Overview

URL allwellinst.com/
IP198.54.126.9
ASNNAMECHEAP-NET
Location United States
Report completed2022-09-06 12:01:48 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-06 2 allwellinst.com/ Phishing
2022-09-06 2 www.allwellinst.com/ Phishing
2022-09-06 2 www.allwellinst.com/ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js Phishing
2022-09-06 2 www.allwellinst.com/js/bootstrap.min.js Phishing
2022-09-06 2 www.allwellinst.com/js/animations.min.js Phishing
2022-09-06 2 www.allwellinst.com/js/jssor.slider-21.1.5.mini.js Phishing
2022-09-06 2 www.allwellinst.com/js/jquery.plugin.js Phishing
2022-09-06 2 www.allwellinst.com/js/jquery.main.js Phishing
2022-09-06 2 www.allwellinst.com/js/jquery-1.11.3.min.js Phishing
2022-09-06 2 www.allwellinst.com/js/timber.master.min.js Phishing
2022-09-06 2 www.allwellinst.com/js/bootstrap-dropdownhover.min.js Phishing
2022-09-06 2 www.allwellinst.com/owl-carousel/owl.carousel.js Phishing
2022-09-06 2 www.allwellinst.com/assets1/js/bootstrap-collapse.js Phishing
2022-09-06 2 www.allwellinst.com/assets1/js/bootstrap-transition.js Phishing
2022-09-06 2 www.allwellinst.com/assets1/js/google-code-prettify/prettify.js Phishing
2022-09-06 2 www.allwellinst.com/assets1/js/bootstrap-tab.js Phishing
2022-09-06 2 www.allwellinst.com/assets1/js/application.js Phishing
2022-09-06 2 www.allwellinst.com/ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js Phishing
2022-09-06 2 www.allwellinst.com/fonts/icomoon.woff Phishing
2022-09-06 2 www.allwellinst.com/assets1/js/jquery-1.9.1.min.js Phishing
2022-09-06 2 www.allwellinst.com/fonts/fontawesome-webfont.woff2?v=4.7.0 Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (12)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-09-06 06:14:31 UTC 93.184.220.29
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-06 04:43:30 UTC 35.164.56.167
mnemonic passive DNS www.allwellinst.com (51) 0 2019-05-31 15:08:36 UTC 2022-09-01 07:36:36 UTC 198.54.126.9 Unknown ranking
mnemonic passive DNS fonts.googleapis.com (2) 8877 2014-07-21 13:19:55 UTC 2022-09-06 05:20:18 UTC 142.250.74.10
mnemonic passive DNS fonts.gstatic.com (5) 0 2014-08-29 13:43:22 UTC 2022-09-06 04:40:06 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS img-getpocket.cdn.mozilla.net (7) 1631 2017-09-01 03:40:57 UTC 2022-09-06 04:01:54 UTC 34.120.237.76
mnemonic passive DNS r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-09-06 04:41:22 UTC 23.36.76.226
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-06 04:42:27 UTC 143.204.55.115
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-06 05:16:49 UTC 143.204.55.35
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-06 04:40:31 UTC 34.117.237.239
mnemonic passive DNS allwellinst.com (1) 0 2019-05-31 15:08:34 UTC 2022-09-06 07:37:36 UTC 198.54.126.9 Unknown ranking
mnemonic passive DNS ocsp.pki.goog (5) 175 2017-06-14 07:23:31 UTC 2022-09-06 04:40:10 UTC 142.250.74.3


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 198.54.126.9

Date UQ / IDS / BL URL IP
2022-12-01 09:50:17 +0000
0 - 0 - 36 newpak.edu.pk/ 198.54.126.9
2022-11-04 23:26:53 +0000
0 - 0 - 24 vinayakinterior.com/urr/LP/uC/3XFf2xTT.zip 198.54.126.9
2022-10-09 07:36:43 +0000
0 - 0 - 22 allwellinst.com/ 198.54.126.9
2022-09-08 07:37:03 +0000
0 - 0 - 22 allwellinst.com/ 198.54.126.9
2022-09-06 12:01:48 +0000
0 - 0 - 21 allwellinst.com/ 198.54.126.9

Last 5 reports on ASN: NAMECHEAP-NET

Date UQ / IDS / BL URL IP
2022-12-03 21:53:26 +0000
0 - 0 - 3 shubhlabhmatka.easyonlinestore.net/shubhlabh.zip 104.219.248.114
2022-12-03 21:53:18 +0000
0 - 0 - 3 shubhlabhmatka.easyonlinestore.net/live_satta.apk 104.219.248.114
2022-12-03 21:53:02 +0000
0 - 0 - 8 dhankuber.easyonlinestore.net/ 104.219.248.114
2022-12-03 21:49:40 +0000
0 - 0 - 1 creddit.sedfx.info/ 66.29.141.45
2022-12-03 21:48:54 +0000
0 - 0 - 4 snakes.gamingarena.lk/ 198.187.31.82

Last 5 reports on domain: allwellinst.com

Date UQ / IDS / BL URL IP
2022-11-06 07:37:07 +0000
0 - 0 - 22 allwellinst.com/ 142.4.9.224
2022-11-04 07:37:06 +0000
0 - 0 - 2 allwellinst.com/ 142.4.9.224
2022-10-23 07:37:15 +0000
0 - 0 - 22 allwellinst.com/ 142.4.9.224
2022-10-09 07:36:43 +0000
0 - 0 - 22 allwellinst.com/ 198.54.126.9
2022-09-08 07:37:03 +0000
0 - 0 - 22 allwellinst.com/ 198.54.126.9

Last 4 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-11-06 07:37:07 +0000
0 - 0 - 22 allwellinst.com/ 142.4.9.224
2022-10-23 07:37:15 +0000
0 - 0 - 22 allwellinst.com/ 142.4.9.224
2022-09-08 07:37:03 +0000
0 - 0 - 22 allwellinst.com/ 198.54.126.9
2022-09-01 07:36:46 +0000
0 - 0 - 22 allwellinst.com/ 198.54.126.9


JavaScript

Executed Scripts (21)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (83)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F610984FB0A75B3A31424FAA860CBC8172C7F21804DF1DC14FBB685B7C456F29"
Last-Modified: Sat, 03 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2473
Expires: Tue, 06 Sep 2022 12:42:50 GMT
Date: Tue, 06 Sep 2022 12:01:37 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 06 Sep 2022 11:04:17 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Db51UFY8VLP25n0zJwLO8iGdOWTao40bs-nCuH5grzRyU4479oSFMg==
Age: 3440


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    b593eb39329cfe060d55be5e4a5405e2
Sha1:   78e46c1028e9f94f8569303ad2d90d7df13a059a
Sha256: 08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 06 Sep 2022 01:15:18 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 9W9W1rKpq245UqRB61VVDu-HVdxgt8fA0GUMOJ1m-adfe3guUiRsJw==
age: 38780
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    742edb4038f38bc533514982f3d2e861
Sha1:   cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 06 Sep 2022 12:01:37 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET / HTTP/1.1 
Host: allwellinst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         198.54.126.9
HTTP/1.1 301 Moved Permanently
content-type: text/html; charset=iso-8859-1
                                        
date: Tue, 06 Sep 2022 12:01:37 GMT
server: Apache
location: http://www.allwellinst.com/
content-length: 235


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   235
Md5:    2348f6ab9a5a61b3e3d100cee86b029b
Sha1:   3e4a79ba4235b4325eef5da5379529b225fd1188
Sha256: 046e2e8d5a5e775450f3f5309c0235250c45ad8a7d848b07040c1e58c41a9221

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 06 Sep 2022 11:38:18 GMT
Cache-Control: max-age=3600
Expires: Tue, 06 Sep 2022 12:38:18 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: wTY8wtlcOlBY47aEQwHI_j7R1yteaE0ZMOTJRU-mnaHSXGxuOfVWFw==
Age: 1400


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6300
Cache-Control: max-age=165006
Date: Tue, 06 Sep 2022 12:01:38 GMT
Etag: "6316ff94-1d7"
Expires: Thu, 08 Sep 2022 09:51:44 GMT
Last-Modified: Tue, 06 Sep 2022 08:06:44 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: S4IsGG93G1SFN1kn2yubAQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         35.164.56.167
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: XnCrg8uinwOoBgRJd9Tsj+RK8I0=

                                        
                                            GET / HTTP/1.1 
Host: www.allwellinst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         198.54.126.9
HTTP/1.1 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Tue, 06 Sep 2022 12:01:38 GMT
server: Apache
x-powered-by: PHP/5.6.40
set-cookie: PHPSESSID=7nj2sbr13serr7gi2m94v65tg4; path=/
vary: Accept-Encoding
content-encoding: gzip
content-length: 7106


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size:   7106
Md5:    1c4993f2fab8a2ea6ef08605318f37c1
Sha1:   b94638b92abf820c0bd34bf580f2888b552ba841
Sha256: 1a322e3d802f6f220b30056f4cf133b0b7c8e18c4721905009cd20f6c3dece6a

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 12:01:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 12:01:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /css/bootstrap.css HTTP/1.1 
Host: www.allwellinst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=7nj2sbr13serr7gi2m94v65tg4

                                         
                                         198.54.126.9
HTTP/1.1 200 OK
content-type: text/css
                                        
date: Tue, 06 Sep 2022 12:01:38 GMT
server: Apache
last-modified: Sat, 10 Feb 2018 21:16:04 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 21931


--- Additional Info ---
Magic:  ASCII text, with very long lines (540), with CRLF line terminators
Size:   21931
Md5:    fbc86d068745fc184b27acf5b4c9e537
Sha1:   c79328d2be5383098c1908060994cf3605f86933
Sha256: 22e3c1acaf4a838c3917d2bd13327f6f65f91c28fcfd7bcdd3b99ce951301cbb
                                        
                                            GET /css/colors.css HTTP/1.1 
Host: www.allwellinst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=7nj2sbr13serr7gi2m94v65tg4

                                         
                                         198.54.126.9
HTTP/1.1 200 OK
content-type: text/css
                                        
date: Tue, 06 Sep 2022 12:01:38 GMT
server: Apache
last-modified: Sat, 10 Feb 2018 17:53:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 863


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   863
Md5:    db1d77b55ac3f1e77d539360cd656fd4
Sha1:   f38141c4a42b479f7022eb6428298b496cea1328
Sha256: e64ad777fc524fc1b284359f5ad96dc47cda8e951729dd251f5b792db9f65f3c
                                        
                                            GET /css?family=Roboto:400,400italic,300italic,300,500,700 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.allwellinst.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Sep 2022 12:01:39 GMT
date: Tue, 06 Sep 2022 12:01:39 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1307
Md5:    139818a8f7516e25b412fa1c37e406f1
Sha1:   e0801743e59cc54a5e47d9ae66a1ef8e67ac0863
Sha256: 00a4731e2c1cf5d7aca2b58bf993d7fc4e3e025c8db662b7a3c43ec7c0bfc811
                                        
                                            GET /css/jquery.countdown.css HTTP/1.1 
Host: www.allwellinst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=7nj2sbr13serr7gi2m94v65tg4

                                         
                                         198.54.126.9
HTTP/1.1 200 OK
content-type: text/css
                                        
date: Tue, 06 Sep 2022 12:01:38 GMT
server: Apache
last-modified: Sun, 29 May 2016 02:25:42 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 557


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   557
Md5:    f479f2ac3253e87e11b968e75df1c4d8
Sha1:   6cf4e4d3c6d134183c9ff5437abdaca29665e212
Sha256: 3d327674671ca969cb98f4e27a138821b62c5a310c122a162ed4695c6d4e7828
                                        
                                            GET /css/font-awesome.css HTTP/1.1 
Host: www.allwellinst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=7nj2sbr13serr7gi2m94v65tg4

                                         
                                         198.54.126.9
HTTP/1.1 200 OK
content-type: text/css
                                        
date: Tue, 06 Sep 2022 12:01:38 GMT
server: Apache
last-modified: Mon, 26 Feb 2018 11:24:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7439


--- Additional Info ---
Magic:  troff or preprocessor input, ASCII text, with very long lines (372)
Size:   7439
Md5:    57a8ee32de25312ab303210ef3c556a9
Sha1:   388f783ee7c84801442370bf8d3812213a1198f5
Sha256: 8bdd62fda01c7b19a4d2ee31cfb4d2fc6123a958cb23bf902c9fead7fc6a9c0d
                                        
                                            GET /css/font-awesome.min.css HTTP/1.1 
Host: www.allwellinst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=7nj2sbr13serr7gi2m94v65tg4

                                         
                                         198.54.126.9
HTTP/1.1 200 OK
content-type: text/css
                                        
date: Tue, 06 Sep 2022 12:01:38 GMT
server: Apache
last-modified: Mon, 26 Feb 2018 11:24:39 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7053


--- Additional Info ---
Magic:  ASCII text, with very long lines (30837)
Size:   7053
Md5:    52f1a8a2ce85fa8432308b33bc1a2e79
Sha1:   fd80917af5371c8ecad0198592a1e7cce4b77b0e
Sha256: 07bd6a9ea0213e20f362485aadc17a88c486ecfb394004b41b8b38db6e6a35f6
                                        
                                            GET /css/style.css HTTP/1.1 
Host: www.allwellinst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=7nj2sbr13serr7gi2m94v65tg4

                                         
                                         198.54.126.9
HTTP/1.1 200 OK
content-type: text/css
                                        
date: Tue, 06 Sep 2022 12:01:38 GMT
server: Apache
last-modified: Wed, 28 Feb 2018 10:53:29 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 17700


--- Additional Info ---
Magic:  ASCII text
Size:   17700
Md5:    f5bbe4867d6da98768e6ff6f0e40bce3
Sha1:   02ab966cf1f7b5506db89abd1c73b108292f58b6
Sha256: 35a8b1acdf7256f32a48efe6caa00aca6094aedd9ac175cb23f7537f6d23e310
                                        
                                            GET /css/animate.min.css HTTP/1.1 
Host: www.allwellinst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=7nj2sbr13serr7gi2m94v65tg4

                                         
                                         198.54.126.9
HTTP/1.1 200 OK
content-type: text/css
                                        
date: Tue, 06 Sep 2022 12:01:39 GMT
server: Apache
last-modified: Sun, 29 May 2016 02:25:42 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3601


--- Additional Info ---
Magic:  ASCII text, with very long lines (53660), with CRLF line terminators
Size:   3601
Md5:    edfa4a796d55b7ec4882b9c12e1c1939
Sha1:   38d363c6ecbbbec1187594f3847f7a293623878b
Sha256: 04e6f08ffbdeb5c867fc1ef6b2dba674d17443a0a460f07e14a25d9a039d9933
                                        
                                            GET /css/animations.min.css HTTP/1.1 
Host: www.allwellinst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=7nj2sbr13serr7gi2m94v65tg4

                                         
                                         198.54.126.9
HTTP/1.1 200 OK
content-type: text/css
                                        
date: Tue, 06 Sep 2022 12:01:39 GMT
server: Apache
last-modified: Tue, 24 May 2016 01:59:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 10969


--- Additional Info ---
Magic:  ASCII text, with very long lines (59107), with CRLF line terminators
Size:   10969
Md5:    a294b31e76b68602c2093a027964968d
Sha1:   e2f0eb819471aa19d77af62f9466f1fcb25d2a8c
Sha256: 94d551bf5d5c33c98843e986d3f117b642504ba8d38ccc7881a1da694b85b894
                                        
                                            GET /css/bootstrap-dropdownhover.min.css HTTP/1.1 
Host: www.allwellinst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=7nj2sbr13serr7gi2m94v65tg4

                                         
                                         198.54.126.9
HTTP/1.1 200 OK
content-type: text/css
                                        
date: Tue, 06 Sep 2022 12:01:39 GMT
server: Apache
last-modified: Sun, 29 May 2016 02:25:42 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 480


--- Additional Info ---
Magic:  ASCII text, with very long lines (1161), with CRLF line terminators
Size:   480
Md5:    71671aa52fd73b7ff21a09d8b483afad
Sha1:   d55037ffbe361394be87684749205796984405cf
Sha256: 6c6f489c2020cb8e856c85095e7586fa83e4c278a34c7b7abce30175e90ab1bc
                                        
                                            GET /owl-carousel/owl.carousel.css HTTP/1.1 
Host: www.allwellinst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=7nj2sbr13serr7gi2m94v65tg4

                                         
                                         198.54.126.9
HTTP/1.1 200 OK
content-type: text/css
                                        
date: Tue, 06 Sep 2022 12:01:39 GMT
server: Apache
last-modified: Tue, 13 May 2014 14:56:20 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 528


--- Additional Info ---
Magic:  ASCII text
Size:   528
Md5:    a70757c9c5b45b8b3e693066dee5c63c
Sha1:   4ddc02d2eac2bb1a9ccc446ff1e19641ee8f7279
Sha256: 97e2ca1b06a80ecd57e1514d54bec8904727d25dc47f878b41d204c72e8535de
                                        
                                            GET /owl-carousel/owl.theme.css HTTP/1.1 
Host: www.allwellinst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=7nj2sbr13serr7gi2m94v65tg4

                                         
                                         198.54.126.9
HTTP/1.1 200 OK
content-type: text/css
                                        
date: Tue, 06 Sep 2022 12:01:39 GMT
server: Apache
last-modified: Tue, 28 Jun 2016 05:13:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 617


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   617
Md5:    717116511b7dd6e0d932945564d48b5d
Sha1:   e38c19fff93b9be8e44fe467812bf8dc826b62ba
Sha256: 62ddc65aab06a9df9a42f02c06d3b255479f55b8e02cce890cf8ed0b1874132f
                                        
                                            GET /assets1/js/google-code-prettify/prettify.css HTTP/1.1 
Host: www.allwellinst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=7nj2sbr13serr7gi2m94v65tg4

                                         
                                         198.54.126.9
HTTP/1.1 200 OK
content-type: text/css
                                        
date: Tue, 06 Sep 2022 12:01:39 GMT
server: Apache
last-modified: Tue, 15 Apr 2014 10:33:26 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 337


--- Additional Info ---
Magic:  ASCII text
Size:   337
Md5:    580c1f43a19d99824ec9c82f3af5afa1
Sha1:   2822fab5d742813c39307c0fc895092f30d72e6d
Sha256: 19e851fe4220853358642e096e2f74d11134a5c5c4b625f414551284df042dcb
                                        
                                            GET /ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js HTTP/1.1 
Host: www.allwellinst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=7nj2sbr13serr7gi2m94v65tg4

                                         
                                         198.54.126.9
HTTP/1.1 404 Not Found
content-type: text/html; charset=iso-8859-1
                                        
date: Tue, 06 Sep 2022 12:01:39 GMT
server: Apache
content-length: 315


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   315
Md5:    a34ac19f4afae63adc5d2f7bc970c07f
Sha1:   a82190fc530c265aa40a045c21770d967f4767b8
Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /js/bootstrap.min.js HTTP/1.1 
Host: www.allwellinst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=7nj2sbr13serr7gi2m94v65tg4

                                         
                                         198.54.126.9
HTTP/1.1 200 OK
content-type: application/javascript
                                        
date: Tue, 06 Sep 2022 12:01:39 GMT
server: Apache
last-modified: Wed, 18 May 2016 21:31:18 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 9753


--- Additional Info ---
Magic:  ASCII text, with very long lines (32034), with CRLF line terminators
Size:   9753
Md5:    8f033e5279d721a6b7b83b823106a831
Sha1:   b2034937c603bfb5bd10a8706b9997ce1e48422a
Sha256: 37c0bad76bc5d0678f54d41811131bb0f89421a39cf009ed8508e97da70bb531

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 12:01:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 12:01:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.allwellinst.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:34:21 GMT
expires: Thu, 31 Aug 2023 19:34:21 GMT
cache-control: public, max-age=31536000
age: 491238
last-modified: Wed, 11 May 2022 19:24:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Size:   15740
Md5:    b9c29351c46f3e8c8631c4002457f48a
Sha1:   e57e59c5780995ff2937ab2b511a769212974a87
Sha256: f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
                                        
                                            GET /css?family=PT+Sans+Caption:700 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.allwellinst.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Sep 2022 12:01:39 GMT
date: Tue, 06 Sep 2022 12:01:39 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   16192
Md5:    5dcb89240fe2f4bcd4b529889c28a7b9
Sha1:   b4d4bb782e363f3359a2ed206e47a9b99849f51d
Sha256: 06a834e7d0345806eeb0fe4bc9c1519ec4bc360287e20b888de26f3ee4cde08e
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.allwellinst.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:34:08 GMT
expires: Thu, 31 Aug 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 491251
last-modified: Wed, 11 May 2022 19:24:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size:   15860
Md5:    e9f5aaf547f165386cd313b995dddd8e
Sha1:   acdef5603c2387b0e5bffd744b679a24a8bc1968
Sha256: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.allwellinst.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Sep 2022 02:02:22 GMT
expires: Sun, 03 Sep 2023 02:02:22 GMT
cache-control: public, max-age=31536000
age: 295157
last-modified: Wed, 11 May 2022 19:24:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size:   15920
Md5:    3a44e06eb954b96aa043227f3534189d
Sha1:   23cef6993ddb2b2979e8e7647fc3763694e2ba7d
Sha256: b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 12:01:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /js/animations.min.js HTTP/1.1 
Host: www.allwellinst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=7nj2sbr13serr7gi2m94v65tg4

                                         
                                         198.54.126.9
HTTP/1.1 200 OK
content-type: application/javascript
                                        
date: Tue, 06 Sep 2022 12:01:39 GMT
server: Apache
last-modified: Tue, 24 May 2016 01:59:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 896


--- Additional Info ---
Magic:  ASCII text, with very long lines (1984), with CRLF line terminators
Size:   896
Md5:    59a80dad15d80721e03dbe32d579d524
Sha1:   c4e52939216121a6aa32352a3da1561e1c86f2a5
Sha256: 019bc22e048a00b9259bdc98b595a5026807357162447e4947d65a145584a2e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /js/jssor.slider-21.1.5.mini.js HTTP/1.1 
Host: www.allwellinst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=7nj2sbr13serr7gi2m94v65tg4

                                         
                                         198.54.126.9
HTTP/1.1 200 OK
content-type: application/javascript
                                        
date: Tue, 06 Sep 2022 12:01:39 GMT
server: Apache
last-modified: Mon, 05 Sep 2016 11:11:24 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 18516


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (45340)
Size:   18516
Md5:    4f156d967ee1b02dec81b65bde2425ba
Sha1:   7a68c479ef675d0b25ce9a87000c92c1e7e677ca
Sha256: 0f176f7705a6d1400229bcdc337d09c746830c790c60e81ad1984e773597440a

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /js/jquery.plugin.js HTTP/1.1 
Host: www.allwellinst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=7nj2sbr13serr7gi2m94v65tg4

                                         
                                         198.54.126.9
HTTP/1.1 200 OK
content-type: application/javascript
                                        
date: Tue, 06 Sep 2022 12:01:39 GMT
server: Apache
last-modified: Sat, 28 May 2016 02:21:12 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3707


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   3707
Md5:    71713fa2e9a97b2955421a491410feb2
Sha1:   032e3d4f3a81541f6bc76e23bc143de652b53245
Sha256: 9129efcab5de3069b545261f1d3cc51989ba43c1568863e9a7ebfe1a0cff345a

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /js/jquery.main.js HTTP/1.1 
Host: www.allwellinst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=7nj2sbr13serr7gi2m94v65tg4

                                         
                                         198.54.126.9
HTTP/1.1 200 OK
content-type: application/javascript
                                        
date: Tue, 06 Sep 2022 12:01:39 GMT
server: Apache
last-modified: Mon, 04 Jul 2016 19:16:24 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 24872


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with CRLF line terminators
Size:   24872
Md5:    98ab334a2b8ea90c03be8e7d4be821c2
Sha1:   754087e3c79b6a245cc45f0f3aa46277a23a7028
Sha256: 33eff417c1d5eeb88f350268cdc71b7dcfee57020e51d6efafee876be6964065

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /js/jquery-1.11.3.min.js HTTP/1.1 
Host: www.allwellinst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=7nj2sbr13serr7gi2m94v65tg4

                                         
                                         198.54.126.9
HTTP/1.1 200 OK
content-type: application/javascript
                                        
date: Tue, 06 Sep 2022 12:01:39 GMT
server: Apache
last-modified: Mon, 05 Sep 2016 11:11:24 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 33325


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (32038), with CRLF line terminators
Size:   33325
Md5:    9ce1aed52fb8705862f1fe577d2e32ee
Sha1:   6dd527958b075fb9d9bee25a79fef3da2068e7a8
Sha256: cd7fce434a5bab178c3bee88ee5faf69cbcb7a6b802a9d6e3c3a5b01eefa7817

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /js/timber.master.min.js HTTP/1.1 
Host: www.allwellinst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=7nj2sbr13serr7gi2m94v65tg4

                                         
                                         198.54.126.9
HTTP/1.1 200 OK
content-type: application/javascript
                                        
date: Tue, 06 Sep 2022 12:01:39 GMT
server: Apache
last-modified: Sat, 28 May 2016 02:21:12 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7483


--- Additional Info ---
Magic:  ASCII text, with very long lines (13394), with CRLF line terminators
Size:   7483
Md5:    4ec7d67f088a89412db086b2649cf98b
Sha1:   7a0cd55298193f117eebcf36354dff01b09602d4
Sha256: cfe1eb89541742ab9a9cf73e13d58bb9daf829497e33bdaa88b0c318c9dc7616

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /js/bootstrap-dropdownhover.min.js HTTP/1.1 
Host: www.allwellinst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=7nj2sbr13serr7gi2m94v65tg4

                                         
                                         198.54.126.9
HTTP/1.1 200 OK
content-type: application/javascript
                                        
date: Tue, 06 Sep 2022 12:01:39 GMT
server: Apache
last-modified: Sun, 29 May 2016 02:25:42 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1365


--- Additional Info ---
Magic:  ASCII text, with very long lines (3959), with CRLF line terminators
Size:   1365
Md5:    25a9a16a8cfad2825d0951f959506b3d
Sha1:   fe68cb14fed7e82170bcf927f2e14840d99e8b23
Sha256: e53701d7e509800745dd1c8ca58316bd8bfcdb48b9a7a9ed88d2a85c2ca3c315

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /owl-carousel/owl.carousel.js HTTP/1.1 
Host: www.allwellinst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=7nj2sbr13serr7gi2m94v65tg4

                                         
                                         198.54.126.9
HTTP/1.1 200 OK
content-type: application/javascript
                                        
date: Tue, 06 Sep 2022 12:01:39 GMT
server: Apache
last-modified: Tue, 13 May 2014 14:54:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 8751


--- Additional Info ---
Magic:  ASCII text
Size:   8751
Md5:    39c690419159637e1f3977c8dfb5718d
Sha1:   202b2d75966f313aec83f414d0845154e2d9384b
Sha256: 04a284e3609cc5cc5be472faf440515595190574f61b9f46c5c6fbec298a684f

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /assets1/js/bootstrap-collapse.js HTTP/1.1 
Host: www.allwellinst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=7nj2sbr13serr7gi2m94v65tg4

                                         
                                         198.54.126.9
HTTP/1.1 200 OK
content-type: application/javascript
                                        
date: Tue, 06 Sep 2022 12:01:39 GMT
server: Apache
last-modified: Tue, 15 Apr 2014 10:33:26 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1644


--- Additional Info ---
Magic:  ASCII text
Size:   1644
Md5:    501207e775d7b24f2c32f313e0fa6d41
Sha1:   8dfa9dc9fcb5fbcf6b628165ca1af40d2bff292d
Sha256: 3c742629def498f8b8393df8f4ca0fa512bf9c66de1eb7f7a9c646efce2bfa68

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /s/ptsanscaption/v18/0FlJVP6Hrxmt7-fsUFhlFXNIlpcSwSrkTA-v.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.allwellinst.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35208
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Sep 2022 06:42:53 GMT
expires: Fri, 01 Sep 2023 06:42:53 GMT
cache-control: public, max-age=31536000
age: 451126
last-modified: Wed, 27 Apr 2022 16:09:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 35208, version 1.0\012- data
Size:   35208
Md5:    533b904aeb71d52d4ed3d58ee59a7603
Sha1:   e86c7ca5fe5f70ed2e47b3874e779716acf65f0d
Sha256: 106eafbee08b482008e6c88cf642224c8e1bddfd0edac403bb6222574e4f7d2a
                                        
                                            GET /s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.allwellinst.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:47:56 GMT
expires: Thu, 31 Aug 2023 19:47:56 GMT
cache-control: public, max-age=31536000
age: 490423
last-modified: Wed, 11 May 2022 19:24:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 17368, version 1.0\012- data
Size:   17368
Md5:    abe083d96b58eb02ada8b7c30d7b09f2
Sha1:   61447d66d13a8c8f4335696777a85c438c46f749
Sha256: db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
                                        
                                            GET /assets1/js/bootstrap-transition.js HTTP/1.1 
Host: www.allwellinst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=7nj2sbr13serr7gi2m94v65tg4

                                         
                                         198.54.126.9
HTTP/1.1 200 OK
content-type: application/javascript
                                        
date: Tue, 06 Sep 2022 12:01:39 GMT
server: Apache
last-modified: Tue, 15 Apr 2014 10:33:26 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 764


--- Additional Info ---
Magic:  ASCII text
Size:   764
Md5:    9285f62d3f1a619b4fb654930f15c955
Sha1:   0f16aa087880fef969fe456c3202ed56e8ab638c
Sha256: eb45f464f9f34ecbb4f2aadc2d99a934387a77e7bae28d3239890690f9e5ae14

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /assets1/js/google-code-prettify/prettify.js HTTP/1.1 
Host: www.allwellinst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=7nj2sbr13serr7gi2m94v65tg4

                                         
                                         198.54.126.9
HTTP/1.1 200 OK
content-type: application/javascript
                                        
date: Tue, 06 Sep 2022 12:01:39 GMT
server: Apache
last-modified: Tue, 15 Apr 2014 10:33:26 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 6025


--- Additional Info ---
Magic:  ASCII text, with very long lines (592)
Size:   6025
Md5:    d8b175afa3794445f44221b4dc35785b
Sha1:   a4b89d7a71601eba286b09ac88f781b0c4c9c599
Sha256: 5bcaa348ba6c0862c9a3127595f3be54502913fc77a0e4922c190a1db9f5fd3a

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6510
Expires: Tue, 06 Sep 2022 13:50:09 GMT
Date: Tue, 06 Sep 2022 12:01:39 GMT
Connection: keep-alive

                                        
                                            GET /assets1/js/bootstrap-tab.js HTTP/1.1 
Host: www.allwellinst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=7nj2sbr13serr7gi2m94v65tg4

                                         
                                         198.54.126.9
HTTP/1.1 200 OK
content-type: application/javascript
                                        
date: Tue, 06 Sep 2022 12:01:39 GMT
server: Apache
last-modified: Tue, 15 Apr 2014 10:33:26 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1381


--- Additional Info ---
Magic:  ASCII text
Size:   1381
Md5:    2f2760fbba9ad4b94394d939c69a36ed
Sha1:   7a9ebdd9eca0df9f889074d7ff51e6bf654327cf
Sha256: 5043be95433c08755452b29f006744b9c5f90bb2d2f838b101ec2e6a598116e2

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6510
Expires: Tue, 06 Sep 2022 13:50:09 GMT
Date: Tue, 06 Sep 2022 12:01:39 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6510
Expires: Tue, 06 Sep 2022 13:50:09 GMT
Date: Tue, 06 Sep 2022 12:01:39 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6510
Expires: Tue, 06 Sep 2022 13:50:09 GMT
Date: Tue, 06 Sep 2022 12:01:39 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6510
Expires: Tue, 06 Sep 2022 13:50:09 GMT
Date: Tue, 06 Sep 2022 12:01:39 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4426
x-amzn-requestid: b5b68557-e46d-41cd-9b11-d996aabc0de7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzfYTHHFIAMFjFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631145ce-1d3504367cf6ef724a345564;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 23:52:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bSBSzzRMdrVdoV3Ld8hYWq2AwO7Mswcwa8Tk_AKa44j1SlrFugNqpg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:48:06 GMT
age: 51213
etag: "fc766bca874a352a4acb569577d4cf6527f4f074"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4426
Md5:    c81f3df885bdee8cac46ea9495e6b63b
Sha1:   fc766bca874a352a4acb569577d4cf6527f4f074
Sha256: e21473f88c613ca33ba6bbe1e0cab338274a06744cdcb088f14873c972445b36
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F228f042c-3a57-45c7-84c2-4aaaa1dd2f07.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10694
x-amzn-requestid: c3d2f71c-927d-41f6-93ab-bf041374a9f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAWsgHQOIAMFvSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166b1c-5d2efd595cdf300972f4fb79;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:33:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: eikhT8BkN5e163S6QriQybdyPNTKDTf3BCsHifNwfBJfrWv7LqgL8Q==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 22:02:23 GMT
etag: "1c16eb50bc2490b4ebff6775ef611fdcb282f9f9"
age: 50356
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10694
Md5:    19b452d6541a6028e7d3f90529477077
Sha1:   1c16eb50bc2490b4ebff6775ef611fdcb282f9f9
Sha256: f4763a0f464067991c2c484c384df4fe791d7df6e3d6ad15650a954db537249f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12683
x-amzn-requestid: 6127e5b6-72f6-40df-b400-41a1f147f6da
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xz8XmEe0IAMFQDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63117430-2b27a2683d2d320172cef32e;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 03:10:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Mj_IT5g7hGu2AunKK7mvierv5BQ8cAxhnbGaUNsL6hRNu6MRAzIBDw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 04:36:52 GMT
age: 26687
etag: "720d3624a76d060b8e2699e9aa7a320e3efd4878"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12683
Md5:    ec466c0d472e43c11d36bf6fce068205
Sha1:   720d3624a76d060b8e2699e9aa7a320e3efd4878
Sha256: 5553fc24713aae808f5ab81671551b0ae719435f3ced9f25df97d8edf6bfe86f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc784000-5c7c-4aa9-8318-e4d0319d1a09.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9300
x-amzn-requestid: dc833608-6b16-4baa-af21-d3885043556c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAWshHVxIAMFlGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166b1c-1710086818614ab247bcaf58;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:33:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: sPkksSz3FIV3WcWpoY8E8UYKmUTE8LJ2lr5WO2JVNCGIuAvpPwYMYg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 22:01:20 GMT
age: 50419
etag: "059b34d1809abedd223f7beec75e7831673878be"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9300
Md5:    0d404793e430ea237e75be9cb1e2bce4
Sha1:   059b34d1809abedd223f7beec75e7831673878be
Sha256: f180b1cdeb9a794ba3211348673783508d021aeaed419d782374be1a92a4c8dc
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e36fad7-34cb-448b-b231-07f66a5adf7e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12573
x-amzn-requestid: 92e03b26-883b-41e2-9033-379a6d02210c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAYCdGy8oAMFQZw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166d42-1c4ea2f74b796623574bde87;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:42:26 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: u1hKGB5UKEuuIVqcQ_Lx5wfBjy_hB32Jnp7_mDnF2BrsN4a6Mj_WJQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:46:16 GMT
etag: "3f3aad2cc71226b39549db1a9baa6837d4f1d897"
age: 51323
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12573
Md5:    3fe4a321dcd6a94a637a528d74f9321a
Sha1:   3f3aad2cc71226b39549db1a9baa6837d4f1d897
Sha256: a19b6749429e8ecaeac8fc0849abc4d891bfc628489762b1619a3ee3064536e3
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F326e03cd-e1aa-45a4-8a6b-bdd21f21012c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5377
x-amzn-requestid: 2adc68e8-1889-4233-8ac4-e2a8d44ccbdd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X_4XzF1FoAMF3AA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63163a98-5918897d7de556f75bbfab34;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 18:06:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: DpNb6dBygeDbRbFWIkeXYVddcgxlSVuq4y73JvG315Xp-wkwiDhZyQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 18:09:25 GMT
age: 64334
etag: "b5a7380f294876dd308c7fde294f36a425c1be01"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5377
Md5:    c4b2d6a516e93799b54fe2bbd6630f86
Sha1:   b5a7380f294876dd308c7fde294f36a425c1be01
Sha256: 7463878d8967ff31d7ce20d5a4408c23ad59123032a990c21a47df0881edcb86
                                        
                                            GET /assets1/js/application.js HTTP/1.1 
Host: www.allwellinst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=7nj2sbr13serr7gi2m94v65tg4

                                         
                                         198.54.126.9
HTTP/1.1 200 OK
content-type: application/javascript
                                        
date: Tue, 06 Sep 2022 12:01:39 GMT
server: Apache
last-modified: Tue, 15 Apr 2014 10:33:26 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 338


--- Additional Info ---
Magic:  ASCII text
Size:   338
Md5:    898881ed4d5e40fdf4c61a85ca56c1a8
Sha1:   798e22f25e99ec0eb8120f86b9825f652bb46560
Sha256: 1d170e4aab3df843ec6d38b80cbb9d2259d2a0719dc629ab728cfba2efd4739b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js HTTP/1.1 
Host: www.allwellinst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=7nj2sbr13serr7gi2m94v65tg4

                                         
                                         198.54.126.9
HTTP/1.1 404 Not Found
content-type: text/html; charset=iso-8859-1
                                        
date: Tue, 06 Sep 2022 12:01:39 GMT
server: Apache
content-length: 315


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   315
Md5:    a34ac19f4afae63adc5d2f7bc970c07f
Sha1:   a82190fc530c265aa40a045c21770d967f4767b8
Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /fonts/icomoon.woff HTTP/1.1 
Host: www.allwellinst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.allwellinst.com/css/style.css
Cookie: PHPSESSID=7nj2sbr13serr7gi2m94v65tg4

                                         
                                         198.54.126.9
HTTP/1.1 200 OK
content-type: font/woff
                                        
date: Tue, 06 Sep 2022 12:01:40 GMT
server: Apache
last-modified: Tue, 24 May 2016 01:59:44 GMT
accept-ranges: bytes
content-length: 2808


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 2808, version 0.0\012- data
Size:   2808
Md5:    31a3e4e78a3e107ef72d075070a3eda7
Sha1:   0de50feacd42e03edc520af87e7b7c29f814619b
Sha256: ac79434b1348cc08f2b9c430d3884730cce55e3738c04d0d9787d16397ecc998

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /assets1/js/jquery-1.9.1.min.js HTTP/1.1 
Host: www.allwellinst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=7nj2sbr13serr7gi2m94v65tg4

                                         
                                         198.54.126.9
HTTP/1.1 200 OK
content-type: application/javascript
                                        
date: Tue, 06 Sep 2022 12:01:39 GMT
server: Apache
last-modified: Tue, 15 Apr 2014 10:33:26 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 32775


--- Additional Info ---
Magic:  ASCII text, with very long lines (32089)
Size:   32775
Md5:    fcf0a7201168a979dd4b222a54471e0f
Sha1:   9056c50ea859db10d2d959654d0f8dde367360ee
Sha256: c40969745be3d2181fd5d40425f9080ac2c62e63d298c1de8bb4bbda5e4ea0f7

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /images/searchicon2.png HTTP/1.1 
Host: www.allwellinst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=7nj2sbr13serr7gi2m94v65tg4

                                         
                                         198.54.126.9
HTTP/1.1 200 OK
content-type: image/png
                                        
date: Tue, 06 Sep 2022 12:01:40 GMT
server: Apache
last-modified: Sat, 10 Feb 2018 19:31:02 GMT
accept-ranges: bytes
content-length: 933


--- Additional Info ---
Magic:  PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size:   933
Md5:    eaa74d5858e4d2ea34c1e3a0c2da2715
Sha1:   11f38a7b7accbd4b8aa92ff813c82b3051355059
Sha256: 95f62d694c27788a74dfca029eea30d061447cde8680a16e28600543347ffe86
                                        
                                            GET /pictures/1_logo.png HTTP/1.1 
Host: www.allwellinst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=7nj2sbr13serr7gi2m94v65tg4

                                         
                                         198.54.126.9
HTTP/1.1 200 OK
content-type: image/png
                                        
date: Tue, 06 Sep 2022 12:01:40 GMT
server: Apache
last-modified: Sat, 17 Feb 2018 06:57:56 GMT
accept-ranges: bytes
content-length: 15557


--- Additional Info ---
Magic:  PNG image data, 343 x 72, 8-bit/color RGBA, non-interlaced\012- data
Size:   15557
Md5:    2f779c35970815d7c72de4a6dca659f6
Sha1:   58cfc2576b8582d0dae9f2972136b319a5d02cdc
Sha256: d3a03c404e32e2c559ccdcd687bc862ee43668a399abac4b708c34d5d6899ce1
                                        
                                            GET /images/image4.jpg HTTP/1.1 
Host: www.allwellinst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/css/style.css
Cookie: PHPSESSID=7nj2sbr13serr7gi2m94v65tg4

                                         
                                         198.54.126.9
HTTP/1.1 200 OK
content-type: image/jpeg
                                        
date: Tue, 06 Sep 2022 12:01:40 GMT
server: Apache
last-modified: Thu, 11 Aug 2016 07:52:36 GMT
accept-ranges: bytes
content-length: 73459


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1600x472, components 3\012- data
Size:   73459
Md5:    d18024f0d7bffef630da7f4d70850c68
Sha1:   8a769685fd506b661275f6856e2b8c37efc28d2e
Sha256: 9473d69bc397185f7d28f206d3d7e5aef38534d24c14ea56e9f2f94e672da871
                                        
                                            GET /fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1 
Host: www.allwellinst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.allwellinst.com/css/font-awesome.min.css
Cookie: PHPSESSID=7nj2sbr13serr7gi2m94v65tg4

                                         
                                         198.54.126.9
HTTP/1.1 200 OK
content-type: font/woff2
                                        
date: Tue, 06 Sep 2022 12:01:40 GMT
server: Apache
last-modified: Mon, 26 Feb 2018 11:24:57 GMT
accept-ranges: bytes
content-length: 77160


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size:   77160
Md5:    af7ae505a9eed503f8b8e6982036873e
Sha1:   d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
Sha256: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /pictures/7_pic_1.jpg HTTP/1.1 
Host: www.allwellinst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=7nj2sbr13serr7gi2m94v65tg4

                                         
                                         198.54.126.9
HTTP/1.1 200 OK
content-type: image/jpeg
                                        
date: Tue, 06 Sep 2022 12:01:40 GMT
server: Apache
last-modified: Sat, 10 Feb 2018 18:31:04 GMT
accept-ranges: bytes
content-length: 59760


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 555x178, components 3\012- data
Size:   59760
Md5:    d12b50e8aaab2de86b36684b675d0664
Sha1:   1e9cdc52c88484b4500973f09dd628e2bd4782af
Sha256: 9d0a5ad518c6eff7794e3e3ff23d26f2b33d46213f8966d397d57ab6cb52b98f
                                        
                                            GET /images/loading.gif HTTP/1.1 
Host: www.allwellinst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=7nj2sbr13serr7gi2m94v65tg4

                                         
                                         198.54.126.9
HTTP/1.1 200 OK
content-type: image/gif
                                        
date: Tue, 06 Sep 2022 12:01:40 GMT
server: Apache
last-modified: Mon, 05 Sep 2016 11:11:24 GMT
accept-ranges: bytes
content-length: 4765


--- Additional Info ---
Magic:  GIF image data, version 89a, 24 x 24\012- data
Size:   4765
Md5:    dd78ac008009bd821d2bf2da98108854
Sha1:   d3665f292d71f9ea2b9a61c476e6e2a9d0d35062
Sha256: 03acb263b1d85f824676b3cad66f9660c73d278f06e519c7ea727593ab4f5a13
                                        
                                            GET /pictures/2_pic_1.jpg HTTP/1.1 
Host: www.allwellinst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=7nj2sbr13serr7gi2m94v65tg4

                                         
                                         198.54.126.9
HTTP/1.1 200 OK
content-type: image/jpeg
                                        
date: Tue, 06 Sep 2022 12:01:40 GMT
server: Apache
last-modified: Tue, 11 Jun 2019 07:10:34 GMT
accept-ranges: bytes
content-length: 94934


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 555x178, components 3\012- data
Size:   94934
Md5:    77e6c4e8563675626f3b7fde95df40ec
Sha1:   e120f757c9651fea908b1c9025b4093088aa2a98
Sha256: 94cb704bb8a20849e9c6b2a757a4ca6dc0afe0b96c6f717d373efdfc6735fdd1
                                        
                                            GET /images/b05.png HTTP/1.1 
Host: www.allwellinst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=7nj2sbr13serr7gi2m94v65tg4

                                         
                                         198.54.126.9
HTTP/1.1 200 OK
content-type: image/png
                                        
date: Tue, 06 Sep 2022 12:01:40 GMT
server: Apache
last-modified: Mon, 05 Sep 2016 11:11:24 GMT
accept-ranges: bytes
content-length: 1415


--- Additional Info ---
Magic:  PNG image data, 120 x 30, 8-bit/color RGBA, non-interlaced\012- data
Size:   1415
Md5:    b5b353c4ec92a0f8be543f33741618f3
Sha1:   5ebf2f04f513217db1173fa0fb8a9be3983269d6
Sha256: 95434f5c547a4f70a55e95b0e836b0f37c09f3ecf6e58b27de19222c47a8910e
                                        
                                            GET /images/a12.png HTTP/1.1 
Host: www.allwellinst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=7nj2sbr13serr7gi2m94v65tg4

                                         
                                         198.54.126.9
HTTP/1.1 200 OK
content-type: image/png
                                        
date: Tue, 06 Sep 2022 12:01:40 GMT
server: Apache
last-modified: Mon, 05 Sep 2016 11:11:24 GMT
accept-ranges: bytes
content-length: 2483


--- Additional Info ---
Magic:  PNG image data, 400 x 90, 8-bit/color RGBA, non-interlaced\012- data
Size:   2483
Md5:    bb9fcee03a7288c2083eb15e31f18e1d
Sha1:   7d2a90b91ab8891d4071ea412cf805a737ae5d8c
Sha256: 5e9ddb467a2a395462d2bebf1ab0424c92b081e250497106b1105ea10efe5b55
                                        
                                            GET /images/pdficon.png HTTP/1.1 
Host: www.allwellinst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=7nj2sbr13serr7gi2m94v65tg4

                                         
                                         198.54.126.9
HTTP/1.1 200 OK
content-type: image/png
                                        
date: Tue, 06 Sep 2022 12:01:40 GMT
server: Apache
last-modified: Sat, 10 Feb 2018 18:17:28 GMT
accept-ranges: bytes
content-length: 11032


--- Additional Info ---
Magic:  PNG image data, 109 x 114, 8-bit/color RGBA, non-interlaced\012- data
Size:   11032
Md5:    59099d4d98e3d966e7d30955afeeb58f
Sha1:   19bda665c297c6a52b5d5a25dac1b96a8dffa844
Sha256: 079c59279d9a4ae1feb0086a299d06b6efe1bc6549d3c8529fb023f7234858b6
                                        
                                            GET /pictures/8_pic_1.jpg HTTP/1.1 
Host: www.allwellinst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=7nj2sbr13serr7gi2m94v65tg4

                                         
                                         198.54.126.9
HTTP/1.1 200 OK
content-type: image/jpeg
                                        
date: Tue, 06 Sep 2022 12:01:40 GMT
server: Apache
last-modified: Thu, 21 Mar 2019 09:55:44 GMT
accept-ranges: bytes
content-length: 108703


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2014:01:02 16:56:12], baseline, precision 8, 1060x334, components 3\012- data
Size:   108703
Md5:    4d9bea88a1847747d99e37c65db0231c
Sha1:   8767ce4f5e883456e328a68f080be0d2db535f5e
Sha256: fdab77b9963c66345daf9abecc69ffba8e889e60ae9a1b46c9e6bc824e0086d3
                                        
                                            GET /pictures/1_pic_1.jpg HTTP/1.1 
Host: www.allwellinst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=7nj2sbr13serr7gi2m94v65tg4

                                         
                                         198.54.126.9
HTTP/1.1 200 OK
content-type: image/jpeg
                                        
date: Tue, 06 Sep 2022 12:01:40 GMT
server: Apache
last-modified: Sat, 17 Feb 2018 08:43:58 GMT
accept-ranges: bytes
content-length: 264696


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2014 (Windows), datetime=2018:02:17 13:43:07], baseline, precision 8, 559x179, components 3\012- data
Size:   264696
Md5:    ffd3032acef349a342a1b0d22cd2089d
Sha1:   c51f1196805f8d61b16d0d9a7a2c619d2561d1c2
Sha256: 88ca28ae7cae709d27fc0561821c7f180b25b5ac5ce2627c0bbe560753658fc5
                                        
                                            GET /pictures/120588221_90_pic_2.jpg HTTP/1.1 
Host: www.allwellinst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=7nj2sbr13serr7gi2m94v65tg4

                                         
                                         198.54.126.9
HTTP/1.1 200 OK
content-type: image/jpeg
                                        
date: Tue, 06 Sep 2022 12:01:41 GMT
server: Apache
last-modified: Wed, 05 Sep 2018 06:33:26 GMT
accept-ranges: bytes
content-length: 56782


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 10000", baseline, precision 8, 386x386, components 3\012- data
Size:   56782
Md5:    67b37ed9ab9bb9f97abf9e27342d8f6a
Sha1:   17fa86cee1e3bc59f79f254f46999506c6699a62
Sha256: fcb467fd6e1e471080a974f970c47cad2550f2eab9c7d961e17285dc9662b25c
                                        
                                            GET /images/searchicon.png HTTP/1.1 
Host: www.allwellinst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=7nj2sbr13serr7gi2m94v65tg4

                                         
                                         198.54.126.9
HTTP/1.1 200 OK
content-type: image/png
                                        
date: Tue, 06 Sep 2022 12:01:41 GMT
server: Apache
last-modified: Sat, 13 Jan 2018 23:20:08 GMT
accept-ranges: bytes
content-length: 1391


--- Additional Info ---
Magic:  PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size:   1391
Md5:    a79ce09b335d10eb2cc6ea14793e72b3
Sha1:   6d306d36329b4a366922ed40ef6a4ab7a04f2589
Sha256: 017b7570cace05d49c60dc2a7a8f5940434c8dd7b6210fdda6bbb77dac2bc155
                                        
                                            GET /pictures/776475135_91_pic_2.jpg HTTP/1.1 
Host: www.allwellinst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=7nj2sbr13serr7gi2m94v65tg4

                                         
                                         198.54.126.9
HTTP/1.1 200 OK
content-type: image/jpeg
                                        
date: Tue, 06 Sep 2022 12:01:41 GMT
server: Apache
last-modified: Wed, 05 Sep 2018 06:44:18 GMT
accept-ranges: bytes
content-length: 119975


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 10000", baseline, precision 8, 450x450, components 3\012- data
Size:   119975
Md5:    e19efa17a71185e7e8d1752aa6cb14d7
Sha1:   c596f42b3fe416deeb9c3d2a6328beb5eb207b7b
Sha256: fb3c03fdb6b486d1498b0ec42945e6b35b29f7fd0eff9224b796ac5635a57997
                                        
                                            GET /pictures/59_banner.jpg HTTP/1.1 
Host: www.allwellinst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=7nj2sbr13serr7gi2m94v65tg4

                                         
                                         198.54.126.9
HTTP/1.1 200 OK
content-type: image/jpeg
                                        
date: Tue, 06 Sep 2022 12:01:40 GMT
server: Apache
last-modified: Tue, 27 Feb 2018 12:38:58 GMT
accept-ranges: bytes
content-length: 283598


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1600x635, components 3\012- data
Size:   283598
Md5:    2f7d666c2a31446e6a64ae271420752c
Sha1:   598601e5cb989380e5522f3fa4b053b0c26c26df
Sha256: b9c21749c2f59b012ee76cd61095115a14622e7af1cf86e38d83010dc8fd4d81
                                        
                                            GET /pictures/60_banner.jpg HTTP/1.1 
Host: www.allwellinst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=7nj2sbr13serr7gi2m94v65tg4

                                         
                                         198.54.126.9
HTTP/1.1 200 OK
content-type: image/jpeg
                                        
date: Tue, 06 Sep 2022 12:01:41 GMT
server: Apache
last-modified: Mon, 26 Feb 2018 07:27:35 GMT
accept-ranges: bytes
content-length: 378840


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1600x635, components 3\012- data
Size:   378840
Md5:    ef0dade9d3d8c3b63c9fbc5e7e9fa32a
Sha1:   f4d375b92280bdab1f0edfa7062a2994d71e5790
Sha256: c76b12b1306abe8bfe76eb5689866c25b428700308c7de32378e06cd8a65eb18
                                        
                                            GET /pictures/61_banner.jpg HTTP/1.1 
Host: www.allwellinst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=7nj2sbr13serr7gi2m94v65tg4

                                         
                                         198.54.126.9
HTTP/1.1 200 OK
content-type: image/jpeg
                                        
date: Tue, 06 Sep 2022 12:01:41 GMT
server: Apache
last-modified: Mon, 26 Feb 2018 07:27:47 GMT
accept-ranges: bytes
content-length: 419483


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1600x635, components 3\012- data
Size:   419483
Md5:    4d3a486afcdc2cd7f73852b8c4a14460
Sha1:   635e4e3f99cf2f0626f8c7d9287be15e77df7b4b
Sha256: 1170e189732b2bb206e44e1e68a09fc5b3954d84ab25df23aa980c37a4186a26
                                        
                                            GET /images/favicon.ico HTTP/1.1 
Host: www.allwellinst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=7nj2sbr13serr7gi2m94v65tg4

                                         
                                         198.54.126.9
HTTP/1.1 200 OK
content-type: image/x-icon
                                        
date: Tue, 06 Sep 2022 12:01:42 GMT
server: Apache
last-modified: Fri, 13 Sep 2019 09:55:57 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 879


--- Additional Info ---
Magic:  PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size:   879
Md5:    b8d8715a9ace301b1bcbc0bfedaf6373
Sha1:   a9325828ed128143fbb60f59388070210f586458
Sha256: fe618ff54d22041554a6ec72b3baed694ef2f8461c6b935456c4e7c0cfe00d36
                                        
                                            GET /pictures/64_banner.jpg HTTP/1.1 
Host: www.allwellinst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=7nj2sbr13serr7gi2m94v65tg4

                                         
                                         198.54.126.9
HTTP/1.1 200 OK
content-type: image/jpeg
                                        
date: Tue, 06 Sep 2022 12:01:41 GMT
server: Apache
last-modified: Fri, 13 Sep 2019 10:41:33 GMT
accept-ranges: bytes
content-length: 481486


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1900x700, components 3\012- data
Size:   481486
Md5:    8fb225d84f69eec7beaaa157f7e52333
Sha1:   8a10621483afbdc05ff78668d0bcb96b884fd173
Sha256: 4399febb736e5cc4e81aa23a0680d0052af7101692d6c7bdab33edbf269403e4
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1756524-f0d1-4149-aa44-603b827f87d4.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6656
x-amzn-requestid: 2703eaf4-1a5a-41a6-859b-47255865efb0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAX-3F2ZIAMFpLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166d2b-6df026de5a9230ed429d08c1;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:42:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FIIvB2jeQ_PBDzi8XRN0jnNxze3OwDbz8TBaIcadRvmQd2EFhCwX7Q==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:45:42 GMT
age: 51364
etag: "5fc951e5236edd282d4975853ca35dab2e55fb17"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6656
Md5:    983e705542fa78b4d5c876e0c1eada7e
Sha1:   5fc951e5236edd282d4975853ca35dab2e55fb17
Sha256: fa6e478fc213f6cb6c9f33c96c51105262c857bfe313b3d310755be30b1feeb3