Report - wellnesstoday02.com/

Report Overview

Submitted URL
wellnesstoday02.com/
IP
104.16.16.194
ASN
#13335 CLOUDFLARENET
Submitted
2022-10-05 19:30:29
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
22

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
connect.facebook.net	139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	365 B	28 kB	31.13.72.12
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.77.32
bam.nr-data.net	630	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	863 B	602 B	162.247.241.14
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	987 B	2.2 kB	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	100.20.30.105
js-agent.newrelic.com	378	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	363 B	15 kB	151.101.86.137
use.fontawesome.com	942	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	781 B	1.7 kB	172.64.132.15
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	679 B	746 B	142.250.74.10
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	54.230.111.7
assets.clickfunnels.com	64830	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	407 B	1.8 kB	104.16.16.194
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	662 B	1.4 kB	142.250.74.3
app.clickfunnels.com	34727	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.1 kB	3.3 kB	104.16.13.194
static.cloudflareinsights.com	1294	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	451 B	393 B	172.64.156.26
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	34.160.144.191
wellnesstoday02.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	7.3 kB	358 kB	104.16.16.194
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	51 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-10-05	medium	wellnesstoday02.com	Sinkholed
2022-10-05	medium	wellnesstoday02.com	Sinkholed
2022-10-05	medium	wellnesstoday02.com	Sinkholed
2022-10-05	medium	wellnesstoday02.com	Sinkholed
2022-10-05	medium	wellnesstoday02.com	Sinkholed
2022-10-05	medium	wellnesstoday02.com	Sinkholed
2022-10-05	medium	wellnesstoday02.com	Sinkholed
2022-10-05	medium	wellnesstoday02.com	Sinkholed
2022-10-05	medium	wellnesstoday02.com	Sinkholed
2022-10-05	medium	wellnesstoday02.com	Sinkholed
2022-10-05	medium	wellnesstoday02.com	Sinkholed

JavaScript (23)

	URL	Size	First Seen	Last Seen
	wellnesstoday02.com/prodentim	280 B	2023-03-08	2023-03-13
Pretty URL wellnesstoday02.com/prodentim IP 104.16.15.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:30:07 Last Seen2023-03-13 01:44:36 Times Seen1 Hash 84f9617c11e2106101e4d58e17359daf 274acdee9c86277083fcbb983826e18f6060212d 648187d0c38c1d8b129c0b61b5a74ce21a8afcd811fab6bcdb6e13e7b3d0b5d7 Loading...

	wellnesstoday02.com/prodentim	10 kB	2023-03-07	2023-03-17
Pretty URL wellnesstoday02.com/prodentim IP 104.16.15.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2023-03-17 12:27:39 Times Seen1 Hash 61abdb73cf60f39fa1f99dbd202754ac 8d0f53cfd61600543702b775cccfdb6cff316a83 42f0f6e0965f466635a6785e94642889e31ade69c5d6c892182d03c91abd6082 Loading...

	wellnesstoday02.com/vendor.js	18 kB	2023-03-07	2024-03-20
Pretty URL wellnesstoday02.com/vendor.js IP 104.16.15.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2024-03-20 16:33:23 Times Seen1309 Hash bf2a8a168c0be1544c34f363c276586e 581e49c9b7bdd06dab54c00931f4256b223e620e 7422e50efbaea439fda7ef3b0eb54ee1a9fe73ea2f919d78a33bf6fb9e3e059d Loading...

	connect.facebook.net/signals/config/782444719466976?v=2.9.84&r=stable	299 kB	2023-03-08	2023-03-08
Pretty URL connect.facebook.net/signals/config/782444719466976?v=2.9.84&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:30:07 Last Seen2023-03-08 06:30:07 Times Seen1 Hash 2b5f6132d815dff0754c961320bf4fef 5dd052b30efb6a8192767e29a32c6a0233557962 841691222e51827cc9c762d4ced4a120b427f1241e7bf32b7a483e84d6bf40f7 Loading...

	js-agent.newrelic.com/nr-1216.min.js	39 kB	2023-03-07	2023-12-02
Pretty URL js-agent.newrelic.com/nr-1216.min.js IP 151.101.86.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:59 Last Seen2023-12-02 09:02:29 Times Seen204 Hash 9f533d8cd24b2c5e3b4dc886ecbd43e8 4aaad79f222fbcf885679bb30ac0cb6c14ec06eb 6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708 Loading...

	wellnesstoday02.com/assets/pushcrew.js	637 B	2023-03-07	2024-03-20
Pretty URL wellnesstoday02.com/assets/pushcrew.js IP 104.16.15.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2024-03-20 16:33:23 Times Seen1405 Hash 0a67c27615e7d2202f261dcc0a82d744 0fa0a8ca56efded583bd4201821015a63c623d44 f7464960133d530dfa52ce0ab9a5c33f0a709a946ad16298b000a7560738f422 Loading...

	wellnesstoday02.com/assets/lander.js	2.3 MB	2023-03-08	2023-03-10
Pretty URL wellnesstoday02.com/assets/lander.js IP 104.16.15.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:30:07 Last Seen2023-03-10 14:08:29 Times Seen1 Hash d75d5af2ba7e4b6a75abc8b07e0925ba ce586cb0d643538608f6616f36a08326ed33a1e2 8f4250c6f2e083afe49ec4267bf2b75f925a5dae9b2f895fa6bc4cc5870da495 Loading...

	static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194	14 kB	2023-03-07	2024-04-18
Pretty URL static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 IP 172.64.156.26 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-18 21:14:32 Times Seen1618 Hash 19514b1be5ee33b45d32c1fcd4c67ec2 bdeab77b43cafcc638df9d7c26f1aa7f46bf1fd5 fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505 Loading...

	wellnesstoday02.com/assets/userevents/application.js	4.9 kB	2023-03-07	2023-03-17
Pretty URL wellnesstoday02.com/assets/userevents/application.js IP 104.16.15.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2023-03-17 12:27:39 Times Seen1 Hash 8c7a2fbb2ccf04e864c50ff46ff6975d 1f9e9ece9dd37561093248324faa202260eb616c 004e3565fa58bd4ff0cbf31deb5451508a5ec7d46c4480f9bfa23326f187a158 Loading...

	wellnesstoday02.com/prodentim	3 B	2023-03-07	2024-04-18
Pretty URL wellnesstoday02.com/prodentim IP 104.16.15.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:22 Last Seen2024-04-18 10:05:19 Times Seen1137 Hash f67be96ce768fb5b40aecf0438f97886 d27fecd03a022cc6f670ca42ef1b99d5f5bcc74c 3441b5696d6abf2bd959d18bcb31dde8239a6ad8185bfa659af60bc764c238a8 Loading...

	wellnesstoday02.com/prodentim	104 B	2023-03-07	2024-03-20
Pretty URL wellnesstoday02.com/prodentim IP 104.16.15.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2024-03-20 16:33:23 Times Seen1184 Hash 00b5ba65cbf82b44301e01048b806055 3be24afc94edb8de2099ccafa2bfcdbfbef301cd 699e1188e23d8be696d8ca3b45d7eba8c1c97f6ce4e9da4051cce63907ea8442 Loading...

	wellnesstoday02.com/prodentim	271 B	2023-03-07	2024-03-20
Pretty URL wellnesstoday02.com/prodentim IP 104.16.15.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2024-03-20 16:33:23 Times Seen1079 Hash c0d8faa83b4d63e92f56614251d001d4 4377d94b43b83ca010c78aa4c482d86ca19a9593 1d35b00811c224b9c83537f23634d9e7b07f75841c3d99e6ded3c759571f45a7 Loading...

	wellnesstoday02.com/prodentim	464 B	2023-03-08	2023-03-08
Pretty URL wellnesstoday02.com/prodentim IP 104.16.15.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:30:07 Last Seen2023-03-08 06:30:07 Times Seen1 Hash da4cba8cc31448c700a8dd514f62dbdb 95bd0023883ee027404f36d22a2f5dcc1df62520 b0a53f30a6c1aa2940c3b439ecda106d739f4f9cad177a68c5c7861b832c6de7 Loading...

	wellnesstoday02.com/prodentim	101 B	2023-03-07	2024-03-20
Pretty URL wellnesstoday02.com/prodentim IP 104.16.15.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2024-03-20 16:33:23 Times Seen1072 Hash 58d9451139b4d777d43d7c3e074a944a 58dbf64854e67993dd579ecc78d1a32fea9266ed 85f043b5d0590f154a02cf29f549340485f0e6dd78c70ab8746555092fc9d493 Loading...

	wellnesstoday02.com/prodentim	395 B	2023-03-07	2024-03-20
Pretty URL wellnesstoday02.com/prodentim IP 104.16.15.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2024-03-20 16:33:23 Times Seen1083 Hash b2c93212afb38693d023d97f822acd42 a971c75819436a7c7d9c3b388b8be10f1286fdcb dbde09f9e5cc2ecdeffe30752eac8756ca637e0c524bdbd5b1c7e5704aae004f Loading...

	wellnesstoday02.com/prodentim	1.0 kB	2023-03-07	2024-03-20
Pretty URL wellnesstoday02.com/prodentim IP 104.16.15.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2024-03-20 16:33:23 Times Seen1073 Hash 7e04d8a0aac6ab1ec08163bd215a5711 f425cd8bab39529985cf2a9cf866a877b4fca17a 4e3d5220213c311337410362a4654f5ea226e71707a85229385cec6d871cc05a Loading...

	wellnesstoday02.com/prodentim	594 B	2023-03-08	2023-03-08
Pretty URL wellnesstoday02.com/prodentim IP 104.16.15.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:30:07 Last Seen2023-03-08 06:30:07 Times Seen1 Hash ada42b3f5d37bdf45ade19ae4833f808 58c55fa79c3563091fb572bc1b8a4a3beb8313cb 18baf054cb8bbe4d96bad23bc30fdf6dd6432534adab0b23b968fbe10580fbb7 Loading...

	bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=2393&ck=1&ref=https://wellnesstoday02.com/prodentim&ap=495&be=775&fe=2073&dc=1498&perf=%7B%22timing%22:%7B%22of%22:1664998218470,%22n%22:0,%22f%22:527,%22dn%22:578,%22dne%22:579,%22c%22:580,%22s%22:583,%22ce%22:600,%22rq%22:601,%22rp%22:743,%22rpe%22:745,%22dl%22:758,%22di%22:1481,%22ds%22:1498,%22de%22:1593,%22dc%22:2072,%22l%22:2072,%22le%22:2180%7D,%22navigation%22:%7B%7D%7D&fcp=1097&jsonp=NREUM.setToken	49 B	2023-03-07	2024-03-22
Pretty URL bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=2393&ck=1&ref=https://wellnesstoday02.com/prodentim&ap=495&be=775&fe=2073&dc=1498&perf=%7B%22timing%22:%7B%22of%22:1664998218470,%22n%22:0,%22f%22:527,%22dn%22:578,%22dne%22:579,%22c%22:580,%22s%22:583,%22ce%22:600,%22rq%22:601,%22rp%22:743,%22rpe%22:745,%22dl%22:758,%22di%22:1481,%22ds%22:1498,%22de%22:1593,%22dc%22:2072,%22l%22:2072,%22le%22:2180%7D,%22navigation%22:%7B%7D%7D&fcp=1097&jsonp=NREUM.setToken IP 162.247.241.14 ASN #23467 NEWRELIC-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-03-22 06:11:42 Times Seen2776 Hash ada33e5b8877e743ff658bf4bfa1867c 5a78662243dac43c0ee48bcb7e05a536b84c2e38 dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82 Loading...

	wellnesstoday02.com/prodentim	1.6 kB	2023-03-07	2024-03-20
Pretty URL wellnesstoday02.com/prodentim IP 104.16.15.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2024-03-20 16:33:23 Times Seen1072 Hash 9695240da93eaffb74ee6d46ae6ea5da f545f6cec4b5da6fb0a50a17ee0bc878030c5047 88533b116813899d4cf0751961b7568763677a97033cfb35180d523e2cf2cfd1 Loading...

	connect.facebook.net/en_US/fbevents.js	103 kB	2023-03-08	2023-11-10
Pretty URL connect.facebook.net/en_US/fbevents.js IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:45:46 Last Seen2023-11-10 23:06:10 Times Seen10 Hash d78a7caef2779bec7d3e91de3eb77eeb 5af31c112f3bcd8f2866d4bf89e8455438b1e382 00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 0e4412c8386910cbbd5f4e42aabd2a91	1.1 kB	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 06:30:07 Last Seen2023-03-08 06:30:07 Times Seen1 Hash 0e4412c8386910cbbd5f4e42aabd2a91 a04fe8932ed1224b503ab1b15f008ce68d4fa6a7 2032cd886b9362d68d351a2f4846e7dfebae8c37c8bceccfaeda1962beb30222 Loading...

	#2 Eval - 038427ddae4af6662d7ccae3c9af89f9	119 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 06:30:07 Last Seen2023-03-08 06:30:07 Times Seen1 Hash 038427ddae4af6662d7ccae3c9af89f9 c7020186e02d09303cb03e875c9c59b86518b1ee edd5e15f52994e63fd0c70d8c45f751138c2f147070304ea8f3852a4ca50c1a0 Loading...

	#3 Eval - 2aa74ac3a264c3e10ae463a262aaf72c	20 kB	2023-03-07	2024-03-20
Pretty Observations First Seen2023-03-07 01:29:18 Last Seen2024-03-20 16:33:23 Times Seen1092 Hash 2aa74ac3a264c3e10ae463a262aaf72c c5ff579cf0cc2ba1d98711b366ec148152abbaf5 9c1ea695852f01d2fc6027d572b126b740a9c4634540fb0d39ea3656377eef77 Loading...

HTTP Transactions (44)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

54.230.111.7

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
54.230.111.7:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: qHL3bq0cI13TCaTCWuNK2nvC4J7JpgVhwSTjiBsW0JHvAAcAuF6_QA==
Age: 13380

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
eabb7d9ffae717f7305d63c057755470
3b7f0baccfdbb8d9ffefa4a2215d4d6094be454a
ab48f17e54075e1ecf034278e82bcacd2e3689773186cc84fba9b79aac907294

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AB48F17E54075E1ECF034278E82BCACD2E3689773186CC84FBA9B79AAC907294"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3311
Expires: Wed, 05 Oct 2022 20:25:29 GMT
Date: Wed, 05 Oct 2022 19:30:18 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4ab7d8709d334de0e46dcb86aabfbff1
f221138a8ad9d0bfa3c054370dcdb363a67dc310
b91d37f606eaf448b9c7dfc05566a11de004ce44503409e1a776288ee2622805

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B91D37F606EAF448B9C7DFC05566A11DE004CE44503409E1A776288EE2622805"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5569
Expires: Wed, 05 Oct 2022 21:03:07 GMT
Date: Wed, 05 Oct 2022 19:30:18 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: R3lqwT5IgjPmg0khHopyyIPFdNNy7juJtVfOWuNnYOm2a+9aofM8MY/JA0u6izZBOLrdqJDEcjM=
x-amz-request-id: 76VCNTFT6TNYQRSP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 05 Oct 2022 18:30:26 GMT
age: 3592
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

wellnesstoday02.com/

104.16.16.194

302 Found

483 B

URL HTTP/1.1
wellnesstoday02.com/
IP
104.16.16.194:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (468)
Size
483 B (483 bytes)
Hash
d41b103190d7247e9edfda8412353b8b
8e622a54595e7ed5efe4b6f7378525af5468b983
756f50e74f2b526a472689d36dd2a862cacbb0e2ea1879362688a2faa5182f10

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: wellnesstoday02.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Wed, 05 Oct 2022 19:30:18 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://wellnesstoday02.com/prodentim
CF-Ray: 75589231f8a8b51d-OSL
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
Vary: Accept-Encoding
CF-Cache-Status: BYPASS
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
Access-Control-Request-Method: *
Pragma: no-cache
Status: 302 Found
X-Frame-Options: ALLOWALL
X-Powered-By: Phusion Passenger Enterprise 6.0.7
X-Rack-Cache: miss
X-Request-Id: 0e8ca577b3fa014cd18a696dcbf1539a
X-Runtime: 0.191778
Set-Cookie: __cf_bm=XOzn2H_IJgjGZC19gV5JhW7UwezRwKgj625LBvkMEI8-1664998218-0-AYKQZ1DcAPHv8hWbOTuU0BTrARsxyli+7hPauFCT5d4isoYqGMgVGWVpMgz7bBqKRiLHMHd7FWoRYNuaq1/KCwrEv2YicCG5TLyP38x02Jul; path=/; expires=Wed, 05-Oct-22 20:00:18 GMT; domain=.wellnesstoday02.com; HttpOnly; SameSite=None
Server: cloudflare
alt-svc: h2=":443"; ma=60

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 19:30:18 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

assets.clickfunnels.com/images/closemodal.png

104.16.16.194

200 OK

672 B

URL HTTP/2
assets.clickfunnels.com/images/closemodal.png
IP
104.16.16.194:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
672 B (672 bytes)
Hash
19754ed4d508cf576c80cf36e0db8c50
f459beac714e5be68aa75349fa806a5642af456a
5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389

HTTP Headers

GET /images/closemodal.png HTTP/1.1
Host: assets.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wellnesstoday02.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 19:30:19 GMT
content-type: image/webp
content-length: 672
cf-ray: 755892377e33b509-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 1807261
cache-control: public, max-age=2678400
content-disposition: inline; filename="closemodal.webp"
etag: "630e9cfc-314"
expires: Sat, 05 Nov 2022 19:30:19 GMT
last-modified: Tue, 30 Aug 2022 23:27:56 GMT
strict-transport-security: max-age=0
vary: Accept, Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=788
set-cookie: __cf_bm=y3F5T.nM3EWppGCSipZe6cb8K0Su6dXAGE0ecKrtkCc-1664998219-0-ASy8PxsYzEPco1jXJJnGu6l6zCGtTe5Pj5aYCYre5XzVZJI0xLwaNfipaMgLaZwFOd6/cNdca6oka2ckO971LuJ9tlX27SINrKLIjv6m0Q6L; path=/; expires=Wed, 05-Oct-22 20:00:19 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b0e8a79f3e381ab34a44278947ac7c7e
70d01e6fdc8565c661b6ae8c5a043ddf2da16530
885a8c234fca85e6f6bb3e8fcab6672b9a9742b5d3f74681b17a330fa295d549

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 19:30:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

54.230.111.7

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
54.230.111.7:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Wed, 05 Oct 2022 19:10:22 GMT
Expires: Wed, 05 Oct 2022 19:38:44 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Fa-3EnsuY8DZlaPFqmYk486EIvUCzGDGfZ6_pOQfNnQZregxZEQsfg==
Age: 1197

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b0e8a79f3e381ab34a44278947ac7c7e
70d01e6fdc8565c661b6ae8c5a043ddf2da16530
885a8c234fca85e6f6bb3e8fcab6672b9a9742b5d3f74681b17a330fa295d549

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 19:30:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
1561c6be7c89d1357a80d12de47b6e74
9a705277922ecca583c867af58b3efce099f83bd
e33dc034dbf4b3b627cd3c1af2d942e2ca5704ec9a4aad5c46ad39eb070e82ab

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4255
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 19:30:19 GMT
Last-Modified: Wed, 05 Oct 2022 18:19:24 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

100.20.30.105

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
100.20.30.105:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: am5i19QzpimmTVoHHcnx2w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: tHQmN+4d5kBtNVhS8BZxGpEHA1M=

wellnesstoday02.com/hosted/images/1f/f02a7b1e8d4b03a99fe05f8c3dcee9/AD-Images.png

104.16.15.194

200 OK

258 kB

URL HTTP/2
wellnesstoday02.com/hosted/images/1f/f02a7b1e8d4b03a99fe05f8c3dcee9/AD-Images.png
IP
104.16.15.194:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1040 x 788, 8-bit colormap, non-interlaced\012- data
Size
258 kB (258227 bytes)
Hash
fc22f3f21ffe3f48cd3ff16ccb8218c5
44ca1eaa53bdb5a17064a4bc6f23413e8db9ed2e
26cbc3d6b15f4e23b13e85747252a353456d4ebdd7976ae1904bce533c3deaec

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /hosted/images/1f/f02a7b1e8d4b03a99fe05f8c3dcee9/AD-Images.png HTTP/1.1
Host: wellnesstoday02.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wellnesstoday02.com/prodentim
Cookie: __cf_bm=.LkAp.o4SFCKlTXEGVv_sJIE3SQ6xtAtCMb0RK2UZ7w-1664998219-0-AZNSI3DkfG3MeD5kqcilHnQfAoq6wVyTOMa8yGftqOVwatu1wJjNpSLTwIM3m/ZeEzrgBTaMtwiyD2zo6jaof1NXixa2V7aDs9MaFyUpyblP
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 19:30:20 GMT
content-type: image/png
content-length: 258227
cf-ray: 755892372da4b4f1-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "fc22f3f21ffe3f48cd3ff16ccb8218c5"
last-modified: Tue, 20 Sep 2022 17:30:58 GMT
cf-cache-status: MISS
x-amz-cf-pop: OSL50-P1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
b3791fae35fa0754166a153c17b4d33c
2416c0ebeb59a5dbb874c88a747242fa03e32bb6
6ed8a41c16f75035977b43d3574fc577c3473b46db106480c4a64ca72462458a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2402
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 19:30:20 GMT
Last-Modified: Wed, 05 Oct 2022 18:50:18 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471

connect.facebook.net/en_US/fbevents.js

31.13.72.12

200 OK

27 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
27 kB (26840 bytes)
Hash
e1327a02d76346c7e23d114e4e508b30
195b8ad875ab8f7a7adf735f1f70aa02b3a2e1a3
331e67b451c6559915b12ab2df810ccdba73b3971c5301b2010b54dd6d391de2

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wellnesstoday02.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 6wLWgD0M94rhIshofCYd/8ORw4kXViZEgicpzBTSSerkizMnOCaRk87U0yw92e72WV6qgAod70JcedYnYm81Jw==
priority: u=3,i
content-length: 26840
x-fb-trip-id: 1904183273
date: Wed, 05 Oct 2022 19:30:20 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
b3791fae35fa0754166a153c17b4d33c
2416c0ebeb59a5dbb874c88a747242fa03e32bb6
6ed8a41c16f75035977b43d3574fc577c3473b46db106480c4a64ca72462458a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2402
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 19:30:20 GMT
Last-Modified: Wed, 05 Oct 2022 18:50:18 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471

wellnesstoday02.com/vendor.js

104.16.15.194

200 OK

91 kB

URL HTTP/2
wellnesstoday02.com/vendor.js
IP
104.16.15.194:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text
Size
91 kB (91261 bytes)
Hash
d8f6bd7ada37a6caeaeb36ff280e5e74
19d7b5aafea651b220be7de2612da24b00b3355c
e783f4a30425035b1ebf9bf41d0c31a8a1c31a7346391e6b7219b65e2432d8e1

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /vendor.js HTTP/1.1
Host: wellnesstoday02.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wellnesstoday02.com/prodentim
Cookie: __cf_bm=.LkAp.o4SFCKlTXEGVv_sJIE3SQ6xtAtCMb0RK2UZ7w-1664998219-0-AZNSI3DkfG3MeD5kqcilHnQfAoq6wVyTOMa8yGftqOVwatu1wJjNpSLTwIM3m/ZeEzrgBTaMtwiyD2zo6jaof1NXixa2V7aDs9MaFyUpyblP
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 19:30:20 GMT
content-type: application/javascript
cf-ray: 7558923abb0ab4f1-OSL
access-control-allow-origin: *
cache-control: max-age=900, public
etag: W/"7422e50efbaea439fda7ef3b0eb54ee1"
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
status: 200 OK
x-content-digest: 581e49c9b7bdd06dab54c00931f4256b223e620e
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss, store
x-request-id: 3c89b519ec5d4d4524f8584863eba926
x-runtime: 0.031067
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

js-agent.newrelic.com/nr-1216.min.js

151.101.86.137

200 OK

14 kB

URL HTTP/2
js-agent.newrelic.com/nr-1216.min.js
IP
151.101.86.137:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (32022)
Size
14 kB (14391 bytes)
Hash
b7c09cc097b2847f9edc784adba62dcb
5aa648623cf5e3b4b215fe5d068a7904c59f2925
6da450b6a3ba53bdab36f6529e987a245cdfca9a37b77790f06dfd8d5797bdaa

HTTP Headers

GET /nr-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wellnesstoday02.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: Vf9xsFZHH0UI6bmTnW+KeBzegICGOxvtMLIWtbljNKoJtdkUEk/MfmbYPFui+bgtiUf/4lC5dk8=
x-amz-request-id: 4AV5AVKCCR961CNG
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Wed, 05 Oct 2022 19:30:20 GMT
via: 1.1 varnish
x-served-by: cache-bma1659-BMA
x-cache: HIT
x-cache-hits: 6306
x-timer: S1664998221.590173,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 14391
X-Firefox-Spdy: h2

bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=2393&ck=1&ref=https://wellnesstoday02.com/prodentim&ap=495&be=775&fe=2073&dc=1498&perf=%7B%22timing%22:%7B%22of%22:1664998218470,%22n%22:0,%22f%22:527,%22dn%22:578,%22dne%22:579,%22c%22:580,%22s%22:583,%22ce%22:600,%22rq%22:601,%22rp%22:743,%22rpe%22:745,%22dl%22:758,%22di%22:1481,%22ds%22:1498,%22de%22:1593,%22dc%22:2072,%22l%22:2072,%22le%22:2180%7D,%22navigation%22:%7B%7D%7D&fcp=1097&jsonp=NREUM.setToken

162.247.241.14

200 OK

72 B

URL HTTP/1.1
bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=2393&ck=1&ref=https://wellnesstoday02.com/prodentim&ap=495&be=775&fe=2073&dc=1498&perf=%7B%22timing%22:%7B%22of%22:1664998218470,%22n%22:0,%22f%22:527,%22dn%22:578,%22dne%22:579,%22c%22:580,%22s%22:583,%22ce%22:600,%22rq%22:601,%22rp%22:743,%22rpe%22:745,%22dl%22:758,%22di%22:1481,%22ds%22:1498,%22de%22:1593,%22dc%22:2072,%22l%22:2072,%22le%22:2180%7D,%22navigation%22:%7B%7D%7D&fcp=1097&jsonp=NREUM.setToken
IP
162.247.241.14:0
ASN
#23467 NEWRELIC-AS-1

File type
ASCII text, with no line terminators
Size
72 B (72 bytes)
Hash
107d93e382e2c9b00fbf9fb0edc65d86
77e750e3ebf9706f4f6dd253785602d70be17c6c
a1ee50b689ea433a0acdccbf4ee4629e9ea3f9c4bcdd21effb334359a2f9e937

HTTP Headers

GET /1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=2393&ck=1&ref=https://wellnesstoday02.com/prodentim&ap=495&be=775&fe=2073&dc=1498&perf=%7B%22timing%22:%7B%22of%22:1664998218470,%22n%22:0,%22f%22:527,%22dn%22:578,%22dne%22:579,%22c%22:580,%22s%22:583,%22ce%22:600,%22rq%22:601,%22rp%22:743,%22rpe%22:745,%22dl%22:758,%22di%22:1481,%22ds%22:1498,%22de%22:1593,%22dc%22:2072,%22l%22:2072,%22le%22:2180%7D,%22navigation%22:%7B%7D%7D&fcp=1097&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wellnesstoday02.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 19:30:21 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 755892408abe0b65-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=8f7211dad86bd224; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4444
Expires: Wed, 05 Oct 2022 20:44:25 GMT
Date: Wed, 05 Oct 2022 19:30:21 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4444
Expires: Wed, 05 Oct 2022 20:44:25 GMT
Date: Wed, 05 Oct 2022 19:30:21 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4444
Expires: Wed, 05 Oct 2022 20:44:25 GMT
Date: Wed, 05 Oct 2022 19:30:21 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4444
Expires: Wed, 05 Oct 2022 20:44:25 GMT
Date: Wed, 05 Oct 2022 19:30:21 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10158 bytes)
Hash
4fc2ddd86450d64d3fb659ab4e78be58
bbe71936b78a8c34d03ab87948dc840b35c6948f
84a760397a5912bd05f61bc8a953c13a88a677e2d17fbbf74bdf7d7ff4d3942f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10158
x-amzn-requestid: def1fc7e-8008-466f-9271-20fa1ab0fa5a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaqZCH7doAMFcPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a8aa0-7fd2fb1249366f2277d719d6;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 07:09:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: szhtD9f4RuQaDKXe7LElSR0yOKo9cYa1i2YMeG3eSpBXP8ePcdzQig==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 07:29:32 GMT
age: 43249
etag: "bbe71936b78a8c34d03ab87948dc840b35c6948f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8857940-5ca2-44ba-8a66-f396a605d5b4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.0 kB (7021 bytes)
Hash
229c99cfb655a8c9f1a22de69fdff73c
6b5db8fbfb56f083d54b13e7660d0e4bc866aa00
f4099e9153c3dc481add95b0f24dbb8f6d65cc74ad5631d9cb6c6f2a0351843d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8857940-5ca2-44ba-8a66-f396a605d5b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7021
x-amzn-requestid: 2e30bdac-360e-4d0a-8bb7-c3144e074abe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zf8ucHb1oAMFjYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ca7f5-18ba6bc50cb32b1e14c882bd;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 21:39:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Sd2_YDHr3j7ym7wfFyQh9kg8FP-Et2nJUOo1v_TNbI3PvpzEY5KJ2Q==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 22:07:19 GMT
age: 76982
etag: "6b5db8fbfb56f083d54b13e7660d0e4bc866aa00"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5704624d-eb81-4a5b-bcb7-08db5681c677.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8926 bytes)
Hash
1de7c17a0ba9295135e7f8b490b6a8d3
70e8d1589f3daf71378965dd197934e220fb6aa4
ee559ce3166479e2b930be7d18525f5c2d164aed8ca005302ddaf3bfe37eec24

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5704624d-eb81-4a5b-bcb7-08db5681c677.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8926
x-amzn-requestid: 27fc8976-af8d-40a3-b701-0642fa135ec4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zf8s1GSbIAMFTiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ca7eb-4d4c7837576e0fdb5828fe3b;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 21:38:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YzVofPSJC-YVU1Q1V9AnjNeQTa1BQEh6ZiH2HjSeeX5RygysFP7oAA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 21:42:34 GMT
age: 78467
etag: "70e8d1589f3daf71378965dd197934e220fb6aa4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb178720-854c-4c9e-85c1-58cb5419ca69.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.6 kB (3585 bytes)
Hash
5d7d7df8d4c440f9db445c3d99e818d6
612b6dbd4ba895c167964ff7e6d9263013b52b0a
bf527a814c78f9e010cce4ba593c9146d54a2137d1f147f7a6250fbad81956ac

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb178720-854c-4c9e-85c1-58cb5419ca69.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3585
x-amzn-requestid: ccb6f0c8-4d9b-48b8-aaf6-16781dc4c86b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaHFlEcFoAMFS3g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a5223-5c9276c873efee993ba54667;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 03:08:19 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: T8m1q2L45TWDVRBa-R2W70yq9BauBK3G4IX54AGIxdRhG736T974kg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 04:05:29 GMT
age: 55492
etag: "612b6dbd4ba895c167964ff7e6d9263013b52b0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23595c4d-609a-48f3-a52f-e88e478d7653.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.8 kB (5832 bytes)
Hash
3257b782efae9b64e6e18a547866ec50
4daf0c001e86af8477fb097e8ca932edb8e5f981
899f9692e86405aa288d88dd285a6fe26bedab1a2ca4693212476063890b01a5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23595c4d-609a-48f3-a52f-e88e478d7653.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5832
x-amzn-requestid: c4427edd-3d71-47d0-a2d3-b3bfed089535
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zf8s1FuUoAMFhBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ca7eb-46ddff150da4141d23fc0d8a;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 21:38:51 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: WWClzLGprno--c75q63i1TFi8oBEdAYW-J4lCk9V8IELQXe6q0A05A==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 21:42:34 GMT
age: 78467
etag: "4daf0c001e86af8477fb097e8ca932edb8e5f981"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78bf691d-76e8-4176-884d-dbc06604dded.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.8 kB (8816 bytes)
Hash
100559d746bedd7c3802661c875c35ee
5261a6c2ee6d6cc87e91ee82e32d8be234db393e
ff06f31267ddcc9a0d84ddc68932872bfed29d072783c3a1dd3790d41c280aec

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78bf691d-76e8-4176-884d-dbc06604dded.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8816
x-amzn-requestid: b9f3ec8a-f478-4405-b275-e21f2d7d89d4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZKK7gFPJIAMF-7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6333f1e3-250348e6140f3c74762263ea;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 07:04:03 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: F1ZWwxLKhRC6oSh6gnUxEm5AnYcY-mezJw9mNJ8GmNWnATAKx1JxSg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 22:42:26 GMT
age: 74875
etag: "5261a6c2ee6d6cc87e91ee82e32d8be234db393e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

wellnesstoday02.com/prodentim

104.16.15.194

200 OK

0 B

URL HTTP/2
wellnesstoday02.com/prodentim
IP
104.16.15.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /prodentim HTTP/1.1
Host: wellnesstoday02.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Wed, 05 Oct 2022 19:30:19 GMT
content-type: text/html; charset=utf-8
cf-ray: 755892353a6fb4f1-OSL
access-control-allow-origin: *
cache-control: max-age=60, public, s-maxage=600, r-maxage=10
last-modified: Tue, 20 Sep 2022 20:23:23 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
status: 200 OK
x-content-digest: 7f7c35662af0ef0ba3da87d5d49c26f2cff70821
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: fresh
x-request-id: da624b8655fe08222c196d0f6c9469ee
x-runtime: 0.487748
set-cookie: __cf_bm=.LkAp.o4SFCKlTXEGVv_sJIE3SQ6xtAtCMb0RK2UZ7w-1664998219-0-AZNSI3DkfG3MeD5kqcilHnQfAoq6wVyTOMa8yGftqOVwatu1wJjNpSLTwIM3m/ZeEzrgBTaMtwiyD2zo6jaof1NXixa2V7aDs9MaFyUpyblP; path=/; expires=Wed, 05-Oct-22 20:00:19 GMT; domain=.wellnesstoday02.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

wellnesstoday02.com/assets/userevents/application.js

104.16.15.194

200 OK

0 B

URL HTTP/2
wellnesstoday02.com/assets/userevents/application.js
IP
104.16.15.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/userevents/application.js HTTP/1.1
Host: wellnesstoday02.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wellnesstoday02.com/prodentim
Cookie: __cf_bm=.LkAp.o4SFCKlTXEGVv_sJIE3SQ6xtAtCMb0RK2UZ7w-1664998219-0-AZNSI3DkfG3MeD5kqcilHnQfAoq6wVyTOMa8yGftqOVwatu1wJjNpSLTwIM3m/ZeEzrgBTaMtwiyD2zo6jaof1NXixa2V7aDs9MaFyUpyblP
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 19:30:19 GMT
content-type: application/x-javascript
cf-ray: 755892372d9eb4f1-OSL
access-control-allow-origin: *
age: 310
cache-control: public, max-age=1200
etag: W/"633da86c-1353"
expires: Wed, 05 Oct 2022 19:50:19 GMT
last-modified: Wed, 05 Oct 2022 15:53:16 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.9.0/css/all.css

172.64.132.15

200 OK

0 B

URL HTTP/2
use.fontawesome.com/releases/v5.9.0/css/all.css
IP
172.64.132.15:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/v5.9.0/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wellnesstoday02.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 05 Oct 2022 19:30:19 GMT
content-type: text/css
x-amz-id-2: vC8KBN503iyWKZzHxfJc5rs99Ocw4DSTaifdaL1SsWTbuhhIHZc4Cm+BPlh6dJ7ueugjQrc5cWE=
x-amz-request-id: F0PHW7H6699FG8TW
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
etag: W/"dbf9d822cefe851ba6f66e1ad57e8987"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 29765241
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uh7ZjqtXL8cASvdNWF%2BMpds4q0wU3BLsjIYTsowHK5NAvug2inF%2F2A%2FKDSoSW90FLl6wbfmWxilW%2FRPskVt0GAaPMNpEC0kXZEnRCameAH1Jehpxl5B%2B3aBCkOKs1hQgVHI4sbOQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755892378aba72de-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wellnesstoday02.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 05 Oct 2022 19:30:19 GMT
date: Wed, 05 Oct 2022 19:30:19 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

wellnesstoday02.com/cdn-cgi/rum?

104.16.15.194

200 OK

0 B

URL HTTP/2
wellnesstoday02.com/cdn-cgi/rum?
IP
104.16.15.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: wellnesstoday02.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 8891
Origin: https://wellnesstoday02.com
Connection: keep-alive
Referer: https://wellnesstoday02.com/prodentim
Cookie: __cf_bm=.LkAp.o4SFCKlTXEGVv_sJIE3SQ6xtAtCMb0RK2UZ7w-1664998219-0-AZNSI3DkfG3MeD5kqcilHnQfAoq6wVyTOMa8yGftqOVwatu1wJjNpSLTwIM3m/ZeEzrgBTaMtwiyD2zo6jaof1NXixa2V7aDs9MaFyUpyblP; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTYyMTAxMTQ=:visited=true; cf:visitor_id=5252de48-df59-4731-9d61-4780cbe6f509; addevent_track_cookie=97bacebd-ca38-4a69-d177-1adea4d126bd; _fbp=fb.1.1664998220496.1902550565
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 19:30:20 GMT
content-type: text/plain
access-control-allow-origin: https://wellnesstoday02.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 7558923f29f8b4f1-OSL
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

wellnesstoday02.com/assets/lander.js

104.16.15.194

200 OK

0 B

URL HTTP/2
wellnesstoday02.com/assets/lander.js
IP
104.16.15.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/lander.js HTTP/1.1
Host: wellnesstoday02.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wellnesstoday02.com/prodentim
Cookie: __cf_bm=.LkAp.o4SFCKlTXEGVv_sJIE3SQ6xtAtCMb0RK2UZ7w-1664998219-0-AZNSI3DkfG3MeD5kqcilHnQfAoq6wVyTOMa8yGftqOVwatu1wJjNpSLTwIM3m/ZeEzrgBTaMtwiyD2zo6jaof1NXixa2V7aDs9MaFyUpyblP
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 19:30:19 GMT
content-type: application/x-javascript
cf-ray: 755892373dadb4f1-OSL
access-control-allow-origin: *
age: 302
cache-control: public, max-age=1200
etag: W/"633da8bf-239130"
expires: Wed, 05 Oct 2022 19:50:19 GMT
last-modified: Wed, 05 Oct 2022 15:54:39 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

wellnesstoday02.com/favicon.ico

104.16.15.194

200 OK

0 B

URL HTTP/2
wellnesstoday02.com/favicon.ico
IP
104.16.15.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: wellnesstoday02.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wellnesstoday02.com/prodentim
Cookie: __cf_bm=.LkAp.o4SFCKlTXEGVv_sJIE3SQ6xtAtCMb0RK2UZ7w-1664998219-0-AZNSI3DkfG3MeD5kqcilHnQfAoq6wVyTOMa8yGftqOVwatu1wJjNpSLTwIM3m/ZeEzrgBTaMtwiyD2zo6jaof1NXixa2V7aDs9MaFyUpyblP; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTYyMTAxMTQ=:visited=true; cf:visitor_id=5252de48-df59-4731-9d61-4780cbe6f509; addevent_track_cookie=97bacebd-ca38-4a69-d177-1adea4d126bd
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 19:30:20 GMT
content-type: image/x-icon
cf-ray: 7558923c8dc9b4f1-OSL
access-control-allow-origin: *
etag: W/"633da86c-3aee"
last-modified: Wed, 05 Oct 2022 15:53:16 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.9.0/css/v4-shims.css

172.64.132.15

200 OK

0 B

URL HTTP/2
use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
IP
172.64.132.15:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/v5.9.0/css/v4-shims.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wellnesstoday02.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 05 Oct 2022 19:30:19 GMT
content-type: text/css
x-amz-id-2: HpuDfuJOnoRBIn1oGWh6kpnFISyPAhBcUuSh2sgaSOixf+diILYpFUsoF1uDkiR93wgKGECAn7k=
x-amz-request-id: F0PPGVAN5CXAHSGM
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
etag: W/"e140a7d32f343530f016095df3cc2ae4"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 29765241
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ls7gfCUNyFwmXMwI%2F8TbnYheyanFjfXirlPBqB7XHH7AdP3CWu2vKQsTd0MkSQZwyisFnrxIAbv8KpQPqh6%2BWD6dSmEOXoeudfVGnE2wk9G2l4iQD0j6fGkziPHV9i%2FyrYmqupoH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755892378abd72de-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

172.64.156.26

200 OK

0 B

URL HTTP/2
static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
IP
172.64.156.26:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wellnesstoday02.com
Connection: keep-alive
Referer: https://wellnesstoday02.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 05 Oct 2022 19:30:19 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2021.12.0
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 755892377fa5b515-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

app.clickfunnels.com/userevents/?funnel_id=ZVhyOG8yVk1xQ0dQMTh4YXovYnMrZz09LS1GUU1MWTR5ZGNFMGIyQmJFbmFTWll3PT0%3D--f0014cf14880dfadd180c2a2c3059fc464087088&page_id=bmZQNmRZUmttSnI5QXhwM3Jab0F5dz09LS1JeTkwcXZzSTI2em1FYmdiSnR0bnpBPT0%3D--3e4ca8a626caecd11fd7311fe1e31b273f85f9e1&funnel_step_id=SDMvc1A3d3M1OTdUQW53djNiaTNjZz09LS1sM1VVUE0yWmpPdnhvc0ptNVE1YVRBPT0%3D--2a464c1f6101fb0e1d09d5de127a9cbe4b8f3225&user_id=c2JHcE40aTkxYzl6V3VIc1JlcTNhUT09LS1XVWh2YU5tZUxjdHV0ZkJ5N21jbXRRPT0%3D--ff81d6004aa25352e72274b5f467af1858c109b6&account_id=R2VxQmJnbGRlZERaaEQ3RnAyWDJRQT09LS1WVU52TkZ5ZFJaMUY1REpxVVNlUmhBPT0%3D--32d24f437900faef9e00ebb52d37693d094e8de3&page_code=NTYyMTAxMTQ%3D&mode_id=1&time_zone=Mountain%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniqueVisitorsCreatedSummary&nonce=f43ad9a1-de18-4347-b076-2d1a911880ee&url=https%3A%2F%2Fwellnesstoday02.com%2Fprodentim

104.16.13.194

202 Accepted

0 B

URL HTTP/2
app.clickfunnels.com/userevents/?funnel_id=ZVhyOG8yVk1xQ0dQMTh4YXovYnMrZz09LS1GUU1MWTR5ZGNFMGIyQmJFbmFTWll3PT0%3D--f0014cf14880dfadd180c2a2c3059fc464087088&page_id=bmZQNmRZUmttSnI5QXhwM3Jab0F5dz09LS1JeTkwcXZzSTI2em1FYmdiSnR0bnpBPT0%3D--3e4ca8a626caecd11fd7311fe1e31b273f85f9e1&funnel_step_id=SDMvc1A3d3M1OTdUQW53djNiaTNjZz09LS1sM1VVUE0yWmpPdnhvc0ptNVE1YVRBPT0%3D--2a464c1f6101fb0e1d09d5de127a9cbe4b8f3225&user_id=c2JHcE40aTkxYzl6V3VIc1JlcTNhUT09LS1XVWh2YU5tZUxjdHV0ZkJ5N21jbXRRPT0%3D--ff81d6004aa25352e72274b5f467af1858c109b6&account_id=R2VxQmJnbGRlZERaaEQ3RnAyWDJRQT09LS1WVU52TkZ5ZFJaMUY1REpxVVNlUmhBPT0%3D--32d24f437900faef9e00ebb52d37693d094e8de3&page_code=NTYyMTAxMTQ%3D&mode_id=1&time_zone=Mountain%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniqueVisitorsCreatedSummary&nonce=f43ad9a1-de18-4347-b076-2d1a911880ee&url=https%3A%2F%2Fwellnesstoday02.com%2Fprodentim
IP
104.16.13.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /userevents/?funnel_id=ZVhyOG8yVk1xQ0dQMTh4YXovYnMrZz09LS1GUU1MWTR5ZGNFMGIyQmJFbmFTWll3PT0%3D--f0014cf14880dfadd180c2a2c3059fc464087088&page_id=bmZQNmRZUmttSnI5QXhwM3Jab0F5dz09LS1JeTkwcXZzSTI2em1FYmdiSnR0bnpBPT0%3D--3e4ca8a626caecd11fd7311fe1e31b273f85f9e1&funnel_step_id=SDMvc1A3d3M1OTdUQW53djNiaTNjZz09LS1sM1VVUE0yWmpPdnhvc0ptNVE1YVRBPT0%3D--2a464c1f6101fb0e1d09d5de127a9cbe4b8f3225&user_id=c2JHcE40aTkxYzl6V3VIc1JlcTNhUT09LS1XVWh2YU5tZUxjdHV0ZkJ5N21jbXRRPT0%3D--ff81d6004aa25352e72274b5f467af1858c109b6&account_id=R2VxQmJnbGRlZERaaEQ3RnAyWDJRQT09LS1WVU52TkZ5ZFJaMUY1REpxVVNlUmhBPT0%3D--32d24f437900faef9e00ebb52d37693d094e8de3&page_code=NTYyMTAxMTQ%3D&mode_id=1&time_zone=Mountain%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniqueVisitorsCreatedSummary&nonce=f43ad9a1-de18-4347-b076-2d1a911880ee&url=https%3A%2F%2Fwellnesstoday02.com%2Fprodentim HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wellnesstoday02.com
Connection: keep-alive
Referer: https://wellnesstoday02.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 202 Accepted
date: Wed, 05 Oct 2022 19:30:20 GMT
content-type: text/html
cf-ray: 7558923b1bf21c12-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 3c1484a77fa07caa28ec034d3b8bed5e
x-runtime: 0.033807
set-cookie: __cf_bm=EmQdjTPFkkuW8iciRzD4yGO5lSg7nLl.reacSIMYDSk-1664998220-0-AavtOdWXL8pLmry9UVqwsWKlt0YU5utO75/1683ecVJ+1In1XWTB06HfC9Z2r4pYWzb6qG2rpYM8G8gFnfj4TYFhl0IFBjdqZBO/YNLJ0lL1; path=/; expires=Wed, 05-Oct-22 20:00:20 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2

wellnesstoday02.com/images/background.png?_unique=0.6466193667731427&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//wellnesstoday02.com/prodentim&_title=Wellness%20Today&_key=r517nwx1&_page_key=ry19bpn0mucn7cw9&_fid=12415250&_fspos=1&_fvrs=1&_funnel_stat=1&_location=https://wellnesstoday02.com/prodentim&_referrer=

104.16.15.194

200 OK

0 B

URL HTTP/2
wellnesstoday02.com/images/background.png?_unique=0.6466193667731427&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//wellnesstoday02.com/prodentim&_title=Wellness%20Today&_key=r517nwx1&_page_key=ry19bpn0mucn7cw9&_fid=12415250&_fspos=1&_fvrs=1&_funnel_stat=1&_location=https://wellnesstoday02.com/prodentim&_referrer=
IP
104.16.15.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /images/background.png?_unique=0.6466193667731427&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//wellnesstoday02.com/prodentim&_title=Wellness%20Today&_key=r517nwx1&_page_key=ry19bpn0mucn7cw9&_fid=12415250&_fspos=1&_fvrs=1&_funnel_stat=1&_location=https://wellnesstoday02.com/prodentim&_referrer= HTTP/1.1
Host: wellnesstoday02.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wellnesstoday02.com/prodentim
Cookie: __cf_bm=.LkAp.o4SFCKlTXEGVv_sJIE3SQ6xtAtCMb0RK2UZ7w-1664998219-0-AZNSI3DkfG3MeD5kqcilHnQfAoq6wVyTOMa8yGftqOVwatu1wJjNpSLTwIM3m/ZeEzrgBTaMtwiyD2zo6jaof1NXixa2V7aDs9MaFyUpyblP; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTYyMTAxMTQ=:visited=true; cf:visitor_id=5252de48-df59-4731-9d61-4780cbe6f509; addevent_track_cookie=97bacebd-ca38-4a69-d177-1adea4d126bd; _fbp=fb.1.1664998220496.1902550565
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 19:30:20 GMT
content-type: text/javascript; charset=utf-8
cf-ray: 7558923e7903b4f1-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store, private
strict-transport-security: max-age=0
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
status: 200 OK
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 6b9b692b28969453cb2e891501740a46
x-runtime: 0.021986
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

wellnesstoday02.com/assets/lander.css

104.16.15.194

200 OK

0 B

URL HTTP/2
wellnesstoday02.com/assets/lander.css
IP
104.16.15.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/lander.css HTTP/1.1
Host: wellnesstoday02.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wellnesstoday02.com/prodentim
Cookie: __cf_bm=.LkAp.o4SFCKlTXEGVv_sJIE3SQ6xtAtCMb0RK2UZ7w-1664998219-0-AZNSI3DkfG3MeD5kqcilHnQfAoq6wVyTOMa8yGftqOVwatu1wJjNpSLTwIM3m/ZeEzrgBTaMtwiyD2zo6jaof1NXixa2V7aDs9MaFyUpyblP
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 19:30:19 GMT
content-type: text/css
cf-ray: 755892370d6db4f1-OSL
access-control-allow-origin: *
age: 303
cache-control: public, max-age=1200
etag: W/"633da86c-6a514"
expires: Wed, 05 Oct 2022 19:50:19 GMT
last-modified: Wed, 05 Oct 2022 15:53:16 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

wellnesstoday02.com/assets/pushcrew.js

104.16.15.194

200 OK

0 B

URL HTTP/2
wellnesstoday02.com/assets/pushcrew.js
IP
104.16.15.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/pushcrew.js HTTP/1.1
Host: wellnesstoday02.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wellnesstoday02.com/prodentim
Cookie: __cf_bm=.LkAp.o4SFCKlTXEGVv_sJIE3SQ6xtAtCMb0RK2UZ7w-1664998219-0-AZNSI3DkfG3MeD5kqcilHnQfAoq6wVyTOMa8yGftqOVwatu1wJjNpSLTwIM3m/ZeEzrgBTaMtwiyD2zo6jaof1NXixa2V7aDs9MaFyUpyblP
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 19:30:19 GMT
content-type: application/x-javascript
cf-ray: 755892373db0b4f1-OSL
access-control-allow-origin: *
age: 850
cache-control: public, max-age=1200
etag: W/"633da86c-27d"
expires: Wed, 05 Oct 2022 19:50:19 GMT
last-modified: Wed, 05 Oct 2022 15:53:16 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

app.clickfunnels.com/userevents/?funnel_id=ZVhyOG8yVk1xQ0dQMTh4YXovYnMrZz09LS1GUU1MWTR5ZGNFMGIyQmJFbmFTWll3PT0%3D--f0014cf14880dfadd180c2a2c3059fc464087088&page_id=bmZQNmRZUmttSnI5QXhwM3Jab0F5dz09LS1JeTkwcXZzSTI2em1FYmdiSnR0bnpBPT0%3D--3e4ca8a626caecd11fd7311fe1e31b273f85f9e1&funnel_step_id=SDMvc1A3d3M1OTdUQW53djNiaTNjZz09LS1sM1VVUE0yWmpPdnhvc0ptNVE1YVRBPT0%3D--2a464c1f6101fb0e1d09d5de127a9cbe4b8f3225&user_id=c2JHcE40aTkxYzl6V3VIc1JlcTNhUT09LS1XVWh2YU5tZUxjdHV0ZkJ5N21jbXRRPT0%3D--ff81d6004aa25352e72274b5f467af1858c109b6&account_id=R2VxQmJnbGRlZERaaEQ3RnAyWDJRQT09LS1WVU52TkZ5ZFJaMUY1REpxVVNlUmhBPT0%3D--32d24f437900faef9e00ebb52d37693d094e8de3&page_code=NTYyMTAxMTQ%3D&mode_id=1&time_zone=Mountain%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniquePageviewsCreatedSummary&nonce=e2c6b6f8-e762-4b35-8f2f-9eb84a43975f&url=https%3A%2F%2Fwellnesstoday02.com%2Fprodentim

104.16.13.194

202 Accepted

0 B

URL HTTP/2
app.clickfunnels.com/userevents/?funnel_id=ZVhyOG8yVk1xQ0dQMTh4YXovYnMrZz09LS1GUU1MWTR5ZGNFMGIyQmJFbmFTWll3PT0%3D--f0014cf14880dfadd180c2a2c3059fc464087088&page_id=bmZQNmRZUmttSnI5QXhwM3Jab0F5dz09LS1JeTkwcXZzSTI2em1FYmdiSnR0bnpBPT0%3D--3e4ca8a626caecd11fd7311fe1e31b273f85f9e1&funnel_step_id=SDMvc1A3d3M1OTdUQW53djNiaTNjZz09LS1sM1VVUE0yWmpPdnhvc0ptNVE1YVRBPT0%3D--2a464c1f6101fb0e1d09d5de127a9cbe4b8f3225&user_id=c2JHcE40aTkxYzl6V3VIc1JlcTNhUT09LS1XVWh2YU5tZUxjdHV0ZkJ5N21jbXRRPT0%3D--ff81d6004aa25352e72274b5f467af1858c109b6&account_id=R2VxQmJnbGRlZERaaEQ3RnAyWDJRQT09LS1WVU52TkZ5ZFJaMUY1REpxVVNlUmhBPT0%3D--32d24f437900faef9e00ebb52d37693d094e8de3&page_code=NTYyMTAxMTQ%3D&mode_id=1&time_zone=Mountain%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniquePageviewsCreatedSummary&nonce=e2c6b6f8-e762-4b35-8f2f-9eb84a43975f&url=https%3A%2F%2Fwellnesstoday02.com%2Fprodentim
IP
104.16.13.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /userevents/?funnel_id=ZVhyOG8yVk1xQ0dQMTh4YXovYnMrZz09LS1GUU1MWTR5ZGNFMGIyQmJFbmFTWll3PT0%3D--f0014cf14880dfadd180c2a2c3059fc464087088&page_id=bmZQNmRZUmttSnI5QXhwM3Jab0F5dz09LS1JeTkwcXZzSTI2em1FYmdiSnR0bnpBPT0%3D--3e4ca8a626caecd11fd7311fe1e31b273f85f9e1&funnel_step_id=SDMvc1A3d3M1OTdUQW53djNiaTNjZz09LS1sM1VVUE0yWmpPdnhvc0ptNVE1YVRBPT0%3D--2a464c1f6101fb0e1d09d5de127a9cbe4b8f3225&user_id=c2JHcE40aTkxYzl6V3VIc1JlcTNhUT09LS1XVWh2YU5tZUxjdHV0ZkJ5N21jbXRRPT0%3D--ff81d6004aa25352e72274b5f467af1858c109b6&account_id=R2VxQmJnbGRlZERaaEQ3RnAyWDJRQT09LS1WVU52TkZ5ZFJaMUY1REpxVVNlUmhBPT0%3D--32d24f437900faef9e00ebb52d37693d094e8de3&page_code=NTYyMTAxMTQ%3D&mode_id=1&time_zone=Mountain%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniquePageviewsCreatedSummary&nonce=e2c6b6f8-e762-4b35-8f2f-9eb84a43975f&url=https%3A%2F%2Fwellnesstoday02.com%2Fprodentim HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wellnesstoday02.com
Connection: keep-alive
Referer: https://wellnesstoday02.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 202 Accepted
date: Wed, 05 Oct 2022 19:30:20 GMT
content-type: text/html
cf-ray: 7558923b1bfe1c12-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 35ab64c0ce3b0ef29ba8c6211cc82973
x-runtime: 0.027536
set-cookie: __cf_bm=Vxew9ZCPIui2kxjiRjnFfzXI8THP.enfuiq11Gh0V24-1664998220-0-AQkr/v9tszIXHrg59p63ZqDis0YfqTeIWlenFhufOb3/gAatu6F1dRwGzQ2cPo4xk4Pa+0tN9SpUDPWG9seFNFFZuryK1yY7otw+rpW/Hgna; path=/; expires=Wed, 05-Oct-22 20:00:20 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2

app.clickfunnels.com/userevents/?funnel_id=ZVhyOG8yVk1xQ0dQMTh4YXovYnMrZz09LS1GUU1MWTR5ZGNFMGIyQmJFbmFTWll3PT0%3D--f0014cf14880dfadd180c2a2c3059fc464087088&page_id=bmZQNmRZUmttSnI5QXhwM3Jab0F5dz09LS1JeTkwcXZzSTI2em1FYmdiSnR0bnpBPT0%3D--3e4ca8a626caecd11fd7311fe1e31b273f85f9e1&funnel_step_id=SDMvc1A3d3M1OTdUQW53djNiaTNjZz09LS1sM1VVUE0yWmpPdnhvc0ptNVE1YVRBPT0%3D--2a464c1f6101fb0e1d09d5de127a9cbe4b8f3225&user_id=c2JHcE40aTkxYzl6V3VIc1JlcTNhUT09LS1XVWh2YU5tZUxjdHV0ZkJ5N21jbXRRPT0%3D--ff81d6004aa25352e72274b5f467af1858c109b6&account_id=R2VxQmJnbGRlZERaaEQ3RnAyWDJRQT09LS1WVU52TkZ5ZFJaMUY1REpxVVNlUmhBPT0%3D--32d24f437900faef9e00ebb52d37693d094e8de3&page_code=NTYyMTAxMTQ%3D&mode_id=1&time_zone=Mountain%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::PageviewsCreatedSummary&nonce=6216f8f9-fa29-4d36-9d38-fffb24e51fed&url=https%3A%2F%2Fwellnesstoday02.com%2Fprodentim

104.16.13.194

202 Accepted

0 B

URL HTTP/2
app.clickfunnels.com/userevents/?funnel_id=ZVhyOG8yVk1xQ0dQMTh4YXovYnMrZz09LS1GUU1MWTR5ZGNFMGIyQmJFbmFTWll3PT0%3D--f0014cf14880dfadd180c2a2c3059fc464087088&page_id=bmZQNmRZUmttSnI5QXhwM3Jab0F5dz09LS1JeTkwcXZzSTI2em1FYmdiSnR0bnpBPT0%3D--3e4ca8a626caecd11fd7311fe1e31b273f85f9e1&funnel_step_id=SDMvc1A3d3M1OTdUQW53djNiaTNjZz09LS1sM1VVUE0yWmpPdnhvc0ptNVE1YVRBPT0%3D--2a464c1f6101fb0e1d09d5de127a9cbe4b8f3225&user_id=c2JHcE40aTkxYzl6V3VIc1JlcTNhUT09LS1XVWh2YU5tZUxjdHV0ZkJ5N21jbXRRPT0%3D--ff81d6004aa25352e72274b5f467af1858c109b6&account_id=R2VxQmJnbGRlZERaaEQ3RnAyWDJRQT09LS1WVU52TkZ5ZFJaMUY1REpxVVNlUmhBPT0%3D--32d24f437900faef9e00ebb52d37693d094e8de3&page_code=NTYyMTAxMTQ%3D&mode_id=1&time_zone=Mountain%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::PageviewsCreatedSummary&nonce=6216f8f9-fa29-4d36-9d38-fffb24e51fed&url=https%3A%2F%2Fwellnesstoday02.com%2Fprodentim
IP
104.16.13.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /userevents/?funnel_id=ZVhyOG8yVk1xQ0dQMTh4YXovYnMrZz09LS1GUU1MWTR5ZGNFMGIyQmJFbmFTWll3PT0%3D--f0014cf14880dfadd180c2a2c3059fc464087088&page_id=bmZQNmRZUmttSnI5QXhwM3Jab0F5dz09LS1JeTkwcXZzSTI2em1FYmdiSnR0bnpBPT0%3D--3e4ca8a626caecd11fd7311fe1e31b273f85f9e1&funnel_step_id=SDMvc1A3d3M1OTdUQW53djNiaTNjZz09LS1sM1VVUE0yWmpPdnhvc0ptNVE1YVRBPT0%3D--2a464c1f6101fb0e1d09d5de127a9cbe4b8f3225&user_id=c2JHcE40aTkxYzl6V3VIc1JlcTNhUT09LS1XVWh2YU5tZUxjdHV0ZkJ5N21jbXRRPT0%3D--ff81d6004aa25352e72274b5f467af1858c109b6&account_id=R2VxQmJnbGRlZERaaEQ3RnAyWDJRQT09LS1WVU52TkZ5ZFJaMUY1REpxVVNlUmhBPT0%3D--32d24f437900faef9e00ebb52d37693d094e8de3&page_code=NTYyMTAxMTQ%3D&mode_id=1&time_zone=Mountain%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::PageviewsCreatedSummary&nonce=6216f8f9-fa29-4d36-9d38-fffb24e51fed&url=https%3A%2F%2Fwellnesstoday02.com%2Fprodentim HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wellnesstoday02.com
Connection: keep-alive
Referer: https://wellnesstoday02.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 202 Accepted
date: Wed, 05 Oct 2022 19:30:20 GMT
content-type: text/html
cf-ray: 7558923b0be41c12-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 44bb9f3b2546e567bcce4136e3d9b3b9
x-runtime: 0.045331
set-cookie: __cf_bm=ZvJH2UqmS.v0E8pndNHX0c1mA2B2aOJi9XOAmEuwzMU-1664998220-0-AUNyxGF2L2HjQ1xNouNHSwNrnRecp4XR+mFzeT0TGj87q9X1WucIEtHYlbrdAj7hQlV2I+OhdtV0983jFIVLJMY/QEKiPRTA/3P+QDnYciJg; path=/; expires=Wed, 05-Oct-22 20:00:20 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (23)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations