r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cf768e41672570b0a4a9fe86045915fc
2249064a86b2ba11e28208b9fba1c9f1db4f3e9e
a049499f78078df12f4d1c5180f1f36715a5c99db4f31c18ee06bcf0b6382b30
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A049499F78078DF12F4D1C5180F1F36715A5C99DB4F31C18EE06BCF0B6382B30"
Last-Modified: Fri, 07 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11967
Expires: Sun, 09 Oct 2022 10:55:59 GMT
Date: Sun, 09 Oct 2022 07:36:32 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
54.230.111.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 54.230.111.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Content-Length, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 09 Oct 2022 06:47:50 GMT
Expires: Sun, 09 Oct 2022 07:24:15 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 4X2fnSOcpTLjUuzy127cS-sXT4KLUaI8SIWPwt56EMKS-DBgpNIeEg==
Age: 2922
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7cba6aada5c0a04c1c0644769c09f64e
ed02f174a9b718951911343af8ec181c6d205b1d
ba863e734d5d38ed160758ab0b09d1b0f44fc795dcbcee4199329b011fcd1bd1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BA863E734D5D38ED160758AB0B09D1B0F44FC795DCBCEE4199329B011FCD1BD1"
Last-Modified: Fri, 07 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14274
Expires: Sun, 09 Oct 2022 11:34:26 GMT
Date: Sun, 09 Oct 2022 07:36:32 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: khXOIyKrmAHOI/yL9kjcKCKzVBRvoWyYVaQ4Laa0fpOlvO8e2mgu6mxGJwvfSctFlIXgHDLVLpc=
x-amz-request-id: KY0V3WZD91VZQT4T
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 09 Oct 2022 06:59:55 GMT
age: 2197
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
allwellinst.com/
198.54.126.9301 Moved Permanently 235 B IP 198.54.126.9:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2348f6ab9a5a61b3e3d100cee86b029b
3e4a79ba4235b4325eef5da5379529b225fd1188
046e2e8d5a5e775450f3f5309c0235250c45ad8a7d848b07040c1e58c41a9221
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
date: Sun, 09 Oct 2022 07:36:32 GMT
server: Apache
location: http://www.allwellinst.com/
content-length: 235
content-type: text/html; charset=iso-8859-1
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 09 Oct 2022 07:36:32 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
54.230.111.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 54.230.111.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sun, 09 Oct 2022 07:29:41 GMT
Expires: Sun, 09 Oct 2022 08:24:33 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: vLjs_96IbM054jDTKJ46PN1D0R4QohaofG2dXOfMgiknl4mIPKfKfQ==
Age: 412
www.allwellinst.com/
198.54.126.9200 OK 7.1 kB IP 198.54.126.9:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1c4993f2fab8a2ea6ef08605318f37c1
b94638b92abf820c0bd34bf580f2888b552ba841
1a322e3d802f6f220b30056f4cf133b0b7c8e18c4721905009cd20f6c3dece6a
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
date: Sun, 09 Oct 2022 07:36:33 GMT
server: Apache
x-powered-by: PHP/5.6.40
set-cookie: PHPSESSID=96f9a1a8eba32c5e17649ad3a6b9c9f7; path=/
vary: Accept-Encoding
content-encoding: gzip
content-length: 7106
content-type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5479444ef227af03029fbb9d154f0107
0563678ec07ab3707b716ca4c638ece4c8ad7de4
4850d49786a140003b90ae108104ffbfe80a6e0d9f584656a09f0fff11dc9d0d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3433
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 09 Oct 2022 07:36:33 GMT
Last-Modified: Sun, 09 Oct 2022 06:39:20 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ee96d771e1664e3afe56cf32bfe45eee
3ab9109d6f7a952cf2f7071ecb5ee186f9eebf6a
df7a23267a1a0bddc477d2b3f4c870b6a6ab7b4dca5fc38164d814ccae2b2fdd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 09 Oct 2022 07:36:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
44.237.51.86101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.237.51.86:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: hNPJH3w/aXBo9m/zLb8sYw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 41Ljw7y1HOWUbsHGx2/wSTxLd1g=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ee96d771e1664e3afe56cf32bfe45eee
3ab9109d6f7a952cf2f7071ecb5ee186f9eebf6a
df7a23267a1a0bddc477d2b3f4c870b6a6ab7b4dca5fc38164d814ccae2b2fdd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 09 Oct 2022 07:36:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ee96d771e1664e3afe56cf32bfe45eee
3ab9109d6f7a952cf2f7071ecb5ee186f9eebf6a
df7a23267a1a0bddc477d2b3f4c870b6a6ab7b4dca5fc38164d814ccae2b2fdd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 09 Oct 2022 07:36:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.allwellinst.com/css/colors.css
198.54.126.9200 OK 863 B URL HTTP/1.1 www.allwellinst.com/css/colors.css
IP 198.54.126.9:0
File type ASCII text, with CRLF line terminators
Hash db1d77b55ac3f1e77d539360cd656fd4
f38141c4a42b479f7022eb6428298b496cea1328
e64ad777fc524fc1b284359f5ad96dc47cda8e951729dd251f5b792db9f65f3c
GET /css/colors.css HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=96f9a1a8eba32c5e17649ad3a6b9c9f7
HTTP/1.1 200 OK
date: Sun, 09 Oct 2022 07:36:33 GMT
server: Apache
last-modified: Sat, 10 Feb 2018 17:53:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 863
content-type: text/css
www.allwellinst.com/css/jquery.countdown.css
198.54.126.9200 OK 557 B URL HTTP/1.1 www.allwellinst.com/css/jquery.countdown.css
IP 198.54.126.9:0
File type ASCII text, with CRLF line terminators
Hash f479f2ac3253e87e11b968e75df1c4d8
6cf4e4d3c6d134183c9ff5437abdaca29665e212
3d327674671ca969cb98f4e27a138821b62c5a310c122a162ed4695c6d4e7828
GET /css/jquery.countdown.css HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=96f9a1a8eba32c5e17649ad3a6b9c9f7
HTTP/1.1 200 OK
date: Sun, 09 Oct 2022 07:36:33 GMT
server: Apache
last-modified: Sun, 29 May 2016 02:25:42 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 557
content-type: text/css
www.allwellinst.com/css/font-awesome.css
198.54.126.9200 OK 7.4 kB URL HTTP/1.1 www.allwellinst.com/css/font-awesome.css
IP 198.54.126.9:0
File type troff or preprocessor input, ASCII text, with very long lines (372)
Hash 57a8ee32de25312ab303210ef3c556a9
388f783ee7c84801442370bf8d3812213a1198f5
8bdd62fda01c7b19a4d2ee31cfb4d2fc6123a958cb23bf902c9fead7fc6a9c0d
GET /css/font-awesome.css HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=96f9a1a8eba32c5e17649ad3a6b9c9f7
HTTP/1.1 200 OK
date: Sun, 09 Oct 2022 07:36:33 GMT
server: Apache
last-modified: Mon, 26 Feb 2018 11:24:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7439
content-type: text/css
www.allwellinst.com/css/font-awesome.min.css
198.54.126.9200 OK 7.1 kB URL HTTP/1.1 www.allwellinst.com/css/font-awesome.min.css
IP 198.54.126.9:0
File type ASCII text, with very long lines (30837)
Hash 52f1a8a2ce85fa8432308b33bc1a2e79
fd80917af5371c8ecad0198592a1e7cce4b77b0e
07bd6a9ea0213e20f362485aadc17a88c486ecfb394004b41b8b38db6e6a35f6
GET /css/font-awesome.min.css HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=96f9a1a8eba32c5e17649ad3a6b9c9f7
HTTP/1.1 200 OK
date: Sun, 09 Oct 2022 07:36:33 GMT
server: Apache
last-modified: Mon, 26 Feb 2018 11:24:39 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7053
content-type: text/css
www.allwellinst.com/css/bootstrap.css
198.54.126.9200 OK 22 kB URL HTTP/1.1 www.allwellinst.com/css/bootstrap.css
IP 198.54.126.9:0
File type ASCII text, with very long lines (540), with CRLF line terminators
Hash fbc86d068745fc184b27acf5b4c9e537
c79328d2be5383098c1908060994cf3605f86933
22e3c1acaf4a838c3917d2bd13327f6f65f91c28fcfd7bcdd3b99ce951301cbb
GET /css/bootstrap.css HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=96f9a1a8eba32c5e17649ad3a6b9c9f7
HTTP/1.1 200 OK
date: Sun, 09 Oct 2022 07:36:33 GMT
server: Apache
last-modified: Sat, 10 Feb 2018 21:16:04 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 21931
content-type: text/css
www.allwellinst.com/css/style.css
198.54.126.9200 OK 18 kB URL HTTP/1.1 www.allwellinst.com/css/style.css
IP 198.54.126.9:0
Hash f5bbe4867d6da98768e6ff6f0e40bce3
02ab966cf1f7b5506db89abd1c73b108292f58b6
35a8b1acdf7256f32a48efe6caa00aca6094aedd9ac175cb23f7537f6d23e310
GET /css/style.css HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=96f9a1a8eba32c5e17649ad3a6b9c9f7
HTTP/1.1 200 OK
date: Sun, 09 Oct 2022 07:36:33 GMT
server: Apache
last-modified: Wed, 28 Feb 2018 10:53:29 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 17700
content-type: text/css
www.allwellinst.com/css/animations.min.css
198.54.126.9200 OK 11 kB URL HTTP/1.1 www.allwellinst.com/css/animations.min.css
IP 198.54.126.9:0
File type ASCII text, with very long lines (59107), with CRLF line terminators
Hash a294b31e76b68602c2093a027964968d
e2f0eb819471aa19d77af62f9466f1fcb25d2a8c
94d551bf5d5c33c98843e986d3f117b642504ba8d38ccc7881a1da694b85b894
GET /css/animations.min.css HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=96f9a1a8eba32c5e17649ad3a6b9c9f7
HTTP/1.1 200 OK
date: Sun, 09 Oct 2022 07:36:33 GMT
server: Apache
last-modified: Tue, 24 May 2016 01:59:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 10969
content-type: text/css
www.allwellinst.com/css/bootstrap-dropdownhover.min.css
198.54.126.9200 OK 480 B URL HTTP/1.1 www.allwellinst.com/css/bootstrap-dropdownhover.min.css
IP 198.54.126.9:0
File type ASCII text, with very long lines (1161), with CRLF line terminators
Hash 71671aa52fd73b7ff21a09d8b483afad
d55037ffbe361394be87684749205796984405cf
6c6f489c2020cb8e856c85095e7586fa83e4c278a34c7b7abce30175e90ab1bc
GET /css/bootstrap-dropdownhover.min.css HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=96f9a1a8eba32c5e17649ad3a6b9c9f7
HTTP/1.1 200 OK
date: Sun, 09 Oct 2022 07:36:33 GMT
server: Apache
last-modified: Sun, 29 May 2016 02:25:42 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 480
content-type: text/css
www.allwellinst.com/css/animate.min.css
198.54.126.9200 OK 3.6 kB URL HTTP/1.1 www.allwellinst.com/css/animate.min.css
IP 198.54.126.9:0
File type ASCII text, with very long lines (53660), with CRLF line terminators
Hash edfa4a796d55b7ec4882b9c12e1c1939
38d363c6ecbbbec1187594f3847f7a293623878b
04e6f08ffbdeb5c867fc1ef6b2dba674d17443a0a460f07e14a25d9a039d9933
GET /css/animate.min.css HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=96f9a1a8eba32c5e17649ad3a6b9c9f7
HTTP/1.1 200 OK
date: Sun, 09 Oct 2022 07:36:33 GMT
server: Apache
last-modified: Sun, 29 May 2016 02:25:42 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3601
content-type: text/css
www.allwellinst.com/owl-carousel/owl.carousel.css
198.54.126.9200 OK 528 B URL HTTP/1.1 www.allwellinst.com/owl-carousel/owl.carousel.css
IP 198.54.126.9:0
Hash a70757c9c5b45b8b3e693066dee5c63c
4ddc02d2eac2bb1a9ccc446ff1e19641ee8f7279
97e2ca1b06a80ecd57e1514d54bec8904727d25dc47f878b41d204c72e8535de
GET /owl-carousel/owl.carousel.css HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=96f9a1a8eba32c5e17649ad3a6b9c9f7
HTTP/1.1 200 OK
date: Sun, 09 Oct 2022 07:36:33 GMT
server: Apache
last-modified: Tue, 13 May 2014 14:56:20 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 528
content-type: text/css
www.allwellinst.com/owl-carousel/owl.theme.css
198.54.126.9200 OK 617 B URL HTTP/1.1 www.allwellinst.com/owl-carousel/owl.theme.css
IP 198.54.126.9:0
File type ASCII text, with CRLF line terminators
Hash 717116511b7dd6e0d932945564d48b5d
e38c19fff93b9be8e44fe467812bf8dc826b62ba
62ddc65aab06a9df9a42f02c06d3b255479f55b8e02cce890cf8ed0b1874132f
GET /owl-carousel/owl.theme.css HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=96f9a1a8eba32c5e17649ad3a6b9c9f7
HTTP/1.1 200 OK
date: Sun, 09 Oct 2022 07:36:33 GMT
server: Apache
last-modified: Tue, 28 Jun 2016 05:13:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 617
content-type: text/css
www.allwellinst.com/assets1/js/google-code-prettify/prettify.css
198.54.126.9200 OK 337 B URL HTTP/1.1 www.allwellinst.com/assets1/js/google-code-prettify/prettify.css
IP 198.54.126.9:0
Hash 580c1f43a19d99824ec9c82f3af5afa1
2822fab5d742813c39307c0fc895092f30d72e6d
19e851fe4220853358642e096e2f74d11134a5c5c4b625f414551284df042dcb
GET /assets1/js/google-code-prettify/prettify.css HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=96f9a1a8eba32c5e17649ad3a6b9c9f7
HTTP/1.1 200 OK
date: Sun, 09 Oct 2022 07:36:34 GMT
server: Apache
last-modified: Tue, 15 Apr 2014 10:33:26 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 337
content-type: text/css
www.allwellinst.com/ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
198.54.126.9404 Not Found 315 B URL HTTP/1.1 www.allwellinst.com/ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
IP 198.54.126.9:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=96f9a1a8eba32c5e17649ad3a6b9c9f7
HTTP/1.1 404 Not Found
date: Sun, 09 Oct 2022 07:36:34 GMT
server: Apache
content-length: 315
content-type: text/html; charset=iso-8859-1
www.allwellinst.com/js/bootstrap.min.js
198.54.126.9200 OK 9.8 kB URL HTTP/1.1 www.allwellinst.com/js/bootstrap.min.js
IP 198.54.126.9:0
File type ASCII text, with very long lines (32034), with CRLF line terminators
Hash 8f033e5279d721a6b7b83b823106a831
b2034937c603bfb5bd10a8706b9997ce1e48422a
37c0bad76bc5d0678f54d41811131bb0f89421a39cf009ed8508e97da70bb531
Analyzer Verdict Alert fortinet Phishing
GET /js/bootstrap.min.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=96f9a1a8eba32c5e17649ad3a6b9c9f7
HTTP/1.1 200 OK
date: Sun, 09 Oct 2022 07:36:34 GMT
server: Apache
last-modified: Wed, 18 May 2016 21:31:18 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 9753
content-type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8a2449aeb44e755b2e6897d30993dda0
16cd83b0e0975ebf09e7035c26bbda168af42ac8
fd80527f810be13b70107c447b6f6f226c6145fbcc3b5446f9c834bca2f1597b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 09 Oct 2022 07:36:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8a2449aeb44e755b2e6897d30993dda0
16cd83b0e0975ebf09e7035c26bbda168af42ac8
fd80527f810be13b70107c447b6f6f226c6145fbcc3b5446f9c834bca2f1597b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 09 Oct 2022 07:36:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.allwellinst.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 19:34:08 GMT
expires: Thu, 05 Oct 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 302546
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.allwellinst.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 19:34:21 GMT
expires: Thu, 05 Oct 2023 19:34:21 GMT
cache-control: public, max-age=31536000
age: 302533
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.allwellinst.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 19:34:08 GMT
expires: Thu, 05 Oct 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 302546
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.allwellinst.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 14:07:32 GMT
expires: Thu, 05 Oct 2023 14:07:32 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 322142
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8a2449aeb44e755b2e6897d30993dda0
16cd83b0e0975ebf09e7035c26bbda168af42ac8
fd80527f810be13b70107c447b6f6f226c6145fbcc3b5446f9c834bca2f1597b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 09 Oct 2022 07:36:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.allwellinst.com/js/animations.min.js
198.54.126.9200 OK 896 B URL HTTP/1.1 www.allwellinst.com/js/animations.min.js
IP 198.54.126.9:0
File type ASCII text, with very long lines (1984), with CRLF line terminators
Hash 59a80dad15d80721e03dbe32d579d524
c4e52939216121a6aa32352a3da1561e1c86f2a5
019bc22e048a00b9259bdc98b595a5026807357162447e4947d65a145584a2e0
Analyzer Verdict Alert fortinet Phishing
GET /js/animations.min.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=96f9a1a8eba32c5e17649ad3a6b9c9f7
HTTP/1.1 200 OK
date: Sun, 09 Oct 2022 07:36:34 GMT
server: Apache
last-modified: Tue, 24 May 2016 01:59:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 896
content-type: application/javascript
www.allwellinst.com/js/jquery-1.11.3.min.js
198.54.126.9200 OK 33 kB URL HTTP/1.1 www.allwellinst.com/js/jquery-1.11.3.min.js
IP 198.54.126.9:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (32038), with CRLF line terminators
Hash 9ce1aed52fb8705862f1fe577d2e32ee
6dd527958b075fb9d9bee25a79fef3da2068e7a8
cd7fce434a5bab178c3bee88ee5faf69cbcb7a6b802a9d6e3c3a5b01eefa7817
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery-1.11.3.min.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=96f9a1a8eba32c5e17649ad3a6b9c9f7
HTTP/1.1 200 OK
date: Sun, 09 Oct 2022 07:36:34 GMT
server: Apache
last-modified: Mon, 05 Sep 2016 11:11:24 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 33325
content-type: application/javascript
www.allwellinst.com/js/jssor.slider-21.1.5.mini.js
198.54.126.9200 OK 18 kB URL HTTP/1.1 www.allwellinst.com/js/jssor.slider-21.1.5.mini.js
IP 198.54.126.9:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (45340)
Hash 4f156d967ee1b02dec81b65bde2425ba
7a68c479ef675d0b25ce9a87000c92c1e7e677ca
0f176f7705a6d1400229bcdc337d09c746830c790c60e81ad1984e773597440a
Analyzer Verdict Alert fortinet Phishing
GET /js/jssor.slider-21.1.5.mini.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=96f9a1a8eba32c5e17649ad3a6b9c9f7
HTTP/1.1 200 OK
date: Sun, 09 Oct 2022 07:36:34 GMT
server: Apache
last-modified: Mon, 05 Sep 2016 11:11:24 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 18516
content-type: application/javascript
www.allwellinst.com/js/jquery.plugin.js
198.54.126.9200 OK 3.7 kB URL HTTP/1.1 www.allwellinst.com/js/jquery.plugin.js
IP 198.54.126.9:0
File type ASCII text, with CRLF line terminators
Hash 71713fa2e9a97b2955421a491410feb2
032e3d4f3a81541f6bc76e23bc143de652b53245
9129efcab5de3069b545261f1d3cc51989ba43c1568863e9a7ebfe1a0cff345a
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery.plugin.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=96f9a1a8eba32c5e17649ad3a6b9c9f7
HTTP/1.1 200 OK
date: Sun, 09 Oct 2022 07:36:34 GMT
server: Apache
last-modified: Sat, 28 May 2016 02:21:12 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3707
content-type: application/javascript
www.allwellinst.com/js/jquery.main.js
198.54.126.9200 OK 25 kB URL HTTP/1.1 www.allwellinst.com/js/jquery.main.js
IP 198.54.126.9:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 98ab334a2b8ea90c03be8e7d4be821c2
754087e3c79b6a245cc45f0f3aa46277a23a7028
33eff417c1d5eeb88f350268cdc71b7dcfee57020e51d6efafee876be6964065
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery.main.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=96f9a1a8eba32c5e17649ad3a6b9c9f7
HTTP/1.1 200 OK
date: Sun, 09 Oct 2022 07:36:34 GMT
server: Apache
last-modified: Mon, 04 Jul 2016 19:16:24 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 24872
content-type: application/javascript
www.allwellinst.com/js/jquery.countdown.js
198.54.126.9200 OK 9.4 kB URL HTTP/1.1 www.allwellinst.com/js/jquery.countdown.js
IP 198.54.126.9:0
File type ASCII text, with CRLF line terminators
Hash dabc32f05087e41c4b8e677447198af9
8c21f62946e7cdb89a22d300eb1cfebeebfa15e6
c202f013418847e602f7b1e068185d610b48c39efed9f0c6d06292c83a0b7c83
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery.countdown.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=96f9a1a8eba32c5e17649ad3a6b9c9f7
HTTP/1.1 200 OK
date: Sun, 09 Oct 2022 07:36:34 GMT
server: Apache
last-modified: Sat, 28 May 2016 02:21:12 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 9425
content-type: application/javascript
fonts.gstatic.com/s/ptsanscaption/v18/0FlJVP6Hrxmt7-fsUFhlFXNIlpcSwSrkTA-v.woff2
216.58.207.195200 OK 35 kB URL HTTP/2 fonts.gstatic.com/s/ptsanscaption/v18/0FlJVP6Hrxmt7-fsUFhlFXNIlpcSwSrkTA-v.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 35208, version 1.0\012- data
Hash 533b904aeb71d52d4ed3d58ee59a7603
e86c7ca5fe5f70ed2e47b3874e779716acf65f0d
106eafbee08b482008e6c88cf642224c8e1bddfd0edac403bb6222574e4f7d2a
GET /s/ptsanscaption/v18/0FlJVP6Hrxmt7-fsUFhlFXNIlpcSwSrkTA-v.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.allwellinst.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35208
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 06 Oct 2022 02:23:03 GMT
expires: Fri, 06 Oct 2023 02:23:03 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:09:37 GMT
content-type: font/woff2
age: 278011
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
216.58.207.195200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 17368, version 1.0\012- data
Hash abe083d96b58eb02ada8b7c30d7b09f2
61447d66d13a8c8f4335696777a85c438c46f749
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
GET /s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.allwellinst.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 19:47:56 GMT
expires: Thu, 05 Oct 2023 19:47:56 GMT
cache-control: public, max-age=31536000
age: 301718
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.allwellinst.com/js/timber.master.min.js
198.54.126.9200 OK 7.5 kB URL HTTP/1.1 www.allwellinst.com/js/timber.master.min.js
IP 198.54.126.9:0
File type ASCII text, with very long lines (13394), with CRLF line terminators
Hash 4ec7d67f088a89412db086b2649cf98b
7a0cd55298193f117eebcf36354dff01b09602d4
cfe1eb89541742ab9a9cf73e13d58bb9daf829497e33bdaa88b0c318c9dc7616
Analyzer Verdict Alert fortinet Phishing
GET /js/timber.master.min.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=96f9a1a8eba32c5e17649ad3a6b9c9f7
HTTP/1.1 200 OK
date: Sun, 09 Oct 2022 07:36:34 GMT
server: Apache
last-modified: Sat, 28 May 2016 02:21:12 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7483
content-type: application/javascript
www.allwellinst.com/js/bootstrap-dropdownhover.min.js
198.54.126.9200 OK 1.4 kB URL HTTP/1.1 www.allwellinst.com/js/bootstrap-dropdownhover.min.js
IP 198.54.126.9:0
File type ASCII text, with very long lines (3959), with CRLF line terminators
Hash 25a9a16a8cfad2825d0951f959506b3d
fe68cb14fed7e82170bcf927f2e14840d99e8b23
e53701d7e509800745dd1c8ca58316bd8bfcdb48b9a7a9ed88d2a85c2ca3c315
Analyzer Verdict Alert fortinet Phishing
GET /js/bootstrap-dropdownhover.min.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=96f9a1a8eba32c5e17649ad3a6b9c9f7
HTTP/1.1 200 OK
date: Sun, 09 Oct 2022 07:36:34 GMT
server: Apache
last-modified: Sun, 29 May 2016 02:25:42 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1365
content-type: application/javascript
www.allwellinst.com/owl-carousel/owl.carousel.js
198.54.126.9200 OK 8.8 kB URL HTTP/1.1 www.allwellinst.com/owl-carousel/owl.carousel.js
IP 198.54.126.9:0
Hash 39c690419159637e1f3977c8dfb5718d
202b2d75966f313aec83f414d0845154e2d9384b
04a284e3609cc5cc5be472faf440515595190574f61b9f46c5c6fbec298a684f
Analyzer Verdict Alert fortinet Phishing
GET /owl-carousel/owl.carousel.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=96f9a1a8eba32c5e17649ad3a6b9c9f7
HTTP/1.1 200 OK
date: Sun, 09 Oct 2022 07:36:34 GMT
server: Apache
last-modified: Tue, 13 May 2014 14:54:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 8751
content-type: application/javascript
www.allwellinst.com/assets1/js/bootstrap-collapse.js
198.54.126.9200 OK 1.6 kB URL HTTP/1.1 www.allwellinst.com/assets1/js/bootstrap-collapse.js
IP 198.54.126.9:0
Hash 501207e775d7b24f2c32f313e0fa6d41
8dfa9dc9fcb5fbcf6b628165ca1af40d2bff292d
3c742629def498f8b8393df8f4ca0fa512bf9c66de1eb7f7a9c646efce2bfa68
Analyzer Verdict Alert fortinet Phishing
GET /assets1/js/bootstrap-collapse.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=96f9a1a8eba32c5e17649ad3a6b9c9f7
HTTP/1.1 200 OK
date: Sun, 09 Oct 2022 07:36:34 GMT
server: Apache
last-modified: Tue, 15 Apr 2014 10:33:26 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1644
content-type: application/javascript
www.allwellinst.com/assets1/js/bootstrap-transition.js
198.54.126.9200 OK 764 B URL HTTP/1.1 www.allwellinst.com/assets1/js/bootstrap-transition.js
IP 198.54.126.9:0
Hash 9285f62d3f1a619b4fb654930f15c955
0f16aa087880fef969fe456c3202ed56e8ab638c
eb45f464f9f34ecbb4f2aadc2d99a934387a77e7bae28d3239890690f9e5ae14
Analyzer Verdict Alert fortinet Phishing
GET /assets1/js/bootstrap-transition.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=96f9a1a8eba32c5e17649ad3a6b9c9f7
HTTP/1.1 200 OK
date: Sun, 09 Oct 2022 07:36:34 GMT
server: Apache
last-modified: Tue, 15 Apr 2014 10:33:26 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 764
content-type: application/javascript
www.allwellinst.com/assets1/js/bootstrap-tab.js
198.54.126.9200 OK 1.4 kB URL HTTP/1.1 www.allwellinst.com/assets1/js/bootstrap-tab.js
IP 198.54.126.9:0
Hash 2f2760fbba9ad4b94394d939c69a36ed
7a9ebdd9eca0df9f889074d7ff51e6bf654327cf
5043be95433c08755452b29f006744b9c5f90bb2d2f838b101ec2e6a598116e2
Analyzer Verdict Alert fortinet Phishing
GET /assets1/js/bootstrap-tab.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=96f9a1a8eba32c5e17649ad3a6b9c9f7
HTTP/1.1 200 OK
date: Sun, 09 Oct 2022 07:36:34 GMT
server: Apache
last-modified: Tue, 15 Apr 2014 10:33:26 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1381
content-type: application/javascript
www.allwellinst.com/assets1/js/google-code-prettify/prettify.js
198.54.126.9200 OK 6.0 kB URL HTTP/1.1 www.allwellinst.com/assets1/js/google-code-prettify/prettify.js
IP 198.54.126.9:0
File type ASCII text, with very long lines (592)
Hash d8b175afa3794445f44221b4dc35785b
a4b89d7a71601eba286b09ac88f781b0c4c9c599
5bcaa348ba6c0862c9a3127595f3be54502913fc77a0e4922c190a1db9f5fd3a
Analyzer Verdict Alert fortinet Phishing
GET /assets1/js/google-code-prettify/prettify.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=96f9a1a8eba32c5e17649ad3a6b9c9f7
HTTP/1.1 200 OK
date: Sun, 09 Oct 2022 07:36:34 GMT
server: Apache
last-modified: Tue, 15 Apr 2014 10:33:26 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 6025
content-type: application/javascript
www.allwellinst.com/assets1/js/jquery-1.9.1.min.js
198.54.126.9200 OK 33 kB URL HTTP/1.1 www.allwellinst.com/assets1/js/jquery-1.9.1.min.js
IP 198.54.126.9:0
File type ASCII text, with very long lines (32089)
Hash fcf0a7201168a979dd4b222a54471e0f
9056c50ea859db10d2d959654d0f8dde367360ee
c40969745be3d2181fd5d40425f9080ac2c62e63d298c1de8bb4bbda5e4ea0f7
Analyzer Verdict Alert fortinet Phishing
GET /assets1/js/jquery-1.9.1.min.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=96f9a1a8eba32c5e17649ad3a6b9c9f7
HTTP/1.1 200 OK
date: Sun, 09 Oct 2022 07:36:34 GMT
server: Apache
last-modified: Tue, 15 Apr 2014 10:33:26 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 32775
content-type: application/javascript
www.allwellinst.com/assets1/js/application.js
198.54.126.9200 OK 338 B URL HTTP/1.1 www.allwellinst.com/assets1/js/application.js
IP 198.54.126.9:0
Hash 898881ed4d5e40fdf4c61a85ca56c1a8
798e22f25e99ec0eb8120f86b9825f652bb46560
1d170e4aab3df843ec6d38b80cbb9d2259d2a0719dc629ab728cfba2efd4739b
Analyzer Verdict Alert fortinet Phishing
GET /assets1/js/application.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=96f9a1a8eba32c5e17649ad3a6b9c9f7
HTTP/1.1 200 OK
date: Sun, 09 Oct 2022 07:36:34 GMT
server: Apache
last-modified: Tue, 15 Apr 2014 10:33:26 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 338
content-type: application/javascript
www.allwellinst.com/ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
198.54.126.9404 Not Found 315 B URL HTTP/1.1 www.allwellinst.com/ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
IP 198.54.126.9:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=96f9a1a8eba32c5e17649ad3a6b9c9f7
HTTP/1.1 404 Not Found
date: Sun, 09 Oct 2022 07:36:34 GMT
server: Apache
content-length: 315
content-type: text/html; charset=iso-8859-1
www.allwellinst.com/fonts/icomoon.woff
198.54.126.9200 OK 2.8 kB URL HTTP/1.1 www.allwellinst.com/fonts/icomoon.woff
IP 198.54.126.9:0
File type Web Open Font Format, TrueType, length 2808, version 0.0\012- data
Hash 31a3e4e78a3e107ef72d075070a3eda7
0de50feacd42e03edc520af87e7b7c29f814619b
ac79434b1348cc08f2b9c430d3884730cce55e3738c04d0d9787d16397ecc998
Analyzer Verdict Alert fortinet Phishing
GET /fonts/icomoon.woff HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.allwellinst.com/css/style.css
Cookie: PHPSESSID=96f9a1a8eba32c5e17649ad3a6b9c9f7
HTTP/1.1 200 OK
date: Sun, 09 Oct 2022 07:36:34 GMT
server: Apache
last-modified: Tue, 24 May 2016 01:59:44 GMT
accept-ranges: bytes
content-length: 2808
content-type: font/woff
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 42ce7c34fdc275b2f972223772146c64
fab0b21bb1662563533a391c80dca7ab7b6fa350
884975d638b0fdf58c0ae37c6d63eb768c48346db8b147ba9b2962509632b5f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "884975D638B0FDF58C0AE37C6D63EB768C48346DB8B147BA9B2962509632B5F1"
Last-Modified: Sun, 09 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19422
Expires: Sun, 09 Oct 2022 13:00:16 GMT
Date: Sun, 09 Oct 2022 07:36:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 42ce7c34fdc275b2f972223772146c64
fab0b21bb1662563533a391c80dca7ab7b6fa350
884975d638b0fdf58c0ae37c6d63eb768c48346db8b147ba9b2962509632b5f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "884975D638B0FDF58C0AE37C6D63EB768C48346DB8B147BA9B2962509632B5F1"
Last-Modified: Sun, 09 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19422
Expires: Sun, 09 Oct 2022 13:00:16 GMT
Date: Sun, 09 Oct 2022 07:36:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 42ce7c34fdc275b2f972223772146c64
fab0b21bb1662563533a391c80dca7ab7b6fa350
884975d638b0fdf58c0ae37c6d63eb768c48346db8b147ba9b2962509632b5f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "884975D638B0FDF58C0AE37C6D63EB768C48346DB8B147BA9B2962509632B5F1"
Last-Modified: Sun, 09 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19422
Expires: Sun, 09 Oct 2022 13:00:16 GMT
Date: Sun, 09 Oct 2022 07:36:34 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0583d755-2f5b-458f-86f0-774b9909eb6f.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0583d755-2f5b-458f-86f0-774b9909eb6f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6e9aa9808428e5fd81ac9d61d6f7c708
3a8d76badce50dd98938885082dcb6e30363ae88
d8f7c48a1cbe04af2f7e0455d1ef7af9b63506b9ae343ebf14ece8689bb06bf6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0583d755-2f5b-458f-86f0-774b9909eb6f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11800
x-amzn-requestid: 7bfb4e15-ea64-48b6-9e38-5d3e2d553863
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZQObZFveoAMFzpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63365de2-620d4fc015ad475203e906e9;Sampled=0
x-amzn-remapped-date: Fri, 30 Sep 2022 03:09:22 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: btYc3mHTigZv3Bzl32D1z777hMKwf-pstyTS7Bp2eGmzbmGI4pIQXA==
via: 1.1 efcf7b9d0f917f9ebf314db03e52d9b6.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 08 Oct 2022 21:42:19 GMT
age: 35655
etag: "3a8d76badce50dd98938885082dcb6e30363ae88"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F146807d4-3f30-4caa-aa1f-2b7890bec7f5.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F146807d4-3f30-4caa-aa1f-2b7890bec7f5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a3b74c93b6981236040ebf4134e04f55
c31c8db9e51872d0a28a3798ebd0f6f2abe993cb
8a48bd2b67104ad81b00a7882dbecd7d8b664056dd180483090d10a4c7c66960
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F146807d4-3f30-4caa-aa1f-2b7890bec7f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7250
x-amzn-requestid: cbe8c575-cda7-49af-9b12-e4f7c2b362c1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZtHkeF43IAMFv9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6341ec82-1afe0e72794ddcd10c76dd4a;Sampled=0
x-amzn-remapped-date: Sat, 08 Oct 2022 21:32:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: NbpU2O7ByYcHSc5ExCSbHf4wGS9R1IS1K_xOVAu5qmSCmtqR2T2oMg==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Sat, 08 Oct 2022 22:08:41 GMT
etag: "c31c8db9e51872d0a28a3798ebd0f6f2abe993cb"
content-type: image/jpeg
age: 34073
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6e3f651-bb7d-4dea-9351-b49a68de1bbc.webp
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6e3f651-bb7d-4dea-9351-b49a68de1bbc.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b020db4bfa5b227115ab8d151dd6ea33
90bda3a7632acaab42fc995b90bcf9172f838bcf
e5031215b788a47dad462c3344c0e4d35d501224e3896e2c691d338c4e80023b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6e3f651-bb7d-4dea-9351-b49a68de1bbc.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9286
x-amzn-requestid: 524ac509-9c9f-4244-ba51-41ac9b39940f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZtZ67HqAIAMFkjg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634209df-101b97f75afa7b6953c0db0c;Sampled=0
x-amzn-remapped-date: Sat, 08 Oct 2022 23:38:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mM4m1oW5Onfwspk2K9aKjWsDKdDD5E6xzE80vTroEiQfFzw2n4KyaQ==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Sat, 08 Oct 2022 23:38:07 GMT
age: 28707
etag: "90bda3a7632acaab42fc995b90bcf9172f838bcf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F829a81b7-8a2b-4381-a830-9c534e3312fe.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F829a81b7-8a2b-4381-a830-9c534e3312fe.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2b15495e3e13c06fd0d67523870405ed
3cb8b43735e86c93733affa10818c47693c80fce
f65edddef18295076f79a48e9a6c95d07ed244a2ae618cb4229b6c1bd434cd57
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F829a81b7-8a2b-4381-a830-9c534e3312fe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12187
x-amzn-requestid: 9768886f-0e17-4958-bdaf-e17385eb21d6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjqJCHyNoAMFmDg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633e23d3-288e1d28057753a16893d6b5;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 00:39:47 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: jm9hynO1KfuT2luShwOU_Ps2ZHxUAPwymP1Bi-V49MWWJ3ooQq7qVg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Sat, 08 Oct 2022 22:26:18 GMT
age: 33016
etag: "3cb8b43735e86c93733affa10818c47693c80fce"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6bc84c1e-fb86-480c-ae87-c8a7bc52cfb0.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6bc84c1e-fb86-480c-ae87-c8a7bc52cfb0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ee802dc4a72f3824dcab31ef95c48936
f987fdbbb21538b6f55f7dae713b59e234882456
0b6ce28ab1428c11ea6d215b3d21b44b85ca101b4885bf27f633153014ed1cf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6bc84c1e-fb86-480c-ae87-c8a7bc52cfb0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8295
x-amzn-requestid: 0240dc68-f509-4a1f-a1c1-cd75e43d04d3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZtHcHFuVoAMF-Hw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6341ec4d-74e538af2f56b9271f6370c1;Sampled=0
x-amzn-remapped-date: Sat, 08 Oct 2022 21:31:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dR53uFDN1I7R9H7r2fmkEGIXuCY5FHGQd7LKz-H02trcasl3NoG2PA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 08 Oct 2022 21:44:18 GMT
age: 35536
etag: "f987fdbbb21538b6f55f7dae713b59e234882456"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ade344-507f-44c8-8fe3-b03ac965aee2.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ade344-507f-44c8-8fe3-b03ac965aee2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ff8cfe3904cca89e3bdfa8186ae382ba
0b9dce744f5facad9a0a136d81cf24e928211856
a6f0925a9666a43d018c05d717310f57b86316290fb4a7cdd309c35842e557a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ade344-507f-44c8-8fe3-b03ac965aee2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7674
x-amzn-requestid: 126f9400-fa43-413b-b496-338908efb777
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZeqScHUVoAMFrRg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633c240f-1b7cff3e3415299a4d17e19e;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 12:16:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: BjBiRKpvs2LQznegxhvMFrczSZGWXGSMvk3bxR8UPpcthRUUA2eTBg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sat, 08 Oct 2022 21:56:13 GMT
age: 34821
etag: "0b9dce744f5facad9a0a136d81cf24e928211856"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.allwellinst.com/images/searchicon2.png
198.54.126.9200 OK 933 B URL HTTP/1.1 www.allwellinst.com/images/searchicon2.png
IP 198.54.126.9:0
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash eaa74d5858e4d2ea34c1e3a0c2da2715
11f38a7b7accbd4b8aa92ff813c82b3051355059
95f62d694c27788a74dfca029eea30d061447cde8680a16e28600543347ffe86
GET /images/searchicon2.png HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=96f9a1a8eba32c5e17649ad3a6b9c9f7
HTTP/1.1 200 OK
date: Sun, 09 Oct 2022 07:36:34 GMT
server: Apache
last-modified: Sat, 10 Feb 2018 19:31:02 GMT
accept-ranges: bytes
content-length: 933
content-type: image/png
www.allwellinst.com/pictures/1_logo.png
198.54.126.9200 OK 16 kB URL HTTP/1.1 www.allwellinst.com/pictures/1_logo.png
IP 198.54.126.9:0
File type PNG image data, 343 x 72, 8-bit/color RGBA, non-interlaced\012- data
Hash 2f779c35970815d7c72de4a6dca659f6
58cfc2576b8582d0dae9f2972136b319a5d02cdc
d3a03c404e32e2c559ccdcd687bc862ee43668a399abac4b708c34d5d6899ce1
GET /pictures/1_logo.png HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=96f9a1a8eba32c5e17649ad3a6b9c9f7
HTTP/1.1 200 OK
date: Sun, 09 Oct 2022 07:36:34 GMT
server: Apache
last-modified: Sat, 17 Feb 2018 06:57:56 GMT
accept-ranges: bytes
content-length: 15557
content-type: image/png
www.allwellinst.com/images/loading.gif
198.54.126.9200 OK 4.8 kB URL HTTP/1.1 www.allwellinst.com/images/loading.gif
IP 198.54.126.9:0
File type GIF image data, version 89a, 24 x 24\012- data
Hash dd78ac008009bd821d2bf2da98108854
d3665f292d71f9ea2b9a61c476e6e2a9d0d35062
03acb263b1d85f824676b3cad66f9660c73d278f06e519c7ea727593ab4f5a13
GET /images/loading.gif HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=96f9a1a8eba32c5e17649ad3a6b9c9f7
HTTP/1.1 200 OK
date: Sun, 09 Oct 2022 07:36:35 GMT
server: Apache
last-modified: Mon, 05 Sep 2016 11:11:24 GMT
accept-ranges: bytes
content-length: 4765
content-type: image/gif
www.allwellinst.com/images/image4.jpg
198.54.126.9200 OK 74 kB URL HTTP/1.1 www.allwellinst.com/images/image4.jpg
IP 198.54.126.9:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1600x472, components 3\012- data
Hash d18024f0d7bffef630da7f4d70850c68
8a769685fd506b661275f6856e2b8c37efc28d2e
9473d69bc397185f7d28f206d3d7e5aef38534d24c14ea56e9f2f94e672da871
GET /images/image4.jpg HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/css/style.css
Cookie: PHPSESSID=96f9a1a8eba32c5e17649ad3a6b9c9f7
HTTP/1.1 200 OK
date: Sun, 09 Oct 2022 07:36:34 GMT
server: Apache
last-modified: Thu, 11 Aug 2016 07:52:36 GMT
accept-ranges: bytes
content-length: 73459
content-type: image/jpeg
www.allwellinst.com/images/b05.png
198.54.126.9200 OK 1.4 kB URL HTTP/1.1 www.allwellinst.com/images/b05.png
IP 198.54.126.9:0
File type PNG image data, 120 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash b5b353c4ec92a0f8be543f33741618f3
5ebf2f04f513217db1173fa0fb8a9be3983269d6
95434f5c547a4f70a55e95b0e836b0f37c09f3ecf6e58b27de19222c47a8910e
GET /images/b05.png HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=96f9a1a8eba32c5e17649ad3a6b9c9f7
HTTP/1.1 200 OK
date: Sun, 09 Oct 2022 07:36:35 GMT
server: Apache
last-modified: Mon, 05 Sep 2016 11:11:24 GMT
accept-ranges: bytes
content-length: 1415
content-type: image/png
www.allwellinst.com/images/a12.png
198.54.126.9200 OK 2.5 kB URL HTTP/1.1 www.allwellinst.com/images/a12.png
IP 198.54.126.9:0
File type PNG image data, 400 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash bb9fcee03a7288c2083eb15e31f18e1d
7d2a90b91ab8891d4071ea412cf805a737ae5d8c
5e9ddb467a2a395462d2bebf1ab0424c92b081e250497106b1105ea10efe5b55
GET /images/a12.png HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=96f9a1a8eba32c5e17649ad3a6b9c9f7
HTTP/1.1 200 OK
date: Sun, 09 Oct 2022 07:36:35 GMT
server: Apache
last-modified: Mon, 05 Sep 2016 11:11:24 GMT
accept-ranges: bytes
content-length: 2483
content-type: image/png
www.allwellinst.com/fonts/fontawesome-webfont.woff2?v=4.7.0
198.54.126.9200 OK 77 kB URL HTTP/1.1 www.allwellinst.com/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 198.54.126.9:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Phishing
GET /fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.allwellinst.com/css/font-awesome.min.css
Cookie: PHPSESSID=96f9a1a8eba32c5e17649ad3a6b9c9f7
HTTP/1.1 200 OK
date: Sun, 09 Oct 2022 07:36:34 GMT
server: Apache
last-modified: Mon, 26 Feb 2018 11:24:57 GMT
accept-ranges: bytes
content-length: 77160
content-type: font/woff2
www.allwellinst.com/pictures/2_pic_1.jpg
198.54.126.9200 OK 95 kB URL HTTP/1.1 www.allwellinst.com/pictures/2_pic_1.jpg
IP 198.54.126.9:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 555x178, components 3\012- data
Hash 77e6c4e8563675626f3b7fde95df40ec
e120f757c9651fea908b1c9025b4093088aa2a98
94cb704bb8a20849e9c6b2a757a4ca6dc0afe0b96c6f717d373efdfc6735fdd1
GET /pictures/2_pic_1.jpg HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=96f9a1a8eba32c5e17649ad3a6b9c9f7
HTTP/1.1 200 OK
date: Sun, 09 Oct 2022 07:36:34 GMT
server: Apache
last-modified: Tue, 11 Jun 2019 07:10:34 GMT
accept-ranges: bytes
content-length: 94934
content-type: image/jpeg
www.allwellinst.com/images/pdficon.png
198.54.126.9200 OK 11 kB URL HTTP/1.1 www.allwellinst.com/images/pdficon.png
IP 198.54.126.9:0
File type PNG image data, 109 x 114, 8-bit/color RGBA, non-interlaced\012- data
Hash 59099d4d98e3d966e7d30955afeeb58f
19bda665c297c6a52b5d5a25dac1b96a8dffa844
079c59279d9a4ae1feb0086a299d06b6efe1bc6549d3c8529fb023f7234858b6
GET /images/pdficon.png HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=96f9a1a8eba32c5e17649ad3a6b9c9f7
HTTP/1.1 200 OK
date: Sun, 09 Oct 2022 07:36:35 GMT
server: Apache
last-modified: Sat, 10 Feb 2018 18:17:28 GMT
accept-ranges: bytes
content-length: 11032
content-type: image/png
www.allwellinst.com/pictures/59_banner.jpg
198.54.126.9200 OK 284 kB URL HTTP/1.1 www.allwellinst.com/pictures/59_banner.jpg
IP 198.54.126.9:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1600x635, components 3\012- data
Size 284 kB (283598 bytes)
Hash 2f7d666c2a31446e6a64ae271420752c
598601e5cb989380e5522f3fa4b053b0c26c26df
b9c21749c2f59b012ee76cd61095115a14622e7af1cf86e38d83010dc8fd4d81
GET /pictures/59_banner.jpg HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=96f9a1a8eba32c5e17649ad3a6b9c9f7
HTTP/1.1 200 OK
date: Sun, 09 Oct 2022 07:36:35 GMT
server: Apache
last-modified: Tue, 27 Feb 2018 12:38:58 GMT
accept-ranges: bytes
content-length: 283598
content-type: image/jpeg
www.allwellinst.com/pictures/7_pic_1.jpg
198.54.126.9200 OK 60 kB URL HTTP/1.1 www.allwellinst.com/pictures/7_pic_1.jpg
IP 198.54.126.9:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 555x178, components 3\012- data
Hash d12b50e8aaab2de86b36684b675d0664
1e9cdc52c88484b4500973f09dd628e2bd4782af
9d0a5ad518c6eff7794e3e3ff23d26f2b33d46213f8966d397d57ab6cb52b98f
GET /pictures/7_pic_1.jpg HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=96f9a1a8eba32c5e17649ad3a6b9c9f7
HTTP/1.1 200 OK
date: Sun, 09 Oct 2022 07:36:35 GMT
server: Apache
last-modified: Sat, 10 Feb 2018 18:31:04 GMT
accept-ranges: bytes
content-length: 59760
content-type: image/jpeg
www.allwellinst.com/pictures/8_pic_1.jpg
198.54.126.9200 OK 109 kB URL HTTP/1.1 www.allwellinst.com/pictures/8_pic_1.jpg
IP 198.54.126.9:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2014:01:02 16:56:12], baseline, precision 8, 1060x334, components 3\012- data
Size 109 kB (108703 bytes)
Hash 4d9bea88a1847747d99e37c65db0231c
8767ce4f5e883456e328a68f080be0d2db535f5e
fdab77b9963c66345daf9abecc69ffba8e889e60ae9a1b46c9e6bc824e0086d3
GET /pictures/8_pic_1.jpg HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=96f9a1a8eba32c5e17649ad3a6b9c9f7
HTTP/1.1 200 OK
date: Sun, 09 Oct 2022 07:36:35 GMT
server: Apache
last-modified: Thu, 21 Mar 2019 09:55:44 GMT
accept-ranges: bytes
content-length: 108703
content-type: image/jpeg
www.allwellinst.com/pictures/120588221_90_pic_2.jpg
198.54.126.9200 OK 57 kB URL HTTP/1.1 www.allwellinst.com/pictures/120588221_90_pic_2.jpg
IP 198.54.126.9:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 10000", baseline, precision 8, 386x386, components 3\012- data
Hash 67b37ed9ab9bb9f97abf9e27342d8f6a
17fa86cee1e3bc59f79f254f46999506c6699a62
fcb467fd6e1e471080a974f970c47cad2550f2eab9c7d961e17285dc9662b25c
GET /pictures/120588221_90_pic_2.jpg HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=96f9a1a8eba32c5e17649ad3a6b9c9f7
HTTP/1.1 200 OK
date: Sun, 09 Oct 2022 07:36:35 GMT
server: Apache
last-modified: Wed, 05 Sep 2018 06:33:26 GMT
accept-ranges: bytes
content-length: 56782
content-type: image/jpeg
www.allwellinst.com/images/searchicon.png
198.54.126.9200 OK 1.4 kB URL HTTP/1.1 www.allwellinst.com/images/searchicon.png
IP 198.54.126.9:0
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash a79ce09b335d10eb2cc6ea14793e72b3
6d306d36329b4a366922ed40ef6a4ab7a04f2589
017b7570cace05d49c60dc2a7a8f5940434c8dd7b6210fdda6bbb77dac2bc155
GET /images/searchicon.png HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=96f9a1a8eba32c5e17649ad3a6b9c9f7
HTTP/1.1 200 OK
date: Sun, 09 Oct 2022 07:36:36 GMT
server: Apache
last-modified: Sat, 13 Jan 2018 23:20:08 GMT
accept-ranges: bytes
content-length: 1391
content-type: image/png
www.allwellinst.com/pictures/776475135_91_pic_2.jpg
198.54.126.9200 OK 120 kB URL HTTP/1.1 www.allwellinst.com/pictures/776475135_91_pic_2.jpg
IP 198.54.126.9:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 10000", baseline, precision 8, 450x450, components 3\012- data
Size 120 kB (119975 bytes)
Hash e19efa17a71185e7e8d1752aa6cb14d7
c596f42b3fe416deeb9c3d2a6328beb5eb207b7b
fb3c03fdb6b486d1498b0ec42945e6b35b29f7fd0eff9224b796ac5635a57997
GET /pictures/776475135_91_pic_2.jpg HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=96f9a1a8eba32c5e17649ad3a6b9c9f7
HTTP/1.1 200 OK
date: Sun, 09 Oct 2022 07:36:35 GMT
server: Apache
last-modified: Wed, 05 Sep 2018 06:44:18 GMT
accept-ranges: bytes
content-length: 119975
content-type: image/jpeg
www.allwellinst.com/images/favicon.ico
198.54.126.9200 OK 879 B URL HTTP/1.1 www.allwellinst.com/images/favicon.ico
IP 198.54.126.9:0
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash b8d8715a9ace301b1bcbc0bfedaf6373
a9325828ed128143fbb60f59388070210f586458
fe618ff54d22041554a6ec72b3baed694ef2f8461c6b935456c4e7c0cfe00d36
GET /images/favicon.ico HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=96f9a1a8eba32c5e17649ad3a6b9c9f7
HTTP/1.1 200 OK
date: Sun, 09 Oct 2022 07:36:37 GMT
server: Apache
last-modified: Fri, 13 Sep 2019 09:55:57 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 879
content-type: image/x-icon
www.allwellinst.com/pictures/61_banner.jpg
198.54.126.9200 OK 420 kB URL HTTP/1.1 www.allwellinst.com/pictures/61_banner.jpg
IP 198.54.126.9:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1600x635, components 3\012- data
Size 420 kB (419483 bytes)
Hash 4d3a486afcdc2cd7f73852b8c4a14460
635e4e3f99cf2f0626f8c7d9287be15e77df7b4b
1170e189732b2bb206e44e1e68a09fc5b3954d84ab25df23aa980c37a4186a26
GET /pictures/61_banner.jpg HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=96f9a1a8eba32c5e17649ad3a6b9c9f7
HTTP/1.1 200 OK
date: Sun, 09 Oct 2022 07:36:36 GMT
server: Apache
last-modified: Mon, 26 Feb 2018 07:27:47 GMT
accept-ranges: bytes
content-length: 419483
content-type: image/jpeg
www.allwellinst.com/pictures/60_banner.jpg
198.54.126.9200 OK 379 kB URL HTTP/1.1 www.allwellinst.com/pictures/60_banner.jpg
IP 198.54.126.9:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1600x635, components 3\012- data
Size 379 kB (378840 bytes)
Hash ef0dade9d3d8c3b63c9fbc5e7e9fa32a
f4d375b92280bdab1f0edfa7062a2994d71e5790
c76b12b1306abe8bfe76eb5689866c25b428700308c7de32378e06cd8a65eb18
GET /pictures/60_banner.jpg HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=96f9a1a8eba32c5e17649ad3a6b9c9f7
HTTP/1.1 200 OK
date: Sun, 09 Oct 2022 07:36:36 GMT
server: Apache
last-modified: Mon, 26 Feb 2018 07:27:35 GMT
accept-ranges: bytes
content-length: 378840
content-type: image/jpeg
www.allwellinst.com/pictures/1_pic_1.jpg
198.54.126.9200 OK 265 kB URL HTTP/1.1 www.allwellinst.com/pictures/1_pic_1.jpg
IP 198.54.126.9:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2014 (Windows), datetime=2018:02:17 13:43:07], baseline, precision 8, 559x179, components 3\012- data
Size 265 kB (264696 bytes)
Hash ffd3032acef349a342a1b0d22cd2089d
c51f1196805f8d61b16d0d9a7a2c619d2561d1c2
88ca28ae7cae709d27fc0561821c7f180b25b5ac5ce2627c0bbe560753658fc5
GET /pictures/1_pic_1.jpg HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=96f9a1a8eba32c5e17649ad3a6b9c9f7
HTTP/1.1 200 OK
date: Sun, 09 Oct 2022 07:36:34 GMT
server: Apache
last-modified: Sat, 17 Feb 2018 08:43:58 GMT
accept-ranges: bytes
content-length: 264696
content-type: image/jpeg
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461cb654-aa5c-4bd5-8076-2b7c4291ac37.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461cb654-aa5c-4bd5-8076-2b7c4291ac37.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d7ff33d7cf07f18638e733b28ae76053
21e92f0d2fb0413ef2ecc21ded768fa18bcbb4d8
e26b05fd7eec348e429a90c58839a5dc3181ecf3030c6e233c4b2edcf95d0c4c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461cb654-aa5c-4bd5-8076-2b7c4291ac37.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9689
x-amzn-requestid: 07492912-9d27-4e58-83cd-dad5c3740f22
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zm5fNEfrIAMFoCg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f6f94-7553d5f46fdc8512728118ab;Sampled=0
x-amzn-remapped-date: Fri, 07 Oct 2022 00:15:16 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EpJuSmWn3ewTFx4CA7UQ4hE6PGLxdMcJvhKO-yiGgowiuulCC1c0NA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sat, 08 Oct 2022 21:44:48 GMT
age: 35513
etag: "21e92f0d2fb0413ef2ecc21ded768fa18bcbb4d8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:400,400italic,300italic,300,500,700
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:400,400italic,300italic,300,500,700
IP 142.250.74.10:0
GET /css?family=Roboto:400,400italic,300italic,300,500,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.allwellinst.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 09 Oct 2022 07:36:33 GMT
date: Sun, 09 Oct 2022 07:36:33 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=PT+Sans+Caption:700
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=PT+Sans+Caption:700
IP 142.250.74.10:0
GET /css?family=PT+Sans+Caption:700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.allwellinst.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 09 Oct 2022 07:36:33 GMT
date: Sun, 09 Oct 2022 07:36:33 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.allwellinst.com/pictures/64_banner.jpg
198.54.126.9200 OK 0 B URL HTTP/1.1 www.allwellinst.com/pictures/64_banner.jpg
IP 198.54.126.9:0
GET /pictures/64_banner.jpg HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=96f9a1a8eba32c5e17649ad3a6b9c9f7
HTTP/1.1 200 OK
date: Sun, 09 Oct 2022 07:36:36 GMT
server: Apache
last-modified: Fri, 13 Sep 2019 10:41:33 GMT
accept-ranges: bytes
content-length: 481486
content-type: image/jpeg