Report - allwellinst.com/

Report Overview

Submitted URL
allwellinst.com/
IP
198.54.126.9
ASN
#22612 NAMECHEAP-NET
Submitted
2022-09-08 07:37:03
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
44

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	34.218.168.248
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.9 kB	122 kB	142.250.74.163
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.35
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
allwellinst.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	335 B	425 B	198.54.126.9
www.allwellinst.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	18 kB	2.7 MB	198.54.126.9
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	4.2 kB	142.250.74.3
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	63 kB	34.120.237.76
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	805 B	1.5 kB	216.58.211.10
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.35
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.77.32
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-08	medium	allwellinst.com/	Phishing
2022-09-08	medium	www.allwellinst.com/	Phishing
2022-09-08	medium	www.allwellinst.com/ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js	Phishing
2022-09-08	medium	www.allwellinst.com/js/bootstrap.min.js	Phishing
2022-09-08	medium	www.allwellinst.com/js/jssor.slider-21.1.5.mini.js	Phishing
2022-09-08	medium	www.allwellinst.com/js/animations.min.js	Phishing
2022-09-08	medium	www.allwellinst.com/js/jquery.plugin.js	Phishing
2022-09-08	medium	www.allwellinst.com/js/jquery.main.js	Phishing
2022-09-08	medium	www.allwellinst.com/js/timber.master.min.js	Phishing
2022-09-08	medium	www.allwellinst.com/js/jquery-1.11.3.min.js	Phishing
2022-09-08	medium	www.allwellinst.com/js/bootstrap-dropdownhover.min.js	Phishing
2022-09-08	medium	www.allwellinst.com/owl-carousel/owl.carousel.js	Phishing
2022-09-08	medium	www.allwellinst.com/assets1/js/bootstrap-collapse.js	Phishing
2022-09-08	medium	www.allwellinst.com/assets1/js/bootstrap-transition.js	Phishing
2022-09-08	medium	www.allwellinst.com/assets1/js/bootstrap-tab.js	Phishing
2022-09-08	medium	www.allwellinst.com/assets1/js/google-code-prettify/prettify.js	Phishing
2022-09-08	medium	www.allwellinst.com/assets1/js/application.js	Phishing
2022-09-08	medium	www.allwellinst.com/fonts/icomoon.woff	Phishing
2022-09-08	medium	www.allwellinst.com/ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js	Phishing
2022-09-08	medium	www.allwellinst.com/assets1/js/jquery-1.9.1.min.js	Phishing
2022-09-08	medium	www.allwellinst.com/fonts/fontawesome-webfont.woff2?v=4.7.0	Phishing
2022-09-08	medium	www.allwellinst.com/js/jquery.countdown.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (21)

	URL	Size	First Seen	Last Seen
	www.allwellinst.com/js/jquery-1.11.3.min.js	96 kB	2023-03-07	2024-03-18
Pretty URL www.allwellinst.com/js/jquery-1.11.3.min.js IP 198.54.126.9 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:06 Last Seen2024-03-18 10:26:49 Times Seen336 Hash 8e67452f561a3b8ee8a82fdf57672cd5 44d980c8f4d21057018d80398d574fa72aea1bc7 4e7e1c16e351e7bfc80cddef9f98e99113ddb0d1e201be00d53955fe62f0e523 Loading...

	www.allwellinst.com/js/animations.min.js	2.4 kB	2023-03-07	2024-01-23
Pretty URL www.allwellinst.com/js/animations.min.js IP 198.54.126.9 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:06 Last Seen2024-01-23 04:07:14 Times Seen9 Hash c9cd375b0ca0a23c90043125c8f8ca48 d2599a0bb056cbc5dfe583fd5e3c8bffe2164507 8c6825644ce1d0161f0962222b520b4a0db6afa274e87a092211731bbc25adcd Loading...

	www.allwellinst.com/js/bootstrap-dropdownhover.min.js	4.0 kB	2023-03-07	2023-11-10
Pretty URL www.allwellinst.com/js/bootstrap-dropdownhover.min.js IP 198.54.126.9 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:06 Last Seen2023-11-10 08:57:58 Times Seen13 Hash 965d4c02e4e87e71260f49ff406eec2e d199a95bbebf1780b055b079d8c3b740a6abcf62 be4327fb49447ec3f8b6bebddc118500defba23e370ceb3512ed7165027248b2 Loading...

	www.allwellinst.com/assets1/js/jquery-1.9.1.min.js	93 kB	2023-03-07	2024-04-19
Pretty URL www.allwellinst.com/assets1/js/jquery-1.9.1.min.js IP 198.54.126.9 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-19 19:16:40 Times Seen23220 Hash 397754ba49e9e0cf4e7c190da78dda05 ae49e56999d82802727455f0ba83b63acd90a22b c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4 Loading...

	www.allwellinst.com/	221 B	2023-03-07	2023-05-26
Pretty URL www.allwellinst.com/ IP 198.54.126.9 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:06 Last Seen2023-05-26 09:42:19 Times Seen3 Hash c13cd2344fad210ebc90563369a5a31d 51a7b272896c8d2436adfad85cdd37e99ee4d684 d4c108745bfbb9843a81ba58d87364e8741b13ed565c4df227e145613b64f182 Loading...

	www.allwellinst.com/assets1/js/bootstrap-tab.js	3.5 kB	2023-03-07	2023-12-31
Pretty URL www.allwellinst.com/assets1/js/bootstrap-tab.js IP 198.54.126.9 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:06 Last Seen2023-12-31 11:46:22 Times Seen32 Hash a0b0c35980fd3689f57c73f5ff319a68 dc24f65f1e2929725363188c0d2781c55bcabf16 c8c905de6cd5fe1fc840b2106bb4b5db48ea7a3fe5485114f760950e7becdf54 Loading...

	www.allwellinst.com/js/jquery.plugin.js	12 kB	2023-03-07	2024-04-02
Pretty URL www.allwellinst.com/js/jquery.plugin.js IP 198.54.126.9 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:54 Last Seen2024-04-02 15:51:39 Times Seen289 Hash 5089653f43d0a3970aae2bed9a31666a f3fa11db281157834693b61afb550b68908758b4 3ebcd7d59c2e596630fee4b6f1500f960e63f514a6816f11031c2d484d1f2683 Loading...

	www.allwellinst.com/js/timber.master.min.js	28 kB	2023-03-07	2023-11-21
Pretty URL www.allwellinst.com/js/timber.master.min.js IP 198.54.126.9 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:06 Last Seen2023-11-21 10:38:52 Times Seen7 Hash 293adaa086fe771ddbd64c980b4551c5 373416c7885bebfa8ce1192f76ce3ca93e6dacae 5d35c0286d7b6954081821a8b50e2379aae04aacff3861a8eac4ba503a8aea2b Loading...

	www.allwellinst.com/assets1/js/application.js	576 B	2023-03-07	2023-12-31
Pretty URL www.allwellinst.com/assets1/js/application.js IP 198.54.126.9 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:06 Last Seen2023-12-31 11:46:22 Times Seen20 Hash 76e9182b4ac1c30132c1d6485ac579e6 7f62374564defa711a3ea6fc57a23a082f65734b 8b853ca44809d5a05bd4018553e52c871c73003d20d4004db71c8b9a47219263 Loading...

	www.allwellinst.com/	307 B	2023-03-07	2023-05-26
Pretty URL www.allwellinst.com/ IP 198.54.126.9 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:06 Last Seen2023-05-26 09:42:19 Times Seen3 Hash 1f72ed0de6ccde1685395003258cadf7 77950659bdd351a86a40549027876d9243b7ab88 825a3d11c3c1af947b7788cfac72ac0eea041c66003f6e7d21fbb4b8f90eeb15 Loading...

	www.allwellinst.com/owl-carousel/owl.carousel.js	53 kB	2023-03-07	2024-04-11
Pretty URL www.allwellinst.com/owl-carousel/owl.carousel.js IP 198.54.126.9 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:55 Last Seen2024-04-11 09:32:02 Times Seen1691 Hash a5f96c62d75be144282ef6cc429a6259 99a600283194105be6679b4a7cba8ac27a8c455a 9221608a4df26c3a67d553a85ea42269235ca69d2ff47419148853830d5cea2d Loading...

	www.allwellinst.com/	82 B	2023-03-07	2023-05-26
Pretty URL www.allwellinst.com/ IP 198.54.126.9 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:06 Last Seen2023-05-26 09:42:19 Times Seen3 Hash 290d3eb3bb74790c3485d7a0629070a3 c44faa4d98dd7c638e2b059d723ac2f7a0d46146 24afdddd686884e46e19f47d617fa814db44e19ed8e3f83b4f65107095c41c5c Loading...

	www.allwellinst.com/assets1/js/bootstrap-collapse.js	4.7 kB	2023-03-07	2023-12-31
Pretty URL www.allwellinst.com/assets1/js/bootstrap-collapse.js IP 198.54.126.9 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:06 Last Seen2023-12-31 11:46:22 Times Seen36 Hash 00f3b07c6f55b836e7ee6e587a024264 54a985e176f2ea1de1821df1fe4a965dfeb9e43d 9f2c78554baae6de6f979ed29069ac3302d249e0d3911305de8682c13c45389e Loading...

	www.allwellinst.com/	358 B	2023-03-07	2023-05-26
Pretty URL www.allwellinst.com/ IP 198.54.126.9 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:06 Last Seen2023-05-26 09:42:19 Times Seen3 Hash 9b533b5f4305e5b99644653db1142e94 9df0b7c9fa1e2da571115ead3eac16d5395bdd28 0fa2e0d8e9be0e1fbca44fcaef7c30a80c83caa45fa5ecb9404f0600d367156b Loading...

	unknown	0 B	2023-03-07	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 20:46:59 Times Seen36967103 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.allwellinst.com/js/jquery.countdown.js	37 kB	2023-03-07	2024-01-19
Pretty URL www.allwellinst.com/js/jquery.countdown.js IP 198.54.126.9 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:06 Last Seen2024-01-19 07:52:23 Times Seen35 Hash 2d012bb507a1ccba5ff14c138b4049ae ffc3853c114f3714066b915de4b27f39478a3bd8 776b4b95c68119270b735dd8b8af221a66eae375e17c9770a754afe3cdd8e6ff Loading...

	www.allwellinst.com/	2.5 kB	2023-03-07	2023-05-26
Pretty URL www.allwellinst.com/ IP 198.54.126.9 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:06 Last Seen2023-05-26 09:42:19 Times Seen3 Hash cf40bbe7c85be7d6c463cce9a25e54a1 f4d68e149e9861afffa5c8445bf30bcae6004c5f 1037979ab4fcfef0c358e1bcd9c91b6b5933feddca33fb10a1f86ca91a814959 Loading...

	www.allwellinst.com/assets1/js/google-code-prettify/prettify.js	14 kB	2023-03-07	2024-02-08
Pretty URL www.allwellinst.com/assets1/js/google-code-prettify/prettify.js IP 198.54.126.9 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:00 Last Seen2024-02-08 18:22:35 Times Seen367 Hash 709bfcc456c694bfe8ee86d184a1c360 a4e5934397f97f79b8066984475c90af8a970a36 e2e576e3bc607cd179ff511947010f645d3441a35313aec0dbd06c4437f83b77 Loading...

	www.allwellinst.com/assets1/js/bootstrap-transition.js	1.8 kB	2023-03-07	2023-12-31
Pretty URL www.allwellinst.com/assets1/js/bootstrap-transition.js IP 198.54.126.9 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:06 Last Seen2023-12-31 11:46:22 Times Seen32 Hash a05a07909ed90b9fd5ff5839046b33ee 01a02a6ef355d440dd48e0fcc3affc89d454271a acc1b1af9058c1aeeb757055be7ebd9f39775b16f9c1a3cd068d49f2b0d32acb Loading...

	www.allwellinst.com/js/bootstrap.min.js	37 kB	2023-03-07	2024-04-19
Pretty URL www.allwellinst.com/js/bootstrap.min.js IP 198.54.126.9 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:31 Last Seen2024-04-19 09:11:17 Times Seen2931 Hash e7d9a06cf9053c51cd4ad3386da0659a e45bf1054704a1fdfc4ee2713a16bf9283dea995 9a3724b2051a82064c923cbd68343dcb04014adac3ccb8c4d8ac6a31ba2e12cd Loading...

	www.allwellinst.com/js/jssor.slider-21.1.5.mini.js	45 kB	2023-03-07	2023-12-26
Pretty URL www.allwellinst.com/js/jssor.slider-21.1.5.mini.js IP 198.54.126.9 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:06 Last Seen2023-12-26 20:17:57 Times Seen7 Hash 9d121dad526e4dea658db69d87900e9d d7980109de808ac1f8e1c0f8ccd1b5df268f17e3 a2cccfd574d712758fbce607a904ed659117aabd34e4344a59ac0ebec4cd5cea Loading...

HTTP Transactions (85)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.35

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 08 Sep 2022 07:03:06 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vkETwmo9xiXH1CuaIVDix_YJruuDkY77HzwIXwP8XvlxgBW4HK8Otg==
Age: 2026

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b9adda4796e3cda8d92753c46964621c
5f1eba1f6085b23dea088a91fe6f8947172f9f62
a0577a8fcfa81b3f86d99566eb4429655b93a238ffd1a3752bc9aae3d969deea

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0577A8FCFA81B3F86D99566EB4429655B93A238FFD1A3752BC9AAE3D969DEEA"
Last-Modified: Tue, 06 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15310
Expires: Thu, 08 Sep 2022 11:52:02 GMT
Date: Thu, 08 Sep 2022 07:36:52 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.35

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 08 Sep 2022 03:46:35 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: nSOG5C8kGcXt5x6dD1wQShAUMR7zwvCURMuEoCq6M5VwwxDmf-HZ8g==
age: 13818
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 07:36:52 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

allwellinst.com/

198.54.126.9

301 Moved Permanently

235 B

URL HTTP/1.1
allwellinst.com/
IP
198.54.126.9:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
235 B (235 bytes)
Hash
2348f6ab9a5a61b3e3d100cee86b029b
3e4a79ba4235b4325eef5da5379529b225fd1188
046e2e8d5a5e775450f3f5309c0235250c45ad8a7d848b07040c1e58c41a9221

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
date: Thu, 08 Sep 2022 07:36:52 GMT
server: Apache
location: http://www.allwellinst.com/
content-length: 235
content-type: text/html; charset=iso-8859-1

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.35

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 08 Sep 2022 06:38:18 GMT
Cache-Control: max-age=3600
Expires: Thu, 08 Sep 2022 07:16:15 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: YHBxkz1vT4GSz6L9e1Yij_jDIu_KVMW0la6ClJTU5tNkBpun169RzQ==
Age: 3514

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
a81b0f5b5d11bf95fc176833b2f6e808
5b194aa5a8bf3a6b0d117ccfd0f487f6db0587b5
8f6ae83f2b85db7174bbbc6553e2921617b5c8a401315e76082682949a0bd9cc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4837
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 07:36:52 GMT
Last-Modified: Thu, 08 Sep 2022 06:16:15 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

www.allwellinst.com/

198.54.126.9

200 OK

7.1 kB

URL HTTP/1.1
www.allwellinst.com/
IP
198.54.126.9:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
7.1 kB (7106 bytes)
Hash
1c4993f2fab8a2ea6ef08605318f37c1
b94638b92abf820c0bd34bf580f2888b552ba841
1a322e3d802f6f220b30056f4cf133b0b7c8e18c4721905009cd20f6c3dece6a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
date: Thu, 08 Sep 2022 07:36:52 GMT
server: Apache
x-powered-by: PHP/5.6.40
set-cookie: PHPSESSID=e9525gr6mbkc5cbaip7l0i29f3; path=/
vary: Accept-Encoding
content-encoding: gzip
content-length: 7106
content-type: text/html; charset=UTF-8

push.services.mozilla.com/

34.218.168.248

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.218.168.248:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FPlqFfCo8XyA+ueb7XehHA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 4ovNiHVyTZsvgF3SmxBHD+1wXnU=

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
db433121f8c8215d44bcd26aff290172
f96b386796e3589437cd57fac6782842c17ce746
455323a3f807014a498118929131b6aad4ec5283f95be23108b2afd329576098

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 07:36:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
db433121f8c8215d44bcd26aff290172
f96b386796e3589437cd57fac6782842c17ce746
455323a3f807014a498118929131b6aad4ec5283f95be23108b2afd329576098

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 07:36:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.allwellinst.com/css/jquery.countdown.css

198.54.126.9

200 OK

557 B

URL HTTP/1.1
www.allwellinst.com/css/jquery.countdown.css
IP
198.54.126.9:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with CRLF line terminators
Size
557 B (557 bytes)
Hash
f479f2ac3253e87e11b968e75df1c4d8
6cf4e4d3c6d134183c9ff5437abdaca29665e212
3d327674671ca969cb98f4e27a138821b62c5a310c122a162ed4695c6d4e7828

HTTP Headers

GET /css/jquery.countdown.css HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=e9525gr6mbkc5cbaip7l0i29f3

HTTP/1.1 200 OK
date: Thu, 08 Sep 2022 07:36:53 GMT
server: Apache
last-modified: Sun, 29 May 2016 02:25:42 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 557
content-type: text/css

www.allwellinst.com/css/colors.css

198.54.126.9

200 OK

863 B

URL HTTP/1.1
www.allwellinst.com/css/colors.css
IP
198.54.126.9:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with CRLF line terminators
Size
863 B (863 bytes)
Hash
db1d77b55ac3f1e77d539360cd656fd4
f38141c4a42b479f7022eb6428298b496cea1328
e64ad777fc524fc1b284359f5ad96dc47cda8e951729dd251f5b792db9f65f3c

HTTP Headers

GET /css/colors.css HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=e9525gr6mbkc5cbaip7l0i29f3

HTTP/1.1 200 OK
date: Thu, 08 Sep 2022 07:36:53 GMT
server: Apache
last-modified: Sat, 10 Feb 2018 17:53:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 863
content-type: text/css

www.allwellinst.com/css/font-awesome.min.css

198.54.126.9

200 OK

7.1 kB

URL HTTP/1.1
www.allwellinst.com/css/font-awesome.min.css
IP
198.54.126.9:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (30837)
Size
7.1 kB (7053 bytes)
Hash
52f1a8a2ce85fa8432308b33bc1a2e79
fd80917af5371c8ecad0198592a1e7cce4b77b0e
07bd6a9ea0213e20f362485aadc17a88c486ecfb394004b41b8b38db6e6a35f6

HTTP Headers

GET /css/font-awesome.min.css HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=e9525gr6mbkc5cbaip7l0i29f3

HTTP/1.1 200 OK
date: Thu, 08 Sep 2022 07:36:53 GMT
server: Apache
last-modified: Mon, 26 Feb 2018 11:24:39 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7053
content-type: text/css

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
db433121f8c8215d44bcd26aff290172
f96b386796e3589437cd57fac6782842c17ce746
455323a3f807014a498118929131b6aad4ec5283f95be23108b2afd329576098

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 07:36:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.allwellinst.com/css/font-awesome.css

198.54.126.9

200 OK

7.4 kB

URL HTTP/1.1
www.allwellinst.com/css/font-awesome.css
IP
198.54.126.9:0
ASN
#22612 NAMECHEAP-NET

File type
troff or preprocessor input, ASCII text, with very long lines (372)
Size
7.4 kB (7439 bytes)
Hash
57a8ee32de25312ab303210ef3c556a9
388f783ee7c84801442370bf8d3812213a1198f5
8bdd62fda01c7b19a4d2ee31cfb4d2fc6123a958cb23bf902c9fead7fc6a9c0d

HTTP Headers

GET /css/font-awesome.css HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=e9525gr6mbkc5cbaip7l0i29f3

HTTP/1.1 200 OK
date: Thu, 08 Sep 2022 07:36:53 GMT
server: Apache
last-modified: Mon, 26 Feb 2018 11:24:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7439
content-type: text/css

www.allwellinst.com/css/bootstrap.css

198.54.126.9

200 OK

22 kB

URL HTTP/1.1
www.allwellinst.com/css/bootstrap.css
IP
198.54.126.9:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (540), with CRLF line terminators
Size
22 kB (21931 bytes)
Hash
fbc86d068745fc184b27acf5b4c9e537
c79328d2be5383098c1908060994cf3605f86933
22e3c1acaf4a838c3917d2bd13327f6f65f91c28fcfd7bcdd3b99ce951301cbb

HTTP Headers

GET /css/bootstrap.css HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=e9525gr6mbkc5cbaip7l0i29f3

HTTP/1.1 200 OK
date: Thu, 08 Sep 2022 07:36:53 GMT
server: Apache
last-modified: Sat, 10 Feb 2018 21:16:04 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 21931
content-type: text/css

www.allwellinst.com/css/style.css

198.54.126.9

200 OK

18 kB

URL HTTP/1.1
www.allwellinst.com/css/style.css
IP
198.54.126.9:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
18 kB (17700 bytes)
Hash
f5bbe4867d6da98768e6ff6f0e40bce3
02ab966cf1f7b5506db89abd1c73b108292f58b6
35a8b1acdf7256f32a48efe6caa00aca6094aedd9ac175cb23f7537f6d23e310

HTTP Headers

GET /css/style.css HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=e9525gr6mbkc5cbaip7l0i29f3

HTTP/1.1 200 OK
date: Thu, 08 Sep 2022 07:36:53 GMT
server: Apache
last-modified: Wed, 28 Feb 2018 10:53:29 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 17700
content-type: text/css

www.allwellinst.com/css/animate.min.css

198.54.126.9

200 OK

3.6 kB

URL HTTP/1.1
www.allwellinst.com/css/animate.min.css
IP
198.54.126.9:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (53660), with CRLF line terminators
Size
3.6 kB (3601 bytes)
Hash
edfa4a796d55b7ec4882b9c12e1c1939
38d363c6ecbbbec1187594f3847f7a293623878b
04e6f08ffbdeb5c867fc1ef6b2dba674d17443a0a460f07e14a25d9a039d9933

HTTP Headers

GET /css/animate.min.css HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=e9525gr6mbkc5cbaip7l0i29f3

HTTP/1.1 200 OK
date: Thu, 08 Sep 2022 07:36:53 GMT
server: Apache
last-modified: Sun, 29 May 2016 02:25:42 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3601
content-type: text/css

www.allwellinst.com/owl-carousel/owl.theme.css

198.54.126.9

200 OK

617 B

URL HTTP/1.1
www.allwellinst.com/owl-carousel/owl.theme.css
IP
198.54.126.9:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with CRLF line terminators
Size
617 B (617 bytes)
Hash
717116511b7dd6e0d932945564d48b5d
e38c19fff93b9be8e44fe467812bf8dc826b62ba
62ddc65aab06a9df9a42f02c06d3b255479f55b8e02cce890cf8ed0b1874132f

HTTP Headers

GET /owl-carousel/owl.theme.css HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=e9525gr6mbkc5cbaip7l0i29f3

HTTP/1.1 200 OK
date: Thu, 08 Sep 2022 07:36:53 GMT
server: Apache
last-modified: Tue, 28 Jun 2016 05:13:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 617
content-type: text/css

www.allwellinst.com/owl-carousel/owl.carousel.css

198.54.126.9

200 OK

528 B

URL HTTP/1.1
www.allwellinst.com/owl-carousel/owl.carousel.css
IP
198.54.126.9:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
528 B (528 bytes)
Hash
a70757c9c5b45b8b3e693066dee5c63c
4ddc02d2eac2bb1a9ccc446ff1e19641ee8f7279
97e2ca1b06a80ecd57e1514d54bec8904727d25dc47f878b41d204c72e8535de

HTTP Headers

GET /owl-carousel/owl.carousel.css HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=e9525gr6mbkc5cbaip7l0i29f3

HTTP/1.1 200 OK
date: Thu, 08 Sep 2022 07:36:53 GMT
server: Apache
last-modified: Tue, 13 May 2014 14:56:20 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 528
content-type: text/css

www.allwellinst.com/css/bootstrap-dropdownhover.min.css

198.54.126.9

200 OK

480 B

URL HTTP/1.1
www.allwellinst.com/css/bootstrap-dropdownhover.min.css
IP
198.54.126.9:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (1161), with CRLF line terminators
Size
480 B (480 bytes)
Hash
71671aa52fd73b7ff21a09d8b483afad
d55037ffbe361394be87684749205796984405cf
6c6f489c2020cb8e856c85095e7586fa83e4c278a34c7b7abce30175e90ab1bc

HTTP Headers

GET /css/bootstrap-dropdownhover.min.css HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=e9525gr6mbkc5cbaip7l0i29f3

HTTP/1.1 200 OK
date: Thu, 08 Sep 2022 07:36:53 GMT
server: Apache
last-modified: Sun, 29 May 2016 02:25:42 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 480
content-type: text/css

www.allwellinst.com/css/animations.min.css

198.54.126.9

200 OK

11 kB

URL HTTP/1.1
www.allwellinst.com/css/animations.min.css
IP
198.54.126.9:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (59107), with CRLF line terminators
Size
11 kB (10969 bytes)
Hash
a294b31e76b68602c2093a027964968d
e2f0eb819471aa19d77af62f9466f1fcb25d2a8c
94d551bf5d5c33c98843e986d3f117b642504ba8d38ccc7881a1da694b85b894

HTTP Headers

GET /css/animations.min.css HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=e9525gr6mbkc5cbaip7l0i29f3

HTTP/1.1 200 OK
date: Thu, 08 Sep 2022 07:36:53 GMT
server: Apache
last-modified: Tue, 24 May 2016 01:59:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 10969
content-type: text/css

www.allwellinst.com/assets1/js/google-code-prettify/prettify.css

198.54.126.9

200 OK

337 B

URL HTTP/1.1
www.allwellinst.com/assets1/js/google-code-prettify/prettify.css
IP
198.54.126.9:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
337 B (337 bytes)
Hash
580c1f43a19d99824ec9c82f3af5afa1
2822fab5d742813c39307c0fc895092f30d72e6d
19e851fe4220853358642e096e2f74d11134a5c5c4b625f414551284df042dcb

HTTP Headers

GET /assets1/js/google-code-prettify/prettify.css HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=e9525gr6mbkc5cbaip7l0i29f3

HTTP/1.1 200 OK
date: Thu, 08 Sep 2022 07:36:53 GMT
server: Apache
last-modified: Tue, 15 Apr 2014 10:33:26 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 337
content-type: text/css

www.allwellinst.com/ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js

198.54.126.9

404 Not Found

315 B

URL HTTP/1.1
www.allwellinst.com/ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
IP
198.54.126.9:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=e9525gr6mbkc5cbaip7l0i29f3

HTTP/1.1 404 Not Found
date: Thu, 08 Sep 2022 07:36:53 GMT
server: Apache
content-length: 315
content-type: text/html; charset=iso-8859-1

www.allwellinst.com/js/bootstrap.min.js

198.54.126.9

200 OK

9.8 kB

URL HTTP/1.1
www.allwellinst.com/js/bootstrap.min.js
IP
198.54.126.9:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (32034), with CRLF line terminators
Size
9.8 kB (9753 bytes)
Hash
8f033e5279d721a6b7b83b823106a831
b2034937c603bfb5bd10a8706b9997ce1e48422a
37c0bad76bc5d0678f54d41811131bb0f89421a39cf009ed8508e97da70bb531

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/bootstrap.min.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=e9525gr6mbkc5cbaip7l0i29f3

HTTP/1.1 200 OK
date: Thu, 08 Sep 2022 07:36:53 GMT
server: Apache
last-modified: Wed, 18 May 2016 21:31:18 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 9753
content-type: application/javascript

www.allwellinst.com/js/jssor.slider-21.1.5.mini.js

198.54.126.9

200 OK

18 kB

URL HTTP/1.1
www.allwellinst.com/js/jssor.slider-21.1.5.mini.js
IP
198.54.126.9:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (45340)
Size
18 kB (18516 bytes)
Hash
4f156d967ee1b02dec81b65bde2425ba
7a68c479ef675d0b25ce9a87000c92c1e7e677ca
0f176f7705a6d1400229bcdc337d09c746830c790c60e81ad1984e773597440a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/jssor.slider-21.1.5.mini.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=e9525gr6mbkc5cbaip7l0i29f3

HTTP/1.1 200 OK
date: Thu, 08 Sep 2022 07:36:53 GMT
server: Apache
last-modified: Mon, 05 Sep 2016 11:11:24 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 18516
content-type: application/javascript

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
da05c4b51a3dabf88135becc19f1af52
2c8e928a750eff713ffba9cacff2ee241b22c236
3a718561532594be11fba74ace11458dc337786dacb48c588777120b6916984f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 07:36:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
da05c4b51a3dabf88135becc19f1af52
2c8e928a750eff713ffba9cacff2ee241b22c236
3a718561532594be11fba74ace11458dc337786dacb48c588777120b6916984f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 07:36:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.163

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.allwellinst.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:34:08 GMT
expires: Thu, 07 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 43365
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

142.250.74.163

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Size
16 kB (15740 bytes)
Hash
b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.allwellinst.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:34:21 GMT
expires: Thu, 07 Sep 2023 19:34:21 GMT
cache-control: public, max-age=31536000
age: 43352
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.163

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.allwellinst.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:34:08 GMT
expires: Thu, 07 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 43365
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

142.250.74.163

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.allwellinst.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Sep 2022 02:02:22 GMT
expires: Sun, 03 Sep 2023 02:02:22 GMT
cache-control: public, max-age=31536000
age: 452071
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.allwellinst.com/js/animations.min.js

198.54.126.9

200 OK

896 B

URL HTTP/1.1
www.allwellinst.com/js/animations.min.js
IP
198.54.126.9:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (1984), with CRLF line terminators
Size
896 B (896 bytes)
Hash
59a80dad15d80721e03dbe32d579d524
c4e52939216121a6aa32352a3da1561e1c86f2a5
019bc22e048a00b9259bdc98b595a5026807357162447e4947d65a145584a2e0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/animations.min.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=e9525gr6mbkc5cbaip7l0i29f3

HTTP/1.1 200 OK
date: Thu, 08 Sep 2022 07:36:53 GMT
server: Apache
last-modified: Tue, 24 May 2016 01:59:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 896
content-type: application/javascript

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
da05c4b51a3dabf88135becc19f1af52
2c8e928a750eff713ffba9cacff2ee241b22c236
3a718561532594be11fba74ace11458dc337786dacb48c588777120b6916984f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 07:36:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.allwellinst.com/js/jquery.plugin.js

198.54.126.9

200 OK

3.7 kB

URL HTTP/1.1
www.allwellinst.com/js/jquery.plugin.js
IP
198.54.126.9:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with CRLF line terminators
Size
3.7 kB (3707 bytes)
Hash
71713fa2e9a97b2955421a491410feb2
032e3d4f3a81541f6bc76e23bc143de652b53245
9129efcab5de3069b545261f1d3cc51989ba43c1568863e9a7ebfe1a0cff345a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/jquery.plugin.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=e9525gr6mbkc5cbaip7l0i29f3

HTTP/1.1 200 OK
date: Thu, 08 Sep 2022 07:36:53 GMT
server: Apache
last-modified: Sat, 28 May 2016 02:21:12 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3707
content-type: application/javascript

www.allwellinst.com/js/jquery.main.js

198.54.126.9

200 OK

25 kB

URL HTTP/1.1
www.allwellinst.com/js/jquery.main.js
IP
198.54.126.9:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
25 kB (24872 bytes)
Hash
98ab334a2b8ea90c03be8e7d4be821c2
754087e3c79b6a245cc45f0f3aa46277a23a7028
33eff417c1d5eeb88f350268cdc71b7dcfee57020e51d6efafee876be6964065

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/jquery.main.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=e9525gr6mbkc5cbaip7l0i29f3

HTTP/1.1 200 OK
date: Thu, 08 Sep 2022 07:36:53 GMT
server: Apache
last-modified: Mon, 04 Jul 2016 19:16:24 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 24872
content-type: application/javascript

www.allwellinst.com/js/timber.master.min.js

198.54.126.9

200 OK

7.5 kB

URL HTTP/1.1
www.allwellinst.com/js/timber.master.min.js
IP
198.54.126.9:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (13394), with CRLF line terminators
Size
7.5 kB (7483 bytes)
Hash
4ec7d67f088a89412db086b2649cf98b
7a0cd55298193f117eebcf36354dff01b09602d4
cfe1eb89541742ab9a9cf73e13d58bb9daf829497e33bdaa88b0c318c9dc7616

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/timber.master.min.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=e9525gr6mbkc5cbaip7l0i29f3

HTTP/1.1 200 OK
date: Thu, 08 Sep 2022 07:36:53 GMT
server: Apache
last-modified: Sat, 28 May 2016 02:21:12 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7483
content-type: application/javascript

www.allwellinst.com/js/jquery-1.11.3.min.js

198.54.126.9

200 OK

33 kB

URL HTTP/1.1
www.allwellinst.com/js/jquery-1.11.3.min.js
IP
198.54.126.9:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (32038), with CRLF line terminators
Size
33 kB (33325 bytes)
Hash
9ce1aed52fb8705862f1fe577d2e32ee
6dd527958b075fb9d9bee25a79fef3da2068e7a8
cd7fce434a5bab178c3bee88ee5faf69cbcb7a6b802a9d6e3c3a5b01eefa7817

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/jquery-1.11.3.min.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=e9525gr6mbkc5cbaip7l0i29f3

HTTP/1.1 200 OK
date: Thu, 08 Sep 2022 07:36:53 GMT
server: Apache
last-modified: Mon, 05 Sep 2016 11:11:24 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 33325
content-type: application/javascript

www.allwellinst.com/js/bootstrap-dropdownhover.min.js

198.54.126.9

200 OK

1.4 kB

URL HTTP/1.1
www.allwellinst.com/js/bootstrap-dropdownhover.min.js
IP
198.54.126.9:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (3959), with CRLF line terminators
Size
1.4 kB (1365 bytes)
Hash
25a9a16a8cfad2825d0951f959506b3d
fe68cb14fed7e82170bcf927f2e14840d99e8b23
e53701d7e509800745dd1c8ca58316bd8bfcdb48b9a7a9ed88d2a85c2ca3c315

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/bootstrap-dropdownhover.min.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=e9525gr6mbkc5cbaip7l0i29f3

HTTP/1.1 200 OK
date: Thu, 08 Sep 2022 07:36:53 GMT
server: Apache
last-modified: Sun, 29 May 2016 02:25:42 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1365
content-type: application/javascript

www.allwellinst.com/owl-carousel/owl.carousel.js

198.54.126.9

200 OK

8.8 kB

URL HTTP/1.1
www.allwellinst.com/owl-carousel/owl.carousel.js
IP
198.54.126.9:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
8.8 kB (8751 bytes)
Hash
39c690419159637e1f3977c8dfb5718d
202b2d75966f313aec83f414d0845154e2d9384b
04a284e3609cc5cc5be472faf440515595190574f61b9f46c5c6fbec298a684f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /owl-carousel/owl.carousel.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=e9525gr6mbkc5cbaip7l0i29f3

HTTP/1.1 200 OK
date: Thu, 08 Sep 2022 07:36:53 GMT
server: Apache
last-modified: Tue, 13 May 2014 14:54:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 8751
content-type: application/javascript

www.allwellinst.com/assets1/js/bootstrap-collapse.js

198.54.126.9

200 OK

1.6 kB

URL HTTP/1.1
www.allwellinst.com/assets1/js/bootstrap-collapse.js
IP
198.54.126.9:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
1.6 kB (1644 bytes)
Hash
501207e775d7b24f2c32f313e0fa6d41
8dfa9dc9fcb5fbcf6b628165ca1af40d2bff292d
3c742629def498f8b8393df8f4ca0fa512bf9c66de1eb7f7a9c646efce2bfa68

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets1/js/bootstrap-collapse.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=e9525gr6mbkc5cbaip7l0i29f3

HTTP/1.1 200 OK
date: Thu, 08 Sep 2022 07:36:53 GMT
server: Apache
last-modified: Tue, 15 Apr 2014 10:33:26 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1644
content-type: application/javascript

www.allwellinst.com/assets1/js/bootstrap-transition.js

198.54.126.9

200 OK

764 B

URL HTTP/1.1
www.allwellinst.com/assets1/js/bootstrap-transition.js
IP
198.54.126.9:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
764 B (764 bytes)
Hash
9285f62d3f1a619b4fb654930f15c955
0f16aa087880fef969fe456c3202ed56e8ab638c
eb45f464f9f34ecbb4f2aadc2d99a934387a77e7bae28d3239890690f9e5ae14

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets1/js/bootstrap-transition.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=e9525gr6mbkc5cbaip7l0i29f3

HTTP/1.1 200 OK
date: Thu, 08 Sep 2022 07:36:53 GMT
server: Apache
last-modified: Tue, 15 Apr 2014 10:33:26 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 764
content-type: application/javascript

fonts.gstatic.com/s/ptsanscaption/v18/0FlJVP6Hrxmt7-fsUFhlFXNIlpcSwSrkTA-v.woff2

142.250.74.163

200 OK

35 kB

URL HTTP/2
fonts.gstatic.com/s/ptsanscaption/v18/0FlJVP6Hrxmt7-fsUFhlFXNIlpcSwSrkTA-v.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 35208, version 1.0\012- data
Size
35 kB (35208 bytes)
Hash
533b904aeb71d52d4ed3d58ee59a7603
e86c7ca5fe5f70ed2e47b3874e779716acf65f0d
106eafbee08b482008e6c88cf642224c8e1bddfd0edac403bb6222574e4f7d2a

HTTP Headers

GET /s/ptsanscaption/v18/0FlJVP6Hrxmt7-fsUFhlFXNIlpcSwSrkTA-v.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.allwellinst.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35208
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Sep 2022 06:43:00 GMT
expires: Fri, 08 Sep 2023 06:43:00 GMT
cache-control: public, max-age=31536000
age: 3234
last-modified: Wed, 27 Apr 2022 16:09:37 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2

142.250.74.163

200 OK

17 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 17368, version 1.0\012- data
Size
17 kB (17368 bytes)
Hash
abe083d96b58eb02ada8b7c30d7b09f2
61447d66d13a8c8f4335696777a85c438c46f749
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9

HTTP Headers

GET /s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.allwellinst.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:47:56 GMT
expires: Thu, 07 Sep 2023 19:47:56 GMT
cache-control: public, max-age=31536000
age: 42538
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.allwellinst.com/assets1/js/bootstrap-tab.js

198.54.126.9

200 OK

1.4 kB

URL HTTP/1.1
www.allwellinst.com/assets1/js/bootstrap-tab.js
IP
198.54.126.9:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
1.4 kB (1381 bytes)
Hash
2f2760fbba9ad4b94394d939c69a36ed
7a9ebdd9eca0df9f889074d7ff51e6bf654327cf
5043be95433c08755452b29f006744b9c5f90bb2d2f838b101ec2e6a598116e2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets1/js/bootstrap-tab.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=e9525gr6mbkc5cbaip7l0i29f3

HTTP/1.1 200 OK
date: Thu, 08 Sep 2022 07:36:54 GMT
server: Apache
last-modified: Tue, 15 Apr 2014 10:33:26 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1381
content-type: application/javascript

www.allwellinst.com/assets1/js/google-code-prettify/prettify.js

198.54.126.9

200 OK

6.0 kB

URL HTTP/1.1
www.allwellinst.com/assets1/js/google-code-prettify/prettify.js
IP
198.54.126.9:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (592)
Size
6.0 kB (6025 bytes)
Hash
d8b175afa3794445f44221b4dc35785b
a4b89d7a71601eba286b09ac88f781b0c4c9c599
5bcaa348ba6c0862c9a3127595f3be54502913fc77a0e4922c190a1db9f5fd3a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets1/js/google-code-prettify/prettify.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=e9525gr6mbkc5cbaip7l0i29f3

HTTP/1.1 200 OK
date: Thu, 08 Sep 2022 07:36:54 GMT
server: Apache
last-modified: Tue, 15 Apr 2014 10:33:26 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 6025
content-type: application/javascript

www.allwellinst.com/assets1/js/application.js

198.54.126.9

200 OK

338 B

URL HTTP/1.1
www.allwellinst.com/assets1/js/application.js
IP
198.54.126.9:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
338 B (338 bytes)
Hash
898881ed4d5e40fdf4c61a85ca56c1a8
798e22f25e99ec0eb8120f86b9825f652bb46560
1d170e4aab3df843ec6d38b80cbb9d2259d2a0719dc629ab728cfba2efd4739b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets1/js/application.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=e9525gr6mbkc5cbaip7l0i29f3

HTTP/1.1 200 OK
date: Thu, 08 Sep 2022 07:36:54 GMT
server: Apache
last-modified: Tue, 15 Apr 2014 10:33:26 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 338
content-type: application/javascript

www.allwellinst.com/images/searchicon2.png

198.54.126.9

200 OK

933 B

URL HTTP/1.1
www.allwellinst.com/images/searchicon2.png
IP
198.54.126.9:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size
933 B (933 bytes)
Hash
eaa74d5858e4d2ea34c1e3a0c2da2715
11f38a7b7accbd4b8aa92ff813c82b3051355059
95f62d694c27788a74dfca029eea30d061447cde8680a16e28600543347ffe86

HTTP Headers

GET /images/searchicon2.png HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=e9525gr6mbkc5cbaip7l0i29f3

HTTP/1.1 200 OK
date: Thu, 08 Sep 2022 07:36:54 GMT
server: Apache
last-modified: Sat, 10 Feb 2018 19:31:02 GMT
accept-ranges: bytes
content-length: 933
content-type: image/png

www.allwellinst.com/fonts/icomoon.woff

198.54.126.9

200 OK

2.8 kB

URL HTTP/1.1
www.allwellinst.com/fonts/icomoon.woff
IP
198.54.126.9:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format, TrueType, length 2808, version 0.0\012- data
Size
2.8 kB (2808 bytes)
Hash
31a3e4e78a3e107ef72d075070a3eda7
0de50feacd42e03edc520af87e7b7c29f814619b
ac79434b1348cc08f2b9c430d3884730cce55e3738c04d0d9787d16397ecc998

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /fonts/icomoon.woff HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.allwellinst.com/css/style.css
Cookie: PHPSESSID=e9525gr6mbkc5cbaip7l0i29f3

HTTP/1.1 200 OK
date: Thu, 08 Sep 2022 07:36:54 GMT
server: Apache
last-modified: Tue, 24 May 2016 01:59:44 GMT
accept-ranges: bytes
content-length: 2808
content-type: font/woff

www.allwellinst.com/ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js

198.54.126.9

404 Not Found

315 B

URL HTTP/1.1
www.allwellinst.com/ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
IP
198.54.126.9:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=e9525gr6mbkc5cbaip7l0i29f3

HTTP/1.1 404 Not Found
date: Thu, 08 Sep 2022 07:36:54 GMT
server: Apache
content-length: 315
content-type: text/html; charset=iso-8859-1

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19591
Expires: Thu, 08 Sep 2022 13:03:25 GMT
Date: Thu, 08 Sep 2022 07:36:54 GMT
Connection: keep-alive

www.allwellinst.com/assets1/js/jquery-1.9.1.min.js

198.54.126.9

200 OK

33 kB

URL HTTP/1.1
www.allwellinst.com/assets1/js/jquery-1.9.1.min.js
IP
198.54.126.9:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (32089)
Size
33 kB (32775 bytes)
Hash
fcf0a7201168a979dd4b222a54471e0f
9056c50ea859db10d2d959654d0f8dde367360ee
c40969745be3d2181fd5d40425f9080ac2c62e63d298c1de8bb4bbda5e4ea0f7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets1/js/jquery-1.9.1.min.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=e9525gr6mbkc5cbaip7l0i29f3

HTTP/1.1 200 OK
date: Thu, 08 Sep 2022 07:36:53 GMT
server: Apache
last-modified: Tue, 15 Apr 2014 10:33:26 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 32775
content-type: application/javascript

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19591
Expires: Thu, 08 Sep 2022 13:03:25 GMT
Date: Thu, 08 Sep 2022 07:36:54 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19591
Expires: Thu, 08 Sep 2022 13:03:25 GMT
Date: Thu, 08 Sep 2022 07:36:54 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19591
Expires: Thu, 08 Sep 2022 13:03:25 GMT
Date: Thu, 08 Sep 2022 07:36:54 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19591
Expires: Thu, 08 Sep 2022 13:03:25 GMT
Date: Thu, 08 Sep 2022 07:36:54 GMT
Connection: keep-alive

www.allwellinst.com/pictures/1_logo.png

198.54.126.9

200 OK

16 kB

URL HTTP/1.1
www.allwellinst.com/pictures/1_logo.png
IP
198.54.126.9:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 343 x 72, 8-bit/color RGBA, non-interlaced\012- data
Size
16 kB (15557 bytes)
Hash
2f779c35970815d7c72de4a6dca659f6
58cfc2576b8582d0dae9f2972136b319a5d02cdc
d3a03c404e32e2c559ccdcd687bc862ee43668a399abac4b708c34d5d6899ce1

HTTP Headers

GET /pictures/1_logo.png HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=e9525gr6mbkc5cbaip7l0i29f3

HTTP/1.1 200 OK
date: Thu, 08 Sep 2022 07:36:54 GMT
server: Apache
last-modified: Sat, 17 Feb 2018 06:57:56 GMT
accept-ranges: bytes
content-length: 15557
content-type: image/png

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ba17b3c-58f5-4458-8dc2-8e4a7cf8d782.jpeg

34.120.237.76

200 OK

7.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ba17b3c-58f5-4458-8dc2-8e4a7cf8d782.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.3 kB (7251 bytes)
Hash
1cd778a615e9a4ca3a25119790398434
d6daca74fc85d39274b3c7536f34528bef93ae97
e6b5a7a525e314e09c30985b22da7c34806df09cbe98ad52b00dcbf93a0dc054

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ba17b3c-58f5-4458-8dc2-8e4a7cf8d782.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7251
x-amzn-requestid: 26b2021a-4440-47ce-8dba-d971cae60cc1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9bmHcmoAMF3Fw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f7d-5471edce7de2374c3b8af888;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:39:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: d3MrDEyDFDylQKyfxONQ12_7IBvRAg8o0rSZ64WNRGNvDHqQyDmqJA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 22:17:17 GMT
age: 33577
etag: "d6daca74fc85d39274b3c7536f34528bef93ae97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb315ccda-47b0-49c5-99a0-12afdd067d85.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9522 bytes)
Hash
4441c1068785cba072f00d2d0eb6845a
c9f6dcbe2ff27a02eb16f9feb61463db6d991e1a
a64cd40f7712eca8e1b5a82551f58017da1a940aa12cd6376d1acb38a0988252

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb315ccda-47b0-49c5-99a0-12afdd067d85.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9522
x-amzn-requestid: 7dd97483-0aec-4301-92bf-a5dd376cd573
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YE91bFWFIAMF6nw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63184355-6b56e76e5c0144050ee2d274;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 07:08:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: axvuljIk5EvKbJXAVYHwYhZEgweosZodxvbxKjIRhYm8wPHDHgrcHQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 07:10:55 GMT
age: 1559
etag: "c9f6dcbe2ff27a02eb16f9feb61463db6d991e1a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F822fb287-f1f6-45a1-be54-4fa7385bb163.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11365 bytes)
Hash
6f73ee4e91b38eaa36cadd4c437785f8
6ceea057f5ae50b9cef505da0a358e3d3b7d6a38
778d28e14b28c154843403470136d0efdcdd5e93e4b5aab784c12d4344e7af6f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F822fb287-f1f6-45a1-be54-4fa7385bb163.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11365
x-amzn-requestid: d50039cd-381c-4221-997e-9231d40ecfbb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9V0EHEoAMFeag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f58-11cab61904bd14462cd13d0d;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:38:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Qhobt81rs5gqg8hcr1Su3J3MNFt4_gR2hLHkIl5xDDS1HF9g_3ecCg==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 22:40:35 GMT
age: 32179
etag: "6ceea057f5ae50b9cef505da0a358e3d3b7d6a38"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffde48022-9b21-4eb3-b8b7-e4fcb208d624.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.2 kB (8246 bytes)
Hash
036db462684c81e3906433a0d2929eb8
7bcd0b99c0fb6d9ead1dd6878377f5a582bde20d
a252f30f9239f6a343b23c9d3e1d1b7460c5ee5a592d3372bf124760baa6e657

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffde48022-9b21-4eb3-b8b7-e4fcb208d624.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8246
x-amzn-requestid: d1a11f7f-22b7-4fc1-b33d-402e5bc3af33
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9TgEx4oAMF-pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f49-7305dd7653fe38c9445e02a8;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:38:17 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: PA6CECu22n08hUsg1usYAy2YARZu4b0C0Lb9Rfh5RCKL3m3DDEWewg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 0800f067ff646622f3e8e507cb9b52e8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 21:47:05 GMT
age: 35389
etag: "7bcd0b99c0fb6d9ead1dd6878377f5a582bde20d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faea8d298-d4be-46a2-9c14-670bdae204cd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.8 kB (8820 bytes)
Hash
675756a44be6f9bbe341fa4c866c941b
6502050805e53baeb44d82e55d4b15b82e34d2eb
cd1d16b5feefddfd89ac4bfcff21e80c49f07b0428aa57e8de365974f813e755

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faea8d298-d4be-46a2-9c14-670bdae204cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8820
x-amzn-requestid: e2c909d0-f781-48e6-805e-a43940e67c4c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG_LpG1OIAMF_8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6319124a-37f3458a2905bd947cf01f93;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:51:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: BEn2J8F8SsnyrLeWv5W6QDPn21ZjNXH3I0B2kUJYpgdMVp-88pb5rw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 22:17:34 GMT
age: 33560
etag: "6502050805e53baeb44d82e55d4b15b82e34d2eb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e9b3424-a7df-4a41-82c2-4baf4813509c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11464 bytes)
Hash
fcf56e65178e3bdb802a8215b48d11f0
6ca14b815e1446172a72f28f58fbbf97272a512b
42a88966c46e9670786e171700f403805f1a278aef0edfee233afb8fd5e41e46

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e9b3424-a7df-4a41-82c2-4baf4813509c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11464
x-amzn-requestid: 5a4d63f8-dd44-4003-bd90-4ebcdf4517e2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XdbBcECroAMFrFA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63087209-22f3a6a174d32fd11f863106;Sampled=0
x-amzn-remapped-date: Fri, 26 Aug 2022 07:11:05 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hvJEdV6JLI2wSnHo_y3lhjaS0p0-tXpeedn_z3BuRuz7xfqBun_ntw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 05:58:36 GMT
age: 5898
etag: "6ca14b815e1446172a72f28f58fbbf97272a512b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.allwellinst.com/images/image4.jpg

198.54.126.9

200 OK

74 kB

URL HTTP/1.1
www.allwellinst.com/images/image4.jpg
IP
198.54.126.9:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1600x472, components 3\012- data
Size
74 kB (73459 bytes)
Hash
d18024f0d7bffef630da7f4d70850c68
8a769685fd506b661275f6856e2b8c37efc28d2e
9473d69bc397185f7d28f206d3d7e5aef38534d24c14ea56e9f2f94e672da871

HTTP Headers

GET /images/image4.jpg HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/css/style.css
Cookie: PHPSESSID=e9525gr6mbkc5cbaip7l0i29f3

HTTP/1.1 200 OK
date: Thu, 08 Sep 2022 07:36:54 GMT
server: Apache
last-modified: Thu, 11 Aug 2016 07:52:36 GMT
accept-ranges: bytes
content-length: 73459
content-type: image/jpeg

www.allwellinst.com/pictures/7_pic_1.jpg

198.54.126.9

200 OK

60 kB

URL HTTP/1.1
www.allwellinst.com/pictures/7_pic_1.jpg
IP
198.54.126.9:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 555x178, components 3\012- data
Size
60 kB (59760 bytes)
Hash
d12b50e8aaab2de86b36684b675d0664
1e9cdc52c88484b4500973f09dd628e2bd4782af
9d0a5ad518c6eff7794e3e3ff23d26f2b33d46213f8966d397d57ab6cb52b98f

HTTP Headers

GET /pictures/7_pic_1.jpg HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=e9525gr6mbkc5cbaip7l0i29f3

HTTP/1.1 200 OK
date: Thu, 08 Sep 2022 07:36:54 GMT
server: Apache
last-modified: Sat, 10 Feb 2018 18:31:04 GMT
accept-ranges: bytes
content-length: 59760
content-type: image/jpeg

www.allwellinst.com/fonts/fontawesome-webfont.woff2?v=4.7.0

198.54.126.9

200 OK

77 kB

URL HTTP/1.1
www.allwellinst.com/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
198.54.126.9:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.allwellinst.com/css/font-awesome.min.css
Cookie: PHPSESSID=e9525gr6mbkc5cbaip7l0i29f3

HTTP/1.1 200 OK
date: Thu, 08 Sep 2022 07:36:54 GMT
server: Apache
last-modified: Mon, 26 Feb 2018 11:24:57 GMT
accept-ranges: bytes
content-length: 77160
content-type: font/woff2

www.allwellinst.com/pictures/2_pic_1.jpg

198.54.126.9

200 OK

95 kB

URL HTTP/1.1
www.allwellinst.com/pictures/2_pic_1.jpg
IP
198.54.126.9:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 555x178, components 3\012- data
Size
95 kB (94934 bytes)
Hash
77e6c4e8563675626f3b7fde95df40ec
e120f757c9651fea908b1c9025b4093088aa2a98
94cb704bb8a20849e9c6b2a757a4ca6dc0afe0b96c6f717d373efdfc6735fdd1

HTTP Headers

GET /pictures/2_pic_1.jpg HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=e9525gr6mbkc5cbaip7l0i29f3

HTTP/1.1 200 OK
date: Thu, 08 Sep 2022 07:36:54 GMT
server: Apache
last-modified: Tue, 11 Jun 2019 07:10:34 GMT
accept-ranges: bytes
content-length: 94934
content-type: image/jpeg

www.allwellinst.com/images/loading.gif

198.54.126.9

200 OK

4.8 kB

URL HTTP/1.1
www.allwellinst.com/images/loading.gif
IP
198.54.126.9:0
ASN
#22612 NAMECHEAP-NET

File type
GIF image data, version 89a, 24 x 24\012- data
Size
4.8 kB (4765 bytes)
Hash
dd78ac008009bd821d2bf2da98108854
d3665f292d71f9ea2b9a61c476e6e2a9d0d35062
03acb263b1d85f824676b3cad66f9660c73d278f06e519c7ea727593ab4f5a13

HTTP Headers

GET /images/loading.gif HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=e9525gr6mbkc5cbaip7l0i29f3

HTTP/1.1 200 OK
date: Thu, 08 Sep 2022 07:36:54 GMT
server: Apache
last-modified: Mon, 05 Sep 2016 11:11:24 GMT
accept-ranges: bytes
content-length: 4765
content-type: image/gif

www.allwellinst.com/images/b05.png

198.54.126.9

200 OK

1.4 kB

URL HTTP/1.1
www.allwellinst.com/images/b05.png
IP
198.54.126.9:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 120 x 30, 8-bit/color RGBA, non-interlaced\012- data
Size
1.4 kB (1415 bytes)
Hash
b5b353c4ec92a0f8be543f33741618f3
5ebf2f04f513217db1173fa0fb8a9be3983269d6
95434f5c547a4f70a55e95b0e836b0f37c09f3ecf6e58b27de19222c47a8910e

HTTP Headers

GET /images/b05.png HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=e9525gr6mbkc5cbaip7l0i29f3

HTTP/1.1 200 OK
date: Thu, 08 Sep 2022 07:36:54 GMT
server: Apache
last-modified: Mon, 05 Sep 2016 11:11:24 GMT
accept-ranges: bytes
content-length: 1415
content-type: image/png

www.allwellinst.com/pictures/8_pic_1.jpg

198.54.126.9

200 OK

109 kB

URL HTTP/1.1
www.allwellinst.com/pictures/8_pic_1.jpg
IP
198.54.126.9:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2014:01:02 16:56:12], baseline, precision 8, 1060x334, components 3\012- data
Size
109 kB (108703 bytes)
Hash
4d9bea88a1847747d99e37c65db0231c
8767ce4f5e883456e328a68f080be0d2db535f5e
fdab77b9963c66345daf9abecc69ffba8e889e60ae9a1b46c9e6bc824e0086d3

HTTP Headers

GET /pictures/8_pic_1.jpg HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=e9525gr6mbkc5cbaip7l0i29f3

HTTP/1.1 200 OK
date: Thu, 08 Sep 2022 07:36:54 GMT
server: Apache
last-modified: Thu, 21 Mar 2019 09:55:44 GMT
accept-ranges: bytes
content-length: 108703
content-type: image/jpeg

www.allwellinst.com/images/a12.png

198.54.126.9

200 OK

2.5 kB

URL HTTP/1.1
www.allwellinst.com/images/a12.png
IP
198.54.126.9:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 400 x 90, 8-bit/color RGBA, non-interlaced\012- data
Size
2.5 kB (2483 bytes)
Hash
bb9fcee03a7288c2083eb15e31f18e1d
7d2a90b91ab8891d4071ea412cf805a737ae5d8c
5e9ddb467a2a395462d2bebf1ab0424c92b081e250497106b1105ea10efe5b55

HTTP Headers

GET /images/a12.png HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=e9525gr6mbkc5cbaip7l0i29f3

HTTP/1.1 200 OK
date: Thu, 08 Sep 2022 07:36:55 GMT
server: Apache
last-modified: Mon, 05 Sep 2016 11:11:24 GMT
accept-ranges: bytes
content-length: 2483
content-type: image/png

www.allwellinst.com/images/pdficon.png

198.54.126.9

200 OK

11 kB

URL HTTP/1.1
www.allwellinst.com/images/pdficon.png
IP
198.54.126.9:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 109 x 114, 8-bit/color RGBA, non-interlaced\012- data
Size
11 kB (11032 bytes)
Hash
59099d4d98e3d966e7d30955afeeb58f
19bda665c297c6a52b5d5a25dac1b96a8dffa844
079c59279d9a4ae1feb0086a299d06b6efe1bc6549d3c8529fb023f7234858b6

HTTP Headers

GET /images/pdficon.png HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=e9525gr6mbkc5cbaip7l0i29f3

HTTP/1.1 200 OK
date: Thu, 08 Sep 2022 07:36:55 GMT
server: Apache
last-modified: Sat, 10 Feb 2018 18:17:28 GMT
accept-ranges: bytes
content-length: 11032
content-type: image/png

www.allwellinst.com/pictures/120588221_90_pic_2.jpg

198.54.126.9

200 OK

57 kB

URL HTTP/1.1
www.allwellinst.com/pictures/120588221_90_pic_2.jpg
IP
198.54.126.9:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 10000", baseline, precision 8, 386x386, components 3\012- data
Size
57 kB (56782 bytes)
Hash
67b37ed9ab9bb9f97abf9e27342d8f6a
17fa86cee1e3bc59f79f254f46999506c6699a62
fcb467fd6e1e471080a974f970c47cad2550f2eab9c7d961e17285dc9662b25c

HTTP Headers

GET /pictures/120588221_90_pic_2.jpg HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=e9525gr6mbkc5cbaip7l0i29f3

HTTP/1.1 200 OK
date: Thu, 08 Sep 2022 07:36:55 GMT
server: Apache
last-modified: Wed, 05 Sep 2018 06:33:26 GMT
accept-ranges: bytes
content-length: 56782
content-type: image/jpeg

www.allwellinst.com/pictures/1_pic_1.jpg

198.54.126.9

200 OK

265 kB

URL HTTP/1.1
www.allwellinst.com/pictures/1_pic_1.jpg
IP
198.54.126.9:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2014 (Windows), datetime=2018:02:17 13:43:07], baseline, precision 8, 559x179, components 3\012- data
Size
265 kB (264696 bytes)
Hash
ffd3032acef349a342a1b0d22cd2089d
c51f1196805f8d61b16d0d9a7a2c619d2561d1c2
88ca28ae7cae709d27fc0561821c7f180b25b5ac5ce2627c0bbe560753658fc5

HTTP Headers

GET /pictures/1_pic_1.jpg HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=e9525gr6mbkc5cbaip7l0i29f3

HTTP/1.1 200 OK
date: Thu, 08 Sep 2022 07:36:54 GMT
server: Apache
last-modified: Sat, 17 Feb 2018 08:43:58 GMT
accept-ranges: bytes
content-length: 264696
content-type: image/jpeg

www.allwellinst.com/pictures/776475135_91_pic_2.jpg

198.54.126.9

200 OK

120 kB

URL HTTP/1.1
www.allwellinst.com/pictures/776475135_91_pic_2.jpg
IP
198.54.126.9:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 10000", baseline, precision 8, 450x450, components 3\012- data
Size
120 kB (119975 bytes)
Hash
e19efa17a71185e7e8d1752aa6cb14d7
c596f42b3fe416deeb9c3d2a6328beb5eb207b7b
fb3c03fdb6b486d1498b0ec42945e6b35b29f7fd0eff9224b796ac5635a57997

HTTP Headers

GET /pictures/776475135_91_pic_2.jpg HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=e9525gr6mbkc5cbaip7l0i29f3

HTTP/1.1 200 OK
date: Thu, 08 Sep 2022 07:36:55 GMT
server: Apache
last-modified: Wed, 05 Sep 2018 06:44:18 GMT
accept-ranges: bytes
content-length: 119975
content-type: image/jpeg

www.allwellinst.com/pictures/59_banner.jpg

198.54.126.9

200 OK

284 kB

URL HTTP/1.1
www.allwellinst.com/pictures/59_banner.jpg
IP
198.54.126.9:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1600x635, components 3\012- data
Size
284 kB (283598 bytes)
Hash
2f7d666c2a31446e6a64ae271420752c
598601e5cb989380e5522f3fa4b053b0c26c26df
b9c21749c2f59b012ee76cd61095115a14622e7af1cf86e38d83010dc8fd4d81

HTTP Headers

GET /pictures/59_banner.jpg HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=e9525gr6mbkc5cbaip7l0i29f3

HTTP/1.1 200 OK
date: Thu, 08 Sep 2022 07:36:54 GMT
server: Apache
last-modified: Tue, 27 Feb 2018 12:38:58 GMT
accept-ranges: bytes
content-length: 283598
content-type: image/jpeg

www.allwellinst.com/images/searchicon.png

198.54.126.9

200 OK

1.4 kB

URL HTTP/1.1
www.allwellinst.com/images/searchicon.png
IP
198.54.126.9:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size
1.4 kB (1391 bytes)
Hash
a79ce09b335d10eb2cc6ea14793e72b3
6d306d36329b4a366922ed40ef6a4ab7a04f2589
017b7570cace05d49c60dc2a7a8f5940434c8dd7b6210fdda6bbb77dac2bc155

HTTP Headers

GET /images/searchicon.png HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=e9525gr6mbkc5cbaip7l0i29f3

HTTP/1.1 200 OK
date: Thu, 08 Sep 2022 07:36:55 GMT
server: Apache
last-modified: Sat, 13 Jan 2018 23:20:08 GMT
accept-ranges: bytes
content-length: 1391
content-type: image/png

www.allwellinst.com/images/favicon.ico

198.54.126.9

200 OK

879 B

URL HTTP/1.1
www.allwellinst.com/images/favicon.ico
IP
198.54.126.9:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size
879 B (879 bytes)
Hash
b8d8715a9ace301b1bcbc0bfedaf6373
a9325828ed128143fbb60f59388070210f586458
fe618ff54d22041554a6ec72b3baed694ef2f8461c6b935456c4e7c0cfe00d36

HTTP Headers

GET /images/favicon.ico HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=e9525gr6mbkc5cbaip7l0i29f3

HTTP/1.1 200 OK
date: Thu, 08 Sep 2022 07:36:56 GMT
server: Apache
last-modified: Fri, 13 Sep 2019 09:55:57 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 879
content-type: image/x-icon

www.allwellinst.com/pictures/60_banner.jpg

198.54.126.9

200 OK

379 kB

URL HTTP/1.1
www.allwellinst.com/pictures/60_banner.jpg
IP
198.54.126.9:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1600x635, components 3\012- data
Size
379 kB (378840 bytes)
Hash
ef0dade9d3d8c3b63c9fbc5e7e9fa32a
f4d375b92280bdab1f0edfa7062a2994d71e5790
c76b12b1306abe8bfe76eb5689866c25b428700308c7de32378e06cd8a65eb18

HTTP Headers

GET /pictures/60_banner.jpg HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=e9525gr6mbkc5cbaip7l0i29f3

HTTP/1.1 200 OK
date: Thu, 08 Sep 2022 07:36:55 GMT
server: Apache
last-modified: Mon, 26 Feb 2018 07:27:35 GMT
accept-ranges: bytes
content-length: 378840
content-type: image/jpeg

www.allwellinst.com/pictures/61_banner.jpg

198.54.126.9

200 OK

420 kB

URL HTTP/1.1
www.allwellinst.com/pictures/61_banner.jpg
IP
198.54.126.9:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1600x635, components 3\012- data
Size
420 kB (419483 bytes)
Hash
4d3a486afcdc2cd7f73852b8c4a14460
635e4e3f99cf2f0626f8c7d9287be15e77df7b4b
1170e189732b2bb206e44e1e68a09fc5b3954d84ab25df23aa980c37a4186a26

HTTP Headers

GET /pictures/61_banner.jpg HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=e9525gr6mbkc5cbaip7l0i29f3

HTTP/1.1 200 OK
date: Thu, 08 Sep 2022 07:36:55 GMT
server: Apache
last-modified: Mon, 26 Feb 2018 07:27:47 GMT
accept-ranges: bytes
content-length: 419483
content-type: image/jpeg

www.allwellinst.com/pictures/64_banner.jpg

198.54.126.9

200 OK

482 kB

URL HTTP/1.1
www.allwellinst.com/pictures/64_banner.jpg
IP
198.54.126.9:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1900x700, components 3\012- data
Size
482 kB (481486 bytes)
Hash
8fb225d84f69eec7beaaa157f7e52333
8a10621483afbdc05ff78668d0bcb96b884fd173
4399febb736e5cc4e81aa23a0680d0052af7101692d6c7bdab33edbf269403e4

HTTP Headers

GET /pictures/64_banner.jpg HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=e9525gr6mbkc5cbaip7l0i29f3

HTTP/1.1 200 OK
date: Thu, 08 Sep 2022 07:36:55 GMT
server: Apache
last-modified: Fri, 13 Sep 2019 10:41:33 GMT
accept-ranges: bytes
content-length: 481486
content-type: image/jpeg

fonts.googleapis.com/css?family=Roboto:400,400italic,300italic,300,500,700

216.58.211.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Roboto:400,400italic,300italic,300,500,700
IP
216.58.211.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Roboto:400,400italic,300italic,300,500,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.allwellinst.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 08 Sep 2022 07:36:53 GMT
date: Thu, 08 Sep 2022 07:36:53 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=PT+Sans+Caption:700

216.58.211.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=PT+Sans+Caption:700
IP
216.58.211.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=PT+Sans+Caption:700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.allwellinst.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 08 Sep 2022 07:36:53 GMT
date: Thu, 08 Sep 2022 07:36:53 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.allwellinst.com/js/jquery.countdown.js

198.54.126.9

200 OK

0 B

URL HTTP/1.1
www.allwellinst.com/js/jquery.countdown.js
IP
198.54.126.9:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/jquery.countdown.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=e9525gr6mbkc5cbaip7l0i29f3

HTTP/1.1 200 OK
date: Thu, 08 Sep 2022 07:36:53 GMT
server: Apache
last-modified: Sat, 28 May 2016 02:21:12 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 9425
content-type: application/javascript

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (21)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations