ee-helpdesk.com/login.php?sessionid=10bf437861701960d2d6d1b5ef9054f5
45.141.59.16302 Found 6.2 kB URL HTTP/1.1 ee-helpdesk.com/login.php?sessionid=10bf437861701960d2d6d1b5ef9054f5
IP 45.141.59.16:0
ASN #213373 IP Connect Inc
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (2379), with CRLF line terminators
Hash b23b9dc23fa671bfde45a6b1a1bd5767
8a4ee78c3a1a421a5aefdbdaed913043619d7179
9d723b2632ddd59df1e723f11043186d8b2fd0569a1213766e1aaeaaea98c638
Analyzer Verdict Alert fortinet Phishing
GET /login.php?sessionid=10bf437861701960d2d6d1b5ef9054f5 HTTP/1.1
Host: ee-helpdesk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
set-cookie: PHPSESSID=2d0883c9b9ba0998aa188c6f4a4ac982; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
location: index.php
content-type: text/html; charset=UTF-8
content-length: 6209
content-encoding: gzip
vary: Accept-Encoding
date: Wed, 26 Oct 2022 09:34:34 GMT
server: LiteSpeed
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b3537658770790ad6cf0d727f0c0acd2
8365cadda05ef27b2ebd627d545e31886b512bde
df992311f130f15459739841de925c7eec2604d5a68ca6b2a67b6dc8d229212c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF992311F130F15459739841DE925C7EEC2604D5A68CA6B2A67B6DC8D229212C"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6187
Expires: Wed, 26 Oct 2022 11:17:41 GMT
Date: Wed, 26 Oct 2022 09:34:34 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c2bba4cad162918b17858b60e909e4d9
d9a1d4f7fb7635ab233ebbf776e6de1a2857032b
3a1d27ec3d034d6326b32f6054b6be46079a86a33e75d5a2a3796a0c4c5eadab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5388
Cache-Control: max-age=91585
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 09:34:34 GMT
Etag: "6357acdf-1d7"
Expires: Thu, 27 Oct 2022 11:00:59 GMT
Last-Modified: Tue, 25 Oct 2022 09:31:11 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c2bba4cad162918b17858b60e909e4d9
d9a1d4f7fb7635ab233ebbf776e6de1a2857032b
3a1d27ec3d034d6326b32f6054b6be46079a86a33e75d5a2a3796a0c4c5eadab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3608
Cache-Control: max-age=89805
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 09:34:34 GMT
Etag: "6357acdf-1d7"
Expires: Thu, 27 Oct 2022 10:31:19 GMT
Last-Modified: Tue, 25 Oct 2022 09:31:11 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8db408c487f7d35bba323046736e8d3a
01b91e2dce7c6d3de9adfe6ff4d38f9b24ab7db0
9aeafc72c1a969243e1fc96f68ce18888034a749ee70582208bf814bd40b61a5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9AEAFC72C1A969243E1FC96F68CE18888034A749EE70582208BF814BD40B61A5"
Last-Modified: Tue, 25 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6604
Expires: Wed, 26 Oct 2022 11:24:38 GMT
Date: Wed, 26 Oct 2022 09:34:34 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: u0cQ8AwHV8o6FXZtKAw/jGL9d1/H0XMy+6v3yBGm/ZTDFJsgmxQeFZzoTPX571LjrsyGdSjJQG4=
x-amz-request-id: CCGCV27S2P0KMPNX
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 26 Oct 2022 08:39:08 GMT
age: 3326
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 09:34:34 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ee-helpdesk.com/index.php
45.141.59.16302 Found 0 B URL HTTP/1.1 ee-helpdesk.com/index.php
IP 45.141.59.16:0
ASN #213373 IP Connect Inc
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /index.php HTTP/1.1
Host: ee-helpdesk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: PHPSESSID=2d0883c9b9ba0998aa188c6f4a4ac982
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
location: login.php?sessionid=35b0bce9d250429df012c0426f88d0bd
content-type: text/html; charset=UTF-8
content-length: 0
date: Wed, 26 Oct 2022 09:34:34 GMT
server: LiteSpeed
ee-helpdesk.com/login.php?sessionid=35b0bce9d250429df012c0426f88d0bd
45.141.59.16200 OK 6.2 kB URL HTTP/1.1 ee-helpdesk.com/login.php?sessionid=35b0bce9d250429df012c0426f88d0bd
IP 45.141.59.16:0
ASN #213373 IP Connect Inc
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (2379), with CRLF line terminators
Hash 28693675d5fdcb7da281d8d27aaf48da
5b68fbce0d25c6a784d50c718325d7189afc9425
4a77495f4799137a29338197e34beeb0b6d371a89e8433658a7a186bdba81948
Analyzer Verdict Alert fortinet Phishing
GET /login.php?sessionid=35b0bce9d250429df012c0426f88d0bd HTTP/1.1
Host: ee-helpdesk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: PHPSESSID=2d0883c9b9ba0998aa188c6f4a4ac982
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-length: 6236
content-encoding: gzip
vary: Accept-Encoding
date: Wed, 26 Oct 2022 09:34:35 GMT
server: LiteSpeed
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 65510aedd1a67f63a74f0de49818efd4
565e20c6757bfedfb32091dad5842a26e1de3d71
db85f5a4a38880cf98a0bdae8b7ed47840716a63a2e10397191a10463b6d93be
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5863
Cache-Control: max-age=127688
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 09:34:35 GMT
Etag: "6358380c-116"
Expires: Thu, 27 Oct 2022 21:02:43 GMT
Last-Modified: Tue, 25 Oct 2022 19:25:00 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 65510aedd1a67f63a74f0de49818efd4
565e20c6757bfedfb32091dad5842a26e1de3d71
db85f5a4a38880cf98a0bdae8b7ed47840716a63a2e10397191a10463b6d93be
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3607
Cache-Control: max-age=125432
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 09:34:35 GMT
Etag: "6358380c-116"
Expires: Thu, 27 Oct 2022 20:25:07 GMT
Last-Modified: Tue, 25 Oct 2022 19:25:00 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 278
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
104.17.24.14200 OK 5.6 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (30837)
Hash 109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ee-helpdesk.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 26 Oct 2022 09:34:35 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 581317
expires: Mon, 16 Oct 2023 09:34:35 GMT
accept-ranges: bytes
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7602326f2eb7b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 518ff04fd536958e285cf07aaf4a2786
fa5dad2391c2a9957340bd629f0462db4f412a5c
608c78964412d5dc7025e9cbfaef345d448a29eae0f11257c49a41f274917b9a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6508
Cache-Control: max-age=87641
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 09:34:35 GMT
Etag: "63579918-1d7"
Expires: Thu, 27 Oct 2022 09:55:16 GMT
Last-Modified: Tue, 25 Oct 2022 08:06:48 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
ee-helpdesk.com/js/jquery-3.2.1.min.js
45.141.59.16200 OK 30 kB URL HTTP/1.1 ee-helpdesk.com/js/jquery-3.2.1.min.js
IP 45.141.59.16:0
ASN #213373 IP Connect Inc
File type ASCII text, with very long lines (32058)
Hash 2b9c3a55026fa687fa8add847adc9703
f2d759f36127a585a1353362fc0888eb5ccc38f8
5a2a26016574209924c64a06714a35f93eb82a215bb635a98706e3421e5e305d
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery-3.2.1.min.js HTTP/1.1
Host: ee-helpdesk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ee-helpdesk.com/login.php?sessionid=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=2d0883c9b9ba0998aa188c6f4a4ac982
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 02 Nov 2022 09:34:35 GMT
content-type: application/javascript
last-modified: Mon, 24 Oct 2022 17:26:47 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 30229
date: Wed, 26 Oct 2022 09:34:35 GMT
server: LiteSpeed
ee-helpdesk.com/css/login.1e1767e.min.css
45.141.59.16200 OK 11 kB URL HTTP/1.1 ee-helpdesk.com/css/login.1e1767e.min.css
IP 45.141.59.16:0
ASN #213373 IP Connect Inc
File type ASCII text, with very long lines (423), with CRLF line terminators
Hash be027ba0266ddb6f1b497df5ad435856
4b5bacce6fb2b59c96e20f989d466c38a37e0248
63837e4066e2bc5a6efd254e1d6bce17063a24731500ab499efaa662c686fdea
GET /css/login.1e1767e.min.css HTTP/1.1
Host: ee-helpdesk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ee-helpdesk.com/login.php?sessionid=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=2d0883c9b9ba0998aa188c6f4a4ac982
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 02 Nov 2022 09:34:35 GMT
content-type: text/css
last-modified: Mon, 24 Oct 2022 17:25:29 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 10685
date: Wed, 26 Oct 2022 09:34:35 GMT
server: LiteSpeed
ee-helpdesk.com/css/clientlibs_meganav.min.css
45.141.59.16200 OK 11 kB URL HTTP/1.1 ee-helpdesk.com/css/clientlibs_meganav.min.css
IP 45.141.59.16:0
ASN #213373 IP Connect Inc
File type ASCII text, with very long lines (937), with CRLF line terminators
Hash b1a7f9968dfc85ef6b9e8a7e7d07b7f3
23b4b40e5276effc21603eabfbbb8e6eca666bb4
942f53160af6ff0510a31a3ebbf85f0e6a16ae2c4def86368d6b22efe976f95b
GET /css/clientlibs_meganav.min.css HTTP/1.1
Host: ee-helpdesk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ee-helpdesk.com/login.php?sessionid=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=2d0883c9b9ba0998aa188c6f4a4ac982
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 02 Nov 2022 09:34:35 GMT
content-type: text/css
last-modified: Mon, 24 Oct 2022 17:25:30 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 10757
date: Wed, 26 Oct 2022 09:34:35 GMT
server: LiteSpeed
ee-helpdesk.com/js/jquery.validate.js
45.141.59.16200 OK 13 kB URL HTTP/1.1 ee-helpdesk.com/js/jquery.validate.js
IP 45.141.59.16:0
ASN #213373 IP Connect Inc
File type Unicode text, UTF-8 text, with very long lines (511)
Hash 38529838a84d4134e2a58cffaa5e9514
628467bf882dcda2f7cd9d1992e340b1b3983e71
9bda00674b9fdb7fb794fa60e8c9b9ecbaef530c519a2e28dbc14ddfb46dd7cc
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery.validate.js HTTP/1.1
Host: ee-helpdesk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ee-helpdesk.com/login.php?sessionid=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=2d0883c9b9ba0998aa188c6f4a4ac982
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 02 Nov 2022 09:34:35 GMT
content-type: application/javascript
last-modified: Mon, 24 Oct 2022 17:26:47 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 12787
date: Wed, 26 Oct 2022 09:34:35 GMT
server: LiteSpeed
ee-helpdesk.com/js/jquery.mask.js
45.141.59.16200 OK 5.4 kB URL HTTP/1.1 ee-helpdesk.com/js/jquery.mask.js
IP 45.141.59.16:0
ASN #213373 IP Connect Inc
File type ASCII text, with CRLF line terminators
Hash fa417c38bf1214e57c5610772a2b8861
1ece4413135ec1f1f196aaf0c11ed33f23499e80
60931f965acfe90351f9e41c747a824c68431b378c18e89fcdb90efa8d33b24a
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery.mask.js HTTP/1.1
Host: ee-helpdesk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ee-helpdesk.com/login.php?sessionid=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=2d0883c9b9ba0998aa188c6f4a4ac982
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 02 Nov 2022 09:34:35 GMT
content-type: application/javascript
last-modified: Mon, 24 Oct 2022 17:26:47 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 5427
date: Wed, 26 Oct 2022 09:34:35 GMT
server: LiteSpeed
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 19132f29a8811a10f90eca2d81e5deb8
3b9e0bbf9f40f46b57dad5567b008e58b5770565
708aeab241760b108d60c1462b1979e59cf473242222e9270705ba70642b04f6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 09:34:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.4/jquery.validate.min.js
104.17.24.14200 OK 7.0 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.4/jquery.validate.min.js
IP 104.17.24.14:0
File type Unicode text, UTF-8 text, with very long lines (24350)
Hash 2ea08661494600f2b846f2f2a0edf928
23dd30df766a846db627a3209b5d89d3bbb9a36a
aa22efaecb862cd85da8683a5ab6a4ebcb3a58a83e9709e87e41b3668ce3a05b
GET /ajax/libs/jquery-validate/1.19.4/jquery.validate.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ee-helpdesk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 26 Oct 2022 09:34:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 6982
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "62866b7a-1b46"
last-modified: Thu, 19 May 2022 16:08:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 12215776
expires: Mon, 16 Oct 2023 09:34:35 GMT
accept-ranges: bytes
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7602326f5eecb51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 65510aedd1a67f63a74f0de49818efd4
565e20c6757bfedfb32091dad5842a26e1de3d71
db85f5a4a38880cf98a0bdae8b7ed47840716a63a2e10397191a10463b6d93be
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3607
Cache-Control: max-age=125432
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 09:34:35 GMT
Etag: "6358380c-116"
Expires: Thu, 27 Oct 2022 20:25:07 GMT
Last-Modified: Tue, 25 Oct 2022 19:25:00 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 278
ee-helpdesk.com/js/inputmask.min.js
45.141.59.16200 OK 8.6 kB URL HTTP/1.1 ee-helpdesk.com/js/inputmask.min.js
IP 45.141.59.16:0
ASN #213373 IP Connect Inc
File type ASCII text, with very long lines (20001), with no line terminators
Hash 895976241713f2aa9bfd76f512cc5177
01006faa422098d4599e307de794019151b11027
01806391b34b9ebabec30b04f3dd60d25065bbdf0b37b691dd9492059db542f2
Analyzer Verdict Alert fortinet Phishing
GET /js/inputmask.min.js HTTP/1.1
Host: ee-helpdesk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ee-helpdesk.com/login.php?sessionid=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=2d0883c9b9ba0998aa188c6f4a4ac982
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 02 Nov 2022 09:34:35 GMT
content-type: application/javascript
last-modified: Mon, 24 Oct 2022 17:26:47 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 8575
date: Wed, 26 Oct 2022 09:34:35 GMT
server: LiteSpeed
ee-helpdesk.com/css/main.1e1767e.min.css
45.141.59.16200 OK 32 kB URL HTTP/1.1 ee-helpdesk.com/css/main.1e1767e.min.css
IP 45.141.59.16:0
ASN #213373 IP Connect Inc
File type ASCII text, with very long lines (51865), with CRLF line terminators
Hash dacee3ef18692d1a8701df321eb91983
59202cf17f5a9116e3101b6f2728f628e161535e
19dfed8455088f4b0ef34a956b434b5801d4c2750237ab1298e3b81c7a5187d5
GET /css/main.1e1767e.min.css HTTP/1.1
Host: ee-helpdesk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ee-helpdesk.com/login.php?sessionid=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=2d0883c9b9ba0998aa188c6f4a4ac982
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 02 Nov 2022 09:34:35 GMT
content-type: text/css
last-modified: Mon, 24 Oct 2022 17:25:30 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 31574
date: Wed, 26 Oct 2022 09:34:35 GMT
server: LiteSpeed
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
142.250.74.106200 OK 31 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 142.250.74.106:0
File type ASCII text, with very long lines (65451)
Hash 903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ee-helpdesk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 22 Oct 2022 20:15:10 GMT
expires: Sun, 22 Oct 2023 20:15:10 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
age: 307165
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 19132f29a8811a10f90eca2d81e5deb8
3b9e0bbf9f40f46b57dad5567b008e58b5770565
708aeab241760b108d60c1462b1979e59cf473242222e9270705ba70642b04f6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 09:34:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 435e85353937b871a7d8ea3da4f1fc89
02573caa664376e532127a5a269a59982ef1c69c
1eb797d1601b1a70fb8c97513ad1284120f51bea61be95834601e861ab82829b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=104388
Date: Wed, 26 Oct 2022 09:34:35 GMT
Etag: "6357db3e-1d7"
Expires: Thu, 27 Oct 2022 14:34:23 GMT
Last-Modified: Tue, 25 Oct 2022 12:49:02 GMT
Server: ECS (nyb/1D0B)
X-Cache: Miss from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: tlFRTcl6iVmTlgPDoO6Kj2XRAmrDxWQongd7MkZEc2K_FYTsyUvACA==
Age: 6321
push.services.mozilla.com/
54.187.102.159101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.187.102.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: KMyDaRscu3VGl8+nRJ0O5A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: XmYBOnEiQAB/VzKxnrbWz7lL544=
ee-dtp-static.s3.amazonaws.com/prod/css/clientlibs_myee.min.css
52.217.69.28200 OK 187 kB URL HTTP/1.1 ee-dtp-static.s3.amazonaws.com/prod/css/clientlibs_myee.min.css
IP 52.217.69.28:0
File type ASCII text, with very long lines (349)
Size 187 kB (187065 bytes)
Hash 13475e875670c5bbb6ffb086ffc17514
1b6b30e04a6b202cbdeb702d6255486fd010843d
094680d16cf39187e3edb36b5405fc502934223a92830a0bb125fe411b08728d
GET /prod/css/clientlibs_myee.min.css HTTP/1.1
Host: ee-dtp-static.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ee-helpdesk.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: XOTXdA8mMJblOu2xEYAoykAevvcZicjxyRqXOVgFh+FZzEYDKk8ulervYR27JeaO5MWMeO9vADc=
x-amz-request-id: XBR8Q3CXK8G6V2ZQ
Date: Wed, 26 Oct 2022 09:34:36 GMT
Last-Modified: Tue, 24 Aug 2021 12:11:08 GMT
ETag: "13475e875670c5bbb6ffb086ffc17514"
x-amz-version-id: qbHf_153ZUcp5KfrEPOpU3DRB90sgpwY
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Content-Length: 187065
ee-helpdesk.com/fonts/rubrik_regular.woff
45.141.59.16200 OK 32 kB URL HTTP/1.1 ee-helpdesk.com/fonts/rubrik_regular.woff
IP 45.141.59.16:0
ASN #213373 IP Connect Inc
File type Web Open Font Format, TrueType, length 32224, version 1.0\012- data
Hash 089b68fbe51043d85c0027efff60aca2
4e25eca27452c882c20e1ab37d9f1285726ca5b7
717f88116eeb521c6f62d2507b1df5331a3422cfe73126c2675382b5540cf57f
Analyzer Verdict Alert fortinet Phishing
GET /fonts/rubrik_regular.woff HTTP/1.1
Host: ee-helpdesk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ee-helpdesk.com/css/login.1e1767e.min.css
Cookie: PHPSESSID=2d0883c9b9ba0998aa188c6f4a4ac982
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 02 Nov 2022 09:34:36 GMT
content-type: font/woff
last-modified: Mon, 24 Oct 2022 17:25:47 GMT
accept-ranges: bytes
content-length: 32224
date: Wed, 26 Oct 2022 09:34:36 GMT
server: LiteSpeed
ee-helpdesk.com/fonts/rubrik_semibold.woff
45.141.59.16200 OK 33 kB URL HTTP/1.1 ee-helpdesk.com/fonts/rubrik_semibold.woff
IP 45.141.59.16:0
ASN #213373 IP Connect Inc
File type Web Open Font Format, TrueType, length 33016, version 1.0\012- data
Hash 9bab90fef9341ee639d18c06e7799825
f67fdb4a053368dede02a0ef7abf2f0bc743ad3a
92570d2534fc4d673622e3881535a6dc39213c9f6ff05903ec90a8381b1a2ffe
Analyzer Verdict Alert fortinet Phishing
GET /fonts/rubrik_semibold.woff HTTP/1.1
Host: ee-helpdesk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ee-helpdesk.com/css/login.1e1767e.min.css
Cookie: PHPSESSID=2d0883c9b9ba0998aa188c6f4a4ac982
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 02 Nov 2022 09:34:36 GMT
content-type: font/woff
last-modified: Mon, 24 Oct 2022 17:25:48 GMT
accept-ranges: bytes
content-length: 33016
date: Wed, 26 Oct 2022 09:34:36 GMT
server: LiteSpeed
ee-helpdesk.com/fonts/nobblee_light.woff
45.141.59.16200 OK 32 kB URL HTTP/1.1 ee-helpdesk.com/fonts/nobblee_light.woff
IP 45.141.59.16:0
ASN #213373 IP Connect Inc
File type Web Open Font Format, TrueType, length 32272, version 1.0\012- data
Hash 3be441e45fd1c9c05288a83484f154d8
4b5eca1227ecab5a5a262792909d38271795a2f3
a2b35cb11e44fb935099d43e70a5a61c3e4af9769b48c3ff27778c359052ab78
Analyzer Verdict Alert fortinet Phishing
GET /fonts/nobblee_light.woff HTTP/1.1
Host: ee-helpdesk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ee-helpdesk.com/css/main.1e1767e.min.css
Cookie: PHPSESSID=2d0883c9b9ba0998aa188c6f4a4ac982
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 02 Nov 2022 09:34:36 GMT
content-type: font/woff
last-modified: Mon, 24 Oct 2022 17:25:47 GMT
accept-ranges: bytes
content-length: 32272
date: Wed, 26 Oct 2022 09:34:36 GMT
server: LiteSpeed
ee-helpdesk.com/fonts/rubrik_light.woff
45.141.59.16200 OK 32 kB URL HTTP/1.1 ee-helpdesk.com/fonts/rubrik_light.woff
IP 45.141.59.16:0
ASN #213373 IP Connect Inc
File type Web Open Font Format, TrueType, length 31860, version 1.0\012- data
Hash 76dfdd96d026bf3b4c1f457fe340c1a9
0ca6a34b789996a9c55f2a6460e953317b7a60df
1af05253947be88483e3340c3f971b3c0a6830a71851b9d3e5f3de83a89005f1
Analyzer Verdict Alert fortinet Phishing
GET /fonts/rubrik_light.woff HTTP/1.1
Host: ee-helpdesk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ee-helpdesk.com/css/login.1e1767e.min.css
Cookie: PHPSESSID=2d0883c9b9ba0998aa188c6f4a4ac982
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 02 Nov 2022 09:34:36 GMT
content-type: font/woff
last-modified: Mon, 24 Oct 2022 17:25:47 GMT
accept-ranges: bytes
content-length: 31860
date: Wed, 26 Oct 2022 09:34:36 GMT
server: LiteSpeed
ee-helpdesk.com/fonts/nobblee_regular.woff
45.141.59.16200 OK 48 kB URL HTTP/1.1 ee-helpdesk.com/fonts/nobblee_regular.woff
IP 45.141.59.16:0
ASN #213373 IP Connect Inc
File type Web Open Font Format, TrueType, length 48360, version 1.0\012- data
Hash ffa7ba568e6d02cbaa04563bc1ff0a0c
7612873f9370e21fd36e6a3d83373db47e760d29
59a88d64e191e0adfd848a14cd3be24ac3dbbc4c2d888bb20c6e768d7ae59514
Analyzer Verdict Alert fortinet Phishing
GET /fonts/nobblee_regular.woff HTTP/1.1
Host: ee-helpdesk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ee-helpdesk.com/css/main.1e1767e.min.css
Cookie: PHPSESSID=2d0883c9b9ba0998aa188c6f4a4ac982
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 02 Nov 2022 09:34:36 GMT
content-type: font/woff
last-modified: Mon, 24 Oct 2022 17:25:47 GMT
accept-ranges: bytes
content-length: 48360
date: Wed, 26 Oct 2022 09:34:36 GMT
server: LiteSpeed
ee-helpdesk.com/fonts/ee-icons.woff
45.141.59.16200 OK 48 kB URL HTTP/1.1 ee-helpdesk.com/fonts/ee-icons.woff
IP 45.141.59.16:0
ASN #213373 IP Connect Inc
File type Web Open Font Format, TrueType, length 48388, version 1.0\012- data
Hash 721c8affd502ae9282e4595af720d799
abd111280610d302cf980a6e8d8799fafe7e8ed0
da4cc80a79084aaf4e6edd60228913b0244dec63332d25b36c076632619b19ed
Analyzer Verdict Alert fortinet Phishing
GET /fonts/ee-icons.woff HTTP/1.1
Host: ee-helpdesk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ee-helpdesk.com/css/main.1e1767e.min.css
Cookie: PHPSESSID=2d0883c9b9ba0998aa188c6f4a4ac982
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 02 Nov 2022 09:34:36 GMT
content-type: font/woff
last-modified: Mon, 24 Oct 2022 17:25:47 GMT
accept-ranges: bytes
content-length: 48388
date: Wed, 26 Oct 2022 09:34:36 GMT
server: LiteSpeed
ee-helpdesk.com/img/favicon-196x196.png
45.141.59.16200 OK 9.2 kB URL HTTP/1.1 ee-helpdesk.com/img/favicon-196x196.png
IP 45.141.59.16:0
ASN #213373 IP Connect Inc
File type PNG image data, 196 x 196, 8-bit/color RGB, non-interlaced\012- data
Hash 779d2aa00f64023424e1aa7b2ba466d1
49298de9f1731d3cb0c356f9d005852392ca213c
a01fdf21cfde4d76986b1d91ec5d9cb2f95e74fa06a72c69e8ac78e21de7d4ee
GET /img/favicon-196x196.png HTTP/1.1
Host: ee-helpdesk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ee-helpdesk.com/login.php?sessionid=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=2d0883c9b9ba0998aa188c6f4a4ac982
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 02 Nov 2022 09:34:36 GMT
content-type: image/png
last-modified: Mon, 24 Oct 2022 17:26:08 GMT
accept-ranges: bytes
content-length: 9179
date: Wed, 26 Oct 2022 09:34:36 GMT
server: LiteSpeed
ee-helpdesk.com/img/favicon-16x16.png
45.141.59.16200 OK 1.0 kB URL HTTP/1.1 ee-helpdesk.com/img/favicon-16x16.png
IP 45.141.59.16:0
ASN #213373 IP Connect Inc
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash c2d08be3b716511a34c530ab80fef9e9
6f416133bf1545ff2813dc0b436aabb91ee875bb
db394b4aa60dc97a65e8aa3d2913ce543f4a41e9b1b3c2857ce169efd9ad8e02
GET /img/favicon-16x16.png HTTP/1.1
Host: ee-helpdesk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ee-helpdesk.com/login.php?sessionid=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=2d0883c9b9ba0998aa188c6f4a4ac982
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 02 Nov 2022 09:34:36 GMT
content-type: image/png
last-modified: Mon, 24 Oct 2022 17:26:08 GMT
accept-ranges: bytes
content-length: 1004
date: Wed, 26 Oct 2022 09:34:36 GMT
server: LiteSpeed
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 398e3c90084d7d71fc1e9fd833116f5f
3e202da5559a8f219144adee3639d063a98559c0
724547db3ed9f1779308e9dd6604664e6ffa3580ca076fbdc1dfb1b75591bba4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "724547DB3ED9F1779308E9DD6604664E6FFA3580CA076FBDC1DFB1B75591BBA4"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14068
Expires: Wed, 26 Oct 2022 13:29:04 GMT
Date: Wed, 26 Oct 2022 09:34:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 398e3c90084d7d71fc1e9fd833116f5f
3e202da5559a8f219144adee3639d063a98559c0
724547db3ed9f1779308e9dd6604664e6ffa3580ca076fbdc1dfb1b75591bba4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "724547DB3ED9F1779308E9DD6604664E6FFA3580CA076FBDC1DFB1B75591BBA4"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14068
Expires: Wed, 26 Oct 2022 13:29:04 GMT
Date: Wed, 26 Oct 2022 09:34:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 398e3c90084d7d71fc1e9fd833116f5f
3e202da5559a8f219144adee3639d063a98559c0
724547db3ed9f1779308e9dd6604664e6ffa3580ca076fbdc1dfb1b75591bba4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "724547DB3ED9F1779308E9DD6604664E6FFA3580CA076FBDC1DFB1B75591BBA4"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14068
Expires: Wed, 26 Oct 2022 13:29:04 GMT
Date: Wed, 26 Oct 2022 09:34:36 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9f8e8b2-cbee-42dd-a8d8-d4165e9a97ae.jpeg
34.120.237.76200 OK 3.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9f8e8b2-cbee-42dd-a8d8-d4165e9a97ae.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6dbedb2a47310dcc21ddb2f9c15ca08a
aa1c7300ce49a977fc7ed17534d48c04ec8c34fc
dc4edcfaa03bcccfd66cdacba33167877be7b0b746b9028fe9d82d71feefed2c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9f8e8b2-cbee-42dd-a8d8-d4165e9a97ae.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3695
x-amzn-requestid: 969f155c-e60f-4ecc-bdc8-29e85a803c46
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: alK9KEvqIAMFf4g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63585854-116ea1e74504dd416825d1ec;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 21:42:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: SDTaQGxFhSOc7XaFxoZzpo_z_BtH_F_K5pkIeLB4qo8KdJM5r_Ldqg==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 21:49:21 GMT
age: 42315
etag: "aa1c7300ce49a977fc7ed17534d48c04ec8c34fc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b77f552-f63a-490e-8ebf-e424535dc52b.jpeg
34.120.237.76200 OK 4.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b77f552-f63a-490e-8ebf-e424535dc52b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 422e2d39d09378a93241ca9d9275cdb3
b023427c7f5d8c4db74e626fd146b29feff5e578
419e9829c1c1c1a8ad7dcbe8cea395835733360b20f1f762bf93747c965ff95e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b77f552-f63a-490e-8ebf-e424535dc52b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4639
x-amzn-requestid: a88c5362-6ce2-4db6-8bfd-97d4b8476fa6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: alJ3vENroAMF0mQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63585697-1e5cca0918d9a36f4273ba4c;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 21:35:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: nf4UHlnSKaJcTYXDo7Nq6EMpFLL5MTq4y112iDh9B3M1mKaXnyAyOw==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 21:49:00 GMT
age: 42336
etag: "b023427c7f5d8c4db74e626fd146b29feff5e578"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91ee720c15dc69de45080d0c951353af
5292b31a99d90bcb7071f327b93d52034bdf9dcb
7fbe9f0f6db08fd539f2e8d4ac22e3b4d5ca14f7cde69f8424cce8b361d026e6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4524
x-amzn-requestid: a493efe7-11c7-4032-b36b-7f838f8180bc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aljicH_6IAMFqpQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63587fa9-0f15eae7680ea7b15e5e47ec;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 00:30:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OV7g4Y4fcQGijljebzHQtnpKdcPKw6LTxqORxxBJL2lFPYQLLoyNuQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 00:34:40 GMT
age: 32396
etag: "5292b31a99d90bcb7071f327b93d52034bdf9dcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae122c0f-a41b-4abc-a703-a5de223ae39a.png
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae122c0f-a41b-4abc-a703-a5de223ae39a.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash db946866312c734e0c5f91ca76255b2f
e8b8236baab9106a426a415eb01494cc4cc91ad1
a695e7bc87da2c6d9f5669c09e662fe22982e69cb139466efa5093429fe19866
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae122c0f-a41b-4abc-a703-a5de223ae39a.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8439
x-amzn-requestid: e0eed725-0725-4f5a-9c91-fec13ad0ebe5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ajKYQGWhIAMFdhw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63578a9b-2a0115120e75f5271cea992f;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 07:04:59 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: WVz4PqWqT9Pk1juQ95Xzi-7HcEDBqKb5VAncjXxOYFfKTnjRbmodoA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 04:44:59 GMT
age: 17377
etag: "e8b8236baab9106a426a415eb01494cc4cc91ad1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc635673e-499c-4d9c-8bc5-a713fb19e221.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc635673e-499c-4d9c-8bc5-a713fb19e221.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b946c4f2f177828cf7b76c5764e97157
c3856686b98e1883133aa1824c496d34512769a0
be818a015fc9c745ea561a0b9c2aca6ba25ade24acd696fa651163d47b195371
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc635673e-499c-4d9c-8bc5-a713fb19e221.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13796
x-amzn-requestid: 90b1e032-78c6-499d-b564-f25c15e20304
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: alJ2OG0SoAMFx-w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6358568e-599d0f526fc6a01f77b67dcf;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 21:35:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qxBQMJAnYNJVLBf5LSOTC7v3hPl9sh-G-OIqrK7d5KpdVITaQCcGMA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 21:47:18 GMT
age: 42438
etag: "c3856686b98e1883133aa1824c496d34512769a0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdb59802-0d15-47b0-9824-34102fa77aeb.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdb59802-0d15-47b0-9824-34102fa77aeb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ffefed59982fc01dd8df2f14cea499ca
abab3e94679d0c3e2cbecbda2e9a789a7fe17873
0c9e876f3f638aa4148aecdd77722e5091a2bb47ac30e4367505a1ebe39535d2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdb59802-0d15-47b0-9824-34102fa77aeb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9355
x-amzn-requestid: eb558ca7-8a59-4135-85c8-f0fd5afd30fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: alJ35EV2oAMF_4g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63585698-0ea5ca6a1f03dd6174ac208c;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 21:35:20 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: kCkZee35C72NmGRZ7BNRLkag29lRxJV0VHDycTNZOJXhosKdjsOxPg==
via: 1.1 6a63e853422f3197776fb098fab5a416.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 21:52:53 GMT
age: 42103
etag: "abab3e94679d0c3e2cbecbda2e9a789a7fe17873"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2