Report - dealstoheal.com/?p=40549

Report Overview

Submitted URL
dealstoheal.com/?p=40549
IP
162.241.216.62
ASN
#26337 OIS1
Submitted
2022-10-02 20:00:37
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
56

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	2.9 kB	93.184.220.29
downloads.mailchimp.com	11609	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	392 B	68 kB	13.224.222.74
box5382.temp.domains	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	673 B	21 kB	162.241.216.62
malsup.github.io	46665	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	370 B	13 kB	185.199.110.153
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	13.224.222.54
dealstoheal.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	21 kB	169 kB	162.241.216.62
maps.googleapis.com	33876	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	433 B	57 kB	172.217.21.170
demo.templatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	369 B	57 kB	104.21.12.5
syndication.twitter.com	833	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	459 B	913 B	104.244.42.72
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.76.226
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.7 kB	65 kB	34.120.237.76
graph.facebook.com	113	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	665 B	1.3 kB	31.13.72.8
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	35.165.41.15
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	2.8 kB	142.250.74.3
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	373 B	43 kB	142.250.74.168
platform.twitter.com	597	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	242 kB	192.229.233.25
kit.fontawesome.com	1868	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	356 B	5.4 kB	104.18.23.52
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	21 kB	142.250.74.174
mc.us19.list-manage.com	85107	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	507 B	4.5 kB	104.110.24.122
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	13.224.222.16

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-10-02	medium	dealstoheal.com/?p=40549	Phishing
2022-10-02	medium	dealstoheal.com/?p=40549	Phishing
2022-10-02	medium	dealstoheal.com/wp-includes/js/jquery/jquery-migrate.min.js	Phishing
2022-10-02	medium	dealstoheal.com/wp-content/plugins/Templatic-MegaMenu/includes/jquery.megamenu.1.2-mini.js	Phishing
2022-10-02	medium	dealstoheal.com/wp-content/themes/Directory/js/sticky_city.js	Phishing
2022-10-02	medium	dealstoheal.com/wp-content/plugins/Tevolution-LocationManager/js/location_script.min.js	Phishing
2022-10-02	medium	dealstoheal.com/wp-includes/js/jquery/ui/menu.min.js	Phishing
2022-10-02	medium	dealstoheal.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js	Phishing
2022-10-02	medium	dealstoheal.com/wp-includes/js/jquery/ui/core.min.js	Phishing
2022-10-02	medium	dealstoheal.com/wp-content/plugins/Tevolution/tmplconnector/monetize/templatic-generalization/js/lazy-load.js	Phishing
2022-10-02	medium	dealstoheal.com/wp-includes/js/dist/dom-ready.min.js	Phishing
2022-10-02	medium	dealstoheal.com/wp-includes/js/dist/hooks.min.js	Phishing
2022-10-02	medium	dealstoheal.com/wp-includes/js/comment-reply.min.js	Phishing
2022-10-02	medium	dealstoheal.com/wp-includes/js/jquery/ui/autocomplete.min.js	Phishing
2022-10-02	medium	dealstoheal.com/wp-includes/js/dist/a11y.min.js	Phishing
2022-10-02	medium	dealstoheal.com/wp-content/plugins/Tevolution/tmplconnector/monetize/templatic-generalization/js/basic.js	Phishing
2022-10-02	medium	dealstoheal.com/wp-includes/js/jquery/ui/tabs.min.js	Phishing
2022-10-02	medium	dealstoheal.com/wp-includes/js/dist/i18n.min.js	Phishing
2022-10-02	medium	dealstoheal.com/wp-includes/js/wp-emoji-release.min.js	Phishing
2022-10-02	medium	dealstoheal.com/wp-content/plugins/Tevolution/js/jquery.uploadfile.js	Phishing
2022-10-02	medium	dealstoheal.com/wp-includes/js/dist/vendor/wp-polyfill.min.js	Phishing
2022-10-02	medium	dealstoheal.com/wp-content/plugins/Tevolution/js/tevolution-script.min.js	Phishing
2022-10-02	medium	dealstoheal.com/wp-content/themes/Directory/js/_supreme.min.js	Phishing
2022-10-02	medium	dealstoheal.com/wp-includes/js/jquery/jquery.min.js	Phishing
2022-10-02	medium	dealstoheal.com/wp-content/plugins/Tevolution/js/foundation.min.js	Phishing
2022-10-02	medium	dealstoheal.com/wp-content/plugins/Tevolution/js/markermanager.js	Phishing
2022-10-02	medium	dealstoheal.com/chickeninvaders6fullversiontpb-best/	Phishing
2022-10-02	medium	dealstoheal.com/wp-content/plugins/Tevolution/css.minifier.php	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (58)

	URL	Size	First Seen	Last Seen
	dealstoheal.com/chickeninvaders6fullversiontpb-best/	1.3 kB	2023-03-08	2023-07-06
Pretty URL dealstoheal.com/chickeninvaders6fullversiontpb-best/ IP 162.241.216.62 ASN #26337 OIS1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:46:38 Last Seen2023-07-06 01:52:51 Times Seen5 Hash 4945cdd4690ed17ebe49b2ea30f19825 a5194672a2d07ec10d8d9b5d2a8b1c52923c729e 12afe97ba4ce1026e34d430a6c5486d4f763f61a21ee2ec7b2349ecefe15ab80 Loading...

	dealstoheal.com/wp-content/themes/Directory/js/sticky_city.js	272 B	2023-03-08	2023-05-23
Pretty URL dealstoheal.com/wp-content/themes/Directory/js/sticky_city.js IP 162.241.216.62 ASN #26337 OIS1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:46:38 Last Seen2023-05-23 09:00:42 Times Seen5 Hash bd3f0703c8ad1a8613f118ff19e65ea5 cfe43925e7e023d237f776a110f2280f151bd049 d134016721b4f1e1d3f95140ab9caea200327f19380def0ad1b1c536ce90191e Loading...

	dealstoheal.com/chickeninvaders6fullversiontpb-best/	293 B	2023-03-08	2023-05-23
Pretty URL dealstoheal.com/chickeninvaders6fullversiontpb-best/ IP 162.241.216.62 ASN #26337 OIS1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:46:38 Last Seen2023-05-23 09:00:42 Times Seen3 Hash dbc6f93716546d02bdd4c6c972ed20fb 7a6fd551fffa87f2bc37044067ac7c6095e36202 05e6a3c6293f7c57e0593165b8476faf4b1f6af5f370e87b718f9df4c88ec897 Loading...

	malsup.github.io/jquery.form.js?_=1664740829421	44 kB	2023-03-07	2024-04-27
Pretty URL malsup.github.io/jquery.form.js?_=1664740829421 IP 185.199.110.153 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:42 Last Seen2024-04-27 02:26:01 Times Seen575 Hash 08a24670beb2eae7ef79a6d5ac23874b eca8a1978457941622833130e92b9b274e2b3a36 3a16fd80d67008f1c947cf93ebb20e2af2ed1a6317e194d35ed15046076c4211 Loading...

	dealstoheal.com/wp-content/plugins/Tevolution/tmplconnector/monetize/templatic-generalization/js/basic.js	10 kB	2023-03-08	2023-05-23
Pretty URL dealstoheal.com/wp-content/plugins/Tevolution/tmplconnector/monetize/templatic-generalization/js/basic.js IP 162.241.216.62 ASN #26337 OIS1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:46:38 Last Seen2023-05-23 09:00:42 Times Seen5 Hash 5776ed7ff36f968c25c36a69dd81a0f1 654afe39f51d5f67256aa38089ee9730400347cb 1428126dd044dd8fcfe43e44fa431a32d14c61f08132759349da07ab6f46af4c Loading...

	platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fdealstoheal.com&wmode=transparent	327 kB	2023-03-07	2023-05-03
Pretty URL platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fdealstoheal.com&wmode=transparent IP 192.229.233.25 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:57 Last Seen2023-05-03 22:50:00 Times Seen3 Hash 26599e03fbd14de8182dfc6fb71ab446 00642f9520c1d630f6474a3f910a3444d8e8d589 2af340a08ce2caffa6df9a38412f1df460199ea76e4bc1fe3957cc3ce2962518 Loading...

	graph.facebook.com/fql?q=SELECT%20url,%20normalized_url,%20share_count,%20like_count,%20comment_count,%20total_count,commentsbox_count,%20comments_fbid,%20click_count%20FROM%20link_stat%20WHERE%20url=%27https%3A%2F%2Fdealstoheal.com%2Fchickeninvaders6fullversiontpb-best%2F%27&callback=jQuery36008449868180760105_1664740829422&_=1664740829423	453 B	2023-03-08	2023-03-08
Pretty URL graph.facebook.com/fql?q=SELECT%20url,%20normalized_url,%20share_count,%20like_count,%20comment_count,%20total_count,commentsbox_count,%20comments_fbid,%20click_count%20FROM%20link_stat%20WHERE%20url=%27https%3A%2F%2Fdealstoheal.com%2Fchickeninvaders6fullversiontpb-best%2F%27&callback=jQuery36008449868180760105_1664740829422&_=1664740829423 IP 31.13.72.8 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:46:38 Last Seen2023-03-08 04:46:38 Times Seen1 Hash 9182f2ec0a90c5f13e6399fc75640e39 96ac1759489d2b4263296a1b0de216240615242e a1cb8150ba6830900119734a3fccf3bad71ba01cf51613155378dd85b060b54e Loading...

	dealstoheal.com/wp-content/plugins/Tevolution/js/markermanager.js	83 kB	2023-03-08	2023-05-23
Pretty URL dealstoheal.com/wp-content/plugins/Tevolution/js/markermanager.js IP 162.241.216.62 ASN #26337 OIS1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:46:38 Last Seen2023-05-23 09:00:41 Times Seen3 Hash 9aa3e5a420715782992af960c874f99b 26e45a410c40dac8bed1964c93a94fca9aa44d93 6e666dce7615dbd087a7cd66657adfb6efcc22c1ff1da36c427437689b379e1a Loading...

	dealstoheal.com/chickeninvaders6fullversiontpb-best/	928 B	2023-03-08	2023-05-23
Pretty URL dealstoheal.com/chickeninvaders6fullversiontpb-best/ IP 162.241.216.62 ASN #26337 OIS1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:46:38 Last Seen2023-05-23 09:00:42 Times Seen3 Hash 12f6d885fd8c34c3b483204d547f8ca2 b2f1e49c1422d3a20e2aeab47f280758a628b708 fcba2d11f30d2e23904a4915d2bb60b7d19f8dce913d9148ef9a9646705b584a Loading...

	dealstoheal.com/wp-includes/js/jquery/ui/menu.min.js	10 kB	2023-03-07	2024-04-24
Pretty URL dealstoheal.com/wp-includes/js/jquery/ui/menu.min.js IP 162.241.216.62 ASN #26337 OIS1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:24 Last Seen2024-04-24 18:24:18 Times Seen228 Hash 887f1d35750dab9617fc2e87ed2c7905 eea3e0885cc6653aba765826337e4aa5ec17a899 f4154825dc56e715b2138ad66a290eb8b17824bb0c08685a2888c2fcec94b36a Loading...

	maps.googleapis.com/maps-api-v3/api/js/50/7a/common.js	252 kB	2023-03-08	2023-03-08
Pretty URL maps.googleapis.com/maps-api-v3/api/js/50/7a/common.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:18:12 Last Seen2023-03-08 06:23:44 Times Seen1 Hash 4d95b1068735a925cbcb752af3bdeafa 35164b1562ec3afa97197ba44b6b13fe7e3ed866 9213d9ffb010f00df9cd989986a3068e7b8de96cbee7e00f249e06d59e81e6ef Loading...

	maps.googleapis.com/maps-api-v3/api/js/50/7a/util.js	165 kB	2023-03-08	2023-03-08
Pretty URL maps.googleapis.com/maps-api-v3/api/js/50/7a/util.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:18:12 Last Seen2023-03-08 06:23:44 Times Seen1 Hash 94034edc34444b65988a5480f1f7ab4a 5f96091d8d0fb1677c12be16574da775586b8532 4bba58a24d973f3780362a09eac2d0f72e205e9d186cbe471bfea2fb4a5719cd Loading...

	dealstoheal.com/chickeninvaders6fullversiontpb-best/	155 B	2023-03-08	2023-05-23
Pretty URL dealstoheal.com/chickeninvaders6fullversiontpb-best/ IP 162.241.216.62 ASN #26337 OIS1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:46:38 Last Seen2023-05-23 09:00:41 Times Seen3 Hash 207029fe2f1cd5b1ea03f27eec5a3e4a 89ba4a4626e9e8a3dcbad75e7608f9eff332570d 91d1ea025a93ddc448e633ffa051b6d39c01d9588059dff95f9d3f93d0f9a7f1 Loading...

	www.googletagmanager.com/gtag/js?id=UA-81539906-11	109 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtag/js?id=UA-81539906-11 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:46:38 Last Seen2023-03-08 04:46:38 Times Seen1 Hash 524b82370a3b634eca3d50ea81703cf9 b1524998eb6211f959d496514aa534aee0ea175a 7e871e9b6c909af9a10bbf2e12b8c671f096ab009fd58460f12d98c30c407800 Loading...

	dealstoheal.com/chickeninvaders6fullversiontpb-best/	2.0 kB	2023-03-08	2023-05-23
Pretty URL dealstoheal.com/chickeninvaders6fullversiontpb-best/ IP 162.241.216.62 ASN #26337 OIS1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:46:38 Last Seen2023-05-23 09:00:41 Times Seen3 Hash aee681f3e657fed025fc3178b36130ab 458d454f14bfbbe7d7a72ac510977ce428f49484 d1e7d0d23cce8e89d069e2f89334cd43c20556f03e1ad7f1a89f7351f32e42ca Loading...

	dealstoheal.com/chickeninvaders6fullversiontpb-best/	5.8 kB	2023-03-08	2023-05-23
Pretty URL dealstoheal.com/chickeninvaders6fullversiontpb-best/ IP 162.241.216.62 ASN #26337 OIS1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:46:38 Last Seen2023-05-23 09:00:42 Times Seen3 Hash a3f321d25e1553e3bffe122a23668d78 75b969964c290783a024efe704fd2b7fdc1caa34 38b38915eb4100a9117ac6d11159fac67f33cd7ca6025d8a0bff7a1862c3ab76 Loading...

	dealstoheal.com/wp-includes/js/jquery/ui/core.min.js	21 kB	2023-03-07	2024-04-25
Pretty URL dealstoheal.com/wp-includes/js/jquery/ui/core.min.js IP 162.241.216.62 ASN #26337 OIS1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-25 18:37:12 Times Seen3655 Hash 6aaf0a4e8eac131defea126f5b1b5fbf 24da0326af36303e5a1e9799a3c26f7a1077928c 240b702419d6c39ecc4896f0132ccfc9bc517e9aef0c782d99580e0c678b47d5 Loading...

	dealstoheal.com/chickeninvaders6fullversiontpb-best/	533 B	2023-03-08	2023-03-08
Pretty URL dealstoheal.com/chickeninvaders6fullversiontpb-best/ IP 162.241.216.62 ASN #26337 OIS1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:46:38 Last Seen2023-03-08 04:46:38 Times Seen1 Hash 4b2ba29c47d83b10f46d1cdab0be4cc4 c984bb2cee16c2cdde0b0506bce563f4b212191c 59ae06e000ad39361944d0c96f279ac753f3ec00bfc662a7b7248cbb499b096d Loading...

	dealstoheal.com/wp-includes/js/dist/a11y.min.js	2.5 kB	2023-03-07	2024-04-25
Pretty URL dealstoheal.com/wp-includes/js/dist/a11y.min.js IP 162.241.216.62 ASN #26337 OIS1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:58 Last Seen2024-04-25 21:53:57 Times Seen6206 Hash 496baa8dab0a9861cd85d4e329f5aa77 5a036d58aecc5c5c471237d6dc719333cfe225e6 5df2942db2352e49e00bcf3393b875a71d0acee986e48fbdcc5879846f5c3689 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-07	2024-01-06
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:05:31 Last Seen2024-01-06 17:39:53 Times Seen66 Hash 99ba52a15d2da967b023016d1af58cbd 5c2246049c43834d17113877b4731bd4f9803d55 9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f Loading...

	dealstoheal.com/chickeninvaders6fullversiontpb-best/	352 B	2023-03-08	2023-05-23
Pretty URL dealstoheal.com/chickeninvaders6fullversiontpb-best/ IP 162.241.216.62 ASN #26337 OIS1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:46:38 Last Seen2023-05-23 09:00:41 Times Seen3 Hash 1aca45a10de15891b9b03fff830549e9 228885c42b9a64c0aa4e414568573550a52561f0 17066a331544944f0c33a3f501f7f19cbefee20888310ac458b9fab18f4f999f Loading...

	dealstoheal.com/chickeninvaders6fullversiontpb-best/	2.2 kB	2023-03-08	2023-03-08
Pretty URL dealstoheal.com/chickeninvaders6fullversiontpb-best/ IP 162.241.216.62 ASN #26337 OIS1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:46:38 Last Seen2023-03-08 04:46:38 Times Seen1 Hash ff06bff70cd200e62be77ac4da8ab08a 1f7055f79ff823c021939f513f41ae7fdcfb9278 a5899169c3036615bf97ef10cb21a27a96174094ef20cbeaa9a9ca5b61ec5f7c Loading...

	dealstoheal.com/wp-content/plugins/Templatic-MegaMenu/includes/jquery.megamenu.1.2-mini.js	4.6 kB	2023-03-08	2023-05-23
Pretty URL dealstoheal.com/wp-content/plugins/Templatic-MegaMenu/includes/jquery.megamenu.1.2-mini.js IP 162.241.216.62 ASN #26337 OIS1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:46:38 Last Seen2023-05-23 09:00:42 Times Seen5 Hash 14045711c116a92fffd2aab4d7345372 8590475a3660614765cd0f78026cedba3e10ce6d 7be1a8ec5b938057e0c4e91720ff560d9694b95da2a518f64ee183f432f74ca9 Loading...

	dealstoheal.com/wp-content/themes/Directory/js/_supreme.min.js	68 kB	2023-03-08	2023-05-23
Pretty URL dealstoheal.com/wp-content/themes/Directory/js/_supreme.min.js IP 162.241.216.62 ASN #26337 OIS1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:46:38 Last Seen2023-05-23 09:00:42 Times Seen5 Hash 4939d439ae8139cde2cde5ed2d1a79d7 f4e3d985875f33df6784b62c10ca7f85485707f2 7067e02c8bc893673d9782cb46a973de95bbf69a8cacaed9b99ea36aaa94e375 Loading...

	dealstoheal.com/chickeninvaders6fullversiontpb-best/	187 B	2023-03-08	2023-05-23
Pretty URL dealstoheal.com/chickeninvaders6fullversiontpb-best/ IP 162.241.216.62 ASN #26337 OIS1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:46:38 Last Seen2023-05-23 09:00:42 Times Seen3 Hash 281f768021fc6c7f3ee265a4f1706abe bd2283b60d44f157012ecd974d6743cb1e671e29 6a1f5826724f3e52bd59ce841b78f8edf2bab4a44a74503a0e4da00d5eacdf0c Loading...

	dealstoheal.com/wp-includes/js/comment-reply.min.js	3.0 kB	2023-03-07	2024-04-27
Pretty URL dealstoheal.com/wp-includes/js/comment-reply.min.js IP 162.241.216.62 ASN #26337 OIS1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-27 02:43:15 Times Seen29354 Hash 492f2c1a7ea7eb83fe42e0ff7cb51aa2 db36a77f6aaa2063bfbec02c2c0e967438c5a245 e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789 Loading...

	dealstoheal.com/chickeninvaders6fullversiontpb-best/	935 B	2023-03-08	2023-07-06
Pretty URL dealstoheal.com/chickeninvaders6fullversiontpb-best/ IP 162.241.216.62 ASN #26337 OIS1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:46:38 Last Seen2023-07-06 01:52:51 Times Seen5 Hash 0319cfc6c280356b7d609c64dc1c8ae3 d793652519c183fefea0c0ab4fa816819a43336f 08169458b1177256c8d1187efa9f517cc9c600d6f3f4d85f3c6bbc6f86662dbe Loading...

	unknown	0 B	2023-03-07	2024-04-27
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-27 04:44:37 Times Seen37111268 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	dealstoheal.com/wp-includes/js/wp-emoji-release.min.js	19 kB	2023-03-07	2024-04-26
Pretty URL dealstoheal.com/wp-includes/js/wp-emoji-release.min.js IP 162.241.216.62 ASN #26337 OIS1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-26 23:19:42 Times Seen38071 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	dealstoheal.com/chickeninvaders6fullversiontpb-best/	865 B	2023-03-08	2023-05-23
Pretty URL dealstoheal.com/chickeninvaders6fullversiontpb-best/ IP 162.241.216.62 ASN #26337 OIS1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:46:38 Last Seen2023-05-23 09:00:42 Times Seen3 Hash 5646a18744ba169dd76e17efea52b081 1387a61ffa70c223fa48fd684979f3187d0128b8 253e799ad0a61ac36491dbc3ed50a08cf10f99e35eeac61508cdc46c718c6a00 Loading...

	dealstoheal.com/chickeninvaders6fullversiontpb-best/	263 B	2023-03-07	2024-04-25
Pretty URL dealstoheal.com/chickeninvaders6fullversiontpb-best/ IP 162.241.216.62 ASN #26337 OIS1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:28 Last Seen2024-04-25 15:09:12 Times Seen2579 Hash 6f35b6645bb854163663bd445d10a947 0ed94701f3b2f1e0312ad8f86c041658f23dce3b f70b1a7e02d635c75235a4a8351bb4bb3b4ba6e3a51acb1b1b231b3c230541b9 Loading...

	dealstoheal.com/chickeninvaders6fullversiontpb-best/	270 B	2023-03-08	2023-05-23
Pretty URL dealstoheal.com/chickeninvaders6fullversiontpb-best/ IP 162.241.216.62 ASN #26337 OIS1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:46:38 Last Seen2023-05-23 09:00:42 Times Seen3 Hash c3d045162b1051d439420d90293e2777 dc1ae7490b28bb86b359b88f7c395ad6b343c7b5 d8d65ed6b3f0e695464242e628488f1d3a64f510af440d02fd881732aa41a69f Loading...

	platform.twitter.com/widgets.js	99 kB	2023-03-08	2023-03-17
Pretty URL platform.twitter.com/widgets.js IP 192.229.233.25 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:19:27 Last Seen2023-03-17 17:17:05 Times Seen1 Hash f26384f93da6974ed577808dfa1fede5 e9ed950b00b2f257baa832412742b54970ee0f37 9bd8dcc115a0e9fce94520cecad5254352b86d55bca2506833057bb52e87ee1a Loading...

	downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js	221 kB	2023-03-08	2023-03-10
Pretty URL downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js IP 13.224.222.74 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:39:08 Last Seen2023-03-10 10:13:58 Times Seen1 Hash 9bde2ccaf139cf2da1ae5da44c10490e 8b13f923c94927e926949e56d100ca15e52ac98f eadfb466b95173358c8fe994028d89d2ba9810c20bf85cf3fe0672e67304b36e Loading...

	dealstoheal.com/wp-includes/js/jquery/jquery.min.js	90 kB	2023-03-07	2024-04-27
Pretty URL dealstoheal.com/wp-includes/js/jquery/jquery.min.js IP 162.241.216.62 ASN #26337 OIS1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-27 02:39:29 Times Seen31858 Hash 02dd5d04add4759122013c5ab4dc5cc2 a45a56e396ac549b4ff39b696ce9e0c16a7612de bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea Loading...

	dealstoheal.com/wp-includes/js/jquery/ui/autocomplete.min.js	8.5 kB	2023-03-07	2024-04-24
Pretty URL dealstoheal.com/wp-includes/js/jquery/ui/autocomplete.min.js IP 162.241.216.62 ASN #26337 OIS1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:28 Last Seen2024-04-24 18:24:18 Times Seen170 Hash 44856f993a926c164e52d1ed2cedfeec 0d113e4a8f1022bb8f48f02ae4ea2eb290579b71 dbc9abd87b47faecc6fedf2c7b0611103f405caa7296005432456196a735aed6 Loading...

	dealstoheal.com/wp-content/plugins/Tevolution-LocationManager/js/location_script.min.js	10 kB	2023-03-08	2023-07-06
Pretty URL dealstoheal.com/wp-content/plugins/Tevolution-LocationManager/js/location_script.min.js IP 162.241.216.62 ASN #26337 OIS1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:46:38 Last Seen2023-07-06 01:52:51 Times Seen9 Hash 7ac48ccd7d49db79312a96570ad6ead4 531b00a0cc3de180e52903de676b075022aaf3b1 85a7c7765092ba5a2c20e4cd706d8d3f69f0a2baf9686ad8bf53cd501859fc9c Loading...

	dealstoheal.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js	6.5 kB	2023-03-07	2024-04-27
Pretty URL dealstoheal.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js IP 162.241.216.62 ASN #26337 OIS1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-27 01:43:17 Times Seen15503 Hash 61449413a42d2daaa79dbe7298b40e21 d86c474164c603084397bdc50fb0e469d28b5772 f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a Loading...

	dealstoheal.com/chickeninvaders6fullversiontpb-best/	2.0 kB	2023-03-08	2023-03-08
Pretty URL dealstoheal.com/chickeninvaders6fullversiontpb-best/ IP 162.241.216.62 ASN #26337 OIS1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:46:38 Last Seen2023-03-08 04:46:38 Times Seen1 Hash be99489335890bb3806b3fd0d27ba517 a601577fc8d30e75fae7af0ac86c6c5092c0cbe9 99e3c82132bab5f097709c2d06754116756f594ff8ebfb2947b91abb33aea69a Loading...

	dealstoheal.com/wp-content/plugins/Tevolution/js/jquery.uploadfile.js	22 kB	2023-03-08	2023-05-23
Pretty URL dealstoheal.com/wp-content/plugins/Tevolution/js/jquery.uploadfile.js IP 162.241.216.62 ASN #26337 OIS1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:46:38 Last Seen2023-05-23 09:00:42 Times Seen5 Hash 6509da8996f1f0ed26ef7b38db5f6de6 71b91fd32b7d32fdf783ae029f43e0af1feeecd1 a1fc4801a0377a317b7c952452c563fd65bc96725c99c57d1344dc3a1697c5d7 Loading...

	dealstoheal.com/chickeninvaders6fullversiontpb-best/	31 B	2023-03-08	2023-07-06
Pretty URL dealstoheal.com/chickeninvaders6fullversiontpb-best/ IP 162.241.216.62 ASN #26337 OIS1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:46:38 Last Seen2023-07-06 01:52:50 Times Seen5 Hash 44ee477967f89674d4eb96d15cca9ae6 a98a57ee78b19a9dd47c770d570837a4e247186d 788379873dd054f87827c7b56d5bb73b0cfd095bf0d564c115cb3fe52bdd0aac Loading...

	dealstoheal.com/chickeninvaders6fullversiontpb-best/	1.6 kB	2023-03-08	2023-07-06
Pretty URL dealstoheal.com/chickeninvaders6fullversiontpb-best/ IP 162.241.216.62 ASN #26337 OIS1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:46:38 Last Seen2023-07-06 01:52:50 Times Seen5 Hash ddc3aea2fea6794b18740033401f8ce6 baf876dae9e7be301b45ad6b49642db58e63fa42 d73af4d4b48afffc0affa97d7175a50eacc97c47c95de8e5bb48f46720d6ee53 Loading...

	dealstoheal.com/wp-includes/js/dist/hooks.min.js	4.9 kB	2023-03-07	2024-04-27
Pretty URL dealstoheal.com/wp-includes/js/dist/hooks.min.js IP 162.241.216.62 ASN #26337 OIS1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-27 01:43:17 Times Seen24395 Hash b33ab4d5dcf02436276a717e9d1b7c18 f47b9a9c41b3b11c9dffabca22945727c3ec6566 9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134 Loading...

	dealstoheal.com/chickeninvaders6fullversiontpb-best/	141 B	2023-03-08	2023-05-23
Pretty URL dealstoheal.com/chickeninvaders6fullversiontpb-best/ IP 162.241.216.62 ASN #26337 OIS1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:46:38 Last Seen2023-05-23 09:00:41 Times Seen3 Hash 36617bb1bc95e6c3af6a8d0370dc86b7 b2e19d0bb28eb04855cbbd6964af6f92194d5f73 6dc3eb1405514fe22f0cfa90ec1e2be48cb8e08369506d544534381b617fc62b Loading...

	dealstoheal.com/wp-content/plugins/Tevolution/js/tevolution-script.min.js	37 kB	2023-03-08	2023-05-23
Pretty URL dealstoheal.com/wp-content/plugins/Tevolution/js/tevolution-script.min.js IP 162.241.216.62 ASN #26337 OIS1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:46:38 Last Seen2023-05-23 09:00:42 Times Seen5 Hash 06cae827ce2a0f97c774bdf450910389 9f157891fe38d24d9a5e46d950a9ac8eb2c0d69f b8c57646f5f23a375ccbbcc047b918c95bab54a3bc79e2424b73c1a83e75f7c0 Loading...

	dealstoheal.com/wp-content/plugins/Tevolution/js/foundation.min.js	146 kB	2023-03-08	2023-05-23
Pretty URL dealstoheal.com/wp-content/plugins/Tevolution/js/foundation.min.js IP 162.241.216.62 ASN #26337 OIS1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:46:38 Last Seen2023-05-23 09:00:42 Times Seen4 Hash 6128feb24221eaee6594bddf478d9b35 94df5073ee81907ed4e30d39ff93840e1bea35d7 1dbd8706f2b5b57bf8be15a067a2ab83f01e7bf6a40b07a5412ba85819660bbd Loading...

	dealstoheal.com/wp-content/plugins/Tevolution/tmplconnector/monetize/templatic-generalization/js/lazy-load.js	902 B	2023-03-07	2024-01-28
Pretty URL dealstoheal.com/wp-content/plugins/Tevolution/tmplconnector/monetize/templatic-generalization/js/lazy-load.js IP 162.241.216.62 ASN #26337 OIS1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:48:21 Last Seen2024-01-28 12:57:17 Times Seen132 Hash c208b892d5e834b4932b43e67037f290 988f853f14e6143ae831779dc24bd7dbf18e14cc 40a7f2b25ea8c45af8993aa57c19e576ea8eab5cbe9f467d45d4be7a537e7a47 Loading...

	kit.fontawesome.com/7eb194c23f.js	11 kB	2023-03-08	2023-03-08
Pretty URL kit.fontawesome.com/7eb194c23f.js IP 104.18.23.52 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:46:38 Last Seen2023-03-08 04:46:38 Times Seen1 Hash 44156c45e39055fd8779bee938a71df9 95e03148ca1f8f4635c10f6bb05172ac55ed2918 7443470ffc27688796cbf82d354d342be5751f5c1c24b66d1c4512f427e1e2a5 Loading...

	dealstoheal.com/wp-includes/js/jquery/jquery-migrate.min.js	11 kB	2023-03-07	2024-04-27
Pretty URL dealstoheal.com/wp-includes/js/jquery/jquery-migrate.min.js IP 162.241.216.62 ASN #26337 OIS1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-27 02:39:29 Times Seen68686 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	dealstoheal.com/wp-includes/js/jquery/ui/tabs.min.js	12 kB	2023-03-07	2024-04-25
Pretty URL dealstoheal.com/wp-includes/js/jquery/ui/tabs.min.js IP 162.241.216.62 ASN #26337 OIS1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:43 Last Seen2024-04-25 18:37:12 Times Seen459 Hash 1d376be55e51aea00d432f6659d3e0d1 cc5b9f6fa12d0a90b38d3d6e918401c9ad26332b 34934dc0d2652647955344d4d53218860096f14217c81c1eb5b02e54526835b6 Loading...

	dealstoheal.com/chickeninvaders6fullversiontpb-best/	3 B	2023-03-07	2024-02-11
Pretty URL dealstoheal.com/chickeninvaders6fullversiontpb-best/ IP 162.241.216.62 ASN #26337 OIS1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:20:26 Last Seen2024-02-11 18:22:52 Times Seen99 Hash 541b176c44f9226b75ef26405cd7934b 9ef4bc2ba8adc2441d2079891e0e6d06d5b35f85 3e13fafe8992426ccfcfbe1e1135fcbb8364b4a0a7331c64ba06546009b758f1 Loading...

	dealstoheal.com/chickeninvaders6fullversiontpb-best/	457 B	2023-03-08	2023-05-23
Pretty URL dealstoheal.com/chickeninvaders6fullversiontpb-best/ IP 162.241.216.62 ASN #26337 OIS1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:46:38 Last Seen2023-05-23 09:00:42 Times Seen3 Hash c6b9640c47ed6701920d91baa32c8f3f 61e5e1d43413903206da2f0e3290d960f8b8bc18 dca93fda0cbd1b160a5731852db5e4c069a9f9e93e7c4e2c9a859efb3262adf4 Loading...

	dealstoheal.com/wp-content/plugins/Tevolution/tmplconnector/monetize/templatic-generalization/js/jquery.sonar.min.js	1.4 kB	2023-03-07	2024-01-28
Pretty URL dealstoheal.com/wp-content/plugins/Tevolution/tmplconnector/monetize/templatic-generalization/js/jquery.sonar.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:48:21 Last Seen2024-01-28 12:57:17 Times Seen147 Hash 2f5b4ade9c7514b244e204c138cf4a06 5e1a2f2a8b5e1fad3f89600815f47a24ca630a45 c3dd5c4ff63478b87ed9670be1b4c688725d53c9ff84a233cfec8ff2bb83a72d Loading...

	dealstoheal.com/chickeninvaders6fullversiontpb-best/	68 B	2023-03-07	2024-04-27
Pretty URL dealstoheal.com/chickeninvaders6fullversiontpb-best/ IP 162.241.216.62 ASN #26337 OIS1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-27 01:53:11 Times Seen22503 Hash d30f13da1f424ee0383b76edc55881e1 7e348a5f57ab13eedbc4ed917cdeee5bb9f9bd46 cf01a621447e67a81629bc28276677c86c48fd72c44cba83a82448574aadfd60 Loading...

	dealstoheal.com/wp-includes/js/dist/i18n.min.js	10 kB	2023-03-07	2024-04-24
Pretty URL dealstoheal.com/wp-includes/js/dist/i18n.min.js IP 162.241.216.62 ASN #26337 OIS1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-24 18:24:18 Times Seen2080 Hash f270dd1f483179fdcfb29ce5f91aea13 166661187a97f0b6b685ec4dbdff871e9824168f 1dc4b29dd0acbed77ec2fd81036c33efd4ab5989e8182705a30615a00a0117f7 Loading...

	dealstoheal.com/wp-includes/js/dist/dom-ready.min.js	498 B	2023-03-07	2024-04-27
Pretty URL dealstoheal.com/wp-includes/js/dist/dom-ready.min.js IP 162.241.216.62 ASN #26337 OIS1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:59 Last Seen2024-04-27 00:37:33 Times Seen11732 Hash b0b80b0256874e70acdc820b52bbf1aa 9aace9a7989736bf535d65f229d0c10e9acea41b 166c7c3bb5f76f977a9f2a5490589b3466374eb2b3f064802e56f08bad71fbf0 Loading...

		Size	First Seen	Last Seen
	#1 Eval - b6ad9c35629682fd0280d857901eca4e	14 kB	2023-03-07	2024-03-25
Pretty Observations First Seen2023-03-07 14:02:29 Last Seen2024-03-25 17:00:31 Times Seen30 Hash b6ad9c35629682fd0280d857901eca4e 9d293358f6df679f20bcfa669d4252a7872dbb1d 1b2e3a378b6b6c169af15aa2c9aef535bf32fdd831f9fd6059ffc1656c52c989 Loading...

	#2 Eval - 6ad9684d377ddae23f5e51869dc4ac0b	72 B	2023-03-07	2024-04-25
Pretty Observations First Seen2023-03-07 01:26:06 Last Seen2024-04-25 16:07:14 Times Seen104 Hash 6ad9684d377ddae23f5e51869dc4ac0b 2e2914938a8a4cd5e7273aa8166d6e85280e2dc2 3421c3a2ecc23147c673489b7f93ffa2404a1e924643f20250dc45bf470ad76d Loading...

HTTP Transactions (84)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

13.224.222.54

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
13.224.222.54:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 02 Oct 2022 19:03:14 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 cccbced9d09951cf2e947066c4fc2442.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR61-C2
X-Amz-Cf-Id: pcf9sPRE9oS-WoKzDSSOaTHJIGPuuvPjBRiI_Go8HEiisrRyz0deow==
Age: 3432

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
60e4edea7b5f4d19f3547a3bb2d5df57
3ee076bab4da3416c2c5808f730cb316c28baef7
763e2dadfdd286a51327cd2000ca335e30cd0b9b7267875d22ca33f7556ba200

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763E2DADFDD286A51327CD2000CA335E30CD0B9B7267875D22CA33F7556BA200"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5700
Expires: Sun, 02 Oct 2022 21:35:26 GMT
Date: Sun, 02 Oct 2022 20:00:26 GMT
Connection: keep-alive

dealstoheal.com/?p=40549

162.241.216.62

301 Moved Permanently

240 B

URL HTTP/1.1
dealstoheal.com/?p=40549
IP
162.241.216.62:0
ASN
#26337 OIS1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
240 B (240 bytes)
Hash
3454511093dbe301caf85b1b52219b67
13e6b2bf5daf0f5b59748bb16ad02676bfd18ab3
2630d419efe6efb2f841992e7602d1fd1200439b7a443cf30f31ba79984d57a0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /?p=40549 HTTP/1.1
Host: dealstoheal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Sun, 02 Oct 2022 20:00:26 GMT
Server: Apache
Location: https://dealstoheal.com/?p=40549
Cache-Control: max-age=300
Expires: Sun, 02 Oct 2022 20:05:26 GMT
Content-Length: 240
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

13.224.222.16

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
13.224.222.16:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 02 Oct 2022 03:33:17 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 6b08baae6d8fdc124eeea9f6d807fa9a.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
x-amz-cf-id: Cfdc4VUyqBxkR2O4v5Qut0nIyIRpbXB5kbqRDRHBTt3LMS_lHxPX4w==
age: 59230
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 20:00:26 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

13.224.222.54

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
13.224.222.54:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Sun, 02 Oct 2022 19:32:53 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Sun, 02 Oct 2022 19:44:56 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 b6a92d65d66a7dd6d685a94e79bd1aba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR61-C2
X-Amz-Cf-Id: t_JBm_OxyRaAbOdt-mTmv6Bpt1edt8D2EPq_5baSM3acmPROoaVglA==
Age: 1653

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
44e113d5e577fba6bb129e5f17ca8763
3e02bcfe0f25c52d6f822ff4f0d7178295743a93
385c484505c87d8621686e27980b74d14fed8477158aa4a94dca19ef5505f5f0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "385C484505C87D8621686E27980B74D14FED8477158AA4A94DCA19EF5505F5F0"
Last-Modified: Sat, 01 Oct 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21581
Expires: Mon, 03 Oct 2022 02:00:07 GMT
Date: Sun, 02 Oct 2022 20:00:26 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
4eb30b4a4234809cf7d5f89fa1f6ceeb
797242aab2f13c820050aa9accd11b7b950cd177
ce9d833a0ac321a908184b655d6632c481f758a04a9c936a7c303bb253444146

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3552
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 20:00:26 GMT
Last-Modified: Sun, 02 Oct 2022 19:01:14 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

35.165.41.15

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.165.41.15:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ehFgOuFcmLLEPLtIQoWzXA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: iUvImfLfgKvwqNAzmOQIAE4stsI=

dealstoheal.com/?p=40549

162.241.216.62

301 Moved Permanently

0 B

URL HTTP/2
dealstoheal.com/?p=40549
IP
162.241.216.62:0
ASN
#26337 OIS1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /?p=40549 HTTP/1.1
Host: dealstoheal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-pingback: https://dealstoheal.com/xmlrpc.php
x-redirect-by: WordPress
set-cookie: PHPSESSID=9b4be5d46500afc8553d4d4e4bf91731; path=/
location: https://dealstoheal.com/chickeninvaders6fullversiontpb-best/
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 02 Oct 2022 20:00:26 GMT
server: Apache
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8d59ee7b197f347e30ac793231158927
3316937f84c08ad1857d2f663dca353e250815f0
c17a343ceb786a421f8c3abfffae350e12c92271a69fc88eb8e8bab568877d6b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3827
Expires: Sun, 02 Oct 2022 21:04:15 GMT
Date: Sun, 02 Oct 2022 20:00:28 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8d59ee7b197f347e30ac793231158927
3316937f84c08ad1857d2f663dca353e250815f0
c17a343ceb786a421f8c3abfffae350e12c92271a69fc88eb8e8bab568877d6b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3827
Expires: Sun, 02 Oct 2022 21:04:15 GMT
Date: Sun, 02 Oct 2022 20:00:28 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8d59ee7b197f347e30ac793231158927
3316937f84c08ad1857d2f663dca353e250815f0
c17a343ceb786a421f8c3abfffae350e12c92271a69fc88eb8e8bab568877d6b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3827
Expires: Sun, 02 Oct 2022 21:04:15 GMT
Date: Sun, 02 Oct 2022 20:00:28 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8d59ee7b197f347e30ac793231158927
3316937f84c08ad1857d2f663dca353e250815f0
c17a343ceb786a421f8c3abfffae350e12c92271a69fc88eb8e8bab568877d6b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3827
Expires: Sun, 02 Oct 2022 21:04:15 GMT
Date: Sun, 02 Oct 2022 20:00:28 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd4280e4-6b15-45b7-9469-d13ba14c37db.jpeg

34.120.237.76

200 OK

6.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd4280e4-6b15-45b7-9469-d13ba14c37db.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.9 kB (6871 bytes)
Hash
9dddb9d84a16a3004821d89836b83dc3
087521979efd5936416fd7f030779fa5725f0a8f
a6251ac43958031d765b5743d43e14bc04b1e465bed81f757c3609ee6f2bea66

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd4280e4-6b15-45b7-9469-d13ba14c37db.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6871
x-amzn-requestid: e1fdb2ee-c0e7-4a0c-ae26-d968aef00503
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEIOGp2IAMFxSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3ce-24b26a8048ffd84071a2ad57;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:30 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -svKnYBuiMSdWObzJyNah9TDIi6IuPP6VMzEJWmn0zxoZbFmwpzkJw==
via: 1.1 c07670802688417c8b871124c547eb0a.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:53:35 GMT
age: 79613
etag: "087521979efd5936416fd7f030779fa5725f0a8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18b1ba6d-ca56-4474-afa8-cd3b53cce28e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.3 kB (9340 bytes)
Hash
6047192460abf4afd600948abb5e6ee1
6d6d52fb5024e7772dd45dd459bfe3ec90cb5ce4
d1fd21a5913f6831d2128c8e9e84767d9730bf9e779da5395dc31b82a10e32e9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18b1ba6d-ca56-4474-afa8-cd3b53cce28e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9340
x-amzn-requestid: e892265e-836d-4638-871f-0548eda57745
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDf8FCEoAMFyow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b2cc-7f39bb92066a75a90868dd03;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:36:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Sk1Dahp1gliiBIghSCZselE7-Fy45svrCk7TdmunOwNefSNqY1P1jA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:47:23 GMT
age: 79985
etag: "6d6d52fb5024e7772dd45dd459bfe3ec90cb5ce4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb5f775-a073-47ba-b076-ad1c96659b64.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11083 bytes)
Hash
edded48f558f739287a040151349ef67
d63b6ba630736d32c364b0e6a369274b2389b7ff
33b4a459df0ba7b36b907ba96d74e08660cc75640c42a5748b97d18ec2e9d533

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb5f775-a073-47ba-b076-ad1c96659b64.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11083
x-amzn-requestid: 53e2c961-bcc0-4977-8648-ee3c1aed9cde
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEHRFWfIAMFhlA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3c7-070212d7386d5efa1b4aa8d3;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Z1KmxHJh9QNfg5x0enkqOjbmiqHvg7nlQiMnuDuCRNWQUBFEiKELbw==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:53:35 GMT
etag: "d63b6ba630736d32c364b0e6a369274b2389b7ff"
content-type: image/jpeg
age: 79613
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.3 kB (6315 bytes)
Hash
206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 04:41:39 GMT
age: 55129
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F589e050c-3794-45f2-a218-269b944ae739.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9600 bytes)
Hash
11f2e40823827b62bca89d18ee279cb2
fa7e61b4f2864b8e51acb2cc887c15d5cb41ef38
c7811cb947483a033f31ff1e93b813f1bbc49b03ed78fcedab2090c71e5c4d1f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F589e050c-3794-45f2-a218-269b944ae739.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: e83a86d3-f5ab-4645-92df-4b2da3d4afa3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDgmFdlIAMFzQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b2d0-48c3fa150800475c790b95bd;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:36:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: f1aqkuvCub_vq9gBDgA4VL8hNf16FXzXhQjSHC1yDLISm85uOqJF9w==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:54:50 GMT
etag: "fa7e61b4f2864b8e51acb2cc887c15d5cb41ef38"
content-type: image/jpeg
age: 79538
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59054e54-a013-42c5-98a5-abe2b6af4fc6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.0 kB (4987 bytes)
Hash
463bdcfbec5426e18ecef83b1c373b71
2e533332ee5c49143e58dad32ee3717a39179532
2c40befd28781482b9be249a792571612d68d7045324083d2c832fa5ec42f04b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59054e54-a013-42c5-98a5-abe2b6af4fc6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4987
x-amzn-requestid: 763edd04-7f8d-42ae-8864-482be3549958
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEHpFs4oAMFbqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3ca-2f7b67e85aa83b69183e62b5;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:26 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 2Zoggf30lA-Kvt5QYa-IdhGePHCNiphR7pfFiOaFvL8ZkWZIaiK4pA==
via: 1.1 f4367b41311e3e9a490d7461b7b85490.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:54:45 GMT
etag: "2e533332ee5c49143e58dad32ee3717a39179532"
content-type: image/jpeg
age: 79543
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
ec57a9edaee540aefec9f68ea5c1d015
8d4c2f4bb56a5be4915acc7bab054f74d579a3bd
49994c62c7023844620385f9934ee9e4a88b177f5241a2c037d4205dfb6c2eaf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2064
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 20:00:28 GMT
Last-Modified: Sun, 02 Oct 2022 19:26:05 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
6abe76ca28fe176c44e7475b1d5c93fb
a4a87a771c6f081e5dae3499c090551c6dd31acb
451a8f3a3e654355467b434976022b84820c25b54f7b78472635c7dc3241423f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 20:00:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
83f9407574c75ca600c57af0637cb200
4ebabbc1900b8f575e90186e2024e48097b0c8d2
1e166ac737e5c3c015e0dc0c68115ebc5eeb53958682a9b77928ddb647137ac1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 20:00:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=UA-81539906-11

142.250.74.168

200 OK

42 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-81539906-11
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2039)
Size
42 kB (42365 bytes)
Hash
f0c8865b40ffb1b5a70b2231bb11926e
8bb98b4c8340d342dadcf4d0a3cd7e442384bd4d
744f75b973f4153c26b3e832c74050c32652fe193418bba6e3442cb9e9e575a0

HTTP Headers

GET /gtag/js?id=UA-81539906-11 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dealstoheal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 02 Oct 2022 20:00:29 GMT
expires: Sun, 02 Oct 2022 20:00:29 GMT
cache-control: private, max-age=900
last-modified: Sun, 02 Oct 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42365
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

platform.twitter.com/widgets.js

192.229.233.25

200 OK

29 kB

URL HTTP/1.1
platform.twitter.com/widgets.js
IP
192.229.233.25:0
ASN
#15133 EDGECAST

File type
Unicode text, UTF-8 text, with very long lines (33915)
Size
29 kB (29223 bytes)
Hash
4022ee7b53654f65608ad9a3ba759687
cc243d089a8a77c0a7123434746ea36b054634dd
7af6243905b2256cb4f8fe0e77386c274592c322fb23b11784ecf86d250c7e09

HTTP Headers

GET /widgets.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dealstoheal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 643
Cache-Control: public, max-age=1800
Content-Type: application/javascript; charset=utf-8
Date: Sun, 02 Oct 2022 20:00:29 GMT
Etag: "f26384f93da6974ed577808dfa1fede5+gzip"
Last-Modified: Wed, 28 Sep 2022 20:05:37 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71A)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
x-amzn-internal-status: 304
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 29223

maps.googleapis.com/maps/api/js?v=3.exp&libraries=places&key=AIzaSyDLYiliZpJytag3NoM2lGC-Im-v_TAWIMQ&ver=6.0.2

172.217.21.170

200 OK

56 kB

URL HTTP/2
maps.googleapis.com/maps/api/js?v=3.exp&libraries=places&key=AIzaSyDLYiliZpJytag3NoM2lGC-Im-v_TAWIMQ&ver=6.0.2
IP
172.217.21.170:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2462)
Size
56 kB (56246 bytes)
Hash
d5a97642ff49f7c39978efb88f1d8277
7dec4faf7e32eff379fc7f2e81ed65cad68b7e08
ede32eafcf5f3c4d4395fb306ec4b85da696537a31d13877a4aa5fab6c928606

HTTP Headers

GET /maps/api/js?v=3.exp&libraries=places&key=AIzaSyDLYiliZpJytag3NoM2lGC-Im-v_TAWIMQ&ver=6.0.2 HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dealstoheal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
date: Sun, 02 Oct 2022 20:00:29 GMT
expires: Sun, 02 Oct 2022 20:30:29 GMT
cache-control: public, max-age=1800
vary: Accept-Language
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 56246
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

dealstoheal.com/wp-content/plugins/Templatic-MegaMenu/includes/megamenu_style.css

162.241.216.62

200 OK

1.2 kB

URL HTTP/2
dealstoheal.com/wp-content/plugins/Templatic-MegaMenu/includes/megamenu_style.css
IP
162.241.216.62:0
ASN
#26337 OIS1

File type
ASCII text, with CRLF line terminators
Size
1.2 kB (1211 bytes)
Hash
a74ebd9c49368dd910cfd6f93c43d5b6
042de4b7741f8c5036d2a52bc95ee7e994c81a96
daf5c487b3796bb9003ecff056716a7ad12abd1b71eff700306b5678510eb368

HTTP Headers

GET /wp-content/plugins/Templatic-MegaMenu/includes/megamenu_style.css HTTP/1.1
Host: dealstoheal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dealstoheal.com/chickeninvaders6fullversiontpb-best/
Cookie: PHPSESSID=9b4be5d46500afc8553d4d4e4bf91731
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 29 Mar 2020 21:28:55 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Tue, 01 Nov 2022 20:00:29 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 1211
content-type: text/css
date: Sun, 02 Oct 2022 20:00:29 GMT
server: Apache
X-Firefox-Spdy: h2

dealstoheal.com/wp-content/plugins/Tevolution-Directory/css/print.css

162.241.216.62

200 OK

2.7 kB

URL HTTP/2
dealstoheal.com/wp-content/plugins/Tevolution-Directory/css/print.css
IP
162.241.216.62:0
ASN
#26337 OIS1

File type
ASCII text, with CRLF line terminators
Size
2.7 kB (2691 bytes)
Hash
5a847c64a8195f326b1eefbe5366e169
68b5e7ff116a27b1c709df0a8434952b16530291
44d7906686a7ff2525230a5dc880e7ca4456cee83fabc4712d85d97aaab06332

HTTP Headers

GET /wp-content/plugins/Tevolution-Directory/css/print.css HTTP/1.1
Host: dealstoheal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dealstoheal.com/chickeninvaders6fullversiontpb-best/
Cookie: PHPSESSID=9b4be5d46500afc8553d4d4e4bf91731
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 29 Mar 2020 21:18:46 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Tue, 01 Nov 2022 20:00:29 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 2691
content-type: text/css
date: Sun, 02 Oct 2022 20:00:29 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a2d3925dad8ae1248c7b5d96220bd00a
8b6326da45860d5f480504e23864de0c28523b61
421d30a538dc347afc7fc8eee0fa6502aa65d789eb2353eb9c9f8bd0c5f3b3d5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 20:00:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
165b2dbf56e36edf32811cc7eea70f58
f9e101da2c4f0f6dcca9cb9d0b36a7b77ef3114e
fcd8956f2d96a85e696ee4ba5eb8d575ad3319bc84c543188f3997ea1079c4e1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 20:00:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

dealstoheal.com/wp-includes/js/jquery/jquery-migrate.min.js

162.241.216.62

200 OK

4.6 kB

URL HTTP/2
dealstoheal.com/wp-includes/js/jquery/jquery-migrate.min.js
IP
162.241.216.62:0
ASN
#26337 OIS1

File type
ASCII text, with very long lines (11126)
Size
4.6 kB (4618 bytes)
Hash
acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: dealstoheal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dealstoheal.com/chickeninvaders6fullversiontpb-best/
Cookie: PHPSESSID=9b4be5d46500afc8553d4d4e4bf91731
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 09 Dec 2020 10:18:11 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Mon, 03 Oct 2022 02:00:29 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 4618
content-type: application/javascript
date: Sun, 02 Oct 2022 20:00:29 GMT
server: Apache
X-Firefox-Spdy: h2

demo.templatic.com/images/images/20130903093522_profile7.png

104.21.12.5

200 OK

56 kB

URL HTTP/2
demo.templatic.com/images/images/20130903093522_profile7.png
IP
104.21.12.5:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 352 x 352, 8-bit colormap, non-interlaced\012- data
Size
56 kB (56204 bytes)
Hash
ffb9c958ed83fb9f5cfb94bc0e92beb9
a76b9fe34362cc753ccb6c56ddbf86cac270a575
eaa712429cdcf9fe0ac86650587196725ad2273521a8da58c9dc844946e48bed

HTTP Headers

GET /images/images/20130903093522_profile7.png HTTP/1.1
Host: demo.templatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:00:29 GMT
content-type: image/png
content-length: 56204
last-modified: Tue, 07 Jun 2016 10:54:46 GMT
etag: "5756a7f6-db8c"
expires: Tue, 05 Sep 2023 16:49:51 GMT
cache-control: max-age=31536000
x-powered-by: EasyEngine 3.3.15
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A3HkYURFZpE148YJoS5QEBcDg2Yv2Y2L%2BGyivxBjmw36f2%2BtSBRMHhgkC4fDrWTBSyU5phz7BL1LJv%2Fc2M3VziF%2B7T4YlHH2hNB0TCcKSjJiRTjeUt1scpzQEOMoUD5yQdObTmU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 754006463f920b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js

13.224.222.74

200 OK

68 kB

URL HTTP/1.1
downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
IP
13.224.222.74:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (65526)
Size
68 kB (67458 bytes)
Hash
4ed0ae25b371cdb5fa9c473a264d881c
a367d6ed19e822cb4f8cf98afd10ef164dbfd974
aa5464001eb2fbf2f2ac8efe7615b98e779a2897ba1c97fecbf1a2ce7076f17c

HTTP Headers

GET /js/signup-forms/popup/unique-methods/embed.js HTTP/1.1
Host: downloads.mailchimp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dealstoheal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 29 Sep 2022 15:39:29 GMT
Server: AmazonS3
Content-Encoding: br
Date: Sun, 02 Oct 2022 04:37:51 GMT
ETag: W/"9bde2ccaf139cf2da1ae5da44c10490e"
X-Cache: Hit from cloudfront
Via: 1.1 bd7e039818f6bd12ba37b73d719c6730.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR61-C2
X-Amz-Cf-Id: pF6QbyBkgxBG2NQvEMDXsOQAiJ56QjaUoHL6yUJFUATJCssOeNHAfw==
Age: 55362
Vary: Accept-Encoding, Origin

dealstoheal.com/wp-includes/css/dist/block-library/style.min.css

162.241.216.62

200 OK

17 kB

URL HTTP/2
dealstoheal.com/wp-includes/css/dist/block-library/style.min.css
IP
162.241.216.62:0
ASN
#26337 OIS1

File type
ASCII text, with very long lines (43771)
Size
17 kB (16594 bytes)
Hash
2a67a4888baa44de739f3fe56203ce07
da175eae57f26b655747d79f055477e3fee1abb9
3a4d7627476a0099ca4bcc101685f27de04cb49dd66ef842d72c6cda270599dd

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css HTTP/1.1
Host: dealstoheal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dealstoheal.com/chickeninvaders6fullversiontpb-best/
Cookie: PHPSESSID=9b4be5d46500afc8553d4d4e4bf91731
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 13 Jul 2022 09:17:38 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Tue, 01 Nov 2022 20:00:29 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 16594
content-type: text/css
date: Sun, 02 Oct 2022 20:00:29 GMT
server: Apache
X-Firefox-Spdy: h2

dealstoheal.com/wp-content/plugins/Templatic-MegaMenu/includes/jquery.megamenu.1.2-mini.js

162.241.216.62

200 OK

1.8 kB

URL HTTP/2
dealstoheal.com/wp-content/plugins/Templatic-MegaMenu/includes/jquery.megamenu.1.2-mini.js
IP
162.241.216.62:0
ASN
#26337 OIS1

File type
ASCII text, with very long lines (4628), with no line terminators
Size
1.8 kB (1781 bytes)
Hash
097b7ef8904e34d02417285f996f5d53
0d5eef2650bbbaccb2fa62b8786f215c05a34bf4
86b6959fcce2a045f52b97bdc18eacca0cb6833d7e358445267c38e82ca120b4

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/Templatic-MegaMenu/includes/jquery.megamenu.1.2-mini.js HTTP/1.1
Host: dealstoheal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dealstoheal.com/chickeninvaders6fullversiontpb-best/
Cookie: PHPSESSID=9b4be5d46500afc8553d4d4e4bf91731
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 29 Mar 2020 21:28:55 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Mon, 03 Oct 2022 02:00:29 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 1781
content-type: application/javascript
date: Sun, 02 Oct 2022 20:00:29 GMT
server: Apache
X-Firefox-Spdy: h2

dealstoheal.com/wp-content/themes/Directory/css/responsive.css

162.241.216.62

200 OK

5.7 kB

URL HTTP/2
dealstoheal.com/wp-content/themes/Directory/css/responsive.css
IP
162.241.216.62:0
ASN
#26337 OIS1

File type
ASCII text, with very long lines (844), with CRLF line terminators
Size
5.7 kB (5690 bytes)
Hash
743fe70511901f1437d19cb449f218d4
8ea68af50c18f9f68e753c23dbeb4b5ea71436d1
3d3d64132973cfef8c52fc756a5dfb58af4229ac13994100ea17fd1e84f7a907

HTTP Headers

GET /wp-content/themes/Directory/css/responsive.css HTTP/1.1
Host: dealstoheal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dealstoheal.com/chickeninvaders6fullversiontpb-best/
Cookie: PHPSESSID=9b4be5d46500afc8553d4d4e4bf91731
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 28 Mar 2020 18:17:39 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Tue, 01 Nov 2022 20:00:29 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 5690
content-type: text/css
date: Sun, 02 Oct 2022 20:00:29 GMT
server: Apache
X-Firefox-Spdy: h2

dealstoheal.com/wp-content/themes/Directory/js/sticky_city.js

162.241.216.62

200 OK

172 B

URL HTTP/2
dealstoheal.com/wp-content/themes/Directory/js/sticky_city.js
IP
162.241.216.62:0
ASN
#26337 OIS1

File type
ASCII text, with CRLF line terminators
Size
172 B (172 bytes)
Hash
f7aa1a499a8c2d4a85b9c013f58b4f11
d40f0c704a01ac7a98a592a1c81fb00eb7bb6d65
98a4f231c43eed28f3dedb4f1195674efd43f19086412ea6e14267ef2520820b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/Directory/js/sticky_city.js HTTP/1.1
Host: dealstoheal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dealstoheal.com/chickeninvaders6fullversiontpb-best/
Cookie: PHPSESSID=9b4be5d46500afc8553d4d4e4bf91731
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 28 Mar 2020 18:17:44 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Mon, 03 Oct 2022 02:00:29 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 172
content-type: application/javascript
date: Sun, 02 Oct 2022 20:00:29 GMT
server: Apache
X-Firefox-Spdy: h2

dealstoheal.com/wp-content/plugins/Tevolution-LocationManager/js/location_script.min.js

162.241.216.62

200 OK

2.6 kB

URL HTTP/2
dealstoheal.com/wp-content/plugins/Tevolution-LocationManager/js/location_script.min.js
IP
162.241.216.62:0
ASN
#26337 OIS1

File type
ASCII text, with very long lines (10165), with no line terminators
Size
2.6 kB (2648 bytes)
Hash
497e7f4cf85a313d5cd54f81ac26bfa1
e8b91f29a6712ff1300a2e7b1a81c80c951c0b8a
018f98f648ed4b96a9863d0cd64556515dee1f9e2d74ae37c1dbc35b9fdb1666

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/Tevolution-LocationManager/js/location_script.min.js HTTP/1.1
Host: dealstoheal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dealstoheal.com/chickeninvaders6fullversiontpb-best/
Cookie: PHPSESSID=9b4be5d46500afc8553d4d4e4bf91731
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 29 Mar 2020 21:18:50 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Mon, 03 Oct 2022 02:00:29 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 2648
content-type: application/javascript
date: Sun, 02 Oct 2022 20:00:29 GMT
server: Apache
X-Firefox-Spdy: h2

kit.fontawesome.com/7eb194c23f.js

104.18.23.52

200 OK

4.7 kB

URL HTTP/2
kit.fontawesome.com/7eb194c23f.js
IP
104.18.23.52:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (10594)
Size
4.7 kB (4731 bytes)
Hash
0d503e421ff0b5b6a613a25675a2fbb6
44f0ed7596f183612a7450afd723a4620f60b910
716819f9686662bea8a0161d7fed2257ed0c049cbe10ada445d94c6203d5499e

HTTP Headers

GET /7eb194c23f.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dealstoheal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:00:29 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: FxpY9r4FizQ-A9diPuTB
cf-cache-status: MISS
server: cloudflare
cf-ray: 754006454a240b55-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

dealstoheal.com/wp-includes/js/jquery/ui/menu.min.js

162.241.216.62

200 OK

3.7 kB

URL HTTP/2
dealstoheal.com/wp-includes/js/jquery/ui/menu.min.js
IP
162.241.216.62:0
ASN
#26337 OIS1

File type
ASCII text, with very long lines (9937)
Size
3.7 kB (3666 bytes)
Hash
1dda18e21d9550b614100bf08ebfdf74
3562e07f4c77598626e00e991963b52d2c3f2980
93d0cf78bed2a6d76993520389796f137552e864a72b32fdfa85cf6c477b8514

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/ui/menu.min.js HTTP/1.1
Host: dealstoheal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dealstoheal.com/chickeninvaders6fullversiontpb-best/
Cookie: PHPSESSID=9b4be5d46500afc8553d4d4e4bf91731
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 24 May 2022 21:32:50 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Mon, 03 Oct 2022 02:00:29 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 3666
content-type: application/javascript
date: Sun, 02 Oct 2022 20:00:29 GMT
server: Apache
X-Firefox-Spdy: h2

dealstoheal.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js

162.241.216.62

200 OK

2.7 kB

URL HTTP/2
dealstoheal.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js
IP
162.241.216.62:0
ASN
#26337 OIS1

File type
ASCII text, with very long lines (6475), with no line terminators
Size
2.7 kB (2675 bytes)
Hash
45bd1d6f7fc3a4069fc6fd400b90c961
903c7e28c7141e9fc1bdb4dfc62d043a97a01e2d
c638a0057b4be0a61cfb65b1860a855a327397e9871f5dde28fa2f138fb394dc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js HTTP/1.1
Host: dealstoheal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dealstoheal.com/chickeninvaders6fullversiontpb-best/
Cookie: PHPSESSID=9b4be5d46500afc8553d4d4e4bf91731
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 24 May 2022 21:32:50 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Mon, 03 Oct 2022 02:00:29 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 2675
content-type: application/javascript
date: Sun, 02 Oct 2022 20:00:29 GMT
server: Apache
X-Firefox-Spdy: h2

dealstoheal.com/wp-includes/js/jquery/ui/core.min.js

162.241.216.62

200 OK

8.2 kB

URL HTTP/2
dealstoheal.com/wp-includes/js/jquery/ui/core.min.js
IP
162.241.216.62:0
ASN
#26337 OIS1

File type
Unicode text, UTF-8 text, with very long lines (8189)
Size
8.2 kB (8169 bytes)
Hash
a0a1c8194f131320e1798f90a7b1262a
3346d35be1f2e4886f19e7fcc0cc96ee4753d9ed
7f618ab13cec0933ec2c61fa2b580ad77ca41522028649677494219fa9ce56db

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/ui/core.min.js HTTP/1.1
Host: dealstoheal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dealstoheal.com/chickeninvaders6fullversiontpb-best/
Cookie: PHPSESSID=9b4be5d46500afc8553d4d4e4bf91731
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 24 May 2022 21:32:50 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Mon, 03 Oct 2022 02:00:29 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 8169
content-type: application/javascript
date: Sun, 02 Oct 2022 20:00:29 GMT
server: Apache
X-Firefox-Spdy: h2

dealstoheal.com/wp-content/plugins/Tevolution/tmplconnector/monetize/templatic-generalization/js/lazy-load.js

162.241.216.62

200 OK

456 B

URL HTTP/2
dealstoheal.com/wp-content/plugins/Tevolution/tmplconnector/monetize/templatic-generalization/js/lazy-load.js
IP
162.241.216.62:0
ASN
#26337 OIS1

File type
ASCII text
Size
456 B (456 bytes)
Hash
5daeebb5f46e5ced5edcc5085e423da5
19ec1466765056a313a239ad57dbfc72dd6e1610
59f4e79237f2c25c3967aa7197cae7605fd1ba1a9e5d0988c6e44c1062603561

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/Tevolution/tmplconnector/monetize/templatic-generalization/js/lazy-load.js HTTP/1.1
Host: dealstoheal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dealstoheal.com/chickeninvaders6fullversiontpb-best/
Cookie: PHPSESSID=9b4be5d46500afc8553d4d4e4bf91731
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 29 Mar 2020 21:18:46 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Mon, 03 Oct 2022 02:00:29 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 456
content-type: application/javascript
date: Sun, 02 Oct 2022 20:00:29 GMT
server: Apache
X-Firefox-Spdy: h2

dealstoheal.com/wp-includes/js/dist/dom-ready.min.js

162.241.216.62

200 OK

331 B

URL HTTP/2
dealstoheal.com/wp-includes/js/dist/dom-ready.min.js
IP
162.241.216.62:0
ASN
#26337 OIS1

File type
ASCII text, with very long lines (463)
Size
331 B (331 bytes)
Hash
ba2b50662c393ff6ba69961f66b24d5d
d5694f33b1072b13fc4c3989e90252c0b28030a2
79ad638f020827a6db341526b430e65459aa712bfbdcabf28bb013c6b2c715e9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/dist/dom-ready.min.js HTTP/1.1
Host: dealstoheal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dealstoheal.com/chickeninvaders6fullversiontpb-best/
Cookie: PHPSESSID=9b4be5d46500afc8553d4d4e4bf91731
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 24 May 2022 21:32:50 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Mon, 03 Oct 2022 02:00:29 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 331
content-type: application/javascript
date: Sun, 02 Oct 2022 20:00:29 GMT
server: Apache
X-Firefox-Spdy: h2

dealstoheal.com/wp-content/themes/Directory/library/images/process.gif

162.241.216.62

200 OK

2.2 kB

URL HTTP/2
dealstoheal.com/wp-content/themes/Directory/library/images/process.gif
IP
162.241.216.62:0
ASN
#26337 OIS1

File type
GIF image data, version 89a, 16 x 16\012- data
Size
2.2 kB (2193 bytes)
Hash
67f40a30bfa13743e5c4e86bfa467a90
419fe86215e5188a1780ce3fb8d8254e78bdec7e
c5ca319c8d9f8105e1390cef50ee4502e0182715ce480d6aee3ad559f0bcb2cc

HTTP Headers

GET /wp-content/themes/Directory/library/images/process.gif HTTP/1.1
Host: dealstoheal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dealstoheal.com/chickeninvaders6fullversiontpb-best/
Cookie: PHPSESSID=9b4be5d46500afc8553d4d4e4bf91731
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 28 Mar 2020 18:17:44 GMT
accept-ranges: bytes
content-length: 2193
cache-control: max-age=31536000
expires: Mon, 02 Oct 2023 20:00:29 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: image/gif
date: Sun, 02 Oct 2022 20:00:29 GMT
server: Apache
X-Firefox-Spdy: h2

dealstoheal.com/wp-content/uploads/2020/03/deals-to-heal-logo-01-1-250x165.jpg

162.241.216.62

200 OK

8.1 kB

URL HTTP/2
dealstoheal.com/wp-content/uploads/2020/03/deals-to-heal-logo-01-1-250x165.jpg
IP
162.241.216.62:0
ASN
#26337 OIS1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 250x165, components 3\012- data
Size
8.1 kB (8073 bytes)
Hash
12ae33138411a2aa403c7dbbc41a02a8
a01218211e88186370ce0a58ee166be984de356a
65f529322ccd4a872c0c28abd32717e4f4ca4ca5e3d4bfbbe2dd9a416f96df22

HTTP Headers

GET /wp-content/uploads/2020/03/deals-to-heal-logo-01-1-250x165.jpg HTTP/1.1
Host: dealstoheal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dealstoheal.com/chickeninvaders6fullversiontpb-best/
Cookie: PHPSESSID=9b4be5d46500afc8553d4d4e4bf91731
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 29 Mar 2020 22:15:31 GMT
accept-ranges: bytes
content-length: 8073
cache-control: max-age=31536000
expires: Mon, 02 Oct 2023 20:00:29 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: image/jpeg
date: Sun, 02 Oct 2022 20:00:29 GMT
server: Apache
X-Firefox-Spdy: h2

dealstoheal.com/wp-includes/js/dist/hooks.min.js

162.241.216.62

200 OK

1.7 kB

URL HTTP/2
dealstoheal.com/wp-includes/js/dist/hooks.min.js
IP
162.241.216.62:0
ASN
#26337 OIS1

File type
ASCII text, with very long lines (4875)
Size
1.7 kB (1712 bytes)
Hash
6a452794a68bc140a53b30519b94edf6
68046f5611ba3cf5da1c46087609aff18f59fdc1
259990a9e6191a72a51ac9d038d0c52bb56d880a2b0d460b1fca3f3fee7961ed

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/dist/hooks.min.js HTTP/1.1
Host: dealstoheal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dealstoheal.com/chickeninvaders6fullversiontpb-best/
Cookie: PHPSESSID=9b4be5d46500afc8553d4d4e4bf91731
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 24 May 2022 21:32:49 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Mon, 03 Oct 2022 02:00:29 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 1712
content-type: application/javascript
date: Sun, 02 Oct 2022 20:00:29 GMT
server: Apache
X-Firefox-Spdy: h2

dealstoheal.com/wp-includes/js/comment-reply.min.js

162.241.216.62

200 OK

1.5 kB

URL HTTP/2
dealstoheal.com/wp-includes/js/comment-reply.min.js
IP
162.241.216.62:0
ASN
#26337 OIS1

File type
ASCII text, with very long lines (2946)
Size
1.5 kB (1477 bytes)
Hash
92712acce6ce836d0a929b1800b4f9d6
8157d1380bb1d6dadfd85565dd464bb5b0ed06bd
2f82d181a2cadadf7d898d7f5ea2eb527106fb6413044b55fbfa4fb0081a2e09

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/comment-reply.min.js HTTP/1.1
Host: dealstoheal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dealstoheal.com/chickeninvaders6fullversiontpb-best/
Cookie: PHPSESSID=9b4be5d46500afc8553d4d4e4bf91731
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 24 May 2022 21:32:50 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Mon, 03 Oct 2022 02:00:29 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 1477
content-type: application/javascript
date: Sun, 02 Oct 2022 20:00:29 GMT
server: Apache
X-Firefox-Spdy: h2

dealstoheal.com/wp-includes/js/jquery/ui/autocomplete.min.js

162.241.216.62

200 OK

3.4 kB

URL HTTP/2
dealstoheal.com/wp-includes/js/jquery/ui/autocomplete.min.js
IP
162.241.216.62:0
ASN
#26337 OIS1

File type
ASCII text, with very long lines (8339)
Size
3.4 kB (3432 bytes)
Hash
11f4c6b39049f5f99fffa84fbe7db4f9
37e5526e34d4e465f4b646e94e6cd4846664f974
2cf8e5a67fbc058c9abe066e1d432ed720a02a0ed09ee255600c1a520a1b964e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/ui/autocomplete.min.js HTTP/1.1
Host: dealstoheal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dealstoheal.com/chickeninvaders6fullversiontpb-best/
Cookie: PHPSESSID=9b4be5d46500afc8553d4d4e4bf91731
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 24 May 2022 21:32:50 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Mon, 03 Oct 2022 02:00:29 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 3432
content-type: application/javascript
date: Sun, 02 Oct 2022 20:00:29 GMT
server: Apache
X-Firefox-Spdy: h2

dealstoheal.com/wp-includes/js/dist/a11y.min.js

162.241.216.62

200 OK

999 B

URL HTTP/2
dealstoheal.com/wp-includes/js/dist/a11y.min.js
IP
162.241.216.62:0
ASN
#26337 OIS1

File type
Unicode text, UTF-8 text, with very long lines (2472)
Size
999 B (999 bytes)
Hash
05e2ccec781ae289719bb26320d5cc40
60f3adc6dccea4df940d0f1579b83b06e715d0ed
1242f50bffe2d7745a712e1702f3f26a58d955fc110abf58599730fb6380a91c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/dist/a11y.min.js HTTP/1.1
Host: dealstoheal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dealstoheal.com/chickeninvaders6fullversiontpb-best/
Cookie: PHPSESSID=9b4be5d46500afc8553d4d4e4bf91731
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 24 May 2022 21:32:49 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Mon, 03 Oct 2022 02:00:29 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 999
content-type: application/javascript
date: Sun, 02 Oct 2022 20:00:29 GMT
server: Apache
X-Firefox-Spdy: h2

dealstoheal.com/wp-content/plugins/Tevolution/tmplconnector/monetize/templatic-generalization/js/basic.js

162.241.216.62

200 OK

5.0 kB

URL HTTP/2
dealstoheal.com/wp-content/plugins/Tevolution/tmplconnector/monetize/templatic-generalization/js/basic.js
IP
162.241.216.62:0
ASN
#26337 OIS1

File type
ASCII text, with very long lines (10078), with CRLF line terminators
Size
5.0 kB (5046 bytes)
Hash
4485508fb930f9b3fd57e4b8120fa005
2e9574339fed7456efa2fe52818727171595bb7b
b2012fecdc92c873a907df4b748d83f02d81e3f3c8c71929a7625b396b62c4db

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/Tevolution/tmplconnector/monetize/templatic-generalization/js/basic.js HTTP/1.1
Host: dealstoheal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dealstoheal.com/chickeninvaders6fullversiontpb-best/
Cookie: PHPSESSID=9b4be5d46500afc8553d4d4e4bf91731
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 29 Mar 2020 21:18:46 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Mon, 03 Oct 2022 02:00:29 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 5046
content-type: application/javascript
date: Sun, 02 Oct 2022 20:00:29 GMT
server: Apache
X-Firefox-Spdy: h2

dealstoheal.com/wp-includes/js/jquery/ui/tabs.min.js

162.241.216.62

200 OK

4.8 kB

URL HTTP/2
dealstoheal.com/wp-includes/js/jquery/ui/tabs.min.js
IP
162.241.216.62:0
ASN
#26337 OIS1

File type
ASCII text, with very long lines (11760)
Size
4.8 kB (4756 bytes)
Hash
4af14b203f9813b040aea697cea02b02
681533e342bf32a0da3331c5806bb58dff5cdcf4
13e8ccf22646def4ed18be46dcb2dcef91900d52d26afb651c9c66dcb74ca649

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/ui/tabs.min.js HTTP/1.1
Host: dealstoheal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dealstoheal.com/chickeninvaders6fullversiontpb-best/
Cookie: PHPSESSID=9b4be5d46500afc8553d4d4e4bf91731
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 24 May 2022 21:32:50 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Mon, 03 Oct 2022 02:00:29 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 4756
content-type: application/javascript
date: Sun, 02 Oct 2022 20:00:29 GMT
server: Apache
X-Firefox-Spdy: h2

dealstoheal.com/wp-includes/js/dist/i18n.min.js

162.241.216.62

200 OK

4.2 kB

URL HTTP/2
dealstoheal.com/wp-includes/js/dist/i18n.min.js
IP
162.241.216.62:0
ASN
#26337 OIS1

File type
data
Size
4.2 kB (4234 bytes)
Hash
a72df5f7a597c541e18a33abef3c11f5
9500913a0a3fca9979a0aed9cb745926d9f86f83
258da631753c1d8d88fb1316024b671fa4a9ac87c9d6c4f38a45bc2c3bf9f3fc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/dist/i18n.min.js HTTP/1.1
Host: dealstoheal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dealstoheal.com/chickeninvaders6fullversiontpb-best/
Cookie: PHPSESSID=9b4be5d46500afc8553d4d4e4bf91731
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 24 May 2022 21:32:50 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Mon, 03 Oct 2022 02:00:29 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 4234
content-type: application/javascript
date: Sun, 02 Oct 2022 20:00:29 GMT
server: Apache
X-Firefox-Spdy: h2

dealstoheal.com/wp-includes/js/wp-emoji-release.min.js

162.241.216.62

200 OK

5.3 kB

URL HTTP/2
dealstoheal.com/wp-includes/js/wp-emoji-release.min.js
IP
162.241.216.62:0
ASN
#26337 OIS1

File type
ASCII text, with very long lines (15660)
Size
5.3 kB (5321 bytes)
Hash
710f8b142ea44c0682dc2c30f318f065
49144e9b3a76d3d383b1d4359cf7a25e947f4233
708bb5819879a2a2c7670abc20a58cca68a415ffd621011cbc4c3c9d82dddc50

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js HTTP/1.1
Host: dealstoheal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dealstoheal.com/chickeninvaders6fullversiontpb-best/
Cookie: PHPSESSID=9b4be5d46500afc8553d4d4e4bf91731
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 24 May 2022 21:32:50 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Mon, 03 Oct 2022 02:00:29 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 5321
content-type: application/javascript
date: Sun, 02 Oct 2022 20:00:29 GMT
server: Apache
X-Firefox-Spdy: h2

dealstoheal.com/wp-content/plugins/Tevolution/js/jquery.uploadfile.js

162.241.216.62

200 OK

6.2 kB

URL HTTP/2
dealstoheal.com/wp-content/plugins/Tevolution/js/jquery.uploadfile.js
IP
162.241.216.62:0
ASN
#26337 OIS1

File type
ASCII text, with CRLF line terminators
Size
6.2 kB (6240 bytes)
Hash
1c71dd036364d255ca76d3bbd68bffc0
5c984555e358ba0b952b3ff2716c40c1af166bff
3f258756e92208c83896209c233c2030b58405809f56ad2ab8152b4b80c9f54d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/Tevolution/js/jquery.uploadfile.js HTTP/1.1
Host: dealstoheal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dealstoheal.com/chickeninvaders6fullversiontpb-best/
Cookie: PHPSESSID=9b4be5d46500afc8553d4d4e4bf91731
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 29 Mar 2020 21:18:39 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Mon, 03 Oct 2022 02:00:29 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 6240
content-type: application/javascript
date: Sun, 02 Oct 2022 20:00:29 GMT
server: Apache
X-Firefox-Spdy: h2

dealstoheal.com/wp-includes/js/dist/vendor/wp-polyfill.min.js

162.241.216.62

200 OK

8.3 kB

URL HTTP/2
dealstoheal.com/wp-includes/js/dist/vendor/wp-polyfill.min.js
IP
162.241.216.62:0
ASN
#26337 OIS1

File type
Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Size
8.3 kB (8254 bytes)
Hash
e49f0561a452c9d04fb7d1510a23cc8c
9e8fc2e3129da4fe2790eee565a6478b864bea83
ab4f9f418b022ab34d617ee2f95d70afff005ed4d4d92e313ce84a56b40bce75

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/dist/vendor/wp-polyfill.min.js HTTP/1.1
Host: dealstoheal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dealstoheal.com/chickeninvaders6fullversiontpb-best/
Cookie: PHPSESSID=9b4be5d46500afc8553d4d4e4bf91731
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 24 May 2022 21:32:50 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Mon, 03 Oct 2022 02:00:29 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 8254
content-type: application/javascript
date: Sun, 02 Oct 2022 20:00:29 GMT
server: Apache
X-Firefox-Spdy: h2

dealstoheal.com/wp-content/plugins/Tevolution/js/tevolution-script.min.js

162.241.216.62

200 OK

14 kB

URL HTTP/2
dealstoheal.com/wp-content/plugins/Tevolution/js/tevolution-script.min.js
IP
162.241.216.62:0
ASN
#26337 OIS1

File type
ASCII text, with very long lines (37262), with no line terminators
Size
14 kB (14086 bytes)
Hash
989976348aa3028e72ae1a06866016c4
4b2b1f929d421506078ec440fe95a657469f9163
dba0f1d084f50741233bf6e0b4abd95bdaa6cb3ad9d05dc8c3700fac4687bca4

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/Tevolution/js/tevolution-script.min.js HTTP/1.1
Host: dealstoheal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dealstoheal.com/chickeninvaders6fullversiontpb-best/
Cookie: PHPSESSID=9b4be5d46500afc8553d4d4e4bf91731
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 29 Mar 2020 21:18:39 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Mon, 03 Oct 2022 02:00:29 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 14086
content-type: application/javascript
date: Sun, 02 Oct 2022 20:00:29 GMT
server: Apache
X-Firefox-Spdy: h2

box5382.temp.domains/~mdtaasco/dealstoheal/wp-content/plugins/Tevolution-LocationManager/images/flags/us.png

162.241.216.62

200 OK

502 B

URL HTTP/1.1
box5382.temp.domains/~mdtaasco/dealstoheal/wp-content/plugins/Tevolution-LocationManager/images/flags/us.png
IP
162.241.216.62:0
ASN
#26337 OIS1

File type
PNG image data, 18 x 12, 8-bit/color RGB, non-interlaced\012- data
Size
502 B (502 bytes)
Hash
ab347ae5be9857bf2cd91fc8203ff20c
136ee4ffb05ee0c980c4beae0bc45abe8c103a2f
84554ad84b590aa4d161301d4abb95d5d3b7013f38bbb0c02ba0d506ce3c548e

HTTP Headers

GET /~mdtaasco/dealstoheal/wp-content/plugins/Tevolution-LocationManager/images/flags/us.png HTTP/1.1
Host: box5382.temp.domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 20:00:29 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sun, 29 Mar 2020 21:18:50 GMT
Accept-Ranges: bytes
Content-Length: 502
Cache-Control: max-age=31536000
Expires: Mon, 02 Oct 2023 20:00:29 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 0
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=75
Content-Type: image/png

malsup.github.io/jquery.form.js?_=1664740829421

185.199.110.153

200 OK

12 kB

URL HTTP/2
malsup.github.io/jquery.form.js?_=1664740829421
IP
185.199.110.153:0
ASN
#54113 FASTLY

File type
ASCII text
Size
12 kB (12365 bytes)
Hash
66e988165ab37a3b60f0928f40bd67da
8eaadb4a1f891ab5c6249c474340ca8024abc300
ba3122f330907b024e53d381793013aae1a98fe82bf758610450eae958c52995

HTTP Headers

GET /jquery.form.js?_=1664740829421 HTTP/1.1
Host: malsup.github.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dealstoheal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sun, 03 May 2015 16:16:14 GMT
access-control-allow-origin: *
etag: W/"554649ce-ab74"
expires: Wed, 14 Sep 2022 00:28:48 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: HIT
x-github-request-id: 0800:081B:922228:C1F370:63211F17
accept-ranges: bytes
date: Sun, 02 Oct 2022 20:00:29 GMT
via: 1.1 varnish
age: 480
x-served-by: cache-bma1640-BMA
x-cache: HIT
x-cache-hits: 14
x-timer: S1664740830.860908,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: a6833aad0710d91f025df5ffd17b1f1f87bda937
content-length: 12365
X-Firefox-Spdy: h2

box5382.temp.domains/~mdtaasco/dealstoheal/wp-content/uploads/2020/03/deals-to-heal-logo-e1585556941569.png

162.241.216.62

200 OK

20 kB

URL HTTP/1.1
box5382.temp.domains/~mdtaasco/dealstoheal/wp-content/uploads/2020/03/deals-to-heal-logo-e1585556941569.png
IP
162.241.216.62:0
ASN
#26337 OIS1

File type
PNG image data, 895 x 222, 8-bit/color RGBA, non-interlaced\012- data
Size
20 kB (19616 bytes)
Hash
bca928cfbc25e7e27b978c9aa1dde97c
c564a733300b6f03d136d6394ef6a0d6f1633dec
31e03eba7169d3bfea4588781efb25c43c5803fec6d72c2c3ecfeb8a2ef10a31

HTTP Headers

GET /~mdtaasco/dealstoheal/wp-content/uploads/2020/03/deals-to-heal-logo-e1585556941569.png HTTP/1.1
Host: box5382.temp.domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 20:00:29 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 30 Mar 2020 08:29:01 GMT
Accept-Ranges: bytes
Content-Length: 19616
Cache-Control: max-age=31536000
Expires: Mon, 02 Oct 2023 20:00:29 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 0
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=75
Content-Type: image/png

platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fdealstoheal.com

192.229.233.25

200 OK

105 kB

URL HTTP/1.1
platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fdealstoheal.com
IP
192.229.233.25:0
ASN
#15133 EDGECAST

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (56168)
Size
105 kB (105445 bytes)
Hash
800140747b9eaa618eb76779a72b8653
9b01fddea24a63b76d645398229523baae849fae
b4bc244dee0f2df26990afae0ccd9297f203e9757bc0a18445793ef4bb678dd2

HTTP Headers

GET /widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fdealstoheal.com HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dealstoheal.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 251750
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 02 Oct 2022 20:00:30 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 28 Sep 2022 20:04:27 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F704)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105445

dealstoheal.com/wp-content/themes/Directory/js/_supreme.min.js

162.241.216.62

200 OK

26 kB

URL HTTP/2
dealstoheal.com/wp-content/themes/Directory/js/_supreme.min.js
IP
162.241.216.62:0
ASN
#26337 OIS1

File type
data
Size
26 kB (26472 bytes)
Hash
712c5fcf0c2c22756865d28a72884bc1
f7a6e63ad4c703546411e1047059fe3843e70616
c92eeff3364af99e75a4a93a3329cfc76ecac70d9d79bf17bfbfdf28907a24e7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/Directory/js/_supreme.min.js HTTP/1.1
Host: dealstoheal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dealstoheal.com/chickeninvaders6fullversiontpb-best/
Cookie: PHPSESSID=9b4be5d46500afc8553d4d4e4bf91731
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 28 Mar 2020 18:17:44 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Mon, 03 Oct 2022 02:00:29 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: application/javascript
date: Sun, 02 Oct 2022 20:00:29 GMT
server: Apache
X-Firefox-Spdy: h2

platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fdealstoheal.com&wmode=transparent

192.229.233.25

200 OK

105 kB

URL HTTP/1.1
platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fdealstoheal.com&wmode=transparent
IP
192.229.233.25:0
ASN
#15133 EDGECAST

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (56168)
Size
105 kB (105445 bytes)
Hash
800140747b9eaa618eb76779a72b8653
9b01fddea24a63b76d645398229523baae849fae
b4bc244dee0f2df26990afae0ccd9297f203e9757bc0a18445793ef4bb678dd2

HTTP Headers

GET /widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fdealstoheal.com&wmode=transparent HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dealstoheal.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 250207
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 02 Oct 2022 20:00:30 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 28 Sep 2022 20:04:27 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F6FD)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105445

dealstoheal.com/wp-content/themes/Directory/images/dot.png

162.241.216.62

200 OK

95 B

URL HTTP/2
dealstoheal.com/wp-content/themes/Directory/images/dot.png
IP
162.241.216.62:0
ASN
#26337 OIS1

File type
PNG image data, 4 x 4, 8-bit colormap, non-interlaced\012- data
Size
95 B (95 bytes)
Hash
f1641b572908d7cd99694ef5d02d63fa
39061fb253690a0142ddcbde730239009ad3d97e
2e1f5d762c12173a3121e44e4b3a6d4636d48204bd5bdd66e51f8fc530618a0f

HTTP Headers

GET /wp-content/themes/Directory/images/dot.png HTTP/1.1
Host: dealstoheal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dealstoheal.com/wp-content/themes/Directory/css/style.css
Cookie: PHPSESSID=9b4be5d46500afc8553d4d4e4bf91731
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 28 Mar 2020 18:17:44 GMT
accept-ranges: bytes
content-length: 95
cache-control: max-age=31536000
expires: Mon, 02 Oct 2023 20:00:30 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: image/png
date: Sun, 02 Oct 2022 20:00:30 GMT
server: Apache
X-Firefox-Spdy: h2

syndication.twitter.com/settings?session_id=047b33e64dbcb0066fde6b7581aaad2145d4df44

104.244.42.72

200 OK

323 B

URL HTTP/2
syndication.twitter.com/settings?session_id=047b33e64dbcb0066fde6b7581aaad2145d4df44
IP
104.244.42.72:0
ASN
#13414 TWITTER

File type
JSON data\012- , ASCII text, with very long lines (770), with no line terminators
Size
323 B (323 bytes)
Hash
136d5ac4ceb5e1973a889a7c7c44133c
b260cbd1eda60550f4b6d63d6ab7222a30101eaf
05a670a0c765e49d5e0d39031bdf7754493f0644e68cdf1c8ed5db2d0fc1730d

HTTP Headers

GET /settings?session_id=047b33e64dbcb0066fde6b7581aaad2145d4df44 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://platform.twitter.com/
Origin: https://platform.twitter.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:00:29 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: application/json; charset=utf-8
cache-control: must-revalidate, max-age=600
last-modified: Sun, 02 Oct 2022 20:00:30 GMT
content-length: 323
content-encoding: gzip
x-transaction-id: aba760188c1bbc96
strict-transport-security: max-age=631138519
access-control-allow-origin: https://platform.twitter.com
access-control-allow-credentials: true
x-response-time: 107
x-connection-hash: 91cd8868503ee45c2afdb0fc91d5219cb10248dfbe7609051274d1ee9aba582f
X-Firefox-Spdy: h2

dealstoheal.com/wp-content/plugins/Tevolution//tmplconnector/sharrre.php?url=https%3A%2F%2Fdealstoheal.com%2Fchickeninvaders6fullversiontpb-best%2F&type=googlePlus

162.241.216.62

200 OK

40 B

URL HTTP/2
dealstoheal.com/wp-content/plugins/Tevolution//tmplconnector/sharrre.php?url=https%3A%2F%2Fdealstoheal.com%2Fchickeninvaders6fullversiontpb-best%2F&type=googlePlus
IP
162.241.216.62:0
ASN
#26337 OIS1

File type
JSON data\012- , ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
a37ac038ed3ca967ba0698cbd9e90b15
36ef54b7e4fb9b66ed423c050471646b26c6d3bc
c795a5a00fe78d23e8f69b667447b7bebdbe5a0eb5d69743d709613f30b6e0fe

HTTP Headers

GET /wp-content/plugins/Tevolution//tmplconnector/sharrre.php?url=https%3A%2F%2Fdealstoheal.com%2Fchickeninvaders6fullversiontpb-best%2F&type=googlePlus HTTP/1.1
Host: dealstoheal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://dealstoheal.com/chickeninvaders6fullversiontpb-best/
Cookie: PHPSESSID=9b4be5d46500afc8553d4d4e4bf91731
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 40
content-type: application/json
date: Sun, 02 Oct 2022 20:00:30 GMT
server: Apache
X-Firefox-Spdy: h2

dealstoheal.com/wp-content/plugins/Tevolution//tmplconnector/sharrre.php?url=https%3A%2F%2Fdealstoheal.com%2Fchickeninvaders6fullversiontpb-best%2F&type=pinterest

162.241.216.62

200 OK

40 B

URL HTTP/2
dealstoheal.com/wp-content/plugins/Tevolution//tmplconnector/sharrre.php?url=https%3A%2F%2Fdealstoheal.com%2Fchickeninvaders6fullversiontpb-best%2F&type=pinterest
IP
162.241.216.62:0
ASN
#26337 OIS1

File type
JSON data\012- , ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
a37ac038ed3ca967ba0698cbd9e90b15
36ef54b7e4fb9b66ed423c050471646b26c6d3bc
c795a5a00fe78d23e8f69b667447b7bebdbe5a0eb5d69743d709613f30b6e0fe

HTTP Headers

GET /wp-content/plugins/Tevolution//tmplconnector/sharrre.php?url=https%3A%2F%2Fdealstoheal.com%2Fchickeninvaders6fullversiontpb-best%2F&type=pinterest HTTP/1.1
Host: dealstoheal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://dealstoheal.com/chickeninvaders6fullversiontpb-best/
Cookie: PHPSESSID=9b4be5d46500afc8553d4d4e4bf91731
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 40
content-type: application/json
date: Sun, 02 Oct 2022 20:00:30 GMT
server: Apache
X-Firefox-Spdy: h2

dealstoheal.com/wp-content/plugins/Tevolution/tmplconnector/sharrre.php?url=https%3A%2F%2Fdealstoheal.com%2Fchickeninvaders6fullversiontpb-best%2F&type=facebook

162.241.216.62

200 OK

40 B

URL HTTP/2
dealstoheal.com/wp-content/plugins/Tevolution/tmplconnector/sharrre.php?url=https%3A%2F%2Fdealstoheal.com%2Fchickeninvaders6fullversiontpb-best%2F&type=facebook
IP
162.241.216.62:0
ASN
#26337 OIS1

File type
JSON data\012- , ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
a37ac038ed3ca967ba0698cbd9e90b15
36ef54b7e4fb9b66ed423c050471646b26c6d3bc
c795a5a00fe78d23e8f69b667447b7bebdbe5a0eb5d69743d709613f30b6e0fe

HTTP Headers

GET /wp-content/plugins/Tevolution/tmplconnector/sharrre.php?url=https%3A%2F%2Fdealstoheal.com%2Fchickeninvaders6fullversiontpb-best%2F&type=facebook HTTP/1.1
Host: dealstoheal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://dealstoheal.com/chickeninvaders6fullversiontpb-best/
Cookie: PHPSESSID=9b4be5d46500afc8553d4d4e4bf91731
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 40
content-type: application/json
date: Sun, 02 Oct 2022 20:00:30 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
72e8c21988f5ecd736fde162321f0984
4bb9f82a2f6114b344600d920f91f1cc9260bc42
326533b2b3a8b24f0b21dbe9b94e5d9086f862ad74a1d01942fb829dff0352f3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3758
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 20:00:31 GMT
Last-Modified: Sun, 02 Oct 2022 18:57:53 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (19826 bytes)
Hash
cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dealstoheal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Sun, 02 Oct 2022 18:41:09 GMT
expires: Sun, 02 Oct 2022 20:41:09 GMT
cache-control: public, max-age=7200
age: 4762
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google-analytics.com/j/collect?v=1&_v=j97&a=879636684&t=pageview&_s=1&dl=https%3A%2F%2Fdealstoheal.com%2Fchickeninvaders6fullversiontpb-best%2F&ul=en-us&de=UTF-8&dt=Chickeninvaders6fullversiontpb%20%5BBEST%5D%20%F0%9F%94%8D&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAAC~&jid=889137647&gjid=1700374995&cid=1747654960.1664740831&tid=UA-81539906-11&_gid=1786664419.1664740831&_r=1&gtm=2ou9s0&z=1446867219

142.250.74.174

200 OK

1 B

URL HTTP/2
www.google-analytics.com/j/collect?v=1&_v=j97&a=879636684&t=pageview&_s=1&dl=https%3A%2F%2Fdealstoheal.com%2Fchickeninvaders6fullversiontpb-best%2F&ul=en-us&de=UTF-8&dt=Chickeninvaders6fullversiontpb%20%5BBEST%5D%20%F0%9F%94%8D&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAAC~&jid=889137647&gjid=1700374995&cid=1747654960.1664740831&tid=UA-81539906-11&_gid=1786664419.1664740831&_r=1&gtm=2ou9s0&z=1446867219
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

POST /j/collect?v=1&_v=j97&a=879636684&t=pageview&_s=1&dl=https%3A%2F%2Fdealstoheal.com%2Fchickeninvaders6fullversiontpb-best%2F&ul=en-us&de=UTF-8&dt=Chickeninvaders6fullversiontpb%20%5BBEST%5D%20%F0%9F%94%8D&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAAC~&jid=889137647&gjid=1700374995&cid=1747654960.1664740831&tid=UA-81539906-11&_gid=1786664419.1664740831&_r=1&gtm=2ou9s0&z=1446867219 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://dealstoheal.com
Connection: keep-alive
Referer: https://dealstoheal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://dealstoheal.com
date: Sun, 02 Oct 2022 20:00:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

graph.facebook.com/fql?q=SELECT%20url,%20normalized_url,%20share_count,%20like_count,%20comment_count,%20total_count,commentsbox_count,%20comments_fbid,%20click_count%20FROM%20link_stat%20WHERE%20url=%27https%3A%2F%2Fdealstoheal.com%2Fchickeninvaders6fullversiontpb-best%2F%27&callback=jQuery36008449868180760105_1664740829422&_=1664740829423

31.13.72.8

200 OK

302 B

URL HTTP/2
graph.facebook.com/fql?q=SELECT%20url,%20normalized_url,%20share_count,%20like_count,%20comment_count,%20total_count,commentsbox_count,%20comments_fbid,%20click_count%20FROM%20link_stat%20WHERE%20url=%27https%3A%2F%2Fdealstoheal.com%2Fchickeninvaders6fullversiontpb-best%2F%27&callback=jQuery36008449868180760105_1664740829422&_=1664740829423
IP
31.13.72.8:0
ASN
#32934 FACEBOOK

File type
ASCII text
Size
302 B (302 bytes)
Hash
cb3759f15cef359e6354c77a4c2e166c
15b852cd0ea007df89591942ba12d9297704f3be
c76394cba80921c8ecd999818555e6082198bd31c2061c56cb27c3859c57b4f1

HTTP Headers

GET /fql?q=SELECT%20url,%20normalized_url,%20share_count,%20like_count,%20comment_count,%20total_count,commentsbox_count,%20comments_fbid,%20click_count%20FROM%20link_stat%20WHERE%20url=%27https%3A%2F%2Fdealstoheal.com%2Fchickeninvaders6fullversiontpb-best%2F%27&callback=jQuery36008449868180760105_1664740829422&_=1664740829423 HTTP/1.1
Host: graph.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dealstoheal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: br
vary: Origin, Accept-Encoding
access-control-allow-origin: *
x-fb-rlafr: 0
content-type: text/javascript; charset=UTF-8
www-authenticate: OAuth "Facebook Platform" "invalid_request" "Unsupported get request. Object with ID 'fql' does not exist, cannot be loaded due to missing permissions, or does not support this operation. Please read the Graph API documentation at https://developers.facebook.com/docs/graph-api"
facebook-api-version: v8.0
strict-transport-security: max-age=15552000; preload
pragma: no-cache
cache-control: no-store
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-fb-request-id: A7J_xc6mf7SOBq_zoOVYXjM
x-fb-trace-id: B93dbAXm8pP
x-fb-rev: 1006309799
x-fb-debug: k1g43BH/4a6/lnh27uKdRq5NdN7DAHief3QteJZosMKGhJRU7fMbQtOoiJe0F1ju02+k1jIJGV3tH4SF/Xts1g==
content-length: 302
date: Sun, 02 Oct 2022 20:00:31 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
72e8c21988f5ecd736fde162321f0984
4bb9f82a2f6114b344600d920f91f1cc9260bc42
326533b2b3a8b24f0b21dbe9b94e5d9086f862ad74a1d01942fb829dff0352f3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3758
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 20:00:31 GMT
Last-Modified: Sun, 02 Oct 2022 18:57:53 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

mc.us19.list-manage.com/subscribe/form-settings?u=45a2b57211ba1ffd209677bb5&id=82488b7d6c&u=45a2b57211ba1ffd209677bb5&id=82488b7d6c&c=dojo_request_script_callbacks.dojo_request_script0

104.110.24.122

404 Not Found

2.2 kB

URL HTTP/2
mc.us19.list-manage.com/subscribe/form-settings?u=45a2b57211ba1ffd209677bb5&id=82488b7d6c&u=45a2b57211ba1ffd209677bb5&id=82488b7d6c&c=dojo_request_script_callbacks.dojo_request_script0
IP
104.110.24.122:0
ASN
#16625 AKAMAI-AS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size
2.2 kB (2214 bytes)
Hash
02b32db03b0b9e594a2faa3763500f2c
06b9454c837de3843acee7db20b9485d730ddfbd
9f9c60822290179292803f0411cb67bb0d1f6c4a4eba4a709d140749b71d09b0

HTTP Headers

GET /subscribe/form-settings?u=45a2b57211ba1ffd209677bb5&id=82488b7d6c&u=45a2b57211ba1ffd209677bb5&id=82488b7d6c&c=dojo_request_script_callbacks.dojo_request_script0 HTTP/1.1
Host: mc.us19.list-manage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dealstoheal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
server: openresty
content-type: text/html; charset=UTF-8
content-length: 2214
x-ua-compatible: IE=edge,chrome=1
status: 404 Not Found
content-encoding: gzip
x-edgeconnect-midmile-rtt: 22
x-edgeconnect-origin-mex-latency: 122
cache-control: max-age=295
expires: Sun, 02 Oct 2022 20:05:26 GMT
date: Sun, 02 Oct 2022 20:00:31 GMT
vary: Accept-Encoding
set-cookie: _mcid=1.3ce6629b08be3ab098d365a6664d7728.0054c8832a47095f659a22a179cde13f4a52e8eb29ea86ece54d0eeafe11ce49; expires=Mon, 02-Oct-2023 20:00:31 GMT; Max-Age=31536000; path=/
_mc_anon_id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
_abck=D5464BF1D4B4E9A7B94194F0F879BD1B~-1~YAAQrU0kF9rDPVeDAQAA1jFJmggfsy1tcpn63NN8/Vp7ps1qwKiLpfADWSGGuAgUUKYEHbT9kkSFOdvAcqfGjWqmVCdCS4kueYMxgIHg4NGiSy4cuQtlYT0qxoPyW6pwGb0eoIR/kaTJrAYUH58mVO7E35oNbuf7wCBTvC1Sh0jPmgJO4DdWlR+MbLu5LwSoGckeQHYiRVvlqGO6fUR7MXJDejEoFOMiSrTKjuop9nZQUy158QkTR2Eg0O8lHF9B/IfYUZ2+YZFx35e6PhuorCfBO/8ndz61njKt87wRhXfcvAPFw5G2u2NWyq/ge8rO7HIUOZUq/N4Jb37AZHOJN7X9l5ndMv/iaTJwLGxw3soFjhCzDugbO6hMfUSPja7T5A==~-1~-1~-1; Domain=.list-manage.com; Path=/; Expires=Mon, 02 Oct 2023 20:00:31 GMT; Max-Age=31536000; SameSite=None; Secure
ak_bmsc=995778BCD8BF4754E658A4F32D68E130~000000000000000000000000000000~YAAQrU0kF9vDPVeDAQAA1jFJmhEOuprV9nPm/gVmnHuDo2b/wqSL2qJjmmVhhXBfyhW9gmJnBtBdEoC63jmWWSMqSQxW4bcvJ6U1rUypHkeP8LBUCUo8bWpUiBFV0Y5T2gzieLtf7p9w331PrmFdthD+1Y5ZuibtvX0yZBGC8to0zh3wJx5uH5b/8sOtrT+mwzYCeMal45WuBLp7A+Zg8eyyfhIn5V/oda60plHgJVxnPJtRZvvhRdQcnm1qZTENNV1t9QhmBTex8R3DsqjFshgNMwIeieLGVtk9j2gxbQFvSiI2LZQEGDfSGqbsR+h5XlX04N/bE0NUxpn+xNW3FlDg+l1izurqQMHL41ngcCWFyqHZcmrYo9DniDhR2hmG/Z5BjfzgTC3j9HwCJIeMRY/tJQ==; Domain=.us19.list-manage.com; Path=/; Expires=Sun, 02 Oct 2022 22:00:31 GMT; Max-Age=7200; SameSite=None; Secure; HttpOnly
bm_sz=FAD1D667E7176491FC0736C0B2B05B70~YAAQrU0kF9zDPVeDAQAA1jFJmhFeSbia9FbpFiLF81CkMbR+/LMlMtqCyaxP/4QH78QoRL7GJM+F5brPy3q5/Pqa5qEjSox3mYqrx3Z+wHBhRiBAYMP9I8AcKY5hLSDwMqPnWKyw3rvR8PVd4KEhzgBQ3uBE6HwIFOk1MxzQXyfnDxktjKUZO8ARsrXsb9UrLoazKmzUMjGK3dOlKq+WB5zyiJKG/fXety5/GQsii6KiIbRoRrM8DMXEn/fH3XD9IqsYc6nISO25T71D7D8CgYu+A9V0RIex4XjlsqbdlNQSriNmi+zrnA==~4404547~3753012; Domain=.list-manage.com; Path=/; Expires=Mon, 03 Oct 2022 00:00:31 GMT; Max-Age=14400; SameSite=None; Secure
X-Firefox-Spdy: h2

dealstoheal.com/wp-content/uploads/2020/03/cropped-deals-favicon-scaled-1-32x32.jpg

162.241.216.62

200 OK

1.2 kB

URL HTTP/2
dealstoheal.com/wp-content/uploads/2020/03/cropped-deals-favicon-scaled-1-32x32.jpg
IP
162.241.216.62:0
ASN
#26337 OIS1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 32x32, components 3\012- data
Size
1.2 kB (1164 bytes)
Hash
e3a3b9d543e13bf02a473df1e8b3a405
5cfb5b1b963dcddb3389779f4d695a6d0bc634c5
c15f5021d22b41aafb7ffbfef3ab4cb57f1b915c8aafc4ed2d7ede970f2d9635

HTTP Headers

GET /wp-content/uploads/2020/03/cropped-deals-favicon-scaled-1-32x32.jpg HTTP/1.1
Host: dealstoheal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dealstoheal.com/chickeninvaders6fullversiontpb-best/
Cookie: PHPSESSID=9b4be5d46500afc8553d4d4e4bf91731
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 30 Mar 2020 00:17:17 GMT
accept-ranges: bytes
content-length: 1164
cache-control: max-age=31536000
expires: Mon, 02 Oct 2023 20:00:31 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: image/jpeg
date: Sun, 02 Oct 2022 20:00:31 GMT
server: Apache
X-Firefox-Spdy: h2

dealstoheal.com/wp-content/uploads/2020/03/cropped-deals-favicon-scaled-1-192x192.jpg

162.241.216.62

200 OK

6.6 kB

URL HTTP/2
dealstoheal.com/wp-content/uploads/2020/03/cropped-deals-favicon-scaled-1-192x192.jpg
IP
162.241.216.62:0
ASN
#26337 OIS1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 192x192, components 3\012- data
Size
6.6 kB (6648 bytes)
Hash
fc4152a29c77f133cd06e12e540d01cc
5b5f17aaf115deebc31022608eb826b52fee1359
8de869e78e9b9e4d88a1b75fad73fb056f47fe42be0417c3db1f5e80ca320e1b

HTTP Headers

GET /wp-content/uploads/2020/03/cropped-deals-favicon-scaled-1-192x192.jpg HTTP/1.1
Host: dealstoheal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dealstoheal.com/chickeninvaders6fullversiontpb-best/
Cookie: PHPSESSID=9b4be5d46500afc8553d4d4e4bf91731
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 30 Mar 2020 00:17:17 GMT
accept-ranges: bytes
content-length: 6648
cache-control: max-age=31536000
expires: Mon, 02 Oct 2023 20:00:31 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: image/jpeg
date: Sun, 02 Oct 2022 20:00:31 GMT
server: Apache
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fcf832b-84d6-4938-a540-280bf3205df1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.0 kB (9012 bytes)
Hash
b11c8ecfed53e302ab48fa5f757513a4
b3cb36455b3cb0a160c705958add6c422a0a48a2
fb66239038dddd134d3c5c7a656c91c57737bc784fabefe15a5ef2981e68e2b0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fcf832b-84d6-4938-a540-280bf3205df1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 9012
x-amzn-requestid: 4ea2bfb1-fc99-4777-aa98-0605d4a704ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDpmEBlIAMFj2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b30a-039358f5691f895941f485fd;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -zAvZvugUNsIscx7YT34xPY-AiaxduJGMkM23GqxSvfl0EmqWOmysA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:52:38 GMT
age: 79677
etag: "b3cb36455b3cb0a160c705958add6c422a0a48a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

dealstoheal.com/wp-includes/js/jquery/jquery.min.js

162.241.216.62

200 OK

0 B

URL HTTP/2
dealstoheal.com/wp-includes/js/jquery/jquery.min.js
IP
162.241.216.62:0
ASN
#26337 OIS1

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: dealstoheal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dealstoheal.com/chickeninvaders6fullversiontpb-best/
Cookie: PHPSESSID=9b4be5d46500afc8553d4d4e4bf91731
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 20 Jul 2021 22:05:12 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Mon, 03 Oct 2022 02:00:29 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: application/javascript
date: Sun, 02 Oct 2022 20:00:29 GMT
server: Apache
X-Firefox-Spdy: h2

dealstoheal.com/wp-content/plugins/Tevolution/js/foundation.min.js

162.241.216.62

200 OK

0 B

URL HTTP/2
dealstoheal.com/wp-content/plugins/Tevolution/js/foundation.min.js
IP
162.241.216.62:0
ASN
#26337 OIS1

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/Tevolution/js/foundation.min.js HTTP/1.1
Host: dealstoheal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dealstoheal.com/chickeninvaders6fullversiontpb-best/
Cookie: PHPSESSID=9b4be5d46500afc8553d4d4e4bf91731
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 29 Mar 2020 21:18:39 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Mon, 03 Oct 2022 02:00:29 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: application/javascript
date: Sun, 02 Oct 2022 20:00:29 GMT
server: Apache
X-Firefox-Spdy: h2

dealstoheal.com/wp-content/plugins/Tevolution/js/markermanager.js

162.241.216.62

200 OK

0 B

URL HTTP/2
dealstoheal.com/wp-content/plugins/Tevolution/js/markermanager.js
IP
162.241.216.62:0
ASN
#26337 OIS1

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/Tevolution/js/markermanager.js HTTP/1.1
Host: dealstoheal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dealstoheal.com/chickeninvaders6fullversiontpb-best/
Cookie: PHPSESSID=9b4be5d46500afc8553d4d4e4bf91731
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 29 Mar 2020 21:18:39 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Mon, 03 Oct 2022 02:00:29 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: application/javascript
date: Sun, 02 Oct 2022 20:00:29 GMT
server: Apache
X-Firefox-Spdy: h2

dealstoheal.com/chickeninvaders6fullversiontpb-best/

162.241.216.62

200 OK

0 B

URL HTTP/2
dealstoheal.com/chickeninvaders6fullversiontpb-best/
IP
162.241.216.62:0
ASN
#26337 OIS1

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /chickeninvaders6fullversiontpb-best/ HTTP/1.1
Host: dealstoheal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=9b4be5d46500afc8553d4d4e4bf91731
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-pingback: https://dealstoheal.com/xmlrpc.php
link: <https://dealstoheal.com/wp-json/>; rel="https://api.w.org/", <https://dealstoheal.com/wp-json/wp/v2/posts/40549>; rel="alternate"; type="application/json", <https://dealstoheal.com/?p=40549>; rel=shortlink
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: text/html; charset=UTF-8
date: Sun, 02 Oct 2022 20:00:27 GMT
server: Apache
X-Firefox-Spdy: h2

dealstoheal.com/wp-content/plugins/Tevolution/css.minifier.php

162.241.216.62

200 OK

0 B

URL HTTP/2
dealstoheal.com/wp-content/plugins/Tevolution/css.minifier.php
IP
162.241.216.62:0
ASN
#26337 OIS1

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/Tevolution/css.minifier.php HTTP/1.1
Host: dealstoheal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dealstoheal.com/chickeninvaders6fullversiontpb-best/
Cookie: PHPSESSID=9b4be5d46500afc8553d4d4e4bf91731
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: text/css;charset=UTF-8
date: Sun, 02 Oct 2022 20:00:29 GMT
server: Apache
X-Firefox-Spdy: h2

dealstoheal.com/wp-content/themes/Directory/css/style.css

162.241.216.62

200 OK

0 B

URL HTTP/2
dealstoheal.com/wp-content/themes/Directory/css/style.css
IP
162.241.216.62:0
ASN
#26337 OIS1

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/themes/Directory/css/style.css HTTP/1.1
Host: dealstoheal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dealstoheal.com/chickeninvaders6fullversiontpb-best/
Cookie: PHPSESSID=9b4be5d46500afc8553d4d4e4bf91731
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 28 Mar 2020 18:17:39 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Tue, 01 Nov 2022 20:00:29 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: text/css
date: Sun, 02 Oct 2022 20:00:29 GMT
server: Apache
X-Firefox-Spdy: h2

dealstoheal.com/wp-content/themes/Directory/style.css

162.241.216.62

200 OK

0 B

URL HTTP/2
dealstoheal.com/wp-content/themes/Directory/style.css
IP
162.241.216.62:0
ASN
#26337 OIS1

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/themes/Directory/style.css HTTP/1.1
Host: dealstoheal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dealstoheal.com/chickeninvaders6fullversiontpb-best/
Cookie: PHPSESSID=9b4be5d46500afc8553d4d4e4bf91731
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 30 Mar 2020 03:42:23 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Tue, 01 Nov 2022 20:00:29 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: text/css
date: Sun, 02 Oct 2022 20:00:29 GMT
server: Apache
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (58)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations