r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b720c31d9c036cd2ef10e35fa29f5345
ac625d2e69284e5080bede4b37c31af62c26338b
323b76eceb5d3ad339a1c55bfa7eea4e39741258e08d5005b691f712a9e9c81c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "323B76ECEB5D3AD339A1C55BFA7EEA4E39741258E08D5005B691F712A9E9C81C"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2175
Expires: Sun, 06 Nov 2022 08:13:09 GMT
Date: Sun, 06 Nov 2022 07:36:54 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 72c64df35304c35cd95e4ed6e101e795
a39287987854d644a8da295da536fb31de8b44c1
a9bf0da57e0f108b376781ede4b9762ae1b0d088910d26fb7be98c2d03e69092
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4503
Cache-Control: max-age=97753
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 07:36:54 GMT
Etag: "63662d58-1d7"
Expires: Mon, 07 Nov 2022 10:46:07 GMT
Last-Modified: Sat, 05 Nov 2022 09:31:04 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9f3527f898221f8ba6b5015f6decc100
ead93baa0e9d3a6297be3377dc3a624e5a3f509a
73a068f907cc50dd60af18d545b4264dd44bc4b9f40bf9adfceea157fdc33099
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "73A068F907CC50DD60AF18D545B4264DD44BC4B9F40BF9ADFCEEA157FDC33099"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15266
Expires: Sun, 06 Nov 2022 11:51:20 GMT
Date: Sun, 06 Nov 2022 07:36:54 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: b6AjhCNyW9wR0wxey4EP36m+T2Zad17NnnEpeQz96HYDi3ZrvZXWRSsGCtXZhAuP2IGwxMgq/BY=
x-amz-request-id: XEMBR37Y8VYPDMN3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 06 Nov 2022 06:47:32 GMT
age: 2962
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
allwellinst.com/
142.4.9.224301 Moved Permanently 235 B IP 142.4.9.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2348f6ab9a5a61b3e3d100cee86b029b
3e4a79ba4235b4325eef5da5379529b225fd1188
046e2e8d5a5e775450f3f5309c0235250c45ad8a7d848b07040c1e58c41a9221
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: allwellinst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 06 Nov 2022 07:36:54 GMT
Server: Apache
Location: http://www.allwellinst.com/
Content-Length: 235
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 07:36:54 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash db63d54b77502dd6c7bdc792d4fd093e
026ad8186833988279468829c004c6e2a2f2626f
eff89ef67baa622e8a196ffcadc44d29aafff009bb531da3e979a1f47c3b1c36
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4825
Cache-Control: max-age=93017
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 07:36:55 GMT
Etag: "63661997-1d7"
Expires: Mon, 07 Nov 2022 09:27:12 GMT
Last-Modified: Sat, 05 Nov 2022 08:06:47 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
www.allwellinst.com/
142.4.9.224200 OK 33 kB IP 142.4.9.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0cd49d8112743d56522255ea4d9ce9d4
9077e01c6734d7560c87c1056b8f948db106e435
d69bb1ce7e389318e620ea660b1159b3d17d4a39a30ac042f8e2b95f2b94b7ee
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 07:36:55 GMT
Server: Apache
Set-Cookie: PHPSESSID=m6rq4nl9c15oc89974946bfai2; path=/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 3ebbd65a2bdd5c6f3dea5a6b99b25f0d
484be27b25b736a7e7e2b1d5ef9760aecdcec01b
5616e6c097b0b7680eeee193b58950faa38c9792e8793c16c315e2554a34cdd1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 07:36:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 3ebbd65a2bdd5c6f3dea5a6b99b25f0d
484be27b25b736a7e7e2b1d5ef9760aecdcec01b
5616e6c097b0b7680eeee193b58950faa38c9792e8793c16c315e2554a34cdd1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 07:36:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.allwellinst.com/css/bootstrap-dropdownhover.min.css
142.4.9.224200 OK 1.2 kB URL HTTP/1.1 www.allwellinst.com/css/bootstrap-dropdownhover.min.css
IP 142.4.9.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1161), with CRLF line terminators
Hash 680add9aad1c9891fb35389ee22773c0
a10dd9ca36fcb6eeec997cf0e88ed37fc1b9129c
116825a46aa53b48c87182e0254e31ed3081a2d4c1b4a67f23a4df13457eed64
GET /css/bootstrap-dropdownhover.min.css HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=m6rq4nl9c15oc89974946bfai2
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 07:36:55 GMT
Server: Apache
Last-Modified: Sun, 29 May 2016 02:25:42 GMT
Accept-Ranges: bytes
Content-Length: 1233
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.allwellinst.com/css/font-awesome.min.css
142.4.9.224200 OK 31 kB URL HTTP/1.1 www.allwellinst.com/css/font-awesome.min.css
IP 142.4.9.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (30837)
Hash 269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /css/font-awesome.min.css HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=m6rq4nl9c15oc89974946bfai2
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 07:36:55 GMT
Server: Apache
Last-Modified: Mon, 26 Feb 2018 11:24:39 GMT
Accept-Ranges: bytes
Content-Length: 31000
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 3ebbd65a2bdd5c6f3dea5a6b99b25f0d
484be27b25b736a7e7e2b1d5ef9760aecdcec01b
5616e6c097b0b7680eeee193b58950faa38c9792e8793c16c315e2554a34cdd1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 07:36:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.allwellinst.com/owl-carousel/owl.carousel.css
142.4.9.224200 OK 1.5 kB URL HTTP/1.1 www.allwellinst.com/owl-carousel/owl.carousel.css
IP 142.4.9.224:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 0371b5a2d50e985b09b7d337edc0dc9f
07ad383de4cd0e21c289e3c6695b4822d1a7ad1d
4dc77ee90dc2225b57b31d28fe06213cd6c491bdc7249a6e70ebd003b72c5702
GET /owl-carousel/owl.carousel.css HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=m6rq4nl9c15oc89974946bfai2
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 07:36:55 GMT
Server: Apache
Last-Modified: Tue, 13 May 2014 14:56:20 GMT
Accept-Ranges: bytes
Content-Length: 1476
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.allwellinst.com/owl-carousel/owl.theme.css
142.4.9.224200 OK 1.7 kB URL HTTP/1.1 www.allwellinst.com/owl-carousel/owl.theme.css
IP 142.4.9.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash f506551fed677e278bd0bd3ca1ebe313
296c4ef2b9b6c9e4b641fbbca1b789cd03fd393e
1099093208c3dd2d664fc408ec44b7d886ad4f5bd341dbec56565709c8fa0931
GET /owl-carousel/owl.theme.css HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=m6rq4nl9c15oc89974946bfai2
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 07:36:55 GMT
Server: Apache
Last-Modified: Tue, 28 Jun 2016 05:13:38 GMT
Accept-Ranges: bytes
Content-Length: 1747
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
push.services.mozilla.com/
52.41.253.170101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.253.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: jFE7ZmSVerAxchvs5WJktQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5bO7vXWTrFCyRTKwlDBfeSZ/ROE=
www.allwellinst.com/assets1/js/google-code-prettify/prettify.css
142.4.9.224200 OK 614 B URL HTTP/1.1 www.allwellinst.com/assets1/js/google-code-prettify/prettify.css
IP 142.4.9.224:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 56a06e3131834a82f1456ed6e441a56a
ddb8a5b55d91c487a4fb365bcda4a8b717bd277d
b3dccf02e29e59a0f87989a548d046a93ec8a99a799d9875eb7871756a46df0b
GET /assets1/js/google-code-prettify/prettify.css HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=m6rq4nl9c15oc89974946bfai2
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 07:36:55 GMT
Server: Apache
Last-Modified: Tue, 15 Apr 2014 10:33:26 GMT
Accept-Ranges: bytes
Content-Length: 614
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.allwellinst.com/js/jquery-1.11.3.min.js
142.4.9.224200 OK 96 kB URL HTTP/1.1 www.allwellinst.com/js/jquery-1.11.3.min.js
IP 142.4.9.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 (with BOM) text, with very long lines (32038), with CRLF line terminators
Hash 7893a01e4cbbc2a22535a1f39adf104c
22a0e97791ddff4dcc7ef9b35ff0379dd7de4a25
3f5bf2cbfb850370ec9de6ba86b903a62ef63af28247b1f9d68d516bba0122fb
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery-1.11.3.min.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=m6rq4nl9c15oc89974946bfai2
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 07:36:55 GMT
Server: Apache
Last-Modified: Mon, 05 Sep 2016 11:11:24 GMT
Accept-Ranges: bytes
Content-Length: 96000
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.allwellinst.com/css/animate.min.css
142.4.9.224200 OK 54 kB URL HTTP/1.1 www.allwellinst.com/css/animate.min.css
IP 142.4.9.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (53660), with CRLF line terminators
Hash 526303356ec2dc84c30346cbd9c96320
8b70722926a4f5647315ab2397a8a359185f0017
2b0d5bfd2b38d49d1eaab56cbc0dcc0bb593ed447d74c193e72f6fb19c021c07
GET /css/animate.min.css HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=m6rq4nl9c15oc89974946bfai2
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 07:36:55 GMT
Server: Apache
Last-Modified: Sun, 29 May 2016 02:25:42 GMT
Accept-Ranges: bytes
Content-Length: 53679
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.allwellinst.com/css/animations.min.css
142.4.9.224200 OK 118 kB URL HTTP/1.1 www.allwellinst.com/css/animations.min.css
IP 142.4.9.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (59107), with CRLF line terminators
Size 118 kB (118499 bytes)
Hash c6229ab75601b0aa6007eec77eabf516
85e92f0c9c778ba83398eb8ca0e4c3bc3ea46244
b366f31f86f7ee66c586f325a06054c64bc5ef6b55d98e87f2fb24a901ba3efe
GET /css/animations.min.css HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=m6rq4nl9c15oc89974946bfai2
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 07:36:55 GMT
Server: Apache
Last-Modified: Tue, 24 May 2016 01:59:44 GMT
Accept-Ranges: bytes
Content-Length: 118499
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.allwellinst.com/css/colors.css
142.4.9.224200 OK 3.8 kB URL HTTP/1.1 www.allwellinst.com/css/colors.css
IP 142.4.9.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash cfa106a80badc081a90ac17f3672960c
f19e2ce08d26860b2c70b6d2938515652fbbb6af
0fa02fe4cabccc28517ea41314102a69bbb7dd8a16373b5dd4680e4b97c664e0
GET /css/colors.css HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=m6rq4nl9c15oc89974946bfai2
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 07:36:56 GMT
Server: Apache
Last-Modified: Sat, 10 Feb 2018 17:53:46 GMT
Accept-Ranges: bytes
Content-Length: 3764
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
www.allwellinst.com/js/jssor.slider-21.1.5.mini.js
142.4.9.224200 OK 45 kB URL HTTP/1.1 www.allwellinst.com/js/jssor.slider-21.1.5.mini.js
IP 142.4.9.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 (with BOM) text, with very long lines (45340)
Hash 4545d61535af1e37b018717b9af5d1b0
4c9f775f0dfdfff1d4bc5d80d57a4ab18fe89db8
0b2266c683839438a5efb0278d653178069c78b043f22bc1bbb5802eedeb151c
Analyzer Verdict Alert fortinet Phishing
GET /js/jssor.slider-21.1.5.mini.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=m6rq4nl9c15oc89974946bfai2
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 07:36:55 GMT
Server: Apache
Last-Modified: Mon, 05 Sep 2016 11:11:24 GMT
Accept-Ranges: bytes
Content-Length: 45381
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.allwellinst.com/css/jquery.countdown.css
142.4.9.224200 OK 1.7 kB URL HTTP/1.1 www.allwellinst.com/css/jquery.countdown.css
IP 142.4.9.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash f7bc1d293000a4e9531cc32dd02864df
5e2469b7734580121f97f1076ac444ac0800e932
b34600bb0e2f17f3ac8a247c4b107d59c05edf5762e8c9f333fd7cc281237a8c
GET /css/jquery.countdown.css HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=m6rq4nl9c15oc89974946bfai2
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 07:36:56 GMT
Server: Apache
Last-Modified: Sun, 29 May 2016 02:25:42 GMT
Accept-Ranges: bytes
Content-Length: 1672
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.allwellinst.com/css/font-awesome.css
142.4.9.224200 OK 37 kB URL HTTP/1.1 www.allwellinst.com/css/font-awesome.css
IP 142.4.9.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type troff or preprocessor input, ASCII text, with very long lines (372)
Hash c495654869785bc3df60216616814ad1
0140952c64e3f2b74ef64e050f2fe86eab6624c8
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
GET /css/font-awesome.css HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=m6rq4nl9c15oc89974946bfai2
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 07:36:56 GMT
Server: Apache
Last-Modified: Mon, 26 Feb 2018 11:24:40 GMT
Accept-Ranges: bytes
Content-Length: 37414
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.allwellinst.com/ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
142.4.9.224404 Not Found 315 B URL HTTP/1.1 www.allwellinst.com/ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
IP 142.4.9.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=m6rq4nl9c15oc89974946bfai2
HTTP/1.1 404 Not Found
Date: Sun, 06 Nov 2022 07:36:56 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.allwellinst.com/js/bootstrap.min.js
142.4.9.224200 OK 37 kB URL HTTP/1.1 www.allwellinst.com/js/bootstrap.min.js
IP 142.4.9.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (32034), with CRLF line terminators
Hash e7d9a06cf9053c51cd4ad3386da0659a
e45bf1054704a1fdfc4ee2713a16bf9283dea995
9a3724b2051a82064c923cbd68343dcb04014adac3ccb8c4d8ac6a31ba2e12cd
Analyzer Verdict Alert fortinet Phishing
GET /js/bootstrap.min.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=m6rq4nl9c15oc89974946bfai2
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 07:36:56 GMT
Server: Apache
Last-Modified: Wed, 18 May 2016 21:31:18 GMT
Accept-Ranges: bytes
Content-Length: 36822
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.allwellinst.com/css/bootstrap.css
142.4.9.224200 OK 157 kB URL HTTP/1.1 www.allwellinst.com/css/bootstrap.css
IP 142.4.9.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (540), with CRLF line terminators
Size 157 kB (157326 bytes)
Hash 984fbf56eee469df0267942af7b6b262
0a92ba66485b5ace7578c5f02a2594ca1085f064
c1ecf430866f457a304d3b844c5f4ef54bbc631bc28bef5e7e822744686b179b
GET /css/bootstrap.css HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=m6rq4nl9c15oc89974946bfai2
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 07:36:55 GMT
Server: Apache
Last-Modified: Sat, 10 Feb 2018 21:16:04 GMT
Accept-Ranges: bytes
Content-Length: 157326
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.allwellinst.com/js/animations.min.js
142.4.9.224200 OK 2.4 kB URL HTTP/1.1 www.allwellinst.com/js/animations.min.js
IP 142.4.9.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1984), with CRLF line terminators
Hash c9cd375b0ca0a23c90043125c8f8ca48
d2599a0bb056cbc5dfe583fd5e3c8bffe2164507
8c6825644ce1d0161f0962222b520b4a0db6afa274e87a092211731bbc25adcd
Analyzer Verdict Alert fortinet Phishing
GET /js/animations.min.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=m6rq4nl9c15oc89974946bfai2
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 07:36:56 GMT
Server: Apache
Last-Modified: Tue, 24 May 2016 01:59:44 GMT
Accept-Ranges: bytes
Content-Length: 2381
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.allwellinst.com/js/jquery.plugin.js
142.4.9.224200 OK 12 kB URL HTTP/1.1 www.allwellinst.com/js/jquery.plugin.js
IP 142.4.9.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 5089653f43d0a3970aae2bed9a31666a
f3fa11db281157834693b61afb550b68908758b4
3ebcd7d59c2e596630fee4b6f1500f960e63f514a6816f11031c2d484d1f2683
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery.plugin.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=m6rq4nl9c15oc89974946bfai2
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 07:36:56 GMT
Server: Apache
Last-Modified: Sat, 28 May 2016 02:21:12 GMT
Accept-Ranges: bytes
Content-Length: 11513
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
www.allwellinst.com/css/style.css
142.4.9.224200 OK 126 kB URL HTTP/1.1 www.allwellinst.com/css/style.css
IP 142.4.9.224:0
ASN #46606 UNIFIEDLAYER-AS-1
Size 126 kB (126372 bytes)
Hash 75c67e4b133727a6d82d9ff5c555f950
fd2422581f6e514d8e08e3588f78a6abaf289672
7d4a25867c93d8895601e499c3970e9508114e906c9267d5c4321df49a2a19bf
GET /css/style.css HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=m6rq4nl9c15oc89974946bfai2
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 07:36:56 GMT
Server: Apache
Last-Modified: Wed, 28 Feb 2018 10:53:29 GMT
Accept-Ranges: bytes
Content-Length: 126372
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.allwellinst.com/js/jquery.countdown.js
142.4.9.224200 OK 37 kB URL HTTP/1.1 www.allwellinst.com/js/jquery.countdown.js
IP 142.4.9.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 2d012bb507a1ccba5ff14c138b4049ae
ffc3853c114f3714066b915de4b27f39478a3bd8
776b4b95c68119270b735dd8b8af221a66eae375e17c9770a754afe3cdd8e6ff
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery.countdown.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=m6rq4nl9c15oc89974946bfai2
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 07:36:56 GMT
Server: Apache
Last-Modified: Sat, 28 May 2016 02:21:12 GMT
Accept-Ranges: bytes
Content-Length: 36750
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.allwellinst.com/js/timber.master.min.js
142.4.9.224200 OK 28 kB URL HTTP/1.1 www.allwellinst.com/js/timber.master.min.js
IP 142.4.9.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (13394), with CRLF line terminators
Hash 293adaa086fe771ddbd64c980b4551c5
373416c7885bebfa8ce1192f76ce3ca93e6dacae
5d35c0286d7b6954081821a8b50e2379aae04aacff3861a8eac4ba503a8aea2b
Analyzer Verdict Alert fortinet Phishing
GET /js/timber.master.min.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=m6rq4nl9c15oc89974946bfai2
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 07:36:56 GMT
Server: Apache
Last-Modified: Sat, 28 May 2016 02:21:12 GMT
Accept-Ranges: bytes
Content-Length: 27588
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.allwellinst.com/js/jquery.main.js
142.4.9.224200 OK 125 kB URL HTTP/1.1 www.allwellinst.com/js/jquery.main.js
IP 142.4.9.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with CRLF line terminators
Size 125 kB (124847 bytes)
Hash 83eac1db692877259f896b6ebcba5d2d
cc9c4f4745dec9151cd1c6f6c111897c1687151e
922f6cea9aadcf841e1b7611c3917915b3eb8983fabd4078140fbfa9a5633bf5
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery.main.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=m6rq4nl9c15oc89974946bfai2
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 07:36:56 GMT
Server: Apache
Last-Modified: Mon, 04 Jul 2016 19:16:24 GMT
Accept-Ranges: bytes
Content-Length: 124847
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 62a8ce6a2338913103618edb2f4a9dbe
0e0850b1aef6ed524d119a41145112b84c257687
51d11b07f58551b5864fb55d4560d8a2237c2351036de0af7e25c81816763b31
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 07:36:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 62a8ce6a2338913103618edb2f4a9dbe
0e0850b1aef6ed524d119a41145112b84c257687
51d11b07f58551b5864fb55d4560d8a2237c2351036de0af7e25c81816763b31
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 07:36:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.allwellinst.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Nov 2022 19:34:08 GMT
expires: Thu, 02 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 302568
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.allwellinst.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Nov 2022 19:34:21 GMT
expires: Thu, 02 Nov 2023 19:34:21 GMT
cache-control: public, max-age=31536000
age: 302555
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ptsanscaption/v18/0FlJVP6Hrxmt7-fsUFhlFXNIlpcSwSrkTA-v.woff2
216.58.207.195200 OK 35 kB URL HTTP/2 fonts.gstatic.com/s/ptsanscaption/v18/0FlJVP6Hrxmt7-fsUFhlFXNIlpcSwSrkTA-v.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 35208, version 1.0\012- data
Hash 533b904aeb71d52d4ed3d58ee59a7603
e86c7ca5fe5f70ed2e47b3874e779716acf65f0d
106eafbee08b482008e6c88cf642224c8e1bddfd0edac403bb6222574e4f7d2a
GET /s/ptsanscaption/v18/0FlJVP6Hrxmt7-fsUFhlFXNIlpcSwSrkTA-v.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.allwellinst.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35208
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 04 Nov 2022 23:09:46 GMT
expires: Sat, 04 Nov 2023 23:09:46 GMT
cache-control: public, max-age=31536000
age: 116830
last-modified: Wed, 27 Apr 2022 16:09:37 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.allwellinst.com/assets1/js/jquery-1.9.1.min.js
142.4.9.224200 OK 93 kB URL HTTP/1.1 www.allwellinst.com/assets1/js/jquery-1.9.1.min.js
IP 142.4.9.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (32089)
Hash 397754ba49e9e0cf4e7c190da78dda05
ae49e56999d82802727455f0ba83b63acd90a22b
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
Analyzer Verdict Alert fortinet Phishing
GET /assets1/js/jquery-1.9.1.min.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=m6rq4nl9c15oc89974946bfai2
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 07:36:56 GMT
Server: Apache
Last-Modified: Tue, 15 Apr 2014 10:33:26 GMT
Accept-Ranges: bytes
Content-Length: 92629
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
www.allwellinst.com/js/bootstrap-dropdownhover.min.js
142.4.9.224200 OK 4.0 kB URL HTTP/1.1 www.allwellinst.com/js/bootstrap-dropdownhover.min.js
IP 142.4.9.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3959), with CRLF line terminators
Hash 965d4c02e4e87e71260f49ff406eec2e
d199a95bbebf1780b055b079d8c3b740a6abcf62
be4327fb49447ec3f8b6bebddc118500defba23e370ceb3512ed7165027248b2
Analyzer Verdict Alert fortinet Phishing
GET /js/bootstrap-dropdownhover.min.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=m6rq4nl9c15oc89974946bfai2
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 07:36:56 GMT
Server: Apache
Last-Modified: Sun, 29 May 2016 02:25:42 GMT
Accept-Ranges: bytes
Content-Length: 4031
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.allwellinst.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Nov 2022 19:34:08 GMT
expires: Thu, 02 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 302568
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
216.58.207.195200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 17368, version 1.0\012- data
Hash abe083d96b58eb02ada8b7c30d7b09f2
61447d66d13a8c8f4335696777a85c438c46f749
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
GET /s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.allwellinst.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 06 Nov 2022 00:47:28 GMT
expires: Mon, 06 Nov 2023 00:47:28 GMT
cache-control: public, max-age=31536000
age: 24568
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.allwellinst.com/assets1/js/bootstrap-collapse.js
142.4.9.224200 OK 4.7 kB URL HTTP/1.1 www.allwellinst.com/assets1/js/bootstrap-collapse.js
IP 142.4.9.224:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 00f3b07c6f55b836e7ee6e587a024264
54a985e176f2ea1de1821df1fe4a965dfeb9e43d
9f2c78554baae6de6f979ed29069ac3302d249e0d3911305de8682c13c45389e
Analyzer Verdict Alert fortinet Phishing
GET /assets1/js/bootstrap-collapse.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=m6rq4nl9c15oc89974946bfai2
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 07:36:56 GMT
Server: Apache
Last-Modified: Tue, 15 Apr 2014 10:33:26 GMT
Accept-Ranges: bytes
Content-Length: 4735
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
www.allwellinst.com/owl-carousel/owl.carousel.js
142.4.9.224200 OK 53 kB URL HTTP/1.1 www.allwellinst.com/owl-carousel/owl.carousel.js
IP 142.4.9.224:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash a5f96c62d75be144282ef6cc429a6259
99a600283194105be6679b4a7cba8ac27a8c455a
9221608a4df26c3a67d553a85ea42269235ca69d2ff47419148853830d5cea2d
Analyzer Verdict Alert fortinet Phishing
GET /owl-carousel/owl.carousel.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=m6rq4nl9c15oc89974946bfai2
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 07:36:56 GMT
Server: Apache
Last-Modified: Tue, 13 May 2014 14:54:58 GMT
Accept-Ranges: bytes
Content-Length: 52797
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.allwellinst.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Nov 2022 14:07:32 GMT
expires: Thu, 02 Nov 2023 14:07:32 GMT
cache-control: public, max-age=31536000
age: 322164
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.allwellinst.com/assets1/js/bootstrap-transition.js
142.4.9.224200 OK 1.8 kB URL HTTP/1.1 www.allwellinst.com/assets1/js/bootstrap-transition.js
IP 142.4.9.224:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash a05a07909ed90b9fd5ff5839046b33ee
01a02a6ef355d440dd48e0fcc3affc89d454271a
acc1b1af9058c1aeeb757055be7ebd9f39775b16f9c1a3cd068d49f2b0d32acb
Analyzer Verdict Alert fortinet Phishing
GET /assets1/js/bootstrap-transition.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=m6rq4nl9c15oc89974946bfai2
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 07:36:56 GMT
Server: Apache
Last-Modified: Tue, 15 Apr 2014 10:33:26 GMT
Accept-Ranges: bytes
Content-Length: 1756
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.allwellinst.com/assets1/js/bootstrap-tab.js
142.4.9.224200 OK 3.5 kB URL HTTP/1.1 www.allwellinst.com/assets1/js/bootstrap-tab.js
IP 142.4.9.224:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash a0b0c35980fd3689f57c73f5ff319a68
dc24f65f1e2929725363188c0d2781c55bcabf16
c8c905de6cd5fe1fc840b2106bb4b5db48ea7a3fe5485114f760950e7becdf54
Analyzer Verdict Alert fortinet Phishing
GET /assets1/js/bootstrap-tab.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=m6rq4nl9c15oc89974946bfai2
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 07:36:56 GMT
Server: Apache
Last-Modified: Tue, 15 Apr 2014 10:33:26 GMT
Accept-Ranges: bytes
Content-Length: 3496
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 62a8ce6a2338913103618edb2f4a9dbe
0e0850b1aef6ed524d119a41145112b84c257687
51d11b07f58551b5864fb55d4560d8a2237c2351036de0af7e25c81816763b31
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 07:36:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2921
Expires: Sun, 06 Nov 2022 08:25:37 GMT
Date: Sun, 06 Nov 2022 07:36:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2921
Expires: Sun, 06 Nov 2022 08:25:37 GMT
Date: Sun, 06 Nov 2022 07:36:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2921
Expires: Sun, 06 Nov 2022 08:25:37 GMT
Date: Sun, 06 Nov 2022 07:36:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2921
Expires: Sun, 06 Nov 2022 08:25:37 GMT
Date: Sun, 06 Nov 2022 07:36:56 GMT
Connection: keep-alive
www.allwellinst.com/assets1/js/google-code-prettify/prettify.js
142.4.9.224200 OK 14 kB URL HTTP/1.1 www.allwellinst.com/assets1/js/google-code-prettify/prettify.js
IP 142.4.9.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (592)
Hash 709bfcc456c694bfe8ee86d184a1c360
a4e5934397f97f79b8066984475c90af8a970a36
e2e576e3bc607cd179ff511947010f645d3441a35313aec0dbd06c4437f83b77
Analyzer Verdict Alert fortinet Phishing
GET /assets1/js/google-code-prettify/prettify.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=m6rq4nl9c15oc89974946bfai2
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 07:36:56 GMT
Server: Apache
Last-Modified: Tue, 15 Apr 2014 10:33:26 GMT
Accept-Ranges: bytes
Content-Length: 13632
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b46edc3-3c38-432b-abec-6c61e93e3e1c.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b46edc3-3c38-432b-abec-6c61e93e3e1c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7b37723112370a0b108acac266a6dcfd
5434be2648f63624b7729c931c950e54c84d79a9
ae97a46d3825531022f51be38b5932c879fe3996073bad8bcf150e712c571814
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b46edc3-3c38-432b-abec-6c61e93e3e1c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5944
x-amzn-requestid: d3d52642-194b-455f-9e12-5fd306607035
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJatbFmLIAMFp1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d7ef-03be7b6f337c5cf934c0d741;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:38:55 GMT
x-amz-cf-pop: SFO5-C3, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: TiExsCatpiBUi_m04amHP1xFN2Euj0Qq2RQEI8YOn_R2cmfB9yzlIg==
via: 1.1 7ba3caf71ae7a52dd411d1a543e80cd8.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 21:46:03 GMT
age: 35453
etag: "5434be2648f63624b7729c931c950e54c84d79a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7220419a-cf8c-4056-a522-11012e67cf32.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7220419a-cf8c-4056-a522-11012e67cf32.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fa77f05b1af971db287607d9d9a30e0f
276f1493d6da74c8fa3ef83dee77bf48850ff4b4
005d0273b7fe7b68081d1db630df9444c4082140be87c34f3e9e5fb7db9a4160
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7220419a-cf8c-4056-a522-11012e67cf32.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14415
x-amzn-requestid: 9eadfbeb-38b2-483a-894a-375e00f646dd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJabgHcMoAMFTLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d77c-104fa5e61c64aaf230ffb045;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:37:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: zwi4Hg5iu5MB4zr0EFVhTRAvrnN2J1GnY31mOvlXJW0E_cgQu1gmgA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 22:12:38 GMT
age: 33858
etag: "276f1493d6da74c8fa3ef83dee77bf48850ff4b4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 6dc7dc5c-88e9-4550-abf0-f16965ab7cd3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bF_38GKXoAMFwSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636579cc-28ea4125437c31cc34683fb7;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 20:45:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: cLOqm36ioY751X1yA1WcQpaXiFYuvzFn8xLQ56MyDTpvi1J4Ruvc9Q==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Sun, 06 Nov 2022 06:27:59 GMT
age: 4137
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.allwellinst.com/assets1/js/application.js
142.4.9.224200 OK 576 B URL HTTP/1.1 www.allwellinst.com/assets1/js/application.js
IP 142.4.9.224:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 76e9182b4ac1c30132c1d6485ac579e6
7f62374564defa711a3ea6fc57a23a082f65734b
8b853ca44809d5a05bd4018553e52c871c73003d20d4004db71c8b9a47219263
Analyzer Verdict Alert fortinet Phishing
GET /assets1/js/application.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=m6rq4nl9c15oc89974946bfai2
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 07:36:56 GMT
Server: Apache
Last-Modified: Tue, 15 Apr 2014 10:33:26 GMT
Accept-Ranges: bytes
Content-Length: 576
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dcc79e66d1e21452efb26d26650f6739
1f727a7ea032082658944cf4041686446fb6b5f2
af1fe8de442a365a108d5c03f0d3ae8b0beb1abb4f267a46979f9c885ee026c6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8961
x-amzn-requestid: 3a50374d-d90e-452e-bb89-82ca14c94b52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJarpGtqIAMFkPg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d7e3-55c356475fb64e6625a338c7;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:38:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Ry_OKFFZDdDoVya2hTxnFlDGtgoSw0JRqieDnCO4mSNFbgV-AuLE5Q==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 21:44:33 GMT
age: 35543
etag: "1f727a7ea032082658944cf4041686446fb6b5f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df47f1e-c13a-452f-b0e2-28c141dbb191.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df47f1e-c13a-452f-b0e2-28c141dbb191.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b18a8c9f5539ce33476f843f5811e01d
11d1f2ce72d2aa6686c79f777cd0bdb4ddeb681b
fc20e507eedccb52078979f2132434b11b9d50d917cab512d8e0c99515b1236c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df47f1e-c13a-452f-b0e2-28c141dbb191.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7573
x-amzn-requestid: d56e7b27-f2cb-4cd3-9f67-ba18d1bfe270
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bDkhGHmjoAMFxxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6364813a-3a1c18b13c41f38673890b00;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 03:04:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: c-u9tBFoIve3sEwtbUvIFZoPu6eudy3ZFQi8j2m9mTPNEarihTvddw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 06 Nov 2022 05:31:43 GMT
age: 7513
etag: "11d1f2ce72d2aa6686c79f777cd0bdb4ddeb681b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5cee1982-fead-41ba-9720-19ae491d0af1.webp
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5cee1982-fead-41ba-9720-19ae491d0af1.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3929fb3c2f0dad9409e9b247ab891518
b8f906e9e3c3addf73e2d387c7238dc1ffe0bb28
64822bf90b140698a0043ea76542823a55daf3bb6ad1b6b3ba972c7fbb256bb5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5cee1982-fead-41ba-9720-19ae491d0af1.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8309
x-amzn-requestid: 377e4474-c2ee-4477-be4b-18d264ca9aa5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJbgwH23IAMF3kA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d937-7692bcd1131d9749085800b0;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:44:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: JK-yLq7PeMFrcv4opjTjHprEUQ8IIBuHPzhz0ttxQx9GYdBY1EauBA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 22:17:07 GMT
age: 33589
etag: "b8f906e9e3c3addf73e2d387c7238dc1ffe0bb28"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.allwellinst.com/ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
142.4.9.224404 Not Found 315 B URL HTTP/1.1 www.allwellinst.com/ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
IP 142.4.9.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=m6rq4nl9c15oc89974946bfai2
HTTP/1.1 404 Not Found
Date: Sun, 06 Nov 2022 07:36:56 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.allwellinst.com/fonts/icomoon.woff
142.4.9.224200 OK 2.8 kB URL HTTP/1.1 www.allwellinst.com/fonts/icomoon.woff
IP 142.4.9.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format, TrueType, length 2808, version 0.0\012- data
Hash 31a3e4e78a3e107ef72d075070a3eda7
0de50feacd42e03edc520af87e7b7c29f814619b
ac79434b1348cc08f2b9c430d3884730cce55e3738c04d0d9787d16397ecc998
Analyzer Verdict Alert fortinet Phishing
GET /fonts/icomoon.woff HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.allwellinst.com/css/style.css
Cookie: PHPSESSID=m6rq4nl9c15oc89974946bfai2
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 07:36:56 GMT
Server: Apache
Last-Modified: Tue, 24 May 2016 01:59:44 GMT
Accept-Ranges: bytes
Content-Length: 2808
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: font/woff
www.allwellinst.com/fonts/fontawesome-webfont.woff2?v=4.7.0
142.4.9.224200 OK 77 kB URL HTTP/1.1 www.allwellinst.com/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 142.4.9.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Phishing
GET /fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.allwellinst.com/css/font-awesome.min.css
Cookie: PHPSESSID=m6rq4nl9c15oc89974946bfai2
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 07:36:56 GMT
Server: Apache
Last-Modified: Mon, 26 Feb 2018 11:24:57 GMT
Accept-Ranges: bytes
Content-Length: 77160
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: font/woff2
www.allwellinst.com/images/image4.jpg
142.4.9.224200 OK 74 kB URL HTTP/1.1 www.allwellinst.com/images/image4.jpg
IP 142.4.9.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1600x472, components 3\012- data
Hash d18024f0d7bffef630da7f4d70850c68
8a769685fd506b661275f6856e2b8c37efc28d2e
9473d69bc397185f7d28f206d3d7e5aef38534d24c14ea56e9f2f94e672da871
GET /images/image4.jpg HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/css/style.css
Cookie: PHPSESSID=m6rq4nl9c15oc89974946bfai2
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 07:36:56 GMT
Server: Apache
Last-Modified: Thu, 11 Aug 2016 07:52:36 GMT
Accept-Ranges: bytes
Content-Length: 73459
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
www.allwellinst.com/images/searchicon2.png
142.4.9.224200 OK 933 B URL HTTP/1.1 www.allwellinst.com/images/searchicon2.png
IP 142.4.9.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash eaa74d5858e4d2ea34c1e3a0c2da2715
11f38a7b7accbd4b8aa92ff813c82b3051355059
95f62d694c27788a74dfca029eea30d061447cde8680a16e28600543347ffe86
GET /images/searchicon2.png HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=m6rq4nl9c15oc89974946bfai2
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 07:36:57 GMT
Server: Apache
Last-Modified: Sat, 10 Feb 2018 19:31:02 GMT
Accept-Ranges: bytes
Content-Length: 933
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png
www.allwellinst.com/pictures/1_logo.png
142.4.9.224200 OK 16 kB URL HTTP/1.1 www.allwellinst.com/pictures/1_logo.png
IP 142.4.9.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 343 x 72, 8-bit/color RGBA, non-interlaced\012- data
Hash 2f779c35970815d7c72de4a6dca659f6
58cfc2576b8582d0dae9f2972136b319a5d02cdc
d3a03c404e32e2c559ccdcd687bc862ee43668a399abac4b708c34d5d6899ce1
GET /pictures/1_logo.png HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=m6rq4nl9c15oc89974946bfai2
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 07:36:57 GMT
Server: Apache
Last-Modified: Sat, 17 Feb 2018 06:57:56 GMT
Accept-Ranges: bytes
Content-Length: 15557
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
www.allwellinst.com/images/loading.gif
142.4.9.224200 OK 4.8 kB URL HTTP/1.1 www.allwellinst.com/images/loading.gif
IP 142.4.9.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 24 x 24\012- data
Hash dd78ac008009bd821d2bf2da98108854
d3665f292d71f9ea2b9a61c476e6e2a9d0d35062
03acb263b1d85f824676b3cad66f9660c73d278f06e519c7ea727593ab4f5a13
GET /images/loading.gif HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=m6rq4nl9c15oc89974946bfai2
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 07:36:57 GMT
Server: Apache
Last-Modified: Mon, 05 Sep 2016 11:11:24 GMT
Accept-Ranges: bytes
Content-Length: 4765
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/gif
www.allwellinst.com/pictures/2_pic_1.jpg
142.4.9.224200 OK 95 kB URL HTTP/1.1 www.allwellinst.com/pictures/2_pic_1.jpg
IP 142.4.9.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 555x178, components 3\012- data
Hash 77e6c4e8563675626f3b7fde95df40ec
e120f757c9651fea908b1c9025b4093088aa2a98
94cb704bb8a20849e9c6b2a757a4ca6dc0afe0b96c6f717d373efdfc6735fdd1
GET /pictures/2_pic_1.jpg HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=m6rq4nl9c15oc89974946bfai2
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 07:36:57 GMT
Server: Apache
Last-Modified: Tue, 11 Jun 2019 07:10:34 GMT
Accept-Ranges: bytes
Content-Length: 94934
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
www.allwellinst.com/pictures/7_pic_1.jpg
142.4.9.224200 OK 60 kB URL HTTP/1.1 www.allwellinst.com/pictures/7_pic_1.jpg
IP 142.4.9.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 555x178, components 3\012- data
Hash d12b50e8aaab2de86b36684b675d0664
1e9cdc52c88484b4500973f09dd628e2bd4782af
9d0a5ad518c6eff7794e3e3ff23d26f2b33d46213f8966d397d57ab6cb52b98f
GET /pictures/7_pic_1.jpg HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=m6rq4nl9c15oc89974946bfai2
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 07:36:57 GMT
Server: Apache
Last-Modified: Sat, 10 Feb 2018 18:31:04 GMT
Accept-Ranges: bytes
Content-Length: 59760
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
www.allwellinst.com/pictures/1_pic_1.jpg
142.4.9.224200 OK 265 kB URL HTTP/1.1 www.allwellinst.com/pictures/1_pic_1.jpg
IP 142.4.9.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2014 (Windows), datetime=2018:02:17 13:43:07], baseline, precision 8, 559x179, components 3\012- data
Size 265 kB (264696 bytes)
Hash ffd3032acef349a342a1b0d22cd2089d
c51f1196805f8d61b16d0d9a7a2c619d2561d1c2
88ca28ae7cae709d27fc0561821c7f180b25b5ac5ce2627c0bbe560753658fc5
GET /pictures/1_pic_1.jpg HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=m6rq4nl9c15oc89974946bfai2
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 07:36:57 GMT
Server: Apache
Last-Modified: Sat, 17 Feb 2018 08:43:58 GMT
Accept-Ranges: bytes
Content-Length: 264696
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
www.allwellinst.com/images/b05.png
142.4.9.224200 OK 1.4 kB URL HTTP/1.1 www.allwellinst.com/images/b05.png
IP 142.4.9.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 120 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash b5b353c4ec92a0f8be543f33741618f3
5ebf2f04f513217db1173fa0fb8a9be3983269d6
95434f5c547a4f70a55e95b0e836b0f37c09f3ecf6e58b27de19222c47a8910e
GET /images/b05.png HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=m6rq4nl9c15oc89974946bfai2
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 07:36:57 GMT
Server: Apache
Last-Modified: Mon, 05 Sep 2016 11:11:24 GMT
Accept-Ranges: bytes
Content-Length: 1415
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png
www.allwellinst.com/images/a12.png
142.4.9.224200 OK 2.5 kB URL HTTP/1.1 www.allwellinst.com/images/a12.png
IP 142.4.9.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 400 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash bb9fcee03a7288c2083eb15e31f18e1d
7d2a90b91ab8891d4071ea412cf805a737ae5d8c
5e9ddb467a2a395462d2bebf1ab0424c92b081e250497106b1105ea10efe5b55
GET /images/a12.png HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=m6rq4nl9c15oc89974946bfai2
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 07:36:57 GMT
Server: Apache
Last-Modified: Mon, 05 Sep 2016 11:11:24 GMT
Accept-Ranges: bytes
Content-Length: 2483
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
www.allwellinst.com/images/pdficon.png
142.4.9.224200 OK 11 kB URL HTTP/1.1 www.allwellinst.com/images/pdficon.png
IP 142.4.9.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 109 x 114, 8-bit/color RGBA, non-interlaced\012- data
Hash 59099d4d98e3d966e7d30955afeeb58f
19bda665c297c6a52b5d5a25dac1b96a8dffa844
079c59279d9a4ae1feb0086a299d06b6efe1bc6549d3c8529fb023f7234858b6
GET /images/pdficon.png HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=m6rq4nl9c15oc89974946bfai2
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 07:36:57 GMT
Server: Apache
Last-Modified: Sat, 10 Feb 2018 18:17:28 GMT
Accept-Ranges: bytes
Content-Length: 11032
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
www.allwellinst.com/pictures/8_pic_1.jpg
142.4.9.224200 OK 109 kB URL HTTP/1.1 www.allwellinst.com/pictures/8_pic_1.jpg
IP 142.4.9.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2014:01:02 16:56:12], baseline, precision 8, 1060x334, components 3\012- data
Size 109 kB (108703 bytes)
Hash 4d9bea88a1847747d99e37c65db0231c
8767ce4f5e883456e328a68f080be0d2db535f5e
fdab77b9963c66345daf9abecc69ffba8e889e60ae9a1b46c9e6bc824e0086d3
GET /pictures/8_pic_1.jpg HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=m6rq4nl9c15oc89974946bfai2
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 07:36:57 GMT
Server: Apache
Last-Modified: Thu, 21 Mar 2019 09:55:44 GMT
Accept-Ranges: bytes
Content-Length: 108703
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
www.allwellinst.com/pictures/120588221_90_pic_2.jpg
142.4.9.224200 OK 57 kB URL HTTP/1.1 www.allwellinst.com/pictures/120588221_90_pic_2.jpg
IP 142.4.9.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 10000", baseline, precision 8, 386x386, components 3\012- data
Hash 67b37ed9ab9bb9f97abf9e27342d8f6a
17fa86cee1e3bc59f79f254f46999506c6699a62
fcb467fd6e1e471080a974f970c47cad2550f2eab9c7d961e17285dc9662b25c
GET /pictures/120588221_90_pic_2.jpg HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=m6rq4nl9c15oc89974946bfai2
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 07:36:57 GMT
Server: Apache
Last-Modified: Wed, 05 Sep 2018 06:33:26 GMT
Accept-Ranges: bytes
Content-Length: 56782
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
www.allwellinst.com/pictures/776475135_91_pic_2.jpg
142.4.9.224200 OK 120 kB URL HTTP/1.1 www.allwellinst.com/pictures/776475135_91_pic_2.jpg
IP 142.4.9.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 10000", baseline, precision 8, 450x450, components 3\012- data
Size 120 kB (119975 bytes)
Hash e19efa17a71185e7e8d1752aa6cb14d7
c596f42b3fe416deeb9c3d2a6328beb5eb207b7b
fb3c03fdb6b486d1498b0ec42945e6b35b29f7fd0eff9224b796ac5635a57997
GET /pictures/776475135_91_pic_2.jpg HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=m6rq4nl9c15oc89974946bfai2
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 07:36:57 GMT
Server: Apache
Last-Modified: Wed, 05 Sep 2018 06:44:18 GMT
Accept-Ranges: bytes
Content-Length: 119975
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg
www.allwellinst.com/pictures/59_banner.jpg
142.4.9.224200 OK 284 kB URL HTTP/1.1 www.allwellinst.com/pictures/59_banner.jpg
IP 142.4.9.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1600x635, components 3\012- data
Size 284 kB (283598 bytes)
Hash 2f7d666c2a31446e6a64ae271420752c
598601e5cb989380e5522f3fa4b053b0c26c26df
b9c21749c2f59b012ee76cd61095115a14622e7af1cf86e38d83010dc8fd4d81
GET /pictures/59_banner.jpg HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=m6rq4nl9c15oc89974946bfai2
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 07:36:57 GMT
Server: Apache
Last-Modified: Tue, 27 Feb 2018 12:38:58 GMT
Accept-Ranges: bytes
Content-Length: 283598
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/jpeg
www.allwellinst.com/images/searchicon.png
142.4.9.224200 OK 1.4 kB URL HTTP/1.1 www.allwellinst.com/images/searchicon.png
IP 142.4.9.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash a79ce09b335d10eb2cc6ea14793e72b3
6d306d36329b4a366922ed40ef6a4ab7a04f2589
017b7570cace05d49c60dc2a7a8f5940434c8dd7b6210fdda6bbb77dac2bc155
GET /images/searchicon.png HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=m6rq4nl9c15oc89974946bfai2
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 07:36:57 GMT
Server: Apache
Last-Modified: Sat, 13 Jan 2018 23:20:08 GMT
Accept-Ranges: bytes
Content-Length: 1391
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png
www.allwellinst.com/pictures/61_banner.jpg
142.4.9.224200 OK 420 kB URL HTTP/1.1 www.allwellinst.com/pictures/61_banner.jpg
IP 142.4.9.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1600x635, components 3\012- data
Size 420 kB (419483 bytes)
Hash 4d3a486afcdc2cd7f73852b8c4a14460
635e4e3f99cf2f0626f8c7d9287be15e77df7b4b
1170e189732b2bb206e44e1e68a09fc5b3954d84ab25df23aa980c37a4186a26
GET /pictures/61_banner.jpg HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=m6rq4nl9c15oc89974946bfai2
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 07:36:57 GMT
Server: Apache
Last-Modified: Mon, 26 Feb 2018 07:27:47 GMT
Accept-Ranges: bytes
Content-Length: 419483
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
www.allwellinst.com/pictures/60_banner.jpg
142.4.9.224200 OK 379 kB URL HTTP/1.1 www.allwellinst.com/pictures/60_banner.jpg
IP 142.4.9.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1600x635, components 3\012- data
Size 379 kB (378840 bytes)
Hash ef0dade9d3d8c3b63c9fbc5e7e9fa32a
f4d375b92280bdab1f0edfa7062a2994d71e5790
c76b12b1306abe8bfe76eb5689866c25b428700308c7de32378e06cd8a65eb18
GET /pictures/60_banner.jpg HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=m6rq4nl9c15oc89974946bfai2
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 07:36:57 GMT
Server: Apache
Last-Modified: Mon, 26 Feb 2018 07:27:35 GMT
Accept-Ranges: bytes
Content-Length: 378840
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
www.allwellinst.com/pictures/64_banner.jpg
142.4.9.224200 OK 482 kB URL HTTP/1.1 www.allwellinst.com/pictures/64_banner.jpg
IP 142.4.9.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1900x700, components 3\012- data
Size 482 kB (481486 bytes)
Hash 8fb225d84f69eec7beaaa157f7e52333
8a10621483afbdc05ff78668d0bcb96b884fd173
4399febb736e5cc4e81aa23a0680d0052af7101692d6c7bdab33edbf269403e4
GET /pictures/64_banner.jpg HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=m6rq4nl9c15oc89974946bfai2
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 07:36:57 GMT
Server: Apache
Last-Modified: Fri, 13 Sep 2019 10:41:33 GMT
Accept-Ranges: bytes
Content-Length: 481486
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
www.allwellinst.com/images/favicon.ico
142.4.9.224200 OK 856 B URL HTTP/1.1 www.allwellinst.com/images/favicon.ico
IP 142.4.9.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 216d5934ddce5085be2f7089c7fbbd76
788b079fb8798047a15fb63769e78dd9df351c4b
ae45562a56670510953744a6b7efd913a4861200a2833a53a19171205638b255
GET /images/favicon.ico HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=m6rq4nl9c15oc89974946bfai2
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 07:36:58 GMT
Server: Apache
Last-Modified: Fri, 13 Sep 2019 09:55:57 GMT
Accept-Ranges: bytes
Content-Length: 856
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/x-icon
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55a74005-0af0-4302-9353-9297abcf7976.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55a74005-0af0-4302-9353-9297abcf7976.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0f175e783e99f623f898eb07578ed28a
c090b3db88d3c2381e7d14d2aab5078fd50be14a
6eaf64d99a8626df553aeeb24a5ee1a69e3d6c32293385dedd6c83dd231c84e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55a74005-0af0-4302-9353-9297abcf7976.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8157
x-amzn-requestid: b3004878-0395-4123-843c-f33d040d5989
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJabZFa6IAMFp1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d77b-05b4398b243a9eec020a3b16;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:37:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: EkY4IRZUrYHRSHX7a2kvsyoGNldygqY6ztTaQwNmSyR8ZouV5nkMAw==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 21:48:57 GMT
etag: "c090b3db88d3c2381e7d14d2aab5078fd50be14a"
content-type: image/jpeg
age: 35286
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:400,400italic,300italic,300,500,700
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:400,400italic,300italic,300,500,700
IP 142.250.74.10:0
GET /css?family=Roboto:400,400italic,300italic,300,500,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.allwellinst.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 06 Nov 2022 07:36:55 GMT
date: Sun, 06 Nov 2022 07:36:55 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=PT+Sans+Caption:700
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=PT+Sans+Caption:700
IP 142.250.74.10:0
GET /css?family=PT+Sans+Caption:700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.allwellinst.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 06 Nov 2022 07:36:55 GMT
date: Sun, 06 Nov 2022 07:36:55 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2