Submitted URL: http://r20.rs6.net/tn.jsp?f=001gjmNXVbIsqcIEBmn8mtqa6KCSWwXJjYB1J-VzSgfwPMmyEM5mDNZq0ST6GdANLOFW91EsaKEGNEhmScer-Z8...
Effective URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_mediu...
Submission: On July 07 via manual from US

Summary

This website contacted 16 IPs in 5 countries across 17 domains to perform 60 HTTP transactions. The main IP is 52.10.225.210, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is mojohelpdesk.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on May 9th 2020. Valid for: 3 months.
This is the only time mojohelpdesk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
22 mojohelpdesk.com mojohelpdesk.com
9 fast.wistia.com mojohelpdesk.com
fast.wistia.com
5 js.intercomcdn.com js.intercomcdn.com
5 fonts.gstatic.com mojohelpdesk.com
4 www.googletagmanager.com mojohelpdesk.com
3 embed-fastly.wistia.com mojohelpdesk.com
fast.wistia.com
3 www.google-analytics.com 1 redirects www.googletagmanager.com
www.google-analytics.com
2 cdn.jsdelivr.net mojohelpdesk.com
1 fg8vvsvnieiv3ej16jby.litix.io fast.wistia.com
1 api-iam.intercom.io js.intercomcdn.com
1 distillery.wistia.com fast.wistia.com
1 widget.intercom.io 1 redirects
1 www.google.de mojohelpdesk.com
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 stackpath.bootstrapcdn.com mojohelpdesk.com
1 code.jquery.com mojohelpdesk.com
1 mojohelpdesk.montastic.io mojohelpdesk.com
1 fonts.googleapis.com mojohelpdesk.com
1 r20.rs6.net 1 redirects
60 20
Subject Issuer Validity Valid
www.mojohelpdesk.com
Let's Encrypt Authority X3
2020-05-09 -
2020-08-07
3 months crt.sh
upload.video.google.com
GTS CA 1O1
2020-06-17 -
2020-09-09
3 months crt.sh
montastic.io
Amazon
2019-11-18 -
2020-12-18
a year crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA
2018-10-17 -
2020-10-16
2 years crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2020-06-08 -
2021-04-17
10 months crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA
2019-09-14 -
2020-10-13
a year crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2020-05-29 -
2021-05-07
a year crt.sh
*.google-analytics.com
GTS CA 1O1
2020-06-17 -
2020-09-09
3 months crt.sh
www.google.de
GTS CA 1O1
2020-06-17 -
2020-09-09
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2020-06-17 -
2020-09-09
3 months crt.sh
prospective2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2020-05-28 -
2021-04-20
a year crt.sh
*.intercomcdn.com
Amazon
2020-03-29 -
2021-04-29
a year crt.sh
*.wistia.com
Amazon
2020-04-30 -
2021-05-30
a year crt.sh
*.intercom.com
Amazon
2020-05-13 -
2021-06-13
a year crt.sh
*.litix.io
Amazon
2019-12-25 -
2021-01-25
a year crt.sh

This page contains 2 frames:

Primary Page: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Frame ID: DA10C554423D7A43574162D7DF302E63
Requests: 58 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.bfc5ae4f.js
Frame ID: B0691B634B1813FEE9E31246B26D559D
Requests: 5 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://r20.rs6.net/tn.jsp?f=001gjmNXVbIsqcIEBmn8mtqa6KCSWwXJjYB1J-VzSgfwPMmyEM5mDNZq0ST6GdANLOF... HTTP 302
    https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-rans... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

60
Requests

100 %
HTTPS

53 %
IPv6

17
Domains

20
Subdomains

16
IPs

5
Countries

2527 kB
Transfer

5338 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://r20.rs6.net/tn.jsp?f=001gjmNXVbIsqcIEBmn8mtqa6KCSWwXJjYB1J-VzSgfwPMmyEM5mDNZq0ST6GdANLOFW91EsaKEGNEhmScer-Z8lLukxCfm8j1JNB2ypdyvxW_bBNlshbd85WvHYEaZ9meOUiOZidv8QYkgJhgbUiHFSqW8iRau0MdTB9KDJXlXMAzMyFdfaWD2PlRwHW-YLUODt3PsfWXC_QRxgA0B9LrxCt0sVh7Sr0CxrX7JGYL7kdi-pW732Q1oyq5fuPgpkjqEQ07et-rcmAWXtZhlr6-oYgNp21iKXlZ_i4gqe5eAN0n0Hv48Vd4ViA==&c=rphBUCkQbjOdXRssYDWPoPUP91cMXXzk8hXs3I8VyCtZ_a8PQuhpgg==&ch=S8q2ImbCDnEasUOYALNMrS4fUPgE4ZezomXI7P5V6gFedmOpHQ0O8Q== HTTP 302
    https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1897254719&t=pageview&_s=1&dl=https%3A%2F%2Fmojohelpdesk.com%2F%3F%26utm_campaign%3Demail-campaign-all-lists%26utm_source%3Demail-all-2020-07-07-ransomwareblog%26utm_medium%3Dhomepage-link&ul=en-us&de=UTF-8&dt=Home%20page%20%7C%20Mojo%20Helpdesk&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQ~&jid=1306600320&gjid=1147344431&cid=1953431595.1594138999&tid=UA-254670-17&_gid=627163542.1594138999&_r=1&gtm=2wg6o0KRPZJQJ&z=913566319 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-254670-17&cid=1953431595.1594138999&jid=1306600320&_gid=627163542.1594138999&gjid=1147344431&_v=j83&z=913566319 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-254670-17&cid=1953431595.1594138999&jid=1306600320&_v=j83&z=913566319 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-254670-17&cid=1953431595.1594138999&jid=1306600320&_v=j83&z=913566319&slf_rd=1&random=3386332619
Request Chain 46
  • https://widget.intercom.io/widget/c4gibkh7 HTTP 302
  • https://js.intercomcdn.com/shim.latest.js

60 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
mojohelpdesk.com/
Redirect Chain
  • http://r20.rs6.net/tn.jsp?f=001gjmNXVbIsqcIEBmn8mtqa6KCSWwXJjYB1J-VzSgfwPMmyEM5mDNZq0ST6GdANLOFW91EsaKEGNEhmScer-Z8lLukxCfm8j1JNB2ypdyvxW_bBNlshbd85WvHYEaZ9meOUiOZidv8QYkgJhgbUiHFSqW8iRau0MdTB9KDJX...
  • https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
30 KB
8 KB
Document
General
Full URL
https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.10.225.210 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-10-225-210.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
ced575e8166e2af08516bfc0df1a4bdd767f74ca549da82c350de2374d63dd50

Request headers

Host
mojohelpdesk.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 07 Jul 2020 16:23:18 GMT
Server
Apache/2.4.18 (Ubuntu)
Last-Modified
Mon, 06 Jul 2020 22:03:54 GMT
ETag
"79bd-5a9cd0cf00680-gzip"
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
8047
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html

Redirect headers

Date
Tue, 07 Jul 2020 16:23:18 GMT
Server
Apache
P3P
CP="CAO DSP TAIa OUR NOR UNI"
Location
https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Content-Length
0
Cache-Control
private, no-cache, no-store, max-age=0, must-revalidate, no-cache="Set-Cookie"
Pragma
no-cache
Connection
close
Content-Type
text/html;charset=ISO-8859-1
css2
fonts.googleapis.com/
17 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;1,100;1,300&display=swap
Requested by
Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
455f114be43c64dc2586033b0766423e13765df7d94b867d301262a99beef46a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 07 Jul 2020 16:23:18 GMT
server
ESF
date
Tue, 07 Jul 2020 16:23:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 07 Jul 2020 16:23:18 GMT
swiper.min.css
mojohelpdesk.com/swiper/css/
13 KB
4 KB
Stylesheet
General
Full URL
https://mojohelpdesk.com/swiper/css/swiper.min.css
Requested by
Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.10.225.210 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-10-225-210.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
dea3c2d66b0679ee2db67a21c0a434f3e14d6ac8a2af06877a711151fc32b56d

Request headers

Referer
https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 07 Jul 2020 16:23:18 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Jul 2020 22:03:54 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"356e-5a9cd0cf00680-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
4128
all.min.9da4a03269810c5c0ff90c016a5be086d068708b57285ed38e04b97c0dda1899.css
mojohelpdesk.com/css/
187 KB
32 KB
Stylesheet
General
Full URL
https://mojohelpdesk.com/css/all.min.9da4a03269810c5c0ff90c016a5be086d068708b57285ed38e04b97c0dda1899.css
Requested by
Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.10.225.210 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-10-225-210.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
9da4a03269810c5c0ff90c016a5be086d068708b57285ed38e04b97c0dda1899

Request headers

Referer
https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 07 Jul 2020 16:23:19 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Jul 2020 22:03:54 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"2ecda-5a9cd0cf00680-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
32092
mojo-star.svg
mojohelpdesk.com/images/
1 KB
2 KB
Image
General
Full URL
https://mojohelpdesk.com/images/mojo-star.svg
Requested by
Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.10.225.210 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-10-225-210.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
972007a3dd7f43d88ddd67884292e547c78e562b160655f3405c2ab8f6b89f61

Request headers

Referer
https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 07 Jul 2020 16:23:19 GMT
Last-Modified
Mon, 06 Jul 2020 22:03:54 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"52c-5a9cd0cf00680"
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
1324
mojo-ui_hu9c65a02771cc396ec93a6c53790788c2_263735_900x800_fit_box_2.png
mojohelpdesk.com/
66 KB
67 KB
Image
General
Full URL
https://mojohelpdesk.com/mojo-ui_hu9c65a02771cc396ec93a6c53790788c2_263735_900x800_fit_box_2.png
Requested by
Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.10.225.210 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-10-225-210.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
b9650e81cd574674665417f969830b399feb762223ae441d278098f378d0cda3

Request headers

Referer
https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 07 Jul 2020 16:23:19 GMT
Last-Modified
Mon, 06 Jul 2020 22:03:54 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"10940-5a9cd0cf00680"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
67904
watch_arrow.png
mojohelpdesk.com/_home-images/
19 KB
19 KB
Image
General
Full URL
https://mojohelpdesk.com/_home-images/watch_arrow.png
Requested by
Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.10.225.210 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-10-225-210.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
aeed68ebf6e6415908a64fdf038ec12520613bd172062252727a7f325ced4143

Request headers

Referer
https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 07 Jul 2020 16:23:19 GMT
Last-Modified
Mon, 06 Jul 2020 22:03:54 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"4a81-5a9cd0cf00680"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
19073
call-center-1200x800_hu3f201af50b1d914011d21f054aa53cbb_152409_600x0_resize_q75_box.jpg
mojohelpdesk.com/
45 KB
46 KB
Image
General
Full URL
https://mojohelpdesk.com/call-center-1200x800_hu3f201af50b1d914011d21f054aa53cbb_152409_600x0_resize_q75_box.jpg
Requested by
Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.10.225.210 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-10-225-210.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
e20f98940ccae602640f7b9207799a9a1b6c87ff644ea46c2747a7d1742e2d4a

Request headers

Referer
https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 07 Jul 2020 16:23:19 GMT
Last-Modified
Mon, 06 Jul 2020 22:03:54 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"b524-5a9cd0cf00680"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
46372
burnout.png
mojohelpdesk.com/
441 KB
441 KB
Image
General
Full URL
https://mojohelpdesk.com/burnout.png
Requested by
Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.10.225.210 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-10-225-210.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
58dea704d66a63ba759dbe91e7dd70edfc81f2edb9465c7101f7d54380d26d51

Request headers

Referer
https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 07 Jul 2020 16:23:19 GMT
Last-Modified
Mon, 06 Jul 2020 22:03:54 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"6e443-5a9cd0cf00680"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
451651
undraw_analysis.png
mojohelpdesk.com/
72 KB
72 KB
Image
General
Full URL
https://mojohelpdesk.com/undraw_analysis.png
Requested by
Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.10.225.210 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-10-225-210.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
4ee71a96d95dc85c865f087a914b0d2ff82fef77ddbdf029fa650bf95ce6acd6

Request headers

Referer
https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 07 Jul 2020 16:23:20 GMT
Last-Modified
Mon, 06 Jul 2020 22:03:54 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"12001-5a9cd0cf00680"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
73729
11-points-hd.jpg
mojohelpdesk.com/
111 KB
112 KB
Image
General
Full URL
https://mojohelpdesk.com/11-points-hd.jpg
Requested by
Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.10.225.210 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-10-225-210.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
33c7f6950f53b43589a42b4040175bab18b7923202197d55efea27060ab724de

Request headers

Referer
https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 07 Jul 2020 16:23:20 GMT
Last-Modified
Mon, 06 Jul 2020 22:03:54 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"1bd49-5a9cd0cf00680"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
113993
is_mojo_right.png
mojohelpdesk.com/webinars/
194 KB
195 KB
Image
General
Full URL
https://mojohelpdesk.com/webinars/is_mojo_right.png
Requested by
Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.10.225.210 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-10-225-210.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
22e0961669b96258c32e01da385b215aebd60f3a3cf586ab329bcb73bb57413f

Request headers

Referer
https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 07 Jul 2020 16:23:20 GMT
Last-Modified
Mon, 06 Jul 2020 22:03:54 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"308f9-5a9cd0cf00680"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
198905
cyber-secu.png
mojohelpdesk.com/webinars/
182 KB
182 KB
Image
General
Full URL
https://mojohelpdesk.com/webinars/cyber-secu.png
Requested by
Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.10.225.210 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-10-225-210.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
d46f9d05767d58b98f2674e029f2981f263737e3e4c0a85ca224da6e31458fd5

Request headers

Referer
https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 07 Jul 2020 16:23:20 GMT
Last-Modified
Mon, 06 Jul 2020 22:03:54 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"2d66d-5a9cd0cf00680"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
185965
save-hundred-of-thousand.png
mojohelpdesk.com/webinars/
39 KB
39 KB
Image
General
Full URL
https://mojohelpdesk.com/webinars/save-hundred-of-thousand.png
Requested by
Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.10.225.210 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-10-225-210.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
9b36679f180d0cd16bbd97fefa0ac3ceeed51cf31882702a5846315bc7902296

Request headers

Referer
https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 07 Jul 2020 16:23:20 GMT
Last-Modified
Mon, 06 Jul 2020 22:03:54 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"9b85-5a9cd0cf00680"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
39813
badge
mojohelpdesk.montastic.io/
929 B
2 KB
Image
General
Full URL
https://mojohelpdesk.montastic.io/badge
Requested by
Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.8.208.151 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.12.1 /
Resource Hash
7e62064f04ef12e93aee0420ff473aaf816de4d5de30f665284f1ca04dd587f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 07 Jul 2020 16:23:19 GMT
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Content-Transfer-Encoding
binary
Content-Disposition
inline; filename="website-OK-brightgreen.svg"
Connection
keep-alive
Content-Length
929
X-XSS-Protection
1; mode=block
X-Request-Id
c574b831-e016-4e83-ad0d-e8c413901f30
X-Runtime
0.024140
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx/1.12.1
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/svg+xml
Cache-Control
private
jquery-3.4.1.slim.min.js
code.jquery.com/
69 KB
24 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.4.1.slim.min.js
Requested by
Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
a5ab2a00a0439854f8787a0dda775dea5377ef4905886505c938941d6854ee4f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Origin
https://mojohelpdesk.com

Response headers

Date
Tue, 07 Jul 2020 16:23:18 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 May 2019 21:14:27 GMT
Server
nginx
ETag
W/"5cca0c33-1157d"
Vary
Accept-Encoding
X-HW
1594138998.dop146.fr8.t,1594138998.cds072.fr8.shn,1594138998.dop146.fr8.t,1594138998.cds121.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
24328
popper.min.js
cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/
21 KB
8 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/popper.min.js
Requested by
Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Origin
https://mojohelpdesk.com

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
4553530
x-cache
MISS, HIT
status
200
content-length
7510
etag
W/"5309-YvI45zNIx3656GVCan0bfeI8uy0"
x-served-by
cache-fra19160-FRA, cache-hhn4051-HHN
date
Tue, 07 Jul 2020 16:23:18 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/
59 KB
16 KB
Script
General
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js
Requested by
Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Origin
https://mojohelpdesk.com

Response headers

date
Tue, 07 Jul 2020 16:23:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 28 Nov 2019 17:52:52 GMT
status
200
etag
"1574963572"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
15919
lazyload.min.js
cdn.jsdelivr.net/npm/vanilla-lazyload@16.1.0/dist/
8 KB
3 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/vanilla-lazyload@16.1.0/dist/lazyload.min.js
Requested by
Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
69f3dec8f33332100f7800db8970d61e7d34f89257e0b6c841616e08d7b3d015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
3668887
x-cache
HIT, HIT
status
200
content-length
2707
etag
W/"1ed3-lOI4QsYnIdBSu9iBAzl2MkTgMJc"
x-served-by
cache-fra19164-FRA, cache-hhn4070-HHN
date
Tue, 07 Jul 2020 16:23:18 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
swiper.min.js
mojohelpdesk.com/swiper/js/
137 KB
35 KB
Script
General
Full URL
https://mojohelpdesk.com/swiper/js/swiper.min.js
Requested by
Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.10.225.210 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-10-225-210.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
31b9a64530ca997b6bcc15ed933a677acb8659fd3d75c6f54736657bbf69c18e

Request headers

Referer
https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 07 Jul 2020 16:23:20 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Jul 2020 22:03:54 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"22208-5a9cd0cf00680-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
35679
trusted-by-brands.min.aedbbcbc153a5db1093a96c5a1b4c11eda3b6ae46afee8fd2972d5ea5433a87f.js
mojohelpdesk.com/js/shortcodes/
361 B
546 B
Script
General
Full URL
https://mojohelpdesk.com/js/shortcodes/trusted-by-brands.min.aedbbcbc153a5db1093a96c5a1b4c11eda3b6ae46afee8fd2972d5ea5433a87f.js
Requested by
Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.10.225.210 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-10-225-210.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
aedbbcbc153a5db1093a96c5a1b4c11eda3b6ae46afee8fd2972d5ea5433a87f

Request headers

Referer
https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 07 Jul 2020 16:23:20 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Jul 2020 22:03:54 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"169-5a9cd0cf00680-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
197
a-title-3-card-hover-links.min.50031292972cb958606389c5ad4f10e3079627fa1fe86c7fb15af1e48e2e2060.js
mojohelpdesk.com/js/shortcodes/
181 B
513 B
Script
General
Full URL
https://mojohelpdesk.com/js/shortcodes/a-title-3-card-hover-links.min.50031292972cb958606389c5ad4f10e3079627fa1fe86c7fb15af1e48e2e2060.js
Requested by
Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.10.225.210 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-10-225-210.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
50031292972cb958606389c5ad4f10e3079627fa1fe86c7fb15af1e48e2e2060

Request headers

Referer
https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 07 Jul 2020 16:23:20 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Jul 2020 22:03:54 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"b5-5a9cd0cf00680-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
165
gdpr.min.af1f5b718c15f3fac8361f7c4ad927d6992a0ab80fc2cdf573116cfa7442dbd4.js
mojohelpdesk.com/js/
9 KB
4 KB
Script
General
Full URL
https://mojohelpdesk.com/js/gdpr.min.af1f5b718c15f3fac8361f7c4ad927d6992a0ab80fc2cdf573116cfa7442dbd4.js
Requested by
Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.10.225.210 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-10-225-210.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
af1f5b718c15f3fac8361f7c4ad927d6992a0ab80fc2cdf573116cfa7442dbd4

Request headers

Referer
https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 07 Jul 2020 16:23:20 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Jul 2020 22:03:54 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"240d-5a9cd0cf00680-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
3354
comparison.min.d52f07ca5ec918e0cf7f3926242696c5e132da9bebcff416a71ee61a48023202.js
mojohelpdesk.com/js/
1 KB
796 B
Script
General
Full URL
https://mojohelpdesk.com/js/comparison.min.d52f07ca5ec918e0cf7f3926242696c5e132da9bebcff416a71ee61a48023202.js
Requested by
Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.10.225.210 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-10-225-210.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
d52f07ca5ec918e0cf7f3926242696c5e132da9bebcff416a71ee61a48023202

Request headers

Referer
https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 07 Jul 2020 16:23:20 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Jul 2020 22:03:54 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"4be-5a9cd0cf00680-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
447
lazyload.min.10bce7fc623b6a1afdd3a3526eadff99726c748b517daa7bcd40e7930a782193.js
mojohelpdesk.com/js/
61 B
356 B
Script
General
Full URL
https://mojohelpdesk.com/js/lazyload.min.10bce7fc623b6a1afdd3a3526eadff99726c748b517daa7bcd40e7930a782193.js
Requested by
Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.10.225.210 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-10-225-210.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
10bce7fc623b6a1afdd3a3526eadff99726c748b517daa7bcd40e7930a782193

Request headers

Referer
https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 07 Jul 2020 16:23:20 GMT
Last-Modified
Mon, 06 Jul 2020 22:03:54 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"3d-5a9cd0cf00680"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
61
helpdesk-training-guide.min.bb1dcf707f4654bf3f808d9be488d35d1976e7678a621811921c566163a6b784.js
mojohelpdesk.com/js/
602 B
616 B
Script
General
Full URL
https://mojohelpdesk.com/js/helpdesk-training-guide.min.bb1dcf707f4654bf3f808d9be488d35d1976e7678a621811921c566163a6b784.js
Requested by
Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.10.225.210 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-10-225-210.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
bb1dcf707f4654bf3f808d9be488d35d1976e7678a621811921c566163a6b784

Request headers

Referer
https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 07 Jul 2020 16:23:20 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Jul 2020 22:03:54 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"25a-5a9cd0cf00680-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
267
all.min.js
mojohelpdesk.com/fortawesome/
1 MB
423 KB
Script
General
Full URL
https://mojohelpdesk.com/fortawesome/all.min.js
Requested by
Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.10.225.210 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-10-225-210.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
2b36622b2d03598b27c0c17e5f50ef427810dbf17117b305dc57fbd97729b8fb

Request headers

Referer
https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 07 Jul 2020 16:23:20 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Jul 2020 22:03:54 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"11e248-5a9cd0cf00680-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
E-v1.js
fast.wistia.com/assets/external/
654 KB
119 KB
Script
General
Full URL
https://fast.wistia.com/assets/external/E-v1.js
Requested by
Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::622 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cb9213f6c8720d124fe24b42fe75c12f4ca7a867d3ff1b34a5710f7a5b1fa902
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 07 Jul 2020 16:23:18 GMT
content-encoding
br
vary
Accept-Encoding
age
3014
x-cache
HIT, HIT
status
200
content-length
121177
x-served-by
cache-dca17745-DCA, cache-hhn4044-HHN
access-control-allow-origin
*
x-browser-version
83
last-modified
Fri, 26 Jun 2020 18:29:29 GMT
x-timer
S1594138999.855825,VS0,VE0
etag
"5ef63e89-1d959"
strict-transport-security
max-age=0
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=3600
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 590
gtm.js
www.googletagmanager.com/
123 KB
31 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KRPZJQJ
Requested by
Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
03382a17e092c1f4c47a58f687e921ca29955bdc9a273c4b000b9ebface3d3d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 07 Jul 2020 16:23:18 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31473
x-xss-protection
0
last-modified
Tue, 07 Jul 2020 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 07 Jul 2020 16:23:18 GMT
analytics.js
www.google-analytics.com/
45 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KRPZJQJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
460
date
Tue, 07 Jul 2020 16:15:38 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Tue, 07 Jul 2020 18:15:38 GMT
js
www.google-analytics.com/gtm/
70 KB
28 KB
Script
General
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-PQJJVCS&t=gtm1&cid=1953431595.1594138999
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1484aaa193e1b1db868a6bfedf35644c1cf89fe2de54e8b452b631db18ce2cf2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 07 Jul 2020 16:23:18 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28208
x-xss-protection
0
last-modified
Tue, 07 Jul 2020 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 07 Jul 2020 16:23:18 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1897254719&t=pageview&_s=1&dl=https%3A%2F%2Fmojohelpdesk.com%2F%3F%26utm_campaign%3Demail-campaign-all-lists%26utm_source%3Demail-all-2020-07...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-254670-17&cid=1953431595.1594138999&jid=1306600320&_gid=627163542.1594138999&gjid=1147344431&_v=j83&z=913566319
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-254670-17&cid=1953431595.1594138999&jid=1306600320&_v=j83&z=913566319
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-254670-17&cid=1953431595.1594138999&jid=1306600320&_v=j83&z=913566319&slf_rd=1&random=3386332619
42 B
106 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-254670-17&cid=1953431595.1594138999&jid=1306600320&_v=j83&z=913566319&slf_rd=1&random=3386332619
Requested by
Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jul 2020 16:23:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Jul 2020 16:23:19 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-254670-17&cid=1953431595.1594138999&jid=1306600320&_v=j83&z=913566319&slf_rd=1&random=3386332619
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/
0
63 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=GTM-KRPZJQJ&cv=12&v=3&t=t&pid=1974819384&rv=6o0&es=1&e=gtm.js&eid=0&tc=102&tr=1gclidw.1opt.1paused.1paused.1paused.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.5gclidw.6paused.6paused.6paused.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5lcl.5opt.1ua.5ua&ti=1gclidw.1opt.1paused.1paused.1paused.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1gclidw.1paused.1paused.1paused.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1opt.1ua.1ua&z=0
Requested by
Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jul 2020 16:23:19 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
status
204
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;1,100;1,300&display=swap
Origin
https://mojohelpdesk.com

Response headers

date
Wed, 10 Jun 2020 14:25:07 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
2339892
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11020
x-xss-protection
0
expires
Thu, 10 Jun 2021 14:25:07 GMT
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
Requested by
Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;1,100;1,300&display=swap
Origin
https://mojohelpdesk.com

Response headers

date
Fri, 12 Jun 2020 00:19:42 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:52 GMT
server
sffe
age
2217817
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11180
x-xss-protection
0
expires
Sat, 12 Jun 2021 00:19:42 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;1,100;1,300&display=swap
Origin
https://mojohelpdesk.com

Response headers

date
Fri, 12 Jun 2020 20:41:36 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
2144503
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Sat, 12 Jun 2021 20:41:36 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;1,100;1,300&display=swap
Origin
https://mojohelpdesk.com

Response headers

date
Thu, 11 Jun 2020 20:50:20 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
2230379
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11056
x-xss-protection
0
expires
Fri, 11 Jun 2021 20:50:20 GMT
KFOjCnqEu92Fr1Mu51TjASc6CsTYl4BO.woff2
fonts.gstatic.com/s/roboto/v20/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOjCnqEu92Fr1Mu51TjASc6CsTYl4BO.woff2
Requested by
Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c575d67f22342308c6bdc002dce3d2bf2eb03c3434846dd8aeb4b2b74b43d43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;1,100;1,300&display=swap
Origin
https://mojohelpdesk.com

Response headers

date
Fri, 12 Jun 2020 20:32:21 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:39 GMT
server
sffe
age
2145058
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12824
x-xss-protection
0
expires
Sat, 12 Jun 2021 20:32:21 GMT
popover.js
fast.wistia.com/assets/external/
124 KB
25 KB
Script
General
Full URL
https://fast.wistia.com/assets/external/popover.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::622 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
08b0ecc6a03a998258237268fda4a3b31cc6360a27e83743c2f89503f780a376
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 07 Jul 2020 16:23:19 GMT
content-encoding
br
vary
Accept-Encoding
age
3015
x-cache
HIT, HIT
status
200
content-length
25845
x-served-by
cache-dca17754-DCA, cache-hhn4044-HHN
access-control-allow-origin
*
x-browser-version
83
last-modified
Fri, 26 Jun 2020 18:29:29 GMT
x-timer
S1594139000.772640,VS0,VE0
etag
"5ef63e89-64f5"
strict-transport-security
max-age=0
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=3600
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 85
wistia-mux.js
fast.wistia.com/assets/external/
94 KB
25 KB
Script
General
Full URL
https://fast.wistia.com/assets/external/wistia-mux.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::622 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a7cd961207f9205308848b74517b49d857f093f0e535655d1a7439f894045577
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 07 Jul 2020 16:23:19 GMT
content-encoding
br
vary
Accept-Encoding
age
3015
x-cache
HIT, HIT
status
200
content-length
25168
x-served-by
cache-dca17764-DCA, cache-hhn4044-HHN
access-control-allow-origin
*
x-browser-version
83
last-modified
Fri, 26 Jun 2020 18:29:29 GMT
x-timer
S1594139000.772619,VS0,VE0
etag
"5ef63e89-6250"
strict-transport-security
max-age=0
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=3600
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 337
fh62s4ovbx.json
fast.wistia.com/embed/medias/
4 KB
2 KB
Script
General
Full URL
https://fast.wistia.com/embed/medias/fh62s4ovbx.json?callback=wistiajson1
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::622 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
307971fe21d6ef4941c0e08b7768400636c71f44b9ff335857be038e17011b2c
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

Referer
https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 07 Jul 2020 16:23:19 GMT
x-player-privacy-mode
1
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
81232
x-cache
HIT, HIT
p3p
CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
status
200
content-encoding
br
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-length
1400
x-request-id
f1ff50d3ec8ff307700d955e7212d8a8
x-served-by
cache-dca17758-DCA, cache-hhn4044-HHN
x-runtime
0.056957
access-control-allow-origin
*
referrer-policy
strict-origin-when-cross-origin
x-timer
S1594139000.794408,VS0,VE1
etag
W/"307971fe21d6ef4941c0e08b77684006"
x-download-options
noopen
strict-transport-security
max-age=0
content-type
text/javascript; charset=utf-8
via
1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
cache-control
public, no-cache
x-browser
chrome
x-browser-version
83
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 1
share-v2.js
fast.wistia.com/assets/external/
28 KB
6 KB
Script
General
Full URL
https://fast.wistia.com/assets/external/share-v2.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::622 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1d95013b282acbc2bc6c9b613c630d68809d3b2fdb81a212a1c2e1ccad4245da
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 07 Jul 2020 16:23:19 GMT
content-encoding
br
vary
Accept-Encoding
age
3014
x-cache
HIT, HIT
status
200
content-length
5628
x-served-by
cache-dca17766-DCA, cache-hhn4044-HHN
access-control-allow-origin
*
x-browser-version
83
last-modified
Fri, 26 Jun 2020 18:29:29 GMT
x-timer
S1594139000.833405,VS0,VE0
etag
"5ef63e89-15fc"
strict-transport-security
max-age=0
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=3600
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2, 43
truncated
/
3 KB
3 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
060e3091553b28946d0819daba0626cea9ab7dfbed76b34ba93884be8acbc99d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
Origin
https://mojohelpdesk.com

Response headers

Content-Type
application/x-font-woff;charset=utf-8
051243ac279bb498f695098e28e9487c.webp
embed-fastly.wistia.com/deliveries/
19 KB
19 KB
Image
General
Full URL
https://embed-fastly.wistia.com/deliveries/051243ac279bb498f695098e28e9487c.webp?image_crop_resized=1920x1080
Requested by
Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.107 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
14698fd9ecf87aeb8611ee5185552cc3d19ac5f5dda2087abf8b109dfc5577be

Request headers

Referer
https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 07 Jul 2020 16:23:20 GMT
via
1.1 varnish, 1.1 varnish
age
984426
edge-cache-tag
051243ac279bb498f695098e28e9487c
status
200
x-cache-hits
1, 1
x-cache
HIT, HIT
content-length
19066
access-control-request-method
*
x-served-by
cache-dca17758-DCA, cache-fra19130-FRA
last-modified
Wed, 22 Apr 2020 19:28:14 UTC
x-timer
S1594139000.029136,VS0,VE1
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
image/webp
access-control-allow-origin
*
content-disposition
inline
cache-control
max-age=31536000
accept-ranges
bytes
access-control-expose-headers
Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
a
www.googletagmanager.com/
0
53 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=GTM-KRPZJQJ&cv=12&v=3&t=t&pid=1974819384&rv=6o0&es=1&e=gtm.dom&eid=5&tc=102&z=0
Requested by
Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jul 2020 16:23:20 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
status
204
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
happy-user-1200x1425_hu3f0a9a5cf47f93df5b7103430913d917_140719_600x0_resize_q75_box.jpg
mojohelpdesk.com/
26 KB
26 KB
Image
General
Full URL
https://mojohelpdesk.com/happy-user-1200x1425_hu3f0a9a5cf47f93df5b7103430913d917_140719_600x0_resize_q75_box.jpg
Requested by
Host: mojohelpdesk.com
URL: https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.10.225.210 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-10-225-210.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
f95b54b32078a1cbf615eb3ec871214c4bce7cd16aab0318493d240bf6495ec3

Request headers

Referer
https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 07 Jul 2020 16:23:20 GMT
Last-Modified
Mon, 06 Jul 2020 22:03:54 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"6849-5a9cd0cf00680"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
26697
playPauseLoadingControl.js
fast.wistia.com/assets/external/
37 KB
7 KB
Script
General
Full URL
https://fast.wistia.com/assets/external/playPauseLoadingControl.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::622 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5fb808f67cf42bf3601aee8482917e52a80165e8402ab12cd4c228b40f3177b8
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 07 Jul 2020 16:23:21 GMT
content-encoding
br
vary
Accept-Encoding
age
3017
x-cache
HIT, HIT
status
200
content-length
6660
x-served-by
cache-dca17732-DCA, cache-hhn4044-HHN
access-control-allow-origin
*
x-browser-version
83
last-modified
Fri, 26 Jun 2020 18:29:29 GMT
x-timer
S1594139001.150958,VS0,VE0
etag
"5ef63e89-1a04"
strict-transport-security
max-age=0
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=3600
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 328
shim.latest.js
js.intercomcdn.com/
Redirect Chain
  • https://widget.intercom.io/widget/c4gibkh7
  • https://js.intercomcdn.com/shim.latest.js
7 KB
3 KB
Script
General
Full URL
https://js.intercomcdn.com/shim.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.57 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e412a54d7c7c1b35ec385699cdf2ec505feda5e35c0d0b928e2fe6c3b451ffd7

Request headers

Referer
https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 07 Jul 2020 16:22:42 GMT
content-encoding
gzip
age
40
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
2909
last-modified
Fri, 26 Jun 2020 20:46:44 GMT
server
AmazonS3
etag
"303f78b68334631e3550131df69cf71d"
content-type
application/javascript; charset=UTF-8
via
1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
cache-control
max-age=300, s-maxage=300, public
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
_hw728CxRTFbhtxq855gcgnKNj7h40c_aK24r-p8GqWt5cQvwfN0YQ==

Redirect headers

date
Fri, 03 Jul 2020 14:21:24 GMT
via
1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront)
server
AmazonS3
age
352918
status
302
x-cache
Hit from cloudfront
location
https://js.intercomcdn.com/shim.latest.js
x-amz-cf-pop
FRA2-C1
content-length
0
x-amz-cf-id
nHupGhf3bodB2l1RGDUZTl0_rzovdMTqEvCke2JwawgjXFft0J_uyw==
hls_video.js
fast.wistia.com/assets/external/engines/
298 KB
64 KB
Script
General
Full URL
https://fast.wistia.com/assets/external/engines/hls_video.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::622 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a158e99c235a3ffe7f906cdb0f4ece03db4ab9a89e060d0f41d701b1abbf0880
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 07 Jul 2020 16:23:21 GMT
content-encoding
br
vary
Accept-Encoding
age
3015
x-cache
HIT, HIT
status
200
content-length
65209
x-served-by
cache-dca17757-DCA, cache-hhn4044-HHN
access-control-allow-origin
*
x-browser-version
83
last-modified
Fri, 26 Jun 2020 18:29:29 GMT
x-timer
S1594139001.151848,VS0,VE0
etag
"5ef63e89-feb9"
strict-transport-security
max-age=0
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=3600
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2, 226
x
distillery.wistia.com/
0
95 B
XHR
General
Full URL
https://distillery.wistia.com/x
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.89.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type
text/plain

Response headers

status
204
date
Tue, 07 Jul 2020 16:23:21 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-origin
*
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
715 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
blank.gif
fast.wistia.com/assets/images/
1 KB
2 KB
Image
General
Full URL
https://fast.wistia.com/assets/images/blank.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::622 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
Origin
https://mojohelpdesk.com

Response headers

date
Tue, 07 Jul 2020 16:23:21 GMT
via
1.1 varnish, 1.1 varnish
vary
Accept-Encoding
age
3016
x-cache
HIT, HIT
status
200
x-cache-hits
1, 338
content-length
1214
x-served-by
cache-dca17739-DCA, cache-hhn4023-HHN
x-browser-version
83
last-modified
Tue, 07 Jul 2020 15:27:41 GMT
x-timer
S1594139001.232805,VS0,VE0
etag
"5f04946d-4be"
strict-transport-security
max-age=0
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=315360000, public
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
339fffe0271e5df010f812819ae7bb9f6e2b9c45.m3u8
embed-fastly.wistia.com/deliveries/
8 KB
896 B
XHR
General
Full URL
https://embed-fastly.wistia.com/deliveries/339fffe0271e5df010f812819ae7bb9f6e2b9c45.m3u8?origin_v2=1
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.107 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a7399c179adbe81daedfebf22da2d04ca36821083ad9f18b5a391714fab16eed

Request headers

Referer
https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 07 Jul 2020 16:23:21 GMT
content-encoding
gzip
age
3109729
edge-cache-tag
339fffe0271e5df010f812819ae7bb9f6e2b9c45
status
200
x-cache
HIT, HIT
content-length
436
access-control-request-method
*
x-served-by
cache-dca17779-DCA, cache-fra19177-FRA
access-control-allow-origin
*
expires
Tue, 01 Jun 2021 16:34:31 GMT
last-modified
Mon, 05 Nov 2018 10:11:00 GMT
x-timer
S1594139001.362265,VS0,VE1
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
application/vnd.apple.mpegurl
via
1.1 varnish, 1.1 varnish
access-control-expose-headers
Server,range,Content-Length,Content-Range
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
3, 1
seg-1-v1-a1.ts
embed-fastly.wistia.com/deliveries/339fffe0271e5df010f812819ae7bb9f6e2b9c45.m3u8/
141 KB
142 KB
XHR
General
Full URL
https://embed-fastly.wistia.com/deliveries/339fffe0271e5df010f812819ae7bb9f6e2b9c45.m3u8/seg-1-v1-a1.ts
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.107 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9656cb2f497e0599b41cde536c1e7257978283cea2c67f09f81d36537cf1d42c

Request headers

Referer
https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 07 Jul 2020 16:23:21 GMT
via
1.1 varnish, 1.1 varnish
age
863588
edge-cache-tag
339fffe0271e5df010f812819ae7bb9f6e2b9c45
status
200
x-cache
HIT, HIT
content-length
144760
access-control-request-method
*
x-served-by
cache-dca17721-DCA, cache-fra19177-FRA
expires
Sun, 27 Jun 2021 16:30:12 GMT
last-modified
Mon, 05 Nov 2018 10:11:00 GMT
x-timer
S1594139001.415706,VS0,VE1
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
video/MP2T
access-control-allow-origin
*
access-control-expose-headers
Server,range,Content-Length,Content-Range
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
1, 1
frame-modern.bfc5ae4f.js
js.intercomcdn.com/ Frame B069
224 KB
62 KB
Script
General
Full URL
https://js.intercomcdn.com/frame-modern.bfc5ae4f.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/shim.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.57 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dc6ac274741db51d51e2b0f0a2f4010641d0d113c896e7d2045ac83a3898b4c8

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 07 Jul 2020 15:13:08 GMT
content-encoding
gzip
age
4214
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
63245
last-modified
Fri, 26 Jun 2020 20:37:53 GMT
server
AmazonS3
etag
"87abd862085b5db3e00f9f5b8714ba68"
content-type
application/javascript; charset=UTF-8
via
1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
iCU1WfsBvBQOoN4zcKK-fKs6M2VcGySaHEYh8N2F8jj-CxfFVE4yMQ==
vendor-modern.e848da36.js
js.intercomcdn.com/ Frame B069
172 KB
52 KB
Script
General
Full URL
https://js.intercomcdn.com/vendor-modern.e848da36.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/shim.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.57 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dee23f73f0b50b7e1ff167f3a5ba7e90cdcdde9e00b259853906dd6958ea50eb

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 07 Jul 2020 15:55:16 GMT
content-encoding
gzip
age
1686
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
52330
last-modified
Thu, 25 Jun 2020 21:39:20 GMT
server
AmazonS3
etag
"75a08ac39a8a97f2ac032e5aba980903"
content-type
application/javascript; charset=UTF-8
via
1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
ruzJdmM02M_1Go2n0L6o2rTjTmL3TnmwPpP-7i5Wjsv3PA9dfubmxQ==
ping
api-iam.intercom.io/messenger/web/ Frame B069
3 KB
2 KB
XHR
General
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.bfc5ae4f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.88.188 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e4be4311e85028a22cc3c915a5df840ddaedb887b817d5fcdd88946c370dd3cd
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 07 Jul 2020 16:23:22 GMT
content-encoding
gzip
x-ami-version
ami-0699e9f4521fdd139
status
200, 200 OK
strict-transport-security
max-age=31556952; includeSubDomains; preload
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
0008efdksifbanpr7mk0
x-runtime
0.329191
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"e4be4311e85028a22cc3c915a5df840d"
x-ratelimit-remaining
19995
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://mojohelpdesk.com
x-intercom-version
4ed71635f520436f8c55f4401338c50eca7ba869
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-ratelimit-reset
1594139040
x-ratelimit-limit
20000
access-control-allow-headers
Content-Type
x-content-type-options
nosniff
a
www.googletagmanager.com/
0
53 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=GTM-KRPZJQJ&cv=12&v=3&t=t&pid=1974819384&rv=6o0&es=1&e=gtm.load&eid=6&tc=102&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jul 2020 16:23:21 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
status
204
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
allIntegrations.js
fast.wistia.com/assets/external/
20 KB
5 KB
Script
General
Full URL
https://fast.wistia.com/assets/external/allIntegrations.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::622 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
86e0879ab35057678e5943eafa07705f3bc0666f7ce08baa6245b866dcea7bdf
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 07 Jul 2020 16:23:22 GMT
content-encoding
br
vary
Accept-Encoding
age
3017
x-cache
HIT, HIT
status
200
content-length
4453
x-served-by
cache-dca17729-DCA, cache-hhn4044-HHN
access-control-allow-origin
*
x-browser-version
83
last-modified
Fri, 26 Jun 2020 18:29:29 GMT
x-timer
S1594139002.153509,VS0,VE0
etag
"5ef63e89-1165"
strict-transport-security
max-age=0
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=3600
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 214
/
fg8vvsvnieiv3ej16jby.litix.io/
0
172 B
XHR
General
Full URL
https://fg8vvsvnieiv3ej16jby.litix.io/
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/wistia-mux.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.75.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mojohelpdesk.com/?&utm_campaign=email-campaign-all-lists&utm_source=email-all-2020-07-07-ransomwareblog&utm_medium=homepage-link
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 07 Jul 2020 16:23:26 GMT
Connection
keep-alive
Content-Length
0
Access-Control-Allow-Methods
POST, GET
vendors~app-modern.9ca191b4.js
js.intercomcdn.com/ Frame B069
247 KB
76 KB
Script
General
Full URL
https://js.intercomcdn.com/vendors~app-modern.9ca191b4.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.bfc5ae4f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.57 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a2bb376791a25c57571007301353a23985e6872cffbd6947be355798e88e85c0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 07 Jul 2020 16:10:07 GMT
content-encoding
gzip
age
802
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
76988
last-modified
Thu, 25 Jun 2020 21:39:20 GMT
server
AmazonS3
etag
"9c40d92e78fcc46f0c4395077b35d5cc"
content-type
application/javascript; charset=UTF-8
via
1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
QGe_-RUpQHzvgiE7Iy-Rsnro1ydoFMDyo6cTJRYFnQhxbmc15JKGjg==
app-modern.8fdcdcf9.js
js.intercomcdn.com/ Frame B069
65 KB
19 KB
Script
General
Full URL
https://js.intercomcdn.com/app-modern.8fdcdcf9.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.bfc5ae4f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.57 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
949de2b8216d2c1e5cc1fa2da6f05c91c9a6cec1236540b6e23d0fa34fb898f1

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 07 Jul 2020 16:10:07 GMT
content-encoding
gzip
age
802
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
19211
last-modified
Thu, 25 Jun 2020 21:39:20 GMT
server
AmazonS3
etag
"0f86101d2b5df63e7fc64a8a69e35f20"
content-type
application/javascript; charset=UTF-8
via
1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
ApbZXoP4YTk2uKEllv2uiRlXKFfMrxvq2misBt3kzrLrYi7WPUwzkQ==

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| google_optimize function| $ function| jQuery function| Popper object| bootstrap function| LazyLoad object| intercomSettings function| Intercom object| Wistia string| _wistiaElemId object| _wq object| wistiaEmbeds object| platform object| wistiajson1 function| Swiper object| wpcc function| compareHelpdesk object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
cdn.jsdelivr.net
code.jquery.com
distillery.wistia.com
embed-fastly.wistia.com
fast.wistia.com
fg8vvsvnieiv3ej16jby.litix.io
fonts.googleapis.com
fonts.gstatic.com
js.intercomcdn.com
mojohelpdesk.com
mojohelpdesk.montastic.io
r20.rs6.net
stackpath.bootstrapcdn.com
stats.g.doubleclick.net
widget.intercom.io
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
13.224.198.120
13.225.78.57
151.101.14.107
18.233.89.106
2001:4de0:ac19::1:b:1a
208.75.122.11
2a00:1450:4001:801::200a
2a00:1450:4001:817::2003
2a00:1450:4001:818::2004
2a00:1450:4001:819::2003
2a00:1450:4001:824::2008
2a00:1450:4001:824::200e
2a00:1450:400c:c00::9b
2a04:4e42:1b::621
2a04:4e42:1b::622
3.210.75.230
52.10.225.210
52.8.208.151
75.2.88.188
03382a17e092c1f4c47a58f687e921ca29955bdc9a273c4b000b9ebface3d3d0
060e3091553b28946d0819daba0626cea9ab7dfbed76b34ba93884be8acbc99d
08b0ecc6a03a998258237268fda4a3b31cc6360a27e83743c2f89503f780a376
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
10bce7fc623b6a1afdd3a3526eadff99726c748b517daa7bcd40e7930a782193
14698fd9ecf87aeb8611ee5185552cc3d19ac5f5dda2087abf8b109dfc5577be
1484aaa193e1b1db868a6bfedf35644c1cf89fe2de54e8b452b631db18ce2cf2
1d95013b282acbc2bc6c9b613c630d68809d3b2fdb81a212a1c2e1ccad4245da
22e0961669b96258c32e01da385b215aebd60f3a3cf586ab329bcb73bb57413f
2b36622b2d03598b27c0c17e5f50ef427810dbf17117b305dc57fbd97729b8fb
307971fe21d6ef4941c0e08b7768400636c71f44b9ff335857be038e17011b2c
31b9a64530ca997b6bcc15ed933a677acb8659fd3d75c6f54736657bbf69c18e
33c7f6950f53b43589a42b4040175bab18b7923202197d55efea27060ab724de
455f114be43c64dc2586033b0766423e13765df7d94b867d301262a99beef46a
4c575d67f22342308c6bdc002dce3d2bf2eb03c3434846dd8aeb4b2b74b43d43
4ee71a96d95dc85c865f087a914b0d2ff82fef77ddbdf029fa650bf95ce6acd6
50031292972cb958606389c5ad4f10e3079627fa1fe86c7fb15af1e48e2e2060
58dea704d66a63ba759dbe91e7dd70edfc81f2edb9465c7101f7d54380d26d51
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5fb808f67cf42bf3601aee8482917e52a80165e8402ab12cd4c228b40f3177b8
69f3dec8f33332100f7800db8970d61e7d34f89257e0b6c841616e08d7b3d015
7e62064f04ef12e93aee0420ff473aaf816de4d5de30f665284f1ca04dd587f5
86e0879ab35057678e5943eafa07705f3bc0666f7ce08baa6245b866dcea7bdf
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
949de2b8216d2c1e5cc1fa2da6f05c91c9a6cec1236540b6e23d0fa34fb898f1
9656cb2f497e0599b41cde536c1e7257978283cea2c67f09f81d36537cf1d42c
972007a3dd7f43d88ddd67884292e547c78e562b160655f3405c2ab8f6b89f61
9b36679f180d0cd16bbd97fefa0ac3ceeed51cf31882702a5846315bc7902296
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
9da4a03269810c5c0ff90c016a5be086d068708b57285ed38e04b97c0dda1899
a158e99c235a3ffe7f906cdb0f4ece03db4ab9a89e060d0f41d701b1abbf0880
a2bb376791a25c57571007301353a23985e6872cffbd6947be355798e88e85c0
a5ab2a00a0439854f8787a0dda775dea5377ef4905886505c938941d6854ee4f
a7399c179adbe81daedfebf22da2d04ca36821083ad9f18b5a391714fab16eed
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
a7cd961207f9205308848b74517b49d857f093f0e535655d1a7439f894045577
aedbbcbc153a5db1093a96c5a1b4c11eda3b6ae46afee8fd2972d5ea5433a87f
aeed68ebf6e6415908a64fdf038ec12520613bd172062252727a7f325ced4143
af1f5b718c15f3fac8361f7c4ad927d6992a0ab80fc2cdf573116cfa7442dbd4
b9650e81cd574674665417f969830b399feb762223ae441d278098f378d0cda3
bb1dcf707f4654bf3f808d9be488d35d1976e7678a621811921c566163a6b784
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
cb9213f6c8720d124fe24b42fe75c12f4ca7a867d3ff1b34a5710f7a5b1fa902
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
ced575e8166e2af08516bfc0df1a4bdd767f74ca549da82c350de2374d63dd50
d46f9d05767d58b98f2674e029f2981f263737e3e4c0a85ca224da6e31458fd5
d52f07ca5ec918e0cf7f3926242696c5e132da9bebcff416a71ee61a48023202
dc6ac274741db51d51e2b0f0a2f4010641d0d113c896e7d2045ac83a3898b4c8
dea3c2d66b0679ee2db67a21c0a434f3e14d6ac8a2af06877a711151fc32b56d
dee23f73f0b50b7e1ff167f3a5ba7e90cdcdde9e00b259853906dd6958ea50eb
e20f98940ccae602640f7b9207799a9a1b6c87ff644ea46c2747a7d1742e2d4a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e412a54d7c7c1b35ec385699cdf2ec505feda5e35c0d0b928e2fe6c3b451ffd7
e4be4311e85028a22cc3c915a5df840ddaedb887b817d5fcdd88946c370dd3cd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f95b54b32078a1cbf615eb3ec871214c4bce7cd16aab0318493d240bf6495ec3
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955