animate.css HTTP/1.1
Host: ees.co.rw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ees.co.rw/
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 13:53:05 GMT
Content-Type: text/css
Content-Length: 4468
Connection: keep-alive
Last-Modified: Fri, 10 Jun 2022 21:23:48 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R2yy3syiny%2Bh1vzXFQAYmQVwT8twSIoo%2FN1Uk5rS%2FH3g0skaB%2FSoxrhE85yhTYBeJ4zAKjEh%2FF7S7IwHMVm1oNtRdAlKPHZ2kwD5M6XTon%2BulKpG%2FZTgxzu11I4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790a3654ac35b4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 28 Jan 2023 13:41:40 GMT
age: 685
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11681
Expires: Sat, 28 Jan 2023 17:07:46 GMT
Date: Sat, 28 Jan 2023 13:53:05 GMT
Connection: keep-alive
ees.co.rw/css/responsive.css
172.67.129.93200 OK 2.2 kB URL HTTP/1.1 ees.co.rw/css/responsive.css
IP 172.67.129.93:0
File type ASCII text, with CRLF line terminators
Hash 9cc72c9b8d4f039620c294e046e9d270
5c6ddee31bb9dd56663d0b5653bdccc80f6704c6
5e6e69d92637ec1bdee25e4ed1b42ed485f7a2b6bc223cf1aae8d5efe71005c5
GET /css/responsive.css HTTP/1.1
Host: ees.co.rw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ees.co.rw/
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 13:53:05 GMT
Content-Type: text/css
Content-Length: 2196
Connection: keep-alive
Last-Modified: Fri, 10 Jun 2022 21:23:48 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ASJBx2HNi15BTeHa1VnsarzLTZq1N%2B95Lhwe%2FPcVI9hHXmhNhNJYDYgCq4M4VqHwrfWshNdknvUBUBmfbprhxkS1odIneArUCuyuANJFJPftno9%2F8gEAJZwBqWo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790a3656d9c4b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ees.co.rw/plugins/owl.carousel.min.js
172.67.129.93200 OK 11 kB URL HTTP/1.1 ees.co.rw/plugins/owl.carousel.min.js
IP 172.67.129.93:0
File type ASCII text, with very long lines (32000)
Hash 694074c04c049ebfa9fab7d7b5363875
613568d2ddb188144906c19beab972314bfde12d
3c721f2669ccc0655d376af0d8b3510d111516b179ac678edd2802c28fa928ab
Analyzer Verdict Alert fortinet Phishing
GET /plugins/owl.carousel.min.js HTTP/1.1
Host: ees.co.rw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ees.co.rw/
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 13:53:05 GMT
Content-Type: application/javascript
Content-Length: 10926
Connection: keep-alive
Last-Modified: Fri, 10 Jun 2022 21:23:32 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rDHpfB3QigDwt7dR1loJEcTBHi9OAY7Y1xty8D1PgZ26Eg94GVhA6i9GhQIO7pZSmtR%2Fi3wa4Rig7M9EhE8gXieAz97wHp2n4%2BXe9JdmiWVUB%2Fi1fkYROphYkWM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790a3656e9c3b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ees.co.rw/plugins/bootstrap.min.js
172.67.129.93200 OK 9.8 kB URL HTTP/1.1 ees.co.rw/plugins/bootstrap.min.js
IP 172.67.129.93:0
File type ASCII text, with very long lines (32033)
Hash c83dab682eea0b37ac9522e2856cbb6b
db1fb35549a4ac9cc12811f09bc4b07b48c51434
a9611bc805de07c98225bb878876a24b063fa52559adaf2ba4e997566d5cf3a1
Analyzer Verdict Alert fortinet Phishing
GET /plugins/bootstrap.min.js HTTP/1.1
Host: ees.co.rw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ees.co.rw/
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 13:53:05 GMT
Content-Type: application/javascript
Content-Length: 9833
Connection: keep-alive
Last-Modified: Fri, 10 Jun 2022 21:23:32 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TVU2kC95BEFd%2F72%2F4UXoC6QuMaQHoIlSzpGt%2BmfD1Bu05lGh%2FyZw7zHXMOw1zw57Vg7GKPwtiCeqrzWY3MNOmWPZaJIdghJyoOTOVoFpD%2Fj9kSLCW7UHw6RNrMM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790a3656eecdb4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ees.co.rw/css/bootstrap.min.css
172.67.129.93200 OK 20 kB URL HTTP/1.1 ees.co.rw/css/bootstrap.min.css
IP 172.67.129.93:0
File type ASCII text, with very long lines (65371)
Hash f6fd8790f1d560aab890a85a78b6d67d
98adac8aece45e55b10c8d0d645038a990b0ee00
ceae5c3fdd35600e1de72b94f59efb2fc3b51163640a180431c8d59b95e2ef0f
GET /css/bootstrap.min.css HTTP/1.1
Host: ees.co.rw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ees.co.rw/
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 13:53:05 GMT
Content-Type: text/css
Content-Length: 19744
Connection: keep-alive
Last-Modified: Fri, 10 Jun 2022 21:23:48 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X3MHcYV2mUikgOnT9tMbv4sH4CuKCcIeFbzKbN%2B6pUOMx%2B9XrlJoJyPTJACOt9Nv6C%2Bb%2F5h6XDJZZ2ZeDoEKH55TlV11z6z1Q%2BeErBI74bM6tFvgDBtHEYiAO08%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790a3656d9b9b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ees.co.rw/css/style.css
172.67.129.93200 OK 16 kB IP 172.67.129.93:0
Hash 36e9f8bc5815db285c07f60428225a14
79fac8f897237b90b99239148cf73f4e52041b2b
eca36b2c7a9de41681fa70ebcae6dd54456dbce378a4a260a7f2f4db039a8fcb
GET /css/style.css HTTP/1.1
Host: ees.co.rw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ees.co.rw/
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 13:53:05 GMT
Content-Type: text/css
Content-Length: 16045
Connection: keep-alive
Last-Modified: Fri, 10 Jun 2022 21:23:48 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Gd59O70JRhN53AiWsVdfT07rkT9BC0x2I2cE0FGTuUs1VVoiunO8F78Prafkd%2F3UcZ9jlI8J9f04AF0MAEM8VmNf2iKibiZkWWp93eMIk0hUXEkch0e5XOsREU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790a3656d9e4b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ees.co.rw/plugins/jquery.min.js
172.67.129.93200 OK 33 kB URL HTTP/1.1 ees.co.rw/plugins/jquery.min.js
IP 172.67.129.93:0
File type ASCII text, with very long lines (32086), with CRLF line terminators
Hash bc6cba84ee5b4901e2f37c17dd8eb951
cbbf755cc8a499460fd53d30fe66714b035512f3
8aa246a8ea1d44a419e5f7611cc99895f36023571bef7416151f0b278d74938e
Analyzer Verdict Alert fortinet Phishing
GET /plugins/jquery.min.js HTTP/1.1
Host: ees.co.rw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ees.co.rw/
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 13:53:05 GMT
Content-Type: application/javascript
Content-Length: 33258
Connection: keep-alive
Last-Modified: Fri, 10 Jun 2022 21:23:32 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=egd3JbxCG%2FdIixyJ1ZwOMvs9cNUrjyvqnEH5oOg3esJiZj8iZy%2FV7OBVA4mqJG1gu4hX7ve2o8UF0QIMo57dmtt1wATJnt3wrtHE6MKwClxE89UJQG%2FM6JDg0K8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790a3656db3f1bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
push.services.mozilla.com/
34.216.140.79101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.216.140.79:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Dlw9SCNSgAlvS/PTsy1YQw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 6vj6hCeRpAmfsYN5SsXYJx2RV3Y=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7da8f9a23d8c05f64f248e4e3427c76e
e2d001c2909cd9403173cbb0e288d55fbc8e4d0a
db8790004124a0eeb0676860170ad9c37250b2ba697a27dee62c99b64c67b4b8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 13:53:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7da8f9a23d8c05f64f248e4e3427c76e
e2d001c2909cd9403173cbb0e288d55fbc8e4d0a
db8790004124a0eeb0676860170ad9c37250b2ba697a27dee62c99b64c67b4b8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 13:53:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7da8f9a23d8c05f64f248e4e3427c76e
e2d001c2909cd9403173cbb0e288d55fbc8e4d0a
db8790004124a0eeb0676860170ad9c37250b2ba697a27dee62c99b64c67b4b8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 13:53:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7da8f9a23d8c05f64f248e4e3427c76e
e2d001c2909cd9403173cbb0e288d55fbc8e4d0a
db8790004124a0eeb0676860170ad9c37250b2ba697a27dee62c99b64c67b4b8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 13:53:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7da8f9a23d8c05f64f248e4e3427c76e
e2d001c2909cd9403173cbb0e288d55fbc8e4d0a
db8790004124a0eeb0676860170ad9c37250b2ba697a27dee62c99b64c67b4b8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 13:53:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,800,800italic
142.250.74.106200 OK 1.5 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,800,800italic
IP 142.250.74.106:0
Hash bc3aa0876905d59517a0aa9e23ed36cc
97f3daa672c2b3a27771fd1be5d8ead1915559d0
52796dbd03ea6f88db0b4077cebbe523732beeacf0919c1438e2481e9ac5d46c
GET /css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,800,800italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ees.co.rw/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 28 Jan 2023 13:53:05 GMT
date: Sat, 28 Jan 2023 13:53:05 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ees.co.rw/OwlCarousel/dist/owl.carousel.min.js
172.67.129.93404 Not Found 238 B URL HTTP/1.1 ees.co.rw/OwlCarousel/dist/owl.carousel.min.js
IP 172.67.129.93:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f5945c4d5e4298d818d50d70865f2857
f35c3593933af2db1933093809ef78f45b9b7144
d2a3f46998410a6fa09375f2813da63aa04bbc6caae20e770da12530ba881b38
Analyzer Verdict Alert fortinet Phishing
GET /OwlCarousel/dist/owl.carousel.min.js HTTP/1.1
Host: ees.co.rw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ees.co.rw/
HTTP/1.1 404 Not Found
Date: Sat, 28 Jan 2023 13:53:05 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xdfaThdlUcy14m5lSRYkvLLBew5v%2BplsdKmd5b3%2FDXnyxE%2BjUi3ZVrgCrKCgF7SZUracFdCh3RGpytD3kHGKLpDbbF5E68oKX9x1anBEusw6DpMmuQI9uqCzElo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790a36591c66b4f3-OSL
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ees.co.rw/plugins/jquery.counterup.min.js
172.67.129.93200 OK 578 B URL HTTP/1.1 ees.co.rw/plugins/jquery.counterup.min.js
IP 172.67.129.93:0
File type ASCII text, with very long lines (917), with CRLF line terminators
Hash 306ea69c876201ec32a9562f18b9d673
96c0dfa4df03cd823476b46668ab47463c9169f3
2dadb57bba327dc006803a8ec08cf1d0e96f298b5cafaf2c3c9db12e3af96c4f
Analyzer Verdict Alert fortinet Phishing
GET /plugins/jquery.counterup.min.js HTTP/1.1
Host: ees.co.rw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ees.co.rw/
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 13:53:05 GMT
Content-Type: application/javascript
Content-Length: 578
Connection: keep-alive
Last-Modified: Fri, 10 Jun 2022 21:23:32 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TgIByIp9cOtJO6b0ad2MLJkRcTJXCRx2kN0GvfRFDZT5Y7QzDxyvbwVKmBb9ijHHpquxak2DSge%2F7cIpknwDO3CYtWvq%2B3tonUhK7oShabsNrpGvWsLBJE81F7Y%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790a3659294fb4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ees.co.rw/plugins/waypoints.min.js
172.67.129.93200 OK 2.6 kB URL HTTP/1.1 ees.co.rw/plugins/waypoints.min.js
IP 172.67.129.93:0
File type ASCII text, with very long lines (7808), with CRLF line terminators
Hash 7c232aa89b572823395d9dd3080b336c
4c3244bc4f9939024b2bc651a62fccdf143fd32a
68828f25ebdb78571f00f5ab43ff0a09def2ec2026f166e93bbfa542387540ef
Analyzer Verdict Alert fortinet Phishing
GET /plugins/waypoints.min.js HTTP/1.1
Host: ees.co.rw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ees.co.rw/
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 13:53:05 GMT
Content-Type: application/javascript
Content-Length: 2626
Connection: keep-alive
Last-Modified: Fri, 10 Jun 2022 21:23:32 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IQHdB7bpGIGKsg7BjD02q30PbQIsDqMvbSpUXjMzSold0bzk0C7uyuPHoWG6yf9VwXyzcd1MSa1h5%2B7IWequT1FYrSZU8FmGuscm4FoSAxyWU41CaXhoAALuRiA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790a36592ca5b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash cbe94bc7052911313fffd1cdad964a74
a96a6606f1d20baeeb4040c9ced3ba2f7bd1aada
430d90ac0a39038dbb5336cf29baf6786ac29491c5a8e4dcce04e93d9fceb5e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 13:53:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash cbe94bc7052911313fffd1cdad964a74
a96a6606f1d20baeeb4040c9ced3ba2f7bd1aada
430d90ac0a39038dbb5336cf29baf6786ac29491c5a8e4dcce04e93d9fceb5e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 13:53:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash cbe94bc7052911313fffd1cdad964a74
a96a6606f1d20baeeb4040c9ced3ba2f7bd1aada
430d90ac0a39038dbb5336cf29baf6786ac29491c5a8e4dcce04e93d9fceb5e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 13:53:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash cbe94bc7052911313fffd1cdad964a74
a96a6606f1d20baeeb4040c9ced3ba2f7bd1aada
430d90ac0a39038dbb5336cf29baf6786ac29491c5a8e4dcce04e93d9fceb5e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 13:53:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
216.58.207.227200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ees.co.rw
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 04:05:29 GMT
expires: Tue, 23 Jan 2024 04:05:29 GMT
cache-control: public, max-age=31536000
age: 467256
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash cbe94bc7052911313fffd1cdad964a74
a96a6606f1d20baeeb4040c9ced3ba2f7bd1aada
430d90ac0a39038dbb5336cf29baf6786ac29491c5a8e4dcce04e93d9fceb5e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 13:53:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
142.250.74.106200 OK 8.3 kB URL HTTP/2 fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
IP 142.250.74.106:0
Hash ca968d1c43eb0ba432ffc59e4c595d94
3b3119eda78707735390815f782e00ccce93784c
2340f88d6461e473f9fd5f30e862fbf70441054bbeb3f5c2d72e65bddc966584
GET /css?family=Poppins:300,400,500,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ees.co.rw/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 28 Jan 2023 13:53:05 GMT
date: Sat, 28 Jan 2023 13:53:05 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
216.58.207.227200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7840, version 1.0\012- data
Hash 8d91ec1ca2d8b56640a47117e313a3e9
a9e9bafe64666f4595051a0e895b47a5fa39e67e
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
GET /s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ees.co.rw
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 20:09:33 GMT
expires: Thu, 25 Jan 2024 20:09:33 GMT
cache-control: public, max-age=31536000
age: 236612
last-modified: Wed, 27 Apr 2022 16:51:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
216.58.207.227200 OK 8.0 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data
Hash 72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ees.co.rw
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 09:41:14 GMT
expires: Wed, 24 Jan 2024 09:41:14 GMT
cache-control: public, max-age=31536000
age: 360711
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
216.58.207.227200 OK 7.7 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Hash a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ees.co.rw
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 14:34:21 GMT
expires: Fri, 26 Jan 2024 14:34:21 GMT
cache-control: public, max-age=31536000
age: 170324
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ees.co.rw/plugins/theme.js
172.67.129.93200 OK 3.4 kB URL HTTP/1.1 ees.co.rw/plugins/theme.js
IP 172.67.129.93:0
File type ASCII text, with CRLF line terminators
Hash 05acbaed27b0a6fa12c269182c225dad
9b0d771045630b3710b5fcb3c5176c7604a18496
eeb98a5421b9d03372976bf7f3a5c9b81c2d1a01a34378bff18df55b1099f191
Analyzer Verdict Alert fortinet Phishing
GET /plugins/theme.js HTTP/1.1
Host: ees.co.rw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ees.co.rw/
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 13:53:05 GMT
Content-Type: application/javascript
Content-Length: 3419
Connection: keep-alive
Last-Modified: Fri, 10 Jun 2022 21:23:32 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A4LqPf%2FOq4PAEY%2FaaZdrri%2F8fAWtOmI0DkcqMte5oI6ZfSwHulJGsZCCYPMTNhtbzg4BSKZMhY3u%2FixzgxoYOP%2F4OZEG9pzXyVUXnVHImvPqX5%2Fibe%2Fo7iN3lig%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790a365a1d83b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash cbe94bc7052911313fffd1cdad964a74
a96a6606f1d20baeeb4040c9ced3ba2f7bd1aada
430d90ac0a39038dbb5336cf29baf6786ac29491c5a8e4dcce04e93d9fceb5e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 13:53:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ees.co.rw/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
172.67.129.93200 OK 77 kB URL HTTP/1.1 ees.co.rw/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 172.67.129.93:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Phishing
GET /font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: ees.co.rw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ees.co.rw/font-awesome/css/font-awesome.min.css
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 13:53:06 GMT
Content-Type: font/woff2
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 10 Jun 2022 21:23:42 GMT
Vary: Accept-Encoding,User-Agent
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d7gaoqDxyU5z0nOQEqq86DV044a81Di5sM9PcBLlY2eqxRlyq1ddYrfvP2qmHyzwFtVHKaZTspKarolcT6A2WcwhK%2B7CY9COlmYLPzeZb2Bdsqsghq16jsDPIQ0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790a365a2e4eb523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ees.co.rw/img/EES%20Logo.jpg
172.67.129.93200 OK 151 kB URL HTTP/1.1 ees.co.rw/img/EES%20Logo.jpg
IP 172.67.129.93:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 1080x1080, components 3\012- data
Size 151 kB (150905 bytes)
Hash 9905b2ad283e5d746788a12596299871
f54e1a0766b714320b3f8858944edad7a93c24ea
eeff83c38675f531d8b35952cd00e5e9698d8547679eac6d241adaf3dcd47b1d
GET /img/EES%20Logo.jpg HTTP/1.1
Host: ees.co.rw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ees.co.rw/
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 13:53:06 GMT
Content-Type: image/jpeg
Content-Length: 150905
Connection: keep-alive
Last-Modified: Fri, 10 Jun 2022 21:58:30 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gEfp6NuY9VQmNtDJYlXMYiAyvchIJXv8ng9lqzjEXOaQj6teGV3hpidIa6ZmajscTov%2FTIp92%2FfJlMoXuKL9kmX%2BY2WSnztUKbex0%2FZCve%2BRncouyzdy7ghsIJY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790a365a3e5e1bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ees.co.rw/img/slide.jpg
172.67.129.93200 OK 145 kB IP 172.67.129.93:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1024x683, components 3\012- data
Size 145 kB (145388 bytes)
Hash a4b3554618b761de5d43e0f0d898e9f6
d2ec3ea59e0f46413f914dc4415da117ca7c7e54
b79b86c8ce2270c864ce2733343d9da5bf3c4e8b5b00e792c627faa22fd5d20d
GET /img/slide.jpg HTTP/1.1
Host: ees.co.rw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ees.co.rw/
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 13:53:06 GMT
Content-Type: image/jpeg
Content-Length: 145388
Connection: keep-alive
Last-Modified: Tue, 02 Aug 2022 05:45:36 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BArOdElsFbKrWc6sZgLKsyuBgKWIPuEnYymLRoykNvteMCgz1uSzqm7VFkefmMErLxtsQ4EownTKfK8mCzitxab%2Fy6EMMb%2FpjjbgNMgmdMBKfFHZn2zRuBIM%2BHY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790a365c4867b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ees.co.rw/img/s1.PNG
172.67.129.93200 OK 193 kB IP 172.67.129.93:0
File type PNG image data, 953 x 293, 8-bit/color RGBA, non-interlaced\012- data
Size 193 kB (193142 bytes)
Hash cb4b0567f48ee18cedd3ee502fb9d80c
9e32acaee0cdea484eab0d8feb79657a7814661e
e4a9aa102d1741558a3f8c80d716a06d50741b636812031f57d27ef5db9459ed
Analyzer Verdict Alert fortinet Phishing
GET /img/s1.PNG HTTP/1.1
Host: ees.co.rw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ees.co.rw/
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 13:53:06 GMT
Content-Type: image/png
Content-Length: 193142
Connection: keep-alive
Last-Modified: Mon, 20 Jun 2022 11:54:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MofTJoI5OuikeUjs2UecihQPM8ldCCcpmwdoNo2Y30PWJaF7MHYmNkoq5K5F7CGKP%2FVo9Wi6PuVtoMwvRr2vgA3ZE6032IXkqhr%2BdDnx6TzS2R72dWp3HPHvZ1Q%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790a365b5f77b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ees.co.rw/img/highh.png
172.67.129.93200 OK 433 kB IP 172.67.129.93:0
File type PNG image data, 734 x 259, 8-bit/color RGBA, non-interlaced\012- data
Size 433 kB (432991 bytes)
Hash ac9371404b10fea8e7c67ad831f4bde6
6a9b6b5cb9cd1a30df3431dbe11eb46b90f74a02
a71bcd74c74404cde719339561e49db681dce51bec10c57e6f81f66caef83ec7
GET /img/highh.png HTTP/1.1
Host: ees.co.rw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ees.co.rw/
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 13:53:06 GMT
Content-Type: image/png
Content-Length: 432991
Connection: keep-alive
Last-Modified: Tue, 02 Aug 2022 01:53:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XFISq8wfgsz31aW7jirl2bHC1wroVALG8Llg67Ot%2BUATcWdKyeZFCnBOx7cTXggYmxD9EBCsJuRaIABsT0x%2FUmrtZ8ktDX0ByqAmmbjVimGqW0PDbhIhvvRofYI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790a365b5bf7b4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3893
Expires: Sat, 28 Jan 2023 14:57:59 GMT
Date: Sat, 28 Jan 2023 13:53:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3893
Expires: Sat, 28 Jan 2023 14:57:59 GMT
Date: Sat, 28 Jan 2023 13:53:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3893
Expires: Sat, 28 Jan 2023 14:57:59 GMT
Date: Sat, 28 Jan 2023 13:53:06 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ea24bcba583bd8bd139559448a343e68
b9d37c2b14f890d41983a59f352e8f7caa9c94bb
e5ef5975eec964ae1684deb424f00833f2d217bdc7e6c385320ed3adeb6bc1c4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7585
x-amzn-requestid: bfb52acb-e0d7-482d-8be9-be5db1c16cac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_vkE5roAMF0Hw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d44663-2d38d314177e0ac40d4c8240;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:47:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 1WE1zQwrCGVy8HLT9_BFkAr6rQE_ROyttMOByR32KeT0w2Hd_ylvYQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 22:16:00 GMT
age: 56226
etag: "b9d37c2b14f890d41983a59f352e8f7caa9c94bb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4205d8106659e00fff1cbe9262918b8c
ab4f6528594a1725934727dc7d834c028a79c609
31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4475
x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_e6HsaIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hAzO-IMqc1CFpiBAlRl8seIYL9UonyrBMATibovyFq5kEuaweY_VyA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:56:46 GMT
age: 57380
etag: "ab4f6528594a1725934727dc7d834c028a79c609"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fddac8c39-e94f-40c1-bf35-4a70c575efbe.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fddac8c39-e94f-40c1-bf35-4a70c575efbe.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6a40be482a56db1e4d48ba4a8cf515ba
da9c7255d5840c025526c6c24354750d9ba3a4ef
fa0bfe56b97ce5cf450e4799db2fe6d5645553b71d1e2bd928df0278a81a33c8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fddac8c39-e94f-40c1-bf35-4a70c575efbe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7819
x-amzn-requestid: b9c17e9a-8da5-4736-a8bc-ea430feaef8d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_diGfbIAMFX2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f0-695dd291002d9cc425df0edc;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RBvJ-kohSNIneW4uHfp0sGGhpKGkzDWt6RjDTqFkK_UJvH2Bq2N8Rg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 22:00:20 GMT
age: 57166
etag: "da9c7255d5840c025526c6c24354750d9ba3a4ef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cadb8fa-5527-46cd-92dd-6316ac84a7d5.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cadb8fa-5527-46cd-92dd-6316ac84a7d5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 57b73886cbbb719eda5f733c018eedfb
b84ed40973f8a0d3c10529e34f9466746cfdaf0c
4ba11c23e0bbd2aed53b04ad0b3d22161af1971ddcfb75ae55734de9a49af207
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cadb8fa-5527-46cd-92dd-6316ac84a7d5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7028
x-amzn-requestid: c1743fed-205a-431b-8648-474facde6d09
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa-CwFtboAMF9rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d443ab-5b94864c707c42fc36fbc63a;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 35sWCIsACAhQvXkJvBn0LGf2m9OTklgDprONw5CDUoXD97TUpJ9j5Q==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:55:35 GMT
age: 57451
etag: "b84ed40973f8a0d3c10529e34f9466746cfdaf0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 131eb343c5abd61939457d69bd371348
ffb2035cf64fc83f01db5c6f26ffa264b6aac95b
8486eb9dc6325018f8721bc6f37408f260b6e652b145280f2d778d860d3ec2d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7538
x-amzn-requestid: 113924cc-a196-4dbd-91d9-68c213265afe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3fobF-ZoAMFjjA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c61302-6b24941a642b22cf21e47dc0;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2P09wOtKPDHjxxAuzcLFMQJwmGN1zNJcH9LA6IJpeaGiaPVRF4y-TA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 05:20:03 GMT
age: 30783
etag: "ffb2035cf64fc83f01db5c6f26ffa264b6aac95b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fb39717-4b7d-45c4-b211-c2990bf99811.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fb39717-4b7d-45c4-b211-c2990bf99811.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3b5b797e164d0f2c91200829d1ec90f8
15a55176d8e55b6816acabae5c7cc3e4528648c9
16eb29148856512f556b22b86a153e54032caaf98dbf141119f8c126e009591f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fb39717-4b7d-45c4-b211-c2990bf99811.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7395
x-amzn-requestid: 166e5623-fc91-4b12-80c8-f5e1a762b387
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa-ELH3eIAMF56w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d443b4-439b5d2b67b9347d4d634d9d;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: L1BWTWAPsW5tfkJO0UBR4dKoW3_0Le7QhZLjBxtsY0fmf7cwEYWrMQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 22:01:09 GMT
age: 57117
etag: "15a55176d8e55b6816acabae5c7cc3e4528648c9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ees.co.rw/img/dq.jpg
172.67.129.93200 OK 9.8 kB IP 172.67.129.93:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x169, components 3\012- data
Hash 34b2701ac6cae3b2c8743b6e423d1e72
1aa41890ebee60cd2e155f18ee70027989fadd35
51b64ddc0fc6f3ac79dae10bacd93bd373e482bf4e3c6edc118f7502c907d289
GET /img/dq.jpg HTTP/1.1
Host: ees.co.rw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ees.co.rw/
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 13:53:06 GMT
Content-Type: image/jpeg
Content-Length: 9832
Connection: keep-alive
Last-Modified: Tue, 02 Aug 2022 02:30:54 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WYFj%2FcCewqaq8O%2BojQtXQgJUEyVJaJyi%2F43Ycav9MjKG8rrqN1hJRGiTbbzzqcQ2tQ6ubcEsz7kp2ymOUZohH7Aw1XpPTvw9CNqLpwWPFWnsLP%2BCl36Fmn4cdF0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790a3660fab5b4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ees.co.rw/img/m1.PNG
172.67.129.93200 OK 173 kB IP 172.67.129.93:0
File type PNG image data, 757 x 335, 8-bit/color RGBA, non-interlaced\012- data
Size 173 kB (172876 bytes)
Hash 752680c98dc902dc08dcf1b841137a78
92adcca9d496a98293cabb461c9c39a28fc89a04
6b7245da2917643c21ca11176ad8063a6c677eff0431dd1ae2ab68e8bd03c870
Analyzer Verdict Alert fortinet Phishing
GET /img/m1.PNG HTTP/1.1
Host: ees.co.rw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ees.co.rw/
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 13:53:06 GMT
Content-Type: image/png
Content-Length: 172876
Connection: keep-alive
Last-Modified: Wed, 22 Jun 2022 11:48:50 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JNs8aeoa9sQOvn9%2Fv9t8cQG1yRcT24aoSLwt7yGMfxF%2BqUsSjvN5W03eyWZJk6SDOQRHfbN24MOsMzaSaukuz3aV71YRkDlJ5IWD13swRxxtrnjwUu2%2FePI4rzM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790a365b4f15b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fonts.googleapis.com/css?family=Open+Sans|Roboto
142.250.74.106200 OK 273 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans|Roboto
IP 142.250.74.106:0
Size 273 kB (273197 bytes)
Hash 693e3d3b388490e355f8135a89f9b6d0
b9387ade83fd2613ac4a0c39132d5f49cdc72c32
89a78af8b3dcd141ea5d6d4c461e431353c0dcd548ae9bc2885c9857a46cb0ef
GET /css?family=Open+Sans|Roboto HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ees.co.rw/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 28 Jan 2023 13:53:05 GMT
date: Sat, 28 Jan 2023 13:53:05 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ees.co.rw/img/partner-logos/logo1.jpg
172.67.129.93200 OK 5.9 kB URL HTTP/1.1 ees.co.rw/img/partner-logos/logo1.jpg
IP 172.67.129.93:0
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 37x37, segment length 16, baseline, precision 8, 220x140, components 3\012- data
Hash 5c0f23c354814b89cc0c9cddc88f02c3
bfcc8e2f7e80bd8ffd202b8410dde4a32fee46b8
83483d5687c0c6c73335a6c6b34e006aa78bca865d15c288e6d734594a5c2736
GET /img/partner-logos/logo1.jpg HTTP/1.1
Host: ees.co.rw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ees.co.rw/
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 13:53:07 GMT
Content-Type: image/jpeg
Content-Length: 5907
Connection: keep-alive
Last-Modified: Fri, 10 Jun 2022 21:23:40 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kMe2EUxhfCI5vNrDZE3vB2tDEiXUjuZhZxbIjlbnCZQ4gIJBxa1thdOiOyVjjsklKOjLJBC2PzndH1fkUWWG2stRdDdV5n1gUTq%2BKji6vWVsnJBLX1i%2BW9IPpd4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790a3663087db4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ees.co.rw/img/c.jpg
172.67.129.93200 OK 27 kB IP 172.67.129.93:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 370x218, components 3\012- data
Hash bf289e1a8da89441e49aaa91f4c98e18
6013de2f36fd08d9c899d9862d2365751d519928
ae43bff2738c1cad91dc1c5c43c79c1089cb2b6e1d502e3d2fcadab65f898cc6
GET /img/c.jpg HTTP/1.1
Host: ees.co.rw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ees.co.rw/
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 13:53:07 GMT
Content-Type: image/jpeg
Content-Length: 27120
Connection: keep-alive
Last-Modified: Tue, 02 Aug 2022 02:43:10 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cd1gPRP23a4bAj%2BWO7SvTUxJJx%2FVoQRDURTcf%2B5W6mWDLZNVB6C08M7tc8MGfMV68ZokxLDSsWlf8IEC9U20jdvTx4zJBqR3p3oeQrllrn%2FQEhMeNb7ZtPuu%2F8Y%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790a36621c34b4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fonts.googleapis.com/css?family=Open+Sans|PT+Serif|Roboto
142.250.74.106200 OK 278 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans|PT+Serif|Roboto
IP 142.250.74.106:0
Size 278 kB (278465 bytes)
Hash e1739df6e0a6017a4b473b79549c8fc3
aae0c97ae74fc43a60be792a42a0ec30527afb2d
76de3b609dc2638fcb6ffcffb8f8394e4d80048fd3fe9f5662cde3c4886966ba
GET /css?family=Open+Sans|PT+Serif|Roboto HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ees.co.rw/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 28 Jan 2023 13:53:05 GMT
date: Sat, 28 Jan 2023 13:53:05 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ees.co.rw/img/partner-logos/logo2.jpg
172.67.129.93200 OK 4.6 kB URL HTTP/1.1 ees.co.rw/img/partner-logos/logo2.jpg
IP 172.67.129.93:0
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 37x37, segment length 16, baseline, precision 8, 221x146, components 3\012- data
Hash 1820d79dfa7937bc29f17e90b9c45b6b
c453c8cf8b0887711e58584860259527d4253409
28d750f519ad6072fd172d29b068c2a8f601547facf86783f33f195ba8a1500c
GET /img/partner-logos/logo2.jpg HTTP/1.1
Host: ees.co.rw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ees.co.rw/
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 13:53:07 GMT
Content-Type: image/jpeg
Content-Length: 4565
Connection: keep-alive
Last-Modified: Fri, 10 Jun 2022 21:23:40 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xzywHBknA%2F5Y6qVJfjqvHpxgN6%2BUG392ZBUkOXU%2FABWGZ%2BT5r%2BezzyFCf90EKPfC1Vzxk9NybpJr%2FmU5Q%2FFbiRpL7%2Bji9bYk%2FNXKvGMZAMBnvGiyu3G9y8OjKoI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790a36651f0c1bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ees.co.rw/img/partner-logos/logo6.jpg
172.67.129.93200 OK 8.7 kB URL HTTP/1.1 ees.co.rw/img/partner-logos/logo6.jpg
IP 172.67.129.93:0
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 37x37, segment length 16, baseline, precision 8, 220x134, components 3\012- data
Hash 2079b8ae16543442ff9c3877aaa5977b
5bf4505f79ebf7ae1c5882c018b9e15affeea8cf
2df6a7299901abd5cfbbcb42e17c0eeebea91ae428f16be48d1a90b0a2545f94
GET /img/partner-logos/logo6.jpg HTTP/1.1
Host: ees.co.rw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ees.co.rw/
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 13:53:07 GMT
Content-Type: image/jpeg
Content-Length: 8715
Connection: keep-alive
Last-Modified: Fri, 10 Jun 2022 21:23:40 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nmbylpg80BX4v2YatUOP3X%2BChuxByO6bTXc8eqdoEuJopjxusUHhzcJ%2F6fbE7WlkfnWTgZLuHekHWdtyOGpVKE%2BizY3avxtmCgGF52o6VB5%2F7gSkXBwVLHz0U08%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790a36653b58b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ees.co.rw/img/partner-logos/logo7.jpg
172.67.129.93200 OK 7.9 kB URL HTTP/1.1 ees.co.rw/img/partner-logos/logo7.jpg
IP 172.67.129.93:0
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 37x37, segment length 16, baseline, precision 8, 217x140, components 3\012- data
Hash 63ae610232c5fd486ce2e2851b88cc5c
8e0f3f9f30b66754357cda95cbe89d5a954a5b9b
ab63c856cb43d9985a32298e0df40679fd52c4acbc64930357cea52f69a60af0
GET /img/partner-logos/logo7.jpg HTTP/1.1
Host: ees.co.rw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ees.co.rw/
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 13:53:07 GMT
Content-Type: image/jpeg
Content-Length: 7910
Connection: keep-alive
Last-Modified: Fri, 10 Jun 2022 21:23:40 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wekHa9EeaJQJM1JlJjqd%2Fg6R%2FOak9aFYaG7fY7LbNNk0SWU44OcOgyAz58GJO7UwDQHWe62ka%2FGv0y4m%2FNFOj3OGWjEi%2Bkk6jBraoEFeN8%2B1o9UZwBTUydqAwLc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790a366568b8b4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ees.co.rw/img/partner-logos/logo4.jpg
172.67.129.93200 OK 7.3 kB URL HTTP/1.1 ees.co.rw/img/partner-logos/logo4.jpg
IP 172.67.129.93:0
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 37x37, segment length 16, baseline, precision 8, 225x152, components 3\012- data
Hash 625dc4e38dc8cc14b63074705fb9651c
cdeff3ee153fe764dffd9249896bb66e11a44af0
59d3bca8da1984b1faccdf9564949852bc409d8ac1fb58101e8b10eeebe277ae
GET /img/partner-logos/logo4.jpg HTTP/1.1
Host: ees.co.rw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ees.co.rw/
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 13:53:07 GMT
Content-Type: image/jpeg
Content-Length: 7289
Connection: keep-alive
Last-Modified: Fri, 10 Jun 2022 21:23:40 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VgNep4%2FsgthhQL9xlUKmArpvkh4BfPZBT1qMcdGHseSoerSKGi9X0PxkVj%2B7b1E8LAWAdD1qbLbMnKukkfJbNtJE6%2FZ%2Bkued0KbyyRDlX1ZmmLuoe7Pbun1iHz8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790a366758fc1bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ees.co.rw/img/partner-logos/logo3.jpg
172.67.129.93200 OK 10 kB URL HTTP/1.1 ees.co.rw/img/partner-logos/logo3.jpg
IP 172.67.129.93:0
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 37x37, segment length 16, baseline, precision 8, 207x150, components 3\012- data
Hash 055fadc83dbdde0c75fccf8833ed9f15
724225a4ae6d52a93dcc29c1e0cd13c56501033d
ebf4e9aa54ee0cca754b46b112ae618c9a22fecabb1d3d68b3e41eaaa5145c21
GET /img/partner-logos/logo3.jpg HTTP/1.1
Host: ees.co.rw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ees.co.rw/
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 13:53:08 GMT
Content-Type: image/jpeg
Content-Length: 10538
Connection: keep-alive
Last-Modified: Fri, 10 Jun 2022 21:23:40 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IcSo5LRDkbiYeoucGv56cmMTff4Uhnl0l5Lg2BU5Dc14Zmqdiix8gVj42mS2bzkeUqtiIPjJ1Awe2ERykDMRi6IlYaHqtjB4gf%2BWDQ2Q814QN9tFMKPI7phi1hY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790a36675e71b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ees.co.rw/img/partner-logos/logo5.jpg
172.67.129.93200 OK 4.4 kB URL HTTP/1.1 ees.co.rw/img/partner-logos/logo5.jpg
IP 172.67.129.93:0
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 37x37, segment length 16, baseline, precision 8, 221x141, components 3\012- data
Hash 70e065cc5f8d2d8b9f3f218550dc05b7
ba60114ac1a0ba0222f701ea775aeadec86d4101
bcbbbec966ca31c327ebc1ed433133baa1f43aa2ac0bd8975866f620410e52ec
GET /img/partner-logos/logo5.jpg HTTP/1.1
Host: ees.co.rw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ees.co.rw/
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 13:53:08 GMT
Content-Type: image/jpeg
Content-Length: 4351
Connection: keep-alive
Last-Modified: Fri, 10 Jun 2022 21:23:40 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N4atEoLY3liXGsO4u%2F%2B24LMSTCEOWhrFKU5N8dWSjTYuLKPFwPC2IYAgufp1554983UX82FPQfF%2FcRr8lzRAogN34gdIQN55NbFoXci7Wp0uQRvwkK7H34sPlVE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790a36677e9bb4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ees.co.rw/img/slide2.jpg
172.67.129.93200 OK 120 kB IP 172.67.129.93:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1024x576, components 3\012- data
Size 120 kB (120291 bytes)
Hash 2ee59d826486e7976bc9052ed6a45cd5
1785448bcc75b6b014e6271bce96cf15987f7fdb
33a2ee351762cca66eaaf17300a7f20e57691611f1f303a7efd88027480011a7
GET /img/slide2.jpg HTTP/1.1
Host: ees.co.rw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ees.co.rw/
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 13:53:07 GMT
Content-Type: image/jpeg
Content-Length: 120291
Connection: keep-alive
Last-Modified: Tue, 02 Aug 2022 01:36:08 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FAMBsPx8k6PKrvstboxMU39XsEzv3NVQchqqysWs8uj7Atv94dy0lUvhgZ9%2BGIf1bzABIo5vG5MZljbWAss%2BdjwxZ2OytAnCyeAFa4Y1E1bxaQbFjlM156kscE8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790a365e8c3ab523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ees.co.rw/favicon.ico
172.67.129.93404 Not Found 238 B IP 172.67.129.93:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f5945c4d5e4298d818d50d70865f2857
f35c3593933af2db1933093809ef78f45b9b7144
d2a3f46998410a6fa09375f2813da63aa04bbc6caae20e770da12530ba881b38
GET /favicon.ico HTTP/1.1
Host: ees.co.rw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ees.co.rw/
HTTP/1.1 404 Not Found
Date: Sat, 28 Jan 2023 13:53:08 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3f6fXerKEXnZWxpA6hZK1ysRMIcxLf8CdTdev%2FdSN%2FsarpWA3zP9T69tb6cNEf3ItZovTqoFTRhX%2FmX%2FwFIQ4QNF2Z2qYi9xVnNpDV6zNHjwO6zHfoJq95pBAUs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790a366a8b531bfa-OSL
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ees.co.rw/apple-touch-icon.png
172.67.129.93404 Not Found 238 B URL HTTP/1.1 ees.co.rw/apple-touch-icon.png
IP 172.67.129.93:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f5945c4d5e4298d818d50d70865f2857
f35c3593933af2db1933093809ef78f45b9b7144
d2a3f46998410a6fa09375f2813da63aa04bbc6caae20e770da12530ba881b38
GET /apple-touch-icon.png HTTP/1.1
Host: ees.co.rw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ees.co.rw/
HTTP/1.1 404 Not Found
Date: Sat, 28 Jan 2023 13:53:08 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5OUnT%2BOoBE3Xe8UizWCKRwl%2BUqit0p6wf%2B7511rMCDXEqbjsXfNuN3mKXn8eqlRw0x0uD%2BmjVn%2BOGdHEydw99YqjPLH1pZ%2Bc1YaZXptkAijls2sllo8j18QCQkQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790a366a8f62b4f9-OSL
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fonts.googleapis.com/css?family=Open+Sans|PT+Serif|Raleway:400,600,700,800|Roboto:400,700,900
142.250.74.106200 OK 326 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans|PT+Serif|Raleway:400,600,700,800|Roboto:400,700,900
IP 142.250.74.106:0
Size 326 kB (326467 bytes)
Hash 1500e48ca171fa3d5df9e314ff3a6f49
6d9f51052375ec4055f87eee389622cd8373a855
220c81dcaeb2132c47fe5bfe3c078d2b0de5ace2d202c399e5d0ddf43f7a2984
GET /css?family=Open+Sans|PT+Serif|Raleway:400,600,700,800|Roboto:400,700,900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ees.co.rw/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 28 Jan 2023 13:53:05 GMT
date: Sat, 28 Jan 2023 13:53:05 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2