mojohelpdesk.com Open in urlscan Pro
52.10.225.210 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://r20.rs6.net/tn.jsp?f=001gjmNXVbIsqcIEBmn8mtqa6KCSWwXJjYB1J-VzSgfwPMmyEM5mDNZq0ST6GdANLOFW91EsaKEGNEhmScer-Z8...
Effective URL:
https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_mediu...
Submission: On July 07 via manual (July 7th 2020, 4:23:42 pm UTC) from US

Summary HTTP 60 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 16 IPs in 5 countries across 17 domains to perform 60 HTTP transactions. The main IP is 52.10.225.210, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is mojohelpdesk.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on May 9th 2020. Valid for: 3 months.

This is the only time mojohelpdesk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	208.75.122.11 208.75.122.11	40444 (ASN-CC) (ASN-CC)
22	52.10.225.210 52.10.225.210	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1	52.8.208.151 52.8.208.151	16509 (AMAZON-02) (AMAZON-02)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:1a	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
9	2a04:4e42:1b:... 2a04:4e42:1b::622	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:824::2008	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:818::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:817::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE)
3	151.101.14.107 151.101.14.107	54113 (FASTLY) (FASTLY)
1 1	13.224.198.120 13.224.198.120	16509 (AMAZON-02) (AMAZON-02)
5	13.225.78.57 13.225.78.57	16509 (AMAZON-02) (AMAZON-02)
1	18.233.89.106 18.233.89.106	14618 (AMAZON-AES) (AMAZON-AES)
1	75.2.88.188 75.2.88.188	16509 (AMAZON-02) (AMAZON-02)
1	3.210.75.230 3.210.75.230	14618 (AMAZON-AES) (AMAZON-AES)
60	16

1 208.75.122.11 (United States) 1 redirects

ASN40444 (ASN-CC, US)

r20.rs6.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 52.10.225.210 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-10-225-210.us-west-2.compute.amazonaws.com

mojohelpdesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.8.208.151 (San Jose, United States)

ASN16509 (AMAZON-02, US)

mojohelpdesk.montastic.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a04:4e42:1b::622 (Ascension Island)

ASN54113 (FASTLY, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:824::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.14.107 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

embed-fastly.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.198.120 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.225.78.57 (Seattle, United States)

ASN16509 (AMAZON-02, US)

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.233.89.106 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

distillery.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 75.2.88.188 (Seattle, United States)

ASN16509 (AMAZON-02, US)

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.210.75.230 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

fg8vvsvnieiv3ej16jby.litix.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	mojohelpdesk.com mojohelpdesk.com	2 MB
13	wistia.com fast.wistia.com embed-fastly.wistia.com distillery.wistia.com	415 KB
5	intercomcdn.com js.intercomcdn.com	212 KB
5	gstatic.com fonts.gstatic.com	56 KB
4	googletagmanager.com www.googletagmanager.com	31 KB
3	google-analytics.com 1 redirects www.google-analytics.com	46 KB
2	intercom.io 1 redirects widget.intercom.io api-iam.intercom.io	2 KB
2	jsdelivr.net cdn.jsdelivr.net	10 KB
1	litix.io fg8vvsvnieiv3ej16jby.litix.io	172 B
1	google.de www.google.de	106 B
1	google.com 1 redirects www.google.com	182 B
1	doubleclick.net 1 redirects stats.g.doubleclick.net	151 B
1	bootstrapcdn.com stackpath.bootstrapcdn.com	16 KB
1	jquery.com code.jquery.com	24 KB
1	montastic.io mojohelpdesk.montastic.io	2 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	rs6.net 1 redirects r20.rs6.net	454 B
60	17

	Domain	Requested by
22	mojohelpdesk.com	mojohelpdesk.com
9	fast.wistia.com	mojohelpdesk.com fast.wistia.com
5	js.intercomcdn.com	js.intercomcdn.com
5	fonts.gstatic.com	mojohelpdesk.com
4	www.googletagmanager.com	mojohelpdesk.com
3	embed-fastly.wistia.com	mojohelpdesk.com fast.wistia.com
3	www.google-analytics.com	1 redirects www.googletagmanager.com www.google-analytics.com
2	cdn.jsdelivr.net	mojohelpdesk.com
1	fg8vvsvnieiv3ej16jby.litix.io	fast.wistia.com
1	api-iam.intercom.io	js.intercomcdn.com
1	distillery.wistia.com	fast.wistia.com
1	widget.intercom.io	1 redirects
1	www.google.de	mojohelpdesk.com
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	stackpath.bootstrapcdn.com	mojohelpdesk.com
1	code.jquery.com	mojohelpdesk.com
1	mojohelpdesk.montastic.io	mojohelpdesk.com
1	fonts.googleapis.com	mojohelpdesk.com
1	r20.rs6.net	1 redirects
60	20

This site contains links to these domains. Also see Links.

Domain
www.mojohelpdesk.com
help.mojohelpdesk.com
signup.mojohelpdesk.com
github.com
mojohelpdesk.montastic.io
twitter.com
www.linkedin.com
www.metadot.com

Subject Issuer	Validity	Valid
www.mojohelpdesk.com Let's Encrypt Authority X3	`2020-05-09` - `2020-08-07`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
montastic.io Amazon	`2019-11-18` - `2020-12-18`	a year	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-06-08` - `2021-04-17`	10 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-05-29` - `2021-05-07`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
prospective2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-05-28` - `2021-04-20`	a year	crt.sh
*.intercomcdn.com Amazon	`2020-03-29` - `2021-04-29`	a year	crt.sh
*.wistia.com Amazon	`2020-04-30` - `2021-05-30`	a year	crt.sh
*.intercom.com Amazon	`2020-05-13` - `2021-06-13`	a year	crt.sh
*.litix.io Amazon	`2019-12-25` - `2021-01-25`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Frame ID: DA10C554423D7A43574162D7DF302E63
Requests: 58 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.bfc5ae4f.js
Frame ID: B0691B634B1813FEE9E31246B26D559D
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://r20.rs6.net/tn.jsp?f=001gjmNXVbIsqcIEBmn8mtqa6KCSWwXJjYB1J-VzSgfwPMmyEM5mDNZq0ST6GdANLOF... HTTP 302
https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-rans... Page URL

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

60
Requests

100 %
HTTPS

53 %
IPv6

17
Domains

20
Subdomains

16
IPs

5
Countries

2527 kB
Transfer

5338 kB
Size

0
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.mojohelpdesk.com/resources/Mojo_Helpdesk_Quick_Setup_Guide.pdf
Title: User Guide

Search URL Search Domain Scan URL

URL: https://help.mojohelpdesk.com/
Title: Get Help

Search URL Search Domain Scan URL

URL: https://signup.mojohelpdesk.com/signup/register/90?referer=website
Title: Get started

Search URL Search Domain Scan URL

URL: https://www.mojohelpdesk.com/blog/2020/06/how-to-keep-help-desk-agents-from-burning-out/
Title: Blog post: How to Keep Help Desk Agents from Burning OutLEARN MORE

Search URL Search Domain Scan URL

URL: https://github.com/mojohelpdesk/mojohelpdesk-api-doc
Title: Developer API

Search URL Search Domain Scan URL

URL: https://github.com/mojohelpdesk
Title: GitHub

Search URL Search Domain Scan URL

URL: https://mojohelpdesk.montastic.io/
Title: Status

Search URL Search Domain Scan URL

URL: http://twitter.com/#!/mojohelpdesk

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/mojo-helpdesk/

Search URL Search Domain Scan URL

URL: https://www.metadot.com/
Title: Metadot

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://r20.rs6.net/tn.jsp?f=001gjmNXVbIsqcIEBmn8mtqa6KCSWwXJjYB1J-VzSgfwPMmyEM5mDNZq0ST6GdANLOFW91EsaKEGNEhmScer-Z8lLukxCfm8j1JNB2ypdyvxW_bBNlshbd85WvHYEaZ9meOUiOZidv8QYkgJhgbUiHFSqW8iRau0MdTB9KDJXlXMAzMyFdfaWD2PlRwHW-YLUODt3PsfWXC_QRxgA0B9LrxCt0sVh7Sr0CxrX7JGYL7kdi-pW732Q1oyq5fuPgpkjqEQ07et-rcmAWXtZhlr6-oYgNp21iKXlZ_i4gqe5eAN0n0Hv48Vd4ViA==&c=rphBUCkQbjOdXRssYDWPoPUP91cMXXzk8hXs3I8VyCtZ_a8PQuhpgg==&ch=S8q2ImbCDnEasUOYALNMrS4fUPgE4ZezomXI7P5V6gFedmOpHQ0O8Q== HTTP 302
https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1897254719&t=pageview&_s=1&dl=https%3A%2F%2Fmojohelpdesk.com%2F%3F%26utm_campaign%3Demail-campaign-all-lists%26utm_source%3Demail-all-2020-07-07-ransomwareblog%26utm_medium%3Dhomepage-link&ul=en-us&de=UTF-8&dt=Home%20page%20%7C%20Mojo%20Helpdesk&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQ~&jid=1306600320&gjid=1147344431&cid=1953431595.1594138999&tid=UA-254670-17&_gid=627163542.1594138999&_r=1&gtm=2wg6o0KRPZJQJ&z=913566319 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-254670-17&cid=1953431595.1594138999&jid=1306600320&_gid=627163542.1594138999&gjid=1147344431&_v=j83&z=913566319 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-254670-17&cid=1953431595.1594138999&jid=1306600320&_v=j83&z=913566319 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-254670-17&cid=1953431595.1594138999&jid=1306600320&_v=j83&z=913566319&slf_rd=1&random=3386332619

Request Chain 46

https://widget.intercom.io/widget/c4gibkh7 HTTP 302
https://js.intercomcdn.com/shim.latest.js

60 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
mojohelpdesk.com/
Redirect Chain

http://r20.rs6.net/tn.jsp?f=001gjmNXVbIsqcIEBmn8mtqa6KCSWwXJjYB1J-VzSgfwPMmyEM5mDNZq0ST6GdANLOFW91EsaKEGNEhmScer-Z8lLukxCfm8j1JNB2ypdyvxW_bBNlshbd85WvHYEaZ9meOUiOZidv8QYkgJhgbUiHFSqW8iRau0MdTB9KDJX...
https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link

30 KB
8 KB

633ms
212ms

Document
text/html

52.10.225.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.10.225.210 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-10-225-210.us-west-2.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: ced575e8166e2af08516bfc0df1a4bdd767f74ca549da82c350de2374d63dd50

Request headers

Host: mojohelpdesk.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 07 Jul 2020 16:23:18 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Mon, 06 Jul 2020 22:03:54 GMT
ETag: "79bd-5a9cd0cf00680-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8047
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

Redirect headers

Date: Tue, 07 Jul 2020 16:23:18 GMT
Server: Apache
P3P: CP="CAO DSP TAIa OUR NOR UNI"
Location: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Content-Length: 0
Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate, no-cache="Set-Cookie"
Pragma: no-cache
Connection: close
Content-Type: text/html;charset=ISO-8859-1

GET
H2 200 css2
fonts.googleapis.com/ 17 KB
1 KB 19ms
18ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;1,100;1,300&display=swap

Requested by

Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

455f114be43c64dc2586033b0766423e13765df7d94b867d301262a99beef46a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 07 Jul 2020 16:23:18 GMT
server: ESF
date: Tue, 07 Jul 2020 16:23:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Jul 2020 16:23:18 GMT

GET
H/1.1 200
OK swiper.min.css
mojohelpdesk.com/swiper/css/ 13 KB
4 KB 212ms
211ms Stylesheet
text/css 52.10.225.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mojohelpdesk.com/swiper/css/swiper.min.css
Requested by: Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.10.225.210 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-10-225-210.us-west-2.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: dea3c2d66b0679ee2db67a21c0a434f3e14d6ac8a2af06877a711151fc32b56d

Request headers

Referer: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 07 Jul 2020 16:23:18 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 Jul 2020 22:03:54 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "356e-5a9cd0cf00680-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 4128

GET
H/1.1 200
OK all.min.9da4a03269810c5c0ff90c016a5be086d068708b57285ed38e04b97c0dda1899.css
mojohelpdesk.com/css/ 187 KB
32 KB 433ms
220ms Stylesheet
text/css 52.10.225.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mojohelpdesk.com/css/all.min.9da4a03269810c5c0ff90c016a5be086d068708b57285ed38e04b97c0dda1899.css
Requested by: Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.10.225.210 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-10-225-210.us-west-2.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 9da4a03269810c5c0ff90c016a5be086d068708b57285ed38e04b97c0dda1899

Request headers

Referer: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 07 Jul 2020 16:23:19 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 Jul 2020 22:03:54 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "2ecda-5a9cd0cf00680-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 32092

GET
H/1.1 200
OK mojo-star.svg
mojohelpdesk.com/images/ 1 KB
2 KB 819ms
209ms Image
image/svg+xml 52.10.225.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mojohelpdesk.com/images/mojo-star.svg
Requested by: Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.10.225.210 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-10-225-210.us-west-2.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 972007a3dd7f43d88ddd67884292e547c78e562b160655f3405c2ab8f6b89f61

Request headers

Referer: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 07 Jul 2020 16:23:19 GMT
Last-Modified: Mon, 06 Jul 2020 22:03:54 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "52c-5a9cd0cf00680"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1324

GET
H/1.1 200
OK mojo-ui_hu9c65a02771cc396ec93a6c53790788c2_263735_900x800_fit_box_2.png
mojohelpdesk.com/ 66 KB
67 KB 873ms
206ms Image
image/png 52.10.225.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mojohelpdesk.com/mojo-ui_hu9c65a02771cc396ec93a6c53790788c2_263735_900x800_fit_box_2.png
Requested by: Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.10.225.210 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-10-225-210.us-west-2.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: b9650e81cd574674665417f969830b399feb762223ae441d278098f378d0cda3

Request headers

Referer: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 07 Jul 2020 16:23:19 GMT
Last-Modified: Mon, 06 Jul 2020 22:03:54 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "10940-5a9cd0cf00680"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 67904

GET
H/1.1 200
OK watch_arrow.png
mojohelpdesk.com/_home-images/ 19 KB
19 KB 889ms
211ms Image
image/png 52.10.225.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mojohelpdesk.com/_home-images/watch_arrow.png
Requested by: Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.10.225.210 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-10-225-210.us-west-2.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: aeed68ebf6e6415908a64fdf038ec12520613bd172062252727a7f325ced4143

Request headers

Referer: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 07 Jul 2020 16:23:19 GMT
Last-Modified: Mon, 06 Jul 2020 22:03:54 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "4a81-5a9cd0cf00680"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 19073

GET
H/1.1 200
OK call-center-1200x800_hu3f201af50b1d914011d21f054aa53cbb_152409_600x0_resize_q75_box.jpg
mojohelpdesk.com/ 45 KB
46 KB 900ms
216ms Image
image/jpeg 52.10.225.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mojohelpdesk.com/call-center-1200x800_hu3f201af50b1d914011d21f054aa53cbb_152409_600x0_resize_q75_box.jpg
Requested by: Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.10.225.210 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-10-225-210.us-west-2.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: e20f98940ccae602640f7b9207799a9a1b6c87ff644ea46c2747a7d1742e2d4a

Request headers

Referer: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 07 Jul 2020 16:23:19 GMT
Last-Modified: Mon, 06 Jul 2020 22:03:54 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "b524-5a9cd0cf00680"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 46372

GET
H/1.1 200
OK burnout.png
mojohelpdesk.com/ 441 KB
441 KB 821ms
209ms Image
image/png 52.10.225.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mojohelpdesk.com/burnout.png
Requested by: Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.10.225.210 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-10-225-210.us-west-2.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 58dea704d66a63ba759dbe91e7dd70edfc81f2edb9465c7101f7d54380d26d51

Request headers

Referer: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 07 Jul 2020 16:23:19 GMT
Last-Modified: Mon, 06 Jul 2020 22:03:54 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "6e443-5a9cd0cf00680"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 451651

GET
H/1.1 200
OK undraw_analysis.png
mojohelpdesk.com/ 72 KB
72 KB 670ms
210ms Image
image/png 52.10.225.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mojohelpdesk.com/undraw_analysis.png
Requested by: Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.10.225.210 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-10-225-210.us-west-2.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 4ee71a96d95dc85c865f087a914b0d2ff82fef77ddbdf029fa650bf95ce6acd6

Request headers

Referer: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 07 Jul 2020 16:23:20 GMT
Last-Modified: Mon, 06 Jul 2020 22:03:54 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "12001-5a9cd0cf00680"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 73729

GET
H/1.1 200
OK 11-points-hd.jpg
mojohelpdesk.com/ 111 KB
112 KB 620ms
205ms Image
image/jpeg 52.10.225.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mojohelpdesk.com/11-points-hd.jpg
Requested by: Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.10.225.210 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-10-225-210.us-west-2.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 33c7f6950f53b43589a42b4040175bab18b7923202197d55efea27060ab724de

Request headers

Referer: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 07 Jul 2020 16:23:20 GMT
Last-Modified: Mon, 06 Jul 2020 22:03:54 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "1bd49-5a9cd0cf00680"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 113993

GET
H/1.1 200
OK is_mojo_right.png
mojohelpdesk.com/webinars/ 194 KB
195 KB 415ms
215ms Image
image/png 52.10.225.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mojohelpdesk.com/webinars/is_mojo_right.png
Requested by: Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.10.225.210 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-10-225-210.us-west-2.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 22e0961669b96258c32e01da385b215aebd60f3a3cf586ab329bcb73bb57413f

Request headers

Referer: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 07 Jul 2020 16:23:20 GMT
Last-Modified: Mon, 06 Jul 2020 22:03:54 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "308f9-5a9cd0cf00680"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 198905

GET
H/1.1 200
OK cyber-secu.png
mojohelpdesk.com/webinars/ 182 KB
182 KB 314ms
216ms Image
image/png 52.10.225.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mojohelpdesk.com/webinars/cyber-secu.png
Requested by: Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.10.225.210 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-10-225-210.us-west-2.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: d46f9d05767d58b98f2674e029f2981f263737e3e4c0a85ca224da6e31458fd5

Request headers

Referer: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 07 Jul 2020 16:23:20 GMT
Last-Modified: Mon, 06 Jul 2020 22:03:54 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "2d66d-5a9cd0cf00680"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 185965

GET
H/1.1 200
OK save-hundred-of-thousand.png
mojohelpdesk.com/webinars/ 39 KB
39 KB 369ms
217ms Image
image/png 52.10.225.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mojohelpdesk.com/webinars/save-hundred-of-thousand.png
Requested by: Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.10.225.210 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-10-225-210.us-west-2.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 9b36679f180d0cd16bbd97fefa0ac3ceeed51cf31882702a5846315bc7902296

Request headers

Referer: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 07 Jul 2020 16:23:20 GMT
Last-Modified: Mon, 06 Jul 2020 22:03:54 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "9b85-5a9cd0cf00680"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 39813

GET
H/1.1 200
OK badge
mojohelpdesk.montastic.io/ 929 B
2 KB 904ms
227ms Image
image/svg+xml 52.8.208.151
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mojohelpdesk.montastic.io/badge

Requested by

Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.8.208.151 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.12.1 /

Resource Hash

7e62064f04ef12e93aee0420ff473aaf816de4d5de30f665284f1ca04dd587f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 07 Jul 2020 16:23:19 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Content-Transfer-Encoding: binary
Content-Disposition: inline; filename="website-OK-brightgreen.svg"
Connection: keep-alive
Content-Length: 929
X-XSS-Protection: 1; mode=block
X-Request-Id: c574b831-e016-4e83-ad0d-e8c413901f30
X-Runtime: 0.024140
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx/1.12.1
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/svg+xml
Cache-Control: private

GET
H/1.1 200
OK jquery-3.4.1.slim.min.js Show response
code.jquery.com/ 69 KB
24 KB 34ms
8ms Script
application/javascript 2001:4de0:ac19::1:b:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.slim.min.js
Requested by: Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: a5ab2a00a0439854f8787a0dda775dea5377ef4905886505c938941d6854ee4f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Origin: https://mojohelpdesk.com

Response headers

Date: Tue, 07 Jul 2020 16:23:18 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 May 2019 21:14:27 GMT
Server: nginx
ETag: W/"5cca0c33-1157d"
Vary: Accept-Encoding
X-HW: 1594138998.dop146.fr8.t,1594138998.cds072.fr8.shn,1594138998.dop146.fr8.t,1594138998.cds121.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 24328

GET
H2 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/ 21 KB
8 KB 31ms
7ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/popper.min.js

Requested by

Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Origin: https://mojohelpdesk.com

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 4553530
x-cache: MISS, HIT
status: 200
content-length: 7510
etag: W/"5309-YvI45zNIx3656GVCan0bfeI8uy0"
x-served-by: cache-fra19160-FRA, cache-hhn4051-HHN
date: Tue, 07 Jul 2020 16:23:18 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/ 59 KB
16 KB 15ms
9ms Script
text/javascript 2001:4de0:ac19::1:b:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js

Requested by

Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Origin: https://mojohelpdesk.com

Response headers

date: Tue, 07 Jul 2020 16:23:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 28 Nov 2019 17:52:52 GMT
status: 200
etag: "1574963572"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 15919

GET
H2 200 lazyload.min.js Show response
cdn.jsdelivr.net/npm/vanilla-lazyload@16.1.0/dist/ 8 KB
3 KB 13ms
9ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vanilla-lazyload@16.1.0/dist/lazyload.min.js

Requested by

Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

69f3dec8f33332100f7800db8970d61e7d34f89257e0b6c841616e08d7b3d015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 3668887
x-cache: HIT, HIT
status: 200
content-length: 2707
etag: W/"1ed3-lOI4QsYnIdBSu9iBAzl2MkTgMJc"
x-served-by: cache-fra19164-FRA, cache-hhn4070-HHN
date: Tue, 07 Jul 2020 16:23:18 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK swiper.min.js Show response
mojohelpdesk.com/swiper/js/ 137 KB
35 KB 248ms
248ms Script
application/javascript 52.10.225.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mojohelpdesk.com/swiper/js/swiper.min.js
Requested by: Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.10.225.210 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-10-225-210.us-west-2.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 31b9a64530ca997b6bcc15ed933a677acb8659fd3d75c6f54736657bbf69c18e

Request headers

Referer: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 07 Jul 2020 16:23:20 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 Jul 2020 22:03:54 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "22208-5a9cd0cf00680-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 35679

GET
H/1.1 200
OK trusted-by-brands.min.aedbbcbc153a5db1093a96c5a1b4c11eda3b6ae46afee8fd2972d5ea5433a87f.js Show response
mojohelpdesk.com/js/shortcodes/ 361 B
546 B 210ms
210ms Script
application/javascript 52.10.225.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mojohelpdesk.com/js/shortcodes/trusted-by-brands.min.aedbbcbc153a5db1093a96c5a1b4c11eda3b6ae46afee8fd2972d5ea5433a87f.js
Requested by: Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.10.225.210 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-10-225-210.us-west-2.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: aedbbcbc153a5db1093a96c5a1b4c11eda3b6ae46afee8fd2972d5ea5433a87f

Request headers

Referer: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 07 Jul 2020 16:23:20 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 Jul 2020 22:03:54 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "169-5a9cd0cf00680-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 197

GET
H/1.1 200
OK a-title-3-card-hover-links.min.50031292972cb958606389c5ad4f10e3079627fa1fe86c7fb15af1e48e2e2060.js Show response
mojohelpdesk.com/js/shortcodes/ 181 B
513 B 212ms
212ms Script
application/javascript 52.10.225.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mojohelpdesk.com/js/shortcodes/a-title-3-card-hover-links.min.50031292972cb958606389c5ad4f10e3079627fa1fe86c7fb15af1e48e2e2060.js
Requested by: Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.10.225.210 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-10-225-210.us-west-2.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 50031292972cb958606389c5ad4f10e3079627fa1fe86c7fb15af1e48e2e2060

Request headers

Referer: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 07 Jul 2020 16:23:20 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 Jul 2020 22:03:54 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "b5-5a9cd0cf00680-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 165

GET
H/1.1 200
OK gdpr.min.af1f5b718c15f3fac8361f7c4ad927d6992a0ab80fc2cdf573116cfa7442dbd4.js Show response
mojohelpdesk.com/js/ 9 KB
4 KB 211ms
211ms Script
application/javascript 52.10.225.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mojohelpdesk.com/js/gdpr.min.af1f5b718c15f3fac8361f7c4ad927d6992a0ab80fc2cdf573116cfa7442dbd4.js
Requested by: Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.10.225.210 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-10-225-210.us-west-2.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: af1f5b718c15f3fac8361f7c4ad927d6992a0ab80fc2cdf573116cfa7442dbd4

Request headers

Referer: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 07 Jul 2020 16:23:20 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 Jul 2020 22:03:54 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "240d-5a9cd0cf00680-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 3354

GET
H/1.1 200
OK comparison.min.d52f07ca5ec918e0cf7f3926242696c5e132da9bebcff416a71ee61a48023202.js Show response
mojohelpdesk.com/js/ 1 KB
796 B 209ms
209ms Script
application/javascript 52.10.225.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mojohelpdesk.com/js/comparison.min.d52f07ca5ec918e0cf7f3926242696c5e132da9bebcff416a71ee61a48023202.js
Requested by: Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.10.225.210 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-10-225-210.us-west-2.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: d52f07ca5ec918e0cf7f3926242696c5e132da9bebcff416a71ee61a48023202

Request headers

Referer: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 07 Jul 2020 16:23:20 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 Jul 2020 22:03:54 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "4be-5a9cd0cf00680-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 447

GET
H/1.1 200
OK lazyload.min.10bce7fc623b6a1afdd3a3526eadff99726c748b517daa7bcd40e7930a782193.js Show response
mojohelpdesk.com/js/ 61 B
356 B 216ms
216ms Script
application/javascript 52.10.225.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mojohelpdesk.com/js/lazyload.min.10bce7fc623b6a1afdd3a3526eadff99726c748b517daa7bcd40e7930a782193.js
Requested by: Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.10.225.210 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-10-225-210.us-west-2.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 10bce7fc623b6a1afdd3a3526eadff99726c748b517daa7bcd40e7930a782193

Request headers

Referer: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 07 Jul 2020 16:23:20 GMT
Last-Modified: Mon, 06 Jul 2020 22:03:54 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "3d-5a9cd0cf00680"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 61

GET
H/1.1 200
OK helpdesk-training-guide.min.bb1dcf707f4654bf3f808d9be488d35d1976e7678a621811921c566163a6b784.js Show response
mojohelpdesk.com/js/ 602 B
616 B 205ms
204ms Script
application/javascript 52.10.225.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mojohelpdesk.com/js/helpdesk-training-guide.min.bb1dcf707f4654bf3f808d9be488d35d1976e7678a621811921c566163a6b784.js
Requested by: Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.10.225.210 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-10-225-210.us-west-2.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: bb1dcf707f4654bf3f808d9be488d35d1976e7678a621811921c566163a6b784

Request headers

Referer: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 07 Jul 2020 16:23:20 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 Jul 2020 22:03:54 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "25a-5a9cd0cf00680-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 267

GET
H/1.1 200
OK all.min.js Show response
mojohelpdesk.com/fortawesome/ 1 MB
423 KB 231ms
231ms Script
application/javascript 52.10.225.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mojohelpdesk.com/fortawesome/all.min.js
Requested by: Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.10.225.210 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-10-225-210.us-west-2.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 2b36622b2d03598b27c0c17e5f50ef427810dbf17117b305dc57fbd97729b8fb

Request headers

Referer: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 07 Jul 2020 16:23:20 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 Jul 2020 22:03:54 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "11e248-5a9cd0cf00680-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98

GET
H2 200 E-v1.js Show response
fast.wistia.com/assets/external/ 654 KB
119 KB 30ms
7ms Script
application/javascript 2a04:4e42:1b::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/E-v1.js

Requested by

Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::622 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cb9213f6c8720d124fe24b42fe75c12f4ca7a867d3ff1b34a5710f7a5b1fa902

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 07 Jul 2020 16:23:18 GMT
content-encoding: br
vary: Accept-Encoding
age: 3014
x-cache: HIT, HIT
status: 200
content-length: 121177
x-served-by: cache-dca17745-DCA, cache-hhn4044-HHN
access-control-allow-origin: *
x-browser-version: 83
last-modified: Fri, 26 Jun 2020 18:29:29 GMT
x-timer: S1594138999.855825,VS0,VE0
etag: "5ef63e89-1d959"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 590

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 123 KB
31 KB 24ms
23ms Script
application/javascript 2a00:1450:4001:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KRPZJQJ

Requested by

Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

03382a17e092c1f4c47a58f687e921ca29955bdc9a273c4b000b9ebface3d3d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 07 Jul 2020 16:23:18 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31473
x-xss-protection: 0
last-modified: Tue, 07 Jul 2020 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 07 Jul 2020 16:23:18 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KRPZJQJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 460
date: Tue, 07 Jul 2020 16:15:38 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Tue, 07 Jul 2020 18:15:38 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 70 KB
28 KB 18ms
18ms Script
application/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-PQJJVCS&t=gtm1&cid=1953431595.1594138999

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1484aaa193e1b1db868a6bfedf35644c1cf89fe2de54e8b452b631db18ce2cf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 07 Jul 2020 16:23:18 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28208
x-xss-protection: 0
last-modified: Tue, 07 Jul 2020 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 07 Jul 2020 16:23:18 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1897254719&t=pageview&_s=1&dl=https%3A%2F%2Fmojohelpdesk.com%2F%3F%26utm_campaign%3Demail-campaign-all-lists%26utm_source%3Demail-all-2020-07...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-254670-17&cid=1953431595.1594138999&jid=1306600320&_gid=627163542.1594138999&gjid=1147344431&_v=j83&z=913566319
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-254670-17&cid=1953431595.1594138999&jid=1306600320&_v=j83&z=913566319
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-254670-17&cid=1953431595.1594138999&jid=1306600320&_v=j83&z=913566319&slf_rd=1&random=3386332619

42 B
106 B

19ms
18ms

Image
image/gif

2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-254670-17&cid=1953431595.1594138999&jid=1306600320&_v=j83&z=913566319&slf_rd=1&random=3386332619

Requested by

Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Jul 2020 16:23:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Jul 2020 16:23:19 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-254670-17&cid=1953431595.1594138999&jid=1306600320&_v=j83&z=913566319&slf_rd=1&random=3386332619
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 a
www.googletagmanager.com/ 0
63 B 15ms
14ms Image
image/gif 2a00:1450:4001:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-KRPZJQJ&cv=12&v=3&t=t&pid=1974819384&rv=6o0&es=1&e=gtm.js&eid=0&tc=102&tr=1gclidw.1opt.1paused.1paused.1paused.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.5gclidw.6paused.6paused.6paused.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5opt.1ua.5ua&ti=1gclidw.1opt.1paused.1paused.1paused.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1gclidw.1paused.1paused.1paused.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1opt.1ua.1ua&z=0

Requested by

Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Jul 2020 16:23:19 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
status: 204
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;1,100;1,300&display=swap
Origin: https://mojohelpdesk.com

Response headers

date: Wed, 10 Jun 2020 14:25:07 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 2339892
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Thu, 10 Jun 2021 14:25:07 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;1,100;1,300&display=swap
Origin: https://mojohelpdesk.com

Response headers

date: Fri, 12 Jun 2020 00:19:42 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 2217817
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11180
x-xss-protection: 0
expires: Sat, 12 Jun 2021 00:19:42 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;1,100;1,300&display=swap
Origin: https://mojohelpdesk.com

Response headers

date: Fri, 12 Jun 2020 20:41:36 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 2144503
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Sat, 12 Jun 2021 20:41:36 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;1,100;1,300&display=swap
Origin: https://mojohelpdesk.com

Response headers

date: Thu, 11 Jun 2020 20:50:20 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 2230379
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Fri, 11 Jun 2021 20:50:20 GMT

GET
H2 200 KFOjCnqEu92Fr1Mu51TjASc6CsTYl4BO.woff2
fonts.gstatic.com/s/roboto/v20/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOjCnqEu92Fr1Mu51TjASc6CsTYl4BO.woff2

Requested by

Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c575d67f22342308c6bdc002dce3d2bf2eb03c3434846dd8aeb4b2b74b43d43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;1,100;1,300&display=swap
Origin: https://mojohelpdesk.com

Response headers

date: Fri, 12 Jun 2020 20:32:21 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:39 GMT
server: sffe
age: 2145058
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12824
x-xss-protection: 0
expires: Sat, 12 Jun 2021 20:32:21 GMT

GET
H2 200 popover.js Show response
fast.wistia.com/assets/external/ 124 KB
25 KB 7ms
6ms Script
application/javascript 2a04:4e42:1b::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/popover.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::622 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

08b0ecc6a03a998258237268fda4a3b31cc6360a27e83743c2f89503f780a376

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 07 Jul 2020 16:23:19 GMT
content-encoding: br
vary: Accept-Encoding
age: 3015
x-cache: HIT, HIT
status: 200
content-length: 25845
x-served-by: cache-dca17754-DCA, cache-hhn4044-HHN
access-control-allow-origin: *
x-browser-version: 83
last-modified: Fri, 26 Jun 2020 18:29:29 GMT
x-timer: S1594139000.772640,VS0,VE0
etag: "5ef63e89-64f5"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 85

GET
H2 200 wistia-mux.js Show response
fast.wistia.com/assets/external/ 94 KB
25 KB 8ms
8ms Script
application/javascript 2a04:4e42:1b::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/wistia-mux.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::622 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a7cd961207f9205308848b74517b49d857f093f0e535655d1a7439f894045577

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 07 Jul 2020 16:23:19 GMT
content-encoding: br
vary: Accept-Encoding
age: 3015
x-cache: HIT, HIT
status: 200
content-length: 25168
x-served-by: cache-dca17764-DCA, cache-hhn4044-HHN
access-control-allow-origin: *
x-browser-version: 83
last-modified: Fri, 26 Jun 2020 18:29:29 GMT
x-timer: S1594139000.772619,VS0,VE0
etag: "5ef63e89-6250"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 337

GET
H2 200 fh62s4ovbx.json Show response
fast.wistia.com/embed/medias/ 4 KB
2 KB 8ms
8ms Script
text/javascript 2a04:4e42:1b::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/fh62s4ovbx.json?callback=wistiajson1

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::622 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

307971fe21d6ef4941c0e08b7768400636c71f44b9ff335857be038e17011b2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Referer: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 07 Jul 2020 16:23:19 GMT
x-player-privacy-mode: 1
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 81232
x-cache: HIT, HIT
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
status: 200
content-encoding: br
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-length: 1400
x-request-id: f1ff50d3ec8ff307700d955e7212d8a8
x-served-by: cache-dca17758-DCA, cache-hhn4044-HHN
x-runtime: 0.056957
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
x-timer: S1594139000.794408,VS0,VE1
etag: W/"307971fe21d6ef4941c0e08b77684006"
x-download-options: noopen
strict-transport-security: max-age=0
content-type: text/javascript; charset=utf-8
via: 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
cache-control: public, no-cache
x-browser: chrome
x-browser-version: 83
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 share-v2.js Show response
fast.wistia.com/assets/external/ 28 KB
6 KB 7ms
6ms Script
application/javascript 2a04:4e42:1b::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/share-v2.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::622 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1d95013b282acbc2bc6c9b613c630d68809d3b2fdb81a212a1c2e1ccad4245da

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 07 Jul 2020 16:23:19 GMT
content-encoding: br
vary: Accept-Encoding
age: 3014
x-cache: HIT, HIT
status: 200
content-length: 5628
x-served-by: cache-dca17766-DCA, cache-hhn4044-HHN
access-control-allow-origin: *
x-browser-version: 83
last-modified: Fri, 26 Jun 2020 18:29:29 GMT
x-timer: S1594139000.833405,VS0,VE0
etag: "5ef63e89-15fc"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2, 43

GET
DATA 200
OK truncated
/ 3 KB
3 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 060e3091553b28946d0819daba0626cea9ab7dfbed76b34ba93884be8acbc99d

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
Origin: https://mojohelpdesk.com

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 051243ac279bb498f695098e28e9487c.webp
embed-fastly.wistia.com/deliveries/ 19 KB
19 KB 156ms
51ms Image
image/webp 151.101.14.107
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embed-fastly.wistia.com/deliveries/051243ac279bb498f695098e28e9487c.webp?image_crop_resized=1920x1080
Requested by: Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.107 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 14698fd9ecf87aeb8611ee5185552cc3d19ac5f5dda2087abf8b109dfc5577be

Request headers

Referer: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 07 Jul 2020 16:23:20 GMT
via: 1.1 varnish, 1.1 varnish
age: 984426
edge-cache-tag: 051243ac279bb498f695098e28e9487c
status: 200
x-cache-hits: 1, 1
x-cache: HIT, HIT
content-length: 19066
access-control-request-method: *
x-served-by: cache-dca17758-DCA, cache-fra19130-FRA
last-modified: Wed, 22 Apr 2020 19:28:14 UTC
x-timer: S1594139000.029136,VS0,VE1
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/webp
access-control-allow-origin: *
content-disposition: inline
cache-control: max-age=31536000
accept-ranges: bytes
access-control-expose-headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache

GET
H2 204 a
www.googletagmanager.com/ 0
53 B 16ms
16ms Image
image/gif 2a00:1450:4001:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-KRPZJQJ&cv=12&v=3&t=t&pid=1974819384&rv=6o0&es=1&e=gtm.dom&eid=5&tc=102&z=0

Requested by

Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Jul 2020 16:23:20 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
status: 204
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK happy-user-1200x1425_hu3f0a9a5cf47f93df5b7103430913d917_140719_600x0_resize_q75_box.jpg
mojohelpdesk.com/ 26 KB
26 KB 216ms
216ms Image
image/jpeg 52.10.225.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mojohelpdesk.com/happy-user-1200x1425_hu3f0a9a5cf47f93df5b7103430913d917_140719_600x0_resize_q75_box.jpg
Requested by: Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.10.225.210 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-10-225-210.us-west-2.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: f95b54b32078a1cbf615eb3ec871214c4bce7cd16aab0318493d240bf6495ec3

Request headers

Referer: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 07 Jul 2020 16:23:20 GMT
Last-Modified: Mon, 06 Jul 2020 22:03:54 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "6849-5a9cd0cf00680"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 26697

GET
H2 200 playPauseLoadingControl.js Show response
fast.wistia.com/assets/external/ 37 KB
7 KB 7ms
6ms Script
application/javascript 2a04:4e42:1b::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/playPauseLoadingControl.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::622 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5fb808f67cf42bf3601aee8482917e52a80165e8402ab12cd4c228b40f3177b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 07 Jul 2020 16:23:21 GMT
content-encoding: br
vary: Accept-Encoding
age: 3017
x-cache: HIT, HIT
status: 200
content-length: 6660
x-served-by: cache-dca17732-DCA, cache-hhn4044-HHN
access-control-allow-origin: *
x-browser-version: 83
last-modified: Fri, 26 Jun 2020 18:29:29 GMT
x-timer: S1594139001.150958,VS0,VE0
etag: "5ef63e89-1a04"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 328

GET
H2

200

shim.latest.js Show response
js.intercomcdn.com/
Redirect Chain

https://widget.intercom.io/widget/c4gibkh7
https://js.intercomcdn.com/shim.latest.js

7 KB
3 KB

166ms
53ms

Script
application/javascript

13.225.78.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/shim.latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.57 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e412a54d7c7c1b35ec385699cdf2ec505feda5e35c0d0b928e2fe6c3b451ffd7

Request headers

Referer: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 07 Jul 2020 16:22:42 GMT
content-encoding: gzip
age: 40
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 2909
last-modified: Fri, 26 Jun 2020 20:46:44 GMT
server: AmazonS3
etag: "303f78b68334631e3550131df69cf71d"
content-type: application/javascript; charset=UTF-8
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
cache-control: max-age=300, s-maxage=300, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: _hw728CxRTFbhtxq855gcgnKNj7h40c_aK24r-p8GqWt5cQvwfN0YQ==

Redirect headers

date: Fri, 03 Jul 2020 14:21:24 GMT
via: 1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront)
server: AmazonS3
age: 352918
status: 302
x-cache: Hit from cloudfront
location: https://js.intercomcdn.com/shim.latest.js
x-amz-cf-pop: FRA2-C1
content-length: 0
x-amz-cf-id: nHupGhf3bodB2l1RGDUZTl0_rzovdMTqEvCke2JwawgjXFft0J_uyw==

GET
H2 200 hls_video.js Show response
fast.wistia.com/assets/external/engines/ 298 KB
64 KB 6ms
6ms Script
application/javascript 2a04:4e42:1b::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/engines/hls_video.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::622 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a158e99c235a3ffe7f906cdb0f4ece03db4ab9a89e060d0f41d701b1abbf0880

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 07 Jul 2020 16:23:21 GMT
content-encoding: br
vary: Accept-Encoding
age: 3015
x-cache: HIT, HIT
status: 200
content-length: 65209
x-served-by: cache-dca17757-DCA, cache-hhn4044-HHN
access-control-allow-origin: *
x-browser-version: 83
last-modified: Fri, 26 Jun 2020 18:29:29 GMT
x-timer: S1594139001.151848,VS0,VE0
etag: "5ef63e89-feb9"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2, 226

POST
H2 204 x Show response
distillery.wistia.com/ 0
95 B 429ms
144ms XHR
text/plain 18.233.89.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://distillery.wistia.com/x
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.233.89.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: text/plain

Response headers

status: 204
date: Tue, 07 Jul 2020 16:23:21 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-origin: *

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 blank.gif
fast.wistia.com/assets/images/ 1 KB
2 KB 20ms
7ms Image
image/gif 2a04:4e42:1b::622
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.com/assets/images/blank.gif

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::622 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Origin: https://mojohelpdesk.com

Response headers

date: Tue, 07 Jul 2020 16:23:21 GMT
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
age: 3016
x-cache: HIT, HIT
status: 200
x-cache-hits: 1, 338
content-length: 1214
x-served-by: cache-dca17739-DCA, cache-hhn4023-HHN
x-browser-version: 83
last-modified: Tue, 07 Jul 2020 15:27:41 GMT
x-timer: S1594139001.232805,VS0,VE0
etag: "5f04946d-4be"
strict-transport-security: max-age=0
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000, public
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 339fffe0271e5df010f812819ae7bb9f6e2b9c45.m3u8 Show response
embed-fastly.wistia.com/deliveries/ 8 KB
896 B 154ms
51ms XHR
application/vnd.apple.mpegurl 151.101.14.107
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-fastly.wistia.com/deliveries/339fffe0271e5df010f812819ae7bb9f6e2b9c45.m3u8?origin_v2=1
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.107 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a7399c179adbe81daedfebf22da2d04ca36821083ad9f18b5a391714fab16eed

Request headers

Referer: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 07 Jul 2020 16:23:21 GMT
content-encoding: gzip
age: 3109729
edge-cache-tag: 339fffe0271e5df010f812819ae7bb9f6e2b9c45
status: 200
x-cache: HIT, HIT
content-length: 436
access-control-request-method: *
x-served-by: cache-dca17779-DCA, cache-fra19177-FRA
access-control-allow-origin: *
expires: Tue, 01 Jun 2021 16:34:31 GMT
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
x-timer: S1594139001.362265,VS0,VE1
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: application/vnd.apple.mpegurl
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Server,range,Content-Length,Content-Range
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 3, 1

GET
H2 200 seg-1-v1-a1.ts Show response
embed-fastly.wistia.com/deliveries/339fffe0271e5df010f812819ae7bb9f6e2b9c45.m3u8/ 141 KB
142 KB 50ms
50ms XHR
video/mp2t 151.101.14.107
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-fastly.wistia.com/deliveries/339fffe0271e5df010f812819ae7bb9f6e2b9c45.m3u8/seg-1-v1-a1.ts
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.107 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9656cb2f497e0599b41cde536c1e7257978283cea2c67f09f81d36537cf1d42c

Request headers

Referer: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 07 Jul 2020 16:23:21 GMT
via: 1.1 varnish, 1.1 varnish
age: 863588
edge-cache-tag: 339fffe0271e5df010f812819ae7bb9f6e2b9c45
status: 200
x-cache: HIT, HIT
content-length: 144760
access-control-request-method: *
x-served-by: cache-dca17721-DCA, cache-fra19177-FRA
expires: Sun, 27 Jun 2021 16:30:12 GMT
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
x-timer: S1594139001.415706,VS0,VE1
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 1, 1

GET
H2 200 frame-modern.bfc5ae4f.js Show response
js.intercomcdn.com/ Frame B069 224 KB
62 KB 64ms
63ms Script
application/javascript 13.225.78.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/frame-modern.bfc5ae4f.js
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/shim.latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.57 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dc6ac274741db51d51e2b0f0a2f4010641d0d113c896e7d2045ac83a3898b4c8

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 07 Jul 2020 15:13:08 GMT
content-encoding: gzip
age: 4214
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 63245
last-modified: Fri, 26 Jun 2020 20:37:53 GMT
server: AmazonS3
etag: "87abd862085b5db3e00f9f5b8714ba68"
content-type: application/javascript; charset=UTF-8
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: iCU1WfsBvBQOoN4zcKK-fKs6M2VcGySaHEYh8N2F8jj-CxfFVE4yMQ==

GET
H2 200 vendor-modern.e848da36.js Show response
js.intercomcdn.com/ Frame B069 172 KB
52 KB 64ms
64ms Script
application/javascript 13.225.78.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/vendor-modern.e848da36.js
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/shim.latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.57 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dee23f73f0b50b7e1ff167f3a5ba7e90cdcdde9e00b259853906dd6958ea50eb

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 07 Jul 2020 15:55:16 GMT
content-encoding: gzip
age: 1686
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 52330
last-modified: Thu, 25 Jun 2020 21:39:20 GMT
server: AmazonS3
etag: "75a08ac39a8a97f2ac032e5aba980903"
content-type: application/javascript; charset=UTF-8
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: ruzJdmM02M_1Go2n0L6o2rTjTmL3TnmwPpP-7i5Wjsv3PA9dfubmxQ==

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame B069 3 KB
2 KB 749ms
485ms XHR
application/json 75.2.88.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.bfc5ae4f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.88.188 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e4be4311e85028a22cc3c915a5df840ddaedb887b817d5fcdd88946c370dd3cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 07 Jul 2020 16:23:22 GMT
content-encoding: gzip
x-ami-version: ami-0699e9f4521fdd139
status: 200, 200 OK
strict-transport-security: max-age=31556952; includeSubDomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 0008efdksifbanpr7mk0
x-runtime: 0.329191
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"e4be4311e85028a22cc3c915a5df840d"
x-ratelimit-remaining: 19995
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://mojohelpdesk.com
x-intercom-version: 4ed71635f520436f8c55f4401338c50eca7ba869
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-ratelimit-reset: 1594139040
x-ratelimit-limit: 20000
access-control-allow-headers: Content-Type
x-content-type-options: nosniff

GET
H2 204 a
www.googletagmanager.com/ 0
53 B 15ms
14ms Image
image/gif 2a00:1450:4001:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-KRPZJQJ&cv=12&v=3&t=t&pid=1974819384&rv=6o0&es=1&e=gtm.load&eid=6&tc=102&z=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Jul 2020 16:23:21 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
status: 204
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 allIntegrations.js Show response
fast.wistia.com/assets/external/ 20 KB
5 KB 8ms
7ms Script
application/javascript 2a04:4e42:1b::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/allIntegrations.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::622 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

86e0879ab35057678e5943eafa07705f3bc0666f7ce08baa6245b866dcea7bdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 07 Jul 2020 16:23:22 GMT
content-encoding: br
vary: Accept-Encoding
age: 3017
x-cache: HIT, HIT
status: 200
content-length: 4453
x-served-by: cache-dca17729-DCA, cache-hhn4044-HHN
access-control-allow-origin: *
x-browser-version: 83
last-modified: Fri, 26 Jun 2020 18:29:29 GMT
x-timer: S1594139002.153509,VS0,VE0
etag: "5ef63e89-1165"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 214

POST
H/1.1 200
OK / Show response
fg8vvsvnieiv3ej16jby.litix.io/ 0
172 B 157ms
156ms XHR
text/plain 3.210.75.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fg8vvsvnieiv3ej16jby.litix.io/
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/wistia-mux.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.210.75.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 07 Jul 2020 16:23:26 GMT
Connection: keep-alive
Content-Length: 0
Access-Control-Allow-Methods: POST, GET

GET
H2 200 vendors~app-modern.9ca191b4.js Show response
js.intercomcdn.com/ Frame B069 247 KB
76 KB 56ms
55ms Script
application/javascript 13.225.78.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/vendors~app-modern.9ca191b4.js
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.bfc5ae4f.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.57 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2bb376791a25c57571007301353a23985e6872cffbd6947be355798e88e85c0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 07 Jul 2020 16:10:07 GMT
content-encoding: gzip
age: 802
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 76988
last-modified: Thu, 25 Jun 2020 21:39:20 GMT
server: AmazonS3
etag: "9c40d92e78fcc46f0c4395077b35d5cc"
content-type: application/javascript; charset=UTF-8
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: QGe_-RUpQHzvgiE7Iy-Rsnro1ydoFMDyo6cTJRYFnQhxbmc15JKGjg==

GET
H2 200 app-modern.8fdcdcf9.js Show response
js.intercomcdn.com/ Frame B069 65 KB
19 KB 60ms
59ms Script
application/javascript 13.225.78.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/app-modern.8fdcdcf9.js
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.bfc5ae4f.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.57 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 949de2b8216d2c1e5cc1fa2da6f05c91c9a6cec1236540b6e23d0fa34fb898f1

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 07 Jul 2020 16:10:07 GMT
content-encoding: gzip
age: 802
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 19211
last-modified: Thu, 25 Jun 2020 21:39:20 GMT
server: AmazonS3
etag: "0f86101d2b5df63e7fc64a8a69e35f20"
content-type: application/javascript; charset=UTF-8
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: ApbZXoP4YTk2uKEllv2uiRlXKFfMrxvq2misBt3kzrLrYi7WPUwzkQ==

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
cdn.jsdelivr.net
code.jquery.com
distillery.wistia.com
embed-fastly.wistia.com
fast.wistia.com
fg8vvsvnieiv3ej16jby.litix.io
fonts.googleapis.com
fonts.gstatic.com
js.intercomcdn.com
mojohelpdesk.com
mojohelpdesk.montastic.io
r20.rs6.net
stackpath.bootstrapcdn.com
stats.g.doubleclick.net
widget.intercom.io
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
13.224.198.120
13.225.78.57
151.101.14.107
18.233.89.106
2001:4de0:ac19::1:b:1a
208.75.122.11
2a00:1450:4001:801::200a
2a00:1450:4001:817::2003
2a00:1450:4001:818::2004
2a00:1450:4001:819::2003
2a00:1450:4001:824::2008
2a00:1450:4001:824::200e
2a00:1450:400c:c00::9b
2a04:4e42:1b::621
2a04:4e42:1b::622
3.210.75.230
52.10.225.210
52.8.208.151
75.2.88.188
03382a17e092c1f4c47a58f687e921ca29955bdc9a273c4b000b9ebface3d3d0
060e3091553b28946d0819daba0626cea9ab7dfbed76b34ba93884be8acbc99d
08b0ecc6a03a998258237268fda4a3b31cc6360a27e83743c2f89503f780a376
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
10bce7fc623b6a1afdd3a3526eadff99726c748b517daa7bcd40e7930a782193
14698fd9ecf87aeb8611ee5185552cc3d19ac5f5dda2087abf8b109dfc5577be
1484aaa193e1b1db868a6bfedf35644c1cf89fe2de54e8b452b631db18ce2cf2
1d95013b282acbc2bc6c9b613c630d68809d3b2fdb81a212a1c2e1ccad4245da
22e0961669b96258c32e01da385b215aebd60f3a3cf586ab329bcb73bb57413f
2b36622b2d03598b27c0c17e5f50ef427810dbf17117b305dc57fbd97729b8fb
307971fe21d6ef4941c0e08b7768400636c71f44b9ff335857be038e17011b2c
31b9a64530ca997b6bcc15ed933a677acb8659fd3d75c6f54736657bbf69c18e
33c7f6950f53b43589a42b4040175bab18b7923202197d55efea27060ab724de
455f114be43c64dc2586033b0766423e13765df7d94b867d301262a99beef46a
4c575d67f22342308c6bdc002dce3d2bf2eb03c3434846dd8aeb4b2b74b43d43
4ee71a96d95dc85c865f087a914b0d2ff82fef77ddbdf029fa650bf95ce6acd6
50031292972cb958606389c5ad4f10e3079627fa1fe86c7fb15af1e48e2e2060
58dea704d66a63ba759dbe91e7dd70edfc81f2edb9465c7101f7d54380d26d51
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5fb808f67cf42bf3601aee8482917e52a80165e8402ab12cd4c228b40f3177b8
69f3dec8f33332100f7800db8970d61e7d34f89257e0b6c841616e08d7b3d015
7e62064f04ef12e93aee0420ff473aaf816de4d5de30f665284f1ca04dd587f5
86e0879ab35057678e5943eafa07705f3bc0666f7ce08baa6245b866dcea7bdf
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
949de2b8216d2c1e5cc1fa2da6f05c91c9a6cec1236540b6e23d0fa34fb898f1
9656cb2f497e0599b41cde536c1e7257978283cea2c67f09f81d36537cf1d42c
972007a3dd7f43d88ddd67884292e547c78e562b160655f3405c2ab8f6b89f61
9b36679f180d0cd16bbd97fefa0ac3ceeed51cf31882702a5846315bc7902296
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
9da4a03269810c5c0ff90c016a5be086d068708b57285ed38e04b97c0dda1899
a158e99c235a3ffe7f906cdb0f4ece03db4ab9a89e060d0f41d701b1abbf0880
a2bb376791a25c57571007301353a23985e6872cffbd6947be355798e88e85c0
a5ab2a00a0439854f8787a0dda775dea5377ef4905886505c938941d6854ee4f
a7399c179adbe81daedfebf22da2d04ca36821083ad9f18b5a391714fab16eed
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
a7cd961207f9205308848b74517b49d857f093f0e535655d1a7439f894045577
aedbbcbc153a5db1093a96c5a1b4c11eda3b6ae46afee8fd2972d5ea5433a87f
aeed68ebf6e6415908a64fdf038ec12520613bd172062252727a7f325ced4143
af1f5b718c15f3fac8361f7c4ad927d6992a0ab80fc2cdf573116cfa7442dbd4
b9650e81cd574674665417f969830b399feb762223ae441d278098f378d0cda3
bb1dcf707f4654bf3f808d9be488d35d1976e7678a621811921c566163a6b784
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
cb9213f6c8720d124fe24b42fe75c12f4ca7a867d3ff1b34a5710f7a5b1fa902
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
ced575e8166e2af08516bfc0df1a4bdd767f74ca549da82c350de2374d63dd50
d46f9d05767d58b98f2674e029f2981f263737e3e4c0a85ca224da6e31458fd5
d52f07ca5ec918e0cf7f3926242696c5e132da9bebcff416a71ee61a48023202
dc6ac274741db51d51e2b0f0a2f4010641d0d113c896e7d2045ac83a3898b4c8
dea3c2d66b0679ee2db67a21c0a434f3e14d6ac8a2af06877a711151fc32b56d
dee23f73f0b50b7e1ff167f3a5ba7e90cdcdde9e00b259853906dd6958ea50eb
e20f98940ccae602640f7b9207799a9a1b6c87ff644ea46c2747a7d1742e2d4a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e412a54d7c7c1b35ec385699cdf2ec505feda5e35c0d0b928e2fe6c3b451ffd7
e4be4311e85028a22cc3c915a5df840ddaedb887b817d5fcdd88946c370dd3cd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f95b54b32078a1cbf615eb3ec871214c4bce7cd16aab0318493d240bf6495ec3
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

mojohelpdesk.com Open in urlscan Pro 52.10.225.210 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

60 Requests

100 %HTTPS

53 %IPv6

17 Domains

20 Subdomains

16 IPs

5 Countries

2527 kBTransfer

5338 kBSize

0 Cookies

10 Outgoing links

Page URL History

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

mojohelpdesk.com Open in urlscan Pro
52.10.225.210 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

100 %
HTTPS

53 %
IPv6

17
Domains

20
Subdomains

16
IPs

5
Countries

2527 kB
Transfer

5338 kB
Size

0
Cookies

60 HTTP transactions
3 data transactions