Report - www.worldwidehealth.com/login.php?fail=ok

Report Overview

Submitted URL
www.worldwidehealth.com/login.php?fail=ok
IP
104.21.58.130
ASN
#13335 CLOUDFLARENET
Submitted
2023-02-08 13:02:33
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
16

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.9 kB	34.160.144.191
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	2.2 kB	47 kB	34.120.237.76
maxcdn.bootstrapcdn.com	724	2014-06-18T02:37:31Z	2023-03-13T07:25:00Z	855 B	1.9 kB	104.18.11.207
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.7 kB	7.1 kB	23.33.119.27
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
www.worldwidehealth.com	unknown	2013-11-08T05:08:32Z	2022-06-29T11:27:18Z	7.3 kB	133 kB	172.67.159.227
ajax.googleapis.com	12905	2013-08-16T11:51:31Z	2023-03-13T08:37:09Z	797 B	67 kB	142.250.74.74
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
cdnjs.cloudflare.com	235	2015-04-17T22:46:33Z	2023-03-13T05:09:21Z	430 B	6.7 kB	104.17.25.14
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-13T08:28:24Z	392 B	45 kB	142.250.74.72
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	52.35.19.71
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	3.4 kB	5.5 kB	93.184.220.29
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	1.4 kB	2.8 kB	216.58.211.3
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-13T07:36:03Z	379 B	21 kB	142.250.74.110

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-08	medium	www.worldwidehealth.com/submit-article.php	Phishing
2023-02-08	medium	www.worldwidehealth.com/mm_menu.js	Phishing
2023-02-08	medium	www.worldwidehealth.com/popup.js	Phishing
2023-02-08	medium	www.worldwidehealth.com/js/stepcarousel.js	Phishing
2023-02-08	medium	www.worldwidehealth.com/jquery.js	Phishing
2023-02-08	medium	www.worldwidehealth.com/js/jquery-1.3.1.min.js	Phishing
2023-02-08	medium	www.worldwidehealth.com/login.PNG	Phishing
2023-02-08	medium	www.worldwidehealth.com/login.php?fail=ok	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (21)

	URL	Size	First Seen	Last Seen
	www.worldwidehealth.com/submit-article.php	1.9 kB	2023-03-13	2023-03-13
Pretty URL www.worldwidehealth.com/submit-article.php IP 172.67.159.227 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:40:55 Last Seen2023-03-13 19:40:55 Times Seen1 Hash 72e57d3eb54ab720bb31be185c44e879 bcd13d31f15033c2030e8c533c15df1581b3e715 ce121450528c467d44525c1534a79de83781463283fbd2274b612f59b42c56d8 Loading...

	www.googletagmanager.com/gtag/js?id=UA-107095340-1	113 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=UA-107095340-1 IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:40:55 Last Seen2023-03-13 19:40:55 Times Seen1 Hash 4fa947c3fd14318676d0cf78d90a2e71 32fafbe462cb8a70d8a89bc16bd1b2ec72b6fccc 42bf48b4099f3ee86a83a0715e3a40f096f155e910b8cfb901e911ab0e8d3467 Loading...

	maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js	37 kB	2023-03-07	2024-04-27
Pretty URL maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js IP 104.18.11.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-04-27 05:49:01 Times Seen54705 Hash 5869c96cc8f19086aee625d670d741f9 430a443d74830fe9be26efca431f448c1b3740f9 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef Loading...

	www.worldwidehealth.com/mm_menu.js	25 kB	2023-03-13	2023-03-13
Pretty URL www.worldwidehealth.com/mm_menu.js IP 172.67.159.227 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:40:55 Last Seen2023-03-13 19:40:55 Times Seen1 Hash fbc088040e331beb14799dcb39c919a0 e18bdaa109fe350d9191a9fa2ae3bba5e8a8c1de 1781cce0c1c86f20e39d33a353c776ef52e455644cc1d793110623fb3d4a9129 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js	88 kB	2023-03-07	2024-04-27
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js IP 142.250.74.74 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-04-27 06:00:01 Times Seen95684 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

	www.worldwidehealth.com/js/stepcarousel.js	12 kB	2023-03-13	2023-03-13
Pretty URL www.worldwidehealth.com/js/stepcarousel.js IP 172.67.159.227 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:40:55 Last Seen2023-03-13 19:40:55 Times Seen1 Hash d60a3c3ba1f203e97508693e5985b9c5 1e73f43fd627b8bdfa010a6dc0bad08d15bda204 b2b852623604f8e9a9dc1eef78922111ad2ecd2c28811b417b546b17fac08bce Loading...

	www.worldwidehealth.com/js/jquery-1.3.1.min.js	55 kB	2023-03-07	2024-04-19
Pretty URL www.worldwidehealth.com/js/jquery-1.3.1.min.js IP 172.67.159.227 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:00 Last Seen2024-04-19 12:37:38 Times Seen397 Hash 5018fce9eaf1431e83fca0de4a735ef4 75faa6183a02a2e15f6b918dc18d1ee8c4b5eb33 f862442d54bf6790ee4f0d931e9dca082fe40b1ac162f883708b0ef19f84e8bf Loading...

	www.worldwidehealth.com/submit-article.php	97 B	2023-03-13	2023-03-13
Pretty URL www.worldwidehealth.com/submit-article.php IP 172.67.159.227 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:40:55 Last Seen2023-03-13 19:40:55 Times Seen1 Hash 86cc19c457cfcd5916f6aeb41d737e77 45e2de2c928949ec1c198c2223b9e65b892bcbdc 70e8245ff42b0de7cab715bbf49c149dfb4723a0732cae48e6934f8d497e074c Loading...

	www.worldwidehealth.com/submit-article.php	635 B	2023-03-13	2023-03-13
Pretty URL www.worldwidehealth.com/submit-article.php IP 172.67.159.227 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:40:55 Last Seen2023-03-13 19:40:55 Times Seen1 Hash 957fa2b8df979eefdc3f630dc64f9789 6e8dd68290dee3e533da052ec8dc9202dd0fd375 bb7b71d999d2db3dbe7955231622390f24fa761429c1898147d6dcc31e3e77e2 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	www.worldwidehealth.com/jquery.js	30 kB	2023-03-13	2023-11-12
Pretty URL www.worldwidehealth.com/jquery.js IP 172.67.159.227 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:40:55 Last Seen2023-11-12 07:51:24 Times Seen9 Hash 23ba6db947a7a48ddaeab3164537dd55 713bc2a7f8d7488afc13f559a354f8dde68333e2 200928b94c0f08c4a2429dabbf06dd67ad0da221612e6279f7659e9c211e7432 Loading...

	www.worldwidehealth.com/submit-article.php	167 B	2023-03-07	2024-03-07
Pretty URL www.worldwidehealth.com/submit-article.php IP 172.67.159.227 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:58 Last Seen2024-03-07 00:24:58 Times Seen8 Hash 3672774b637125623321983778cff29b e9d4d384195972c419d7c0e7bbc26dc843b50d97 4e0a89ac006d030e9e0e946a1615b86e733a902820c970406b4aa7ca64e73d5c Loading...

	www.worldwidehealth.com/submit-article.php	29 B	2023-03-13	2023-03-13
Pretty URL www.worldwidehealth.com/submit-article.php IP 172.67.159.227 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:40:55 Last Seen2023-03-13 19:40:55 Times Seen1 Hash f9da78207e134cb3541b16a44394d90c fc55ac1436042559ddef25476a74d8f3f62a2605 ea6c9c215b09966949a02e90aa14cd1b2cb8fb5056be5c6401b3391aab307683 Loading...

	www.worldwidehealth.com/popup.js	689 B	2023-03-13	2023-03-13
Pretty URL www.worldwidehealth.com/popup.js IP 172.67.159.227 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:40:55 Last Seen2023-03-13 19:40:55 Times Seen1 Hash 7d6d039c4630f459dcf2bfeac23c94a9 2decd6f206192ccae30cf9c81ae8f167eb05720c 8ed8b0e03289c9944101bd45e9a32751864496ecfc310fb0fb3227ab0ea4fa2a Loading...

	www.worldwidehealth.com/submit-article.php	165 B	2023-03-13	2023-03-13
Pretty URL www.worldwidehealth.com/submit-article.php IP 172.67.159.227 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:40:55 Last Seen2023-03-13 19:40:55 Times Seen1 Hash e6b73fd4f79c22cfb3aa05d7b3d978b1 f3a9b27c7c1bf20e5530f3985f5d88c90943fb42 4c5ccb1b77833c80ea1f73c4c012ff5a30b3e3ab12e7fce1e2fc4fb447d503bd Loading...

	www.worldwidehealth.com/submit-article.php	155 B	2023-03-13	2023-03-13
Pretty URL www.worldwidehealth.com/submit-article.php IP 172.67.159.227 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:40:55 Last Seen2023-03-13 19:40:55 Times Seen1 Hash 175007de9a59e7d9fc4573fa085c5c78 063d9a7ecd2dea1210fc73a384ba55c23395b6f3 1651819954ebf99397c7ab43d6512e3646aa32b45f918678ef4172902b40b0ff Loading...

	www.worldwidehealth.com/submit-article.php	113 B	2023-03-07	2024-01-06
Pretty URL www.worldwidehealth.com/submit-article.php IP 172.67.159.227 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:19 Last Seen2024-01-06 18:04:39 Times Seen19 Hash 0bd99e5653fef88302d4df490d877d03 e3e21addb0b6f1d2509228b5ab98fa13f1ce4c37 82b1256af5bd6cc57a1a94cf52823a1a065283c669df9148494bd98067818deb Loading...

	www.worldwidehealth.com/submit-article.php	257 B	2023-03-13	2023-03-13
Pretty URL www.worldwidehealth.com/submit-article.php IP 172.67.159.227 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:40:55 Last Seen2023-03-13 19:40:55 Times Seen1 Hash 8e86c86701bd33503f6efc7548db389e 4a9287f6965f38e763b557494bdbe89fbbf3c3d8 466b4605a80e6e584ff115ea09c6fd00d27b066abbe48497099c2a22fc3a7e16 Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js	97 kB	2023-03-07	2024-04-27
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js IP 142.250.74.74 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-27 00:37:22 Times Seen118764 Hash 4f252523d4af0b478c810c2547a63e19 5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Loading...

	www.worldwidehealth.com/submit-article.php	925 B	2023-03-13	2023-03-13
Pretty URL www.worldwidehealth.com/submit-article.php IP 172.67.159.227 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:40:55 Last Seen2023-03-13 19:40:55 Times Seen1 Hash e7f4bface8d60d51b2d886b4ee15f472 136450ad87b26b2385398f85133b936bb043e7f5 d87eca81332a4b5cb1fee4120afc77d77ded54f5e4cb63cb248f1dafe74b225b Loading...

		Size	First Seen	Last Seen
	#1 Eval - adf887d296ae5f5c94c5bf31483161fc	44 kB	2023-03-07	2024-03-05
Pretty Observations First Seen2023-03-07 14:41:59 Last Seen2024-03-05 15:45:42 Times Seen74 Hash adf887d296ae5f5c94c5bf31483161fc 53df09ba93f3a8618e600e4937c727a6f105c46c fecc5d87ff71ac87b88f7d0ba773fa1d0c2235c278a0998456c1334f63551109 Loading...

HTTP Transactions (57)

URL IP Response Size

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13805
Expires: Wed, 08 Feb 2023 16:52:28 GMT
Date: Wed, 08 Feb 2023 13:02:23 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b7407cc102d62a5acd5e61f8a79bed36
c2f4890a62454e514962b55b7fc14228339c8e90
be282de92da261128a7c8471f3067466aa9930fd0ab2a2cdda8cd2d6ce2bbd74

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE282DE92DA261128A7C8471F3067466AA9930FD0AB2A2CDDA8CD2D6CE2BBD74"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5048
Expires: Wed, 08 Feb 2023 14:26:31 GMT
Date: Wed, 08 Feb 2023 13:02:23 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8401
Expires: Wed, 08 Feb 2023 15:22:24 GMT
Date: Wed, 08 Feb 2023 13:02:23 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Backoff, Alert, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 08 Feb 2023 12:34:13 GMT
content-type: application/json
age: 1690
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 7gv9eFmG+1WzL2lu1xZ1Of0vdLZOt4jtUOGdYaPQzfOOscbyCqsJOzLY8/lE4kYkw2zVTlyx91fbOYIAUJcmhg==
x-amz-request-id: WKQ32K659YFJ8YTN
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 08 Feb 2023 12:35:56 GMT
age: 1587
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 13:02:23 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

www.worldwidehealth.com/submit-article.php

172.67.159.227

200 OK

10 kB

URL HTTP/1.1
www.worldwidehealth.com/submit-article.php
IP
172.67.159.227:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
10 kB (10331 bytes)
Hash
882a55b6efe233364f5e2156c5a5f5f3
065a7b779a0ba4cbe2c3991f66197298b1796212
66e1e1df4b6d3ece14a28c3e7342d1e39a6c4c48b44532acf59faf5f054f9719

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /submit-article.php HTTP/1.1
Host: www.worldwidehealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: PHPSESSID=74qn1ctc0sfo0vv7q9c7d772s7
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 13:02:23 GMT
Content-Type: text/html; charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: must-revalidate
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BvmdRF1t%2F5k8E6NhEqJy00UtvbxY89PTMLM0It72j%2FPG8C%2B8aIghnJJxiqQMBKaRPGD60OKW43W8n%2Fp2a1N01PSaaVeQKH7zsfbTmOZFSRIdyM3y19G3FoyWEwpgJMQunvDMdzvm47lN1A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79648f331b530b02-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Content-Type, Pragma, ETag, Retry-After, Backoff, Expires, Alert, Cache-Control, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 08 Feb 2023 12:14:52 GMT
age: 2851
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
5c88d3bea11b5e4ab55139b12afd6481
e6f6a45f9cad1fe06edbc5371887199387f51b5f
897d20199934381ef24f0c9c9d1738f5cc504b0ccd5d16005eeb8837955d3ff6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5179
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 13:02:23 GMT
Last-Modified: Wed, 08 Feb 2023 11:36:04 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 279

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
325a8a10ce2837a8c6820e30572d181c
195d6189f0f10fcb301fce3af4c27028bbcb9eaa
2f1a0e948582fa64266617acc77e9beb71c5031d9cffe1bed1393a554f259810

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 13:02:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

142.250.74.74

200 OK

34 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (32077)
Size
34 kB (33951 bytes)
Hash
fd2b58574f9637ba7ef639267349d848
6eda5ea93f549ceb5693f6f1c038893fa56a510d
75627d4b97e5e6294a8f88f5eeaf9b616696dc8600db9701c47ef05f067880ec

HTTP Headers

GET /ajax/libs/jquery/1.12.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.worldwidehealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33951
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Feb 2023 14:19:32 GMT
expires: Wed, 07 Feb 2024 14:19:32 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 81771
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.worldwidehealth.com/mm_menu.js

172.67.159.227

200 OK

5.7 kB

URL HTTP/1.1
www.worldwidehealth.com/mm_menu.js
IP
172.67.159.227:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (20365)
Size
5.7 kB (5706 bytes)
Hash
84b58ba5fbcd6e3ffb47df1a9bf1f7ff
6eec92868b5e9ec8db3d271093145c860d722592
e4054f1fbeef8e73d76598c94a77c150184730cc9080df6ed6663928a12db112

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /mm_menu.js HTTP/1.1
Host: www.worldwidehealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.worldwidehealth.com/submit-article.php
Cookie: PHPSESSID=74qn1ctc0sfo0vv7q9c7d772s7

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 13:02:23 GMT
Content-Type: application/javascript
Content-Length: 5706
Connection: keep-alive
Cache-Control: max-age=216000, private
Expires: Sat, 11 Feb 2023 01:02:23 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
CF-Cache-Status: BYPASS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Krgxp7%2BY3RY%2FXxTMCt0zxzFf40QLaGcFIcgDqRySiENrwLfEKs7dKZwAmSPF%2BRhYTeSBXt4FAEQY%2BC8sONUPEp34ZeccJSDoLExEcJtbWw1wGqd%2FNwf7A61GKNQjfEre72JF3BdkPt6YQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79648f359f140b02-OSL
alt-svc: h2=":443"; ma=60

www.worldwidehealth.com/tabtastic.css

172.67.159.227

200 OK

320 B

URL HTTP/1.1
www.worldwidehealth.com/tabtastic.css
IP
172.67.159.227:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
320 B (320 bytes)
Hash
dfbe0ced2d914a688d038891e4d7ac71
7dd01c1030aff135ec040d4993ecf5e65e4be492
cc5368396db6cc7c46254c88fb27b1af369355ab5d8bd0b6f7d55ef5fecbff1d

HTTP Headers

GET /tabtastic.css HTTP/1.1
Host: www.worldwidehealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.worldwidehealth.com/submit-article.php
Cookie: PHPSESSID=74qn1ctc0sfo0vv7q9c7d772s7

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 13:02:23 GMT
Content-Type: text/css
Content-Length: 320
Connection: keep-alive
Cache-Control: public, max-age=604800
Expires: Wed, 15 Feb 2023 13:02:23 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Wed, 08 Feb 2023 13:02:23 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oeF0t7Hf9qNM6QPrupwONYZrW5gp6sCpWzhn6Ps%2B8EYoBUKoWoz1VpA%2FNKJwtQNW2jb99NOu9PUJfi5QdTdIpdOkUqrYRdWK1jOT77481fkLnVVlikbDgagZpUjVOFvEYGAiDeSrg2yQTA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79648f35ebe10b06-OSL
alt-svc: h2=":443"; ma=60

www.worldwidehealth.com/popup.js

172.67.159.227

200 OK

296 B

URL HTTP/1.1
www.worldwidehealth.com/popup.js
IP
172.67.159.227:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (689), with no line terminators
Size
296 B (296 bytes)
Hash
3cb3276f47f924d6655d643ade8c7fa8
77fc518deec549560a5f02ff0261406d5ccd7af0
32ebf9a8e5f62e1c017f24b3bf2d1aaeea2e448109d112883d0ebe7abd5d15d8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /popup.js HTTP/1.1
Host: www.worldwidehealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.worldwidehealth.com/submit-article.php
Cookie: PHPSESSID=74qn1ctc0sfo0vv7q9c7d772s7

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 13:02:23 GMT
Content-Type: application/javascript
Content-Length: 296
Connection: keep-alive
Cache-Control: max-age=216000, private
Expires: Sat, 11 Feb 2023 01:02:23 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
CF-Cache-Status: BYPASS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hJbvpEo%2BAE9c74hKHizh6d4%2FvqK5oW6jPCsHwIt%2BCIDO1xnvr9HgWBGRKN9h%2B5q3qAg7t5acgnVLZ4K6oE7SWFHIQLofmhqt96PfnV6sFTdFfDVGj7L6flexIh1S4D2%2BaRiu1xQ1V8lZLA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79648f35faf8fabc-OSL
alt-svc: h2=":443"; ma=60

www.worldwidehealth.com/js/stepcarousel.js

172.67.159.227

200 OK

3.2 kB

URL HTTP/1.1
www.worldwidehealth.com/js/stepcarousel.js
IP
172.67.159.227:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (469)
Size
3.2 kB (3199 bytes)
Hash
0719654b5108f29b0fe52a7ac94f20e4
952a6dcacc61bcacb89217eb15f7f9341643700b
a3f9d295157a56103deb3a09976ea0f4d21a7626ba3ef164911f537d516975ef

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/stepcarousel.js HTTP/1.1
Host: www.worldwidehealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.worldwidehealth.com/submit-article.php
Cookie: PHPSESSID=74qn1ctc0sfo0vv7q9c7d772s7

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 13:02:23 GMT
Content-Type: application/javascript
Content-Length: 3199
Connection: keep-alive
Cache-Control: max-age=216000, private
Expires: Sat, 11 Feb 2023 01:02:23 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
CF-Cache-Status: BYPASS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fTDvtcjJ25srpo7QKNsGtmf4n1F0AlWYhkXHAYdp0hAxnPv2EdgsGn3D%2B21jSvMC%2B5X7p2OXkiatr%2FyW%2FWb0Z%2BoMLtqukUiex3BFKP8f3ssl8l84WLElGSR1NhV8cGFInGrN9RWUSbhwEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79648f35faa0b4e8-OSL
alt-svc: h2=":443"; ma=60

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
f14a308e1054da3a28505966d50b1818
20644df570970d4119ac58e39622b37bd86e5bcb
a97637991722b43f08f3852486c58a54ea1c5e211aa710de007ad242eb18be1d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=116196
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 13:02:23 GMT
Etag: "63e2c043-117"
Expires: Thu, 09 Feb 2023 21:18:59 GMT
Last-Modified: Tue, 07 Feb 2023 21:18:59 GMT
Server: nginx
Content-Length: 279

www.worldwidehealth.com/jquery.js

172.67.159.227

200 OK

15 kB

URL HTTP/1.1
www.worldwidehealth.com/jquery.js
IP
172.67.159.227:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (29588), with CRLF line terminators
Size
15 kB (14839 bytes)
Hash
df4fc66165e4efae485c595e8af539a2
cf53a4b92e0c1cbcb01b49c01b2ea22997656a65
97f30cc3ad9bd57ecd9db5f0727b3e4d7485517c12b4d8d46d344828539027c4

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /jquery.js HTTP/1.1
Host: www.worldwidehealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.worldwidehealth.com/submit-article.php
Cookie: PHPSESSID=74qn1ctc0sfo0vv7q9c7d772s7

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 13:02:24 GMT
Content-Type: application/javascript
Content-Length: 14839
Connection: keep-alive
Cache-Control: max-age=216000, private
Expires: Sat, 11 Feb 2023 01:02:23 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
CF-Cache-Status: BYPASS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eTA7BEuRHcYQLuGU1g5tE7xHG9kAt9vBEYlRtfcTXQIFNLLkpo9UjbjRpf3eeXxmBiPOOlM5eh5Ve%2F8xr4KFgRpZ36hgXVq6JsESzyLhfsbMLGHtWedhKVMj5MB%2FuyvXWb%2BkAwbHixpL9w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79648f35fac8b50b-OSL
alt-svc: h2=":443"; ma=60

www.worldwidehealth.com/js/jquery-1.3.1.min.js

172.67.159.227

200 OK

19 kB

URL HTTP/1.1
www.worldwidehealth.com/js/jquery-1.3.1.min.js
IP
172.67.159.227:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (37973), with CRLF line terminators
Size
19 kB (19152 bytes)
Hash
de78bd308bcb643da18d430ed6db2dcc
c68ee19d4972c1b71fdb416e3ed38d6a7e5e856b
831f86f0bdc2957c809fb87bf9840fa5319a59efe55927c46d648c4be2847c17

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/jquery-1.3.1.min.js HTTP/1.1
Host: www.worldwidehealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.worldwidehealth.com/submit-article.php
Cookie: PHPSESSID=74qn1ctc0sfo0vv7q9c7d772s7

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 13:02:24 GMT
Content-Type: application/javascript
Content-Length: 19152
Connection: keep-alive
Cache-Control: max-age=216000, private
Expires: Sat, 11 Feb 2023 01:02:23 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
CF-Cache-Status: BYPASS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DbOFaAyWuXgYs8iqHuDPriLFUqzJVvmqwJSW8YH2IFYAV70Now9JBMr%2FdyISnEsFr%2BVK2HXlB9jEaBpAmoh3Jmucl6bfSvpUww%2Bk2GXsc0RHkEV%2FQWy3CeXx5upL9bNSWyvbQnAieurHzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79648f35e923b4ee-OSL
alt-svc: h2=":443"; ma=60

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
4a2793786b1ce1206b70d285bea47b94
11747c77f2ef56d889b5148834faa184be7cfc07
af406b334b4df19c87a6911d78bbab5bc5628dc7ccac9d7d60050908c770fb52

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6118
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 13:02:24 GMT
Last-Modified: Wed, 08 Feb 2023 11:20:26 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 280

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
f14a308e1054da3a28505966d50b1818
20644df570970d4119ac58e39622b37bd86e5bcb
a97637991722b43f08f3852486c58a54ea1c5e211aa710de007ad242eb18be1d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 13:02:23 GMT
Server: ECS (amb/6B9A)
Content-Length: 279

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

104.17.25.14

200 OK

5.6 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (30837)
Size
5.6 kB (5631 bytes)
Hash
109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc

HTTP Headers

GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.worldwidehealth.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 08 Feb 2023 13:02:24 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 394436
expires: Mon, 29 Jan 2024 13:02:24 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nq21FHU9ctYC3PRiuuS6S2jISwIQ65j%2FX3oUZlOq65T8dxpiicrV%2FBZtXLpnGY%2BrxCaMN7pqoGgOAEhhstPX18w2jY%2Bu13F4KPR2g3zRCvM8sPFANyLzdz5XeikimahLXWtdiXt7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 79648f382b3db511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
f14a308e1054da3a28505966d50b1818
20644df570970d4119ac58e39622b37bd86e5bcb
a97637991722b43f08f3852486c58a54ea1c5e211aa710de007ad242eb18be1d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=116196
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 13:02:23 GMT
Etag: "63e2c043-117"
Expires: Thu, 09 Feb 2023 21:18:59 GMT
Last-Modified: Tue, 07 Feb 2023 21:18:59 GMT
Server: nginx
Content-Length: 279

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8d5417d247d259e3c0186136b83d9f75
49fbcf99a352669aee2559579ef73fa60f46d38d
3c013921158ec27e44d5e80a5108557de80a27f38089ac3a52c6c1cf5636f585

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 13:02:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
f14a308e1054da3a28505966d50b1818
20644df570970d4119ac58e39622b37bd86e5bcb
a97637991722b43f08f3852486c58a54ea1c5e211aa710de007ad242eb18be1d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 13:02:23 GMT
Server: ECS (amb/6B81)
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
5c88d3bea11b5e4ab55139b12afd6481
e6f6a45f9cad1fe06edbc5371887199387f51b5f
897d20199934381ef24f0c9c9d1738f5cc504b0ccd5d16005eeb8837955d3ff6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2954
Cache-Control: max-age=138954
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 13:02:24 GMT
Etag: "63e30da0-117"
Expires: Fri, 10 Feb 2023 03:38:18 GMT
Last-Modified: Wed, 08 Feb 2023 02:49:04 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279

ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

142.250.74.74

200 OK

31 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65451)
Size
31 kB (30774 bytes)
Hash
81182f4b684635f6bdcbdd907ee66f25
a1f2f151df72ede41397c8131bd47a3ce85575b3
be40946c98d9a78a3c7c9ad097d379ab12549a195bd7a4766919a1d3fd987396

HTTP Headers

GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.worldwidehealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 08 Feb 2023 03:27:00 GMT
expires: Thu, 08 Feb 2024 03:27:00 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 34524
last-modified: Mon, 13 May 2019 14:37:17 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7786
Expires: Wed, 08 Feb 2023 15:12:10 GMT
Date: Wed, 08 Feb 2023 13:02:24 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
f14a308e1054da3a28505966d50b1818
20644df570970d4119ac58e39622b37bd86e5bcb
a97637991722b43f08f3852486c58a54ea1c5e211aa710de007ad242eb18be1d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=116196
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 13:02:23 GMT
Etag: "63e2c043-117"
Expires: Thu, 09 Feb 2023 21:18:59 GMT
Last-Modified: Tue, 07 Feb 2023 21:18:59 GMT
Server: nginx
Content-Length: 279

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
325a8a10ce2837a8c6820e30572d181c
195d6189f0f10fcb301fce3af4c27028bbcb9eaa
2f1a0e948582fa64266617acc77e9beb71c5031d9cffe1bed1393a554f259810

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 13:02:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
4a2793786b1ce1206b70d285bea47b94
11747c77f2ef56d889b5148834faa184be7cfc07
af406b334b4df19c87a6911d78bbab5bc5628dc7ccac9d7d60050908c770fb52

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6118
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 13:02:24 GMT
Last-Modified: Wed, 08 Feb 2023 11:20:26 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 280

www.googletagmanager.com/gtag/js?id=UA-107095340-1

142.250.74.72

200 OK

44 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-107095340-1
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1759)
Size
44 kB (44057 bytes)
Hash
9ebe3b0720690fcc5332a5ce2d036f12
b12ec320e2c3ea5f17154ad07531111ceb4f8201
d0f6df506ea3381096d2c1f278fafa400c4253df451bd2f1b6ac9718407a47db

HTTP Headers

GET /gtag/js?id=UA-107095340-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.worldwidehealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 Feb 2023 13:02:24 GMT
expires: Wed, 08 Feb 2023 13:02:24 GMT
cache-control: private, max-age=900
last-modified: Wed, 08 Feb 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44057
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8d5417d247d259e3c0186136b83d9f75
49fbcf99a352669aee2559579ef73fa60f46d38d
3c013921158ec27e44d5e80a5108557de80a27f38089ac3a52c6c1cf5636f585

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 13:02:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.worldwidehealth.com/images/rss2.gif

172.67.159.227

200 OK

184 B

URL HTTP/2
www.worldwidehealth.com/images/rss2.gif
IP
172.67.159.227:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 80 x 15\012- data
Size
184 B (184 bytes)
Hash
9b95b64c0b811fd2a5e8224514d2e006
99340f7e7dd0191993ec49ea251f4d4071d9cb2e
92db13c9545b68fd98f1d868cea00381502b9312815ba4a1e9d949f546228e7d

HTTP Headers

GET /images/rss2.gif HTTP/1.1
Host: www.worldwidehealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.worldwidehealth.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 08 Feb 2023 13:02:24 GMT
content-type: image/gif
content-length: 184
cache-control: public, max-age=2592000
expires: Fri, 10 Mar 2023 13:02:24 GMT
cf-cache-status: MISS
last-modified: Wed, 08 Feb 2023 13:02:24 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z3w7wvd5u1vuVPQzWXbtchgdnjvizdyv4jbr26S8fv06ST3a%2FGzuap45xRANIBp4JPinVCBQCMx56RvOr4UJ%2B8HH3ZK0RDWzvp8uAS%2BV1Yk6H9UhSwXm2XdT2mNFvu4OKRj5ESB4rs%2Fuxg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79648f381eb20afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

push.services.mozilla.com/

52.35.19.71

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.35.19.71:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /BKnugZ/nKPumh3IWtqzSA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: YeTbCvsAvJWGXP+bIy29LTVc1v0=

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
f14a308e1054da3a28505966d50b1818
20644df570970d4119ac58e39622b37bd86e5bcb
a97637991722b43f08f3852486c58a54ea1c5e211aa710de007ad242eb18be1d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=116196
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 13:02:24 GMT
Etag: "63e2c043-117"
Expires: Thu, 09 Feb 2023 21:19:00 GMT
Last-Modified: Tue, 07 Feb 2023 21:18:59 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279

www.worldwidehealth.com/logo.png

172.67.159.227

200 OK

38 kB

URL HTTP/1.1
www.worldwidehealth.com/logo.png
IP
172.67.159.227:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1362 x 150, 8-bit/color RGBA, non-interlaced\012- data
Size
38 kB (37715 bytes)
Hash
01a09a182250f2b8a4b72c016bb5a1b1
69336f5049712083cff686b4e15c273383294b7e
e11035e6a5668bc6ba3616e59b49f1a708c15e30ebf966a53272c38efcfbeb0b

HTTP Headers

GET /logo.png HTTP/1.1
Host: www.worldwidehealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.worldwidehealth.com/submit-article.php
Cookie: PHPSESSID=74qn1ctc0sfo0vv7q9c7d772s7

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 13:02:25 GMT
Content-Type: image/png
Content-Length: 37715
Connection: keep-alive
Cache-Control: public, max-age=2592000
Expires: Fri, 10 Mar 2023 13:02:24 GMT
CF-Cache-Status: MISS
Last-Modified: Wed, 08 Feb 2023 13:02:25 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HyQAdfcabI%2FXsNbm7FyUoa4a6zbPCQcaJV7VTGsR3Tlyw14euGtOP8s8GJMecn%2BpJ0Rx%2FOmtNiUU1HbwR1VpfBnEUip5kuy1Gi%2BP5%2FpBdWJi07SHi2YA%2FL20XCkpQYec2450BFXu11ty3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79648f398e2cb4ee-OSL
alt-svc: h2=":443"; ma=60

www.google-analytics.com/analytics.js

142.250.74.110

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1490)
Size
20 kB (20085 bytes)
Hash
ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.worldwidehealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Wed, 08 Feb 2023 11:44:05 GMT
expires: Wed, 08 Feb 2023 13:44:05 GMT
cache-control: public, max-age=7200
age: 4700
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.worldwidehealth.com/login.PNG

172.67.159.227

200 OK

1.8 kB

URL HTTP/1.1
www.worldwidehealth.com/login.PNG
IP
172.67.159.227:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 160 x 54, 8-bit/color RGBA, non-interlaced\012- data
Size
1.8 kB (1776 bytes)
Hash
554f806bea9843822eebb69129fa5fca
cc63d1b935a5582d74a9c21661e5416d44fa2a29
231299d00233bf4cd0856d49fe7c5d63dec8db3e21b654b0b6a12cfc80e4a42d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /login.PNG HTTP/1.1
Host: www.worldwidehealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.worldwidehealth.com/submit-article.php
Cookie: PHPSESSID=74qn1ctc0sfo0vv7q9c7d772s7

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 13:02:25 GMT
Content-Type: image/png
Content-Length: 1776
Connection: keep-alive
Cache-Control: max-age=2592000
Expires: Fri, 10 Mar 2023 13:02:25 GMT
CF-Cache-Status: MISS
Last-Modified: Wed, 08 Feb 2023 13:02:25 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v6ckg9GOQsRhKaCX0Shej9RxDj%2Bvad8RdSTbihtra%2Fs6Reqe0Yp4ae%2BC3AjOKxWokNhnWkwc7dvHOAQtTIhUPwWcpqF4Dgul9%2FvrapYKSipXo4pDZEAPlcrcHr6Pvk3tCPDhX%2B9cYLpO3w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79648f3c5c0ab50b-OSL
alt-svc: h2=":443"; ma=60

www.worldwidehealth.com/favicon.ico

172.67.159.227

200 OK

193 B

URL HTTP/1.1
www.worldwidehealth.com/favicon.ico
IP
172.67.159.227:0
ASN
#13335 CLOUDFLARENET

File type
MS Windows icon resource - 1 icon, 16x16, 24 bits/pixel\012- data
Size
193 B (193 bytes)
Hash
b27fdea133ec1a09e63bf9dc2db6fda5
6080e27e2b9ae532067e8ce777520428347d422e
0c60640e02067b51b6df21128743fd36fae0ebd75bdf0f45f7ff15ba79219a81

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.worldwidehealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.worldwidehealth.com/submit-article.php
Cookie: PHPSESSID=74qn1ctc0sfo0vv7q9c7d772s7

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 13:02:25 GMT
Content-Type: image/vnd.microsoft.icon
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=2592000
Expires: Thu, 08 Feb 2024 13:02:25 GMT
CF-Cache-Status: MISS
Last-Modified: Wed, 08 Feb 2023 13:02:25 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ClIBT8dnyDLjd65ly%2BaOj0yxMxzzuD3Y7AhTOaR4JVKC32TGYjUWBqMWWxy0aHklOkhjBXYJMfqe9xxZSlcvrOhKQVW17vek5xs72t7J0ZQrLqC%2Bakgwa340aebupZFX%2FeUDeHWcviNWsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79648f3fc820b4e8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

www.worldwidehealth.com/touch-icon-iphone.png

172.67.159.227

200 OK

3.2 kB

URL HTTP/1.1
www.worldwidehealth.com/touch-icon-iphone.png
IP
172.67.159.227:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 109x110, components 3\012- data
Size
3.2 kB (3199 bytes)
Hash
f770d2f23dfb4af9e58e1504b00147ae
3967077830e46e24533f53ffe1de6570a323c932
81411801d563bf63ec23520f73535a42ff3202a214766002d1d760abf3ccf776

HTTP Headers

GET /touch-icon-iphone.png HTTP/1.1
Host: www.worldwidehealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.worldwidehealth.com/submit-article.php
Cookie: PHPSESSID=74qn1ctc0sfo0vv7q9c7d772s7

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 13:02:25 GMT
Content-Type: image/png
Content-Length: 3199
Connection: keep-alive
Cache-Control: public, max-age=2592000
Expires: Fri, 10 Mar 2023 13:02:25 GMT
CF-Cache-Status: MISS
Last-Modified: Wed, 08 Feb 2023 13:02:25 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VsUbxDhGXk7An6F%2BARp3VnUrjuTNeQXoakOK1YAWDTb5%2BZjjwZQSc%2BAg65p3Y5Xg99op2aBskZNAibKrS4SWy4yRvge7W058IDsMy6yvoyLzRsy2HThVdz1UAT%2FD6SGt3Uh2zJZf0ev2LQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79648f3fc8afb4ee-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13593
Expires: Wed, 08 Feb 2023 16:48:58 GMT
Date: Wed, 08 Feb 2023 13:02:25 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13593
Expires: Wed, 08 Feb 2023 16:48:58 GMT
Date: Wed, 08 Feb 2023 13:02:25 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13593
Expires: Wed, 08 Feb 2023 16:48:58 GMT
Date: Wed, 08 Feb 2023 13:02:25 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13593
Expires: Wed, 08 Feb 2023 16:48:58 GMT
Date: Wed, 08 Feb 2023 13:02:25 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce53bc9b-2505-4efd-9151-fa75ed70138a.jpeg

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce53bc9b-2505-4efd-9151-fa75ed70138a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8703 bytes)
Hash
be9f475292d4b5b0502d4381ccdf455b
ecb943b48c822b086ea699d802f8f1bb5ee26651
ed22a5102709dc7a067107a6c0cde26931f7781065de9cee49e22de6b9086e31

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce53bc9b-2505-4efd-9151-fa75ed70138a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8703
x-amzn-requestid: 6456aa7d-11f7-4066-a833-9ac5312c0c24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7JGLTIAMFqdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c513-0679a75676cdc19251c81bdd;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DLVp9hiUjE2w5BiukFfUMALWxvcobbJcJRO-7CdXj3cy6rAdFhPRFQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:44:01 GMT
age: 55104
etag: "ecb943b48c822b086ea699d802f8f1bb5ee26651"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3ed9aa0-a88e-4b92-a2bb-567735d813b6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.2 kB (8170 bytes)
Hash
fbe359ce6fb136add75c8f3d3cc06330
e6584afcf39b6fad21eccbcce95c6645b8e1b3b8
29478bf1b8168dc457bb7d298448a78e1040bd3aa80cbf11cfa37475568590d8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3ed9aa0-a88e-4b92-a2bb-567735d813b6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8170
x-amzn-requestid: d1ddb47f-3472-4015-8d55-72f435671f03
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f5aSPHiroAMFpSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e070da-114975440d70915472cdba2f;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 03:15:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0w6JgtsKSRHLPJ3LyY6YUI8N7PS-gVlLuivQUq9jdyeYYm3STiJJIQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 04:13:34 GMT
age: 31731
etag: "e6584afcf39b6fad21eccbcce95c6645b8e1b3b8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.worldwidehealth.com/css/dhtmlXTabbar.css

172.67.159.227

200 OK

4.8 kB

URL HTTP/2
www.worldwidehealth.com/css/dhtmlXTabbar.css
IP
172.67.159.227:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
4.8 kB (4810 bytes)
Hash
ca67ccf581f9ee97a20f8840dd72cbb4
e8c3002ea4719a125f2688102d8d962630ffd034
a91bfa019cdc89c916f643e344ffa95dee0509128a34384c2b7885a710214737

HTTP Headers

GET /css/dhtmlXTabbar.css HTTP/1.1
Host: www.worldwidehealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.worldwidehealth.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 08 Feb 2023 13:02:24 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Wed, 15 Feb 2023 13:02:24 GMT
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 08 Feb 2023 13:02:24 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lsq8K%2BSc9flmcjpBNS2CIKIxZWs1hIPshoCpJA9qGP5k4wDLaX4ZareMyz8Qe%2F%2BI%2BYA%2Fj%2BbKGpsZch7FU2SN5%2FPKt99SQEzQTRELXoz53uhOp6bsD8EvOAKLDWnvjNuBht4s0YpT921hCg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79648f388f230afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.worldwidehealth.com/wwh.css

172.67.159.227

200 OK

18 kB

URL HTTP/2
www.worldwidehealth.com/wwh.css
IP
172.67.159.227:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (418)
Size
18 kB (17667 bytes)
Hash
20fe2d409cdaa18b336fdf5b5eed56a5
905f3ac260fbf8861f43bef9c9d178be00e914fd
f4b3c44af4325445f8545ebfdaf39640077b1f34de898070f04cbf72f3fde69a

HTTP Headers

GET /wwh.css HTTP/1.1
Host: www.worldwidehealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.worldwidehealth.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 08 Feb 2023 13:02:24 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Wed, 15 Feb 2023 13:02:24 GMT
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 08 Feb 2023 13:02:24 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B5k4FX7UJMW%2BOYxs6Ib59vMOlGXfLzWLI6jpOKsYKkOciyEOesmFnEfggKGHVMrGD24mlXAfWEIcYMWN6N5AjCPNz7MC0buaT%2B0ijnxF4gcD92yDc8AEiJtAgxEDUu7sjg5QtQJbCiu%2F5A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79648f381eb10afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13160 bytes)
Hash
003fc35e140a75a12b7795c3986426ec
da002b22e2a01f48a545b369d4403eabb17a10d5
bb0754411aa7d0a5036b86b282d0e93d13227765ca9ccaf3a34e8e486cb413d1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13160
x-amzn-requestid: 34aa6dfe-7f14-48d0-89b2-90548621be79
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzVxSHh7IAMFjAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63de033b-49587fff75aebe96136137be;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 07:03:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qwSN-ztVJgRfu3bFIjYaVYV8Cnx77j1ugkRjqhRtRXdPju7AhEMg-A==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 05:30:12 GMT
age: 27133
etag: "da002b22e2a01f48a545b369d4403eabb17a10d5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F308abacb-8d5b-49bf-9e2b-59b6b40157cb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12772 bytes)
Hash
2bf626b824fefec1ecaceb9243f2e5ec
f222976d76d889a0cd767bfd73075ee114c531ce
3f981850c6e6628245be7f7e26418d8b945dbeaf45e06492d8e2ee9409245195

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F308abacb-8d5b-49bf-9e2b-59b6b40157cb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12772
x-amzn-requestid: a4603c5c-c842-4a1d-bf09-550f160e1082
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7OEz8oAMFbOg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c514-763b7ecf50411a4d13dd8a25;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ECAdRS7as57pL15HxK4Ep0YOho8Kba8RFhMVnXGdJuKYItQHNf2yHA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:53:57 GMT
age: 54508
etag: "f222976d76d889a0cd767bfd73075ee114c531ce"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.worldwidehealth.com/login.php?fail=ok

172.67.159.227

301 Moved Permanently

0 B

URL HTTP/1.1
www.worldwidehealth.com/login.php?fail=ok
IP
172.67.159.227:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /login.php?fail=ok HTTP/1.1
Host: www.worldwidehealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Wed, 08 Feb 2023 13:02:23 GMT
Content-Type: text/html; charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
cache-control: must-revalidate
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=74qn1ctc0sfo0vv7q9c7d772s7; path=/
Location: submit-article.php
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jd8fIxOktRpXoKlN929l1ZEmrFvRfrDwQofMrEcyolm174hKmU2kCNCPXwB%2Fd%2B8QxhUhURipIY2qNZ4ZOoUIcKsLu7XAomqBYbrCeTnIzmX98UEAgIekIMUr8pronWd7l7mCPkZwo%2FNsrg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79648f3108400b41-OSL
alt-svc: h2=":443"; ma=60

maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

104.18.11.207

200 OK

0 B

URL HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
IP
104.18.11.207:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bootstrap/3.3.7/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.worldwidehealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 08 Feb 2023 13:02:23 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-cachedat: 12/13/2021 20:18:53
cdn-edgestorageid: 755
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-proxyver: 1.02
cdn-requestid: 48135f30fbfcba704628453df5764d8f
cdn-cache: HIT
cf-cache-status: HIT
age: 21310828
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 79648f368ef6b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

104.18.11.207

200 OK

0 B

URL HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
IP
104.18.11.207:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bootstrap/3.3.7/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.worldwidehealth.com
Connection: keep-alive
Referer: http://www.worldwidehealth.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 08 Feb 2023 13:02:23 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"ec3bb52a00e176a7181d454dffaea219"
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-cachedat: 01/05/2023 13:19:14
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1082
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 0009a16df145cffa99ed1cb37329e4bb
cdn-cache: HIT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 79648f367ecfb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.worldwidehealth.com/css/facebox/facebox.css

172.67.159.227

200 OK

0 B

URL HTTP/2
www.worldwidehealth.com/css/facebox/facebox.css
IP
172.67.159.227:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css/facebox/facebox.css HTTP/1.1
Host: www.worldwidehealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.worldwidehealth.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 08 Feb 2023 13:02:24 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Wed, 15 Feb 2023 13:02:24 GMT
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 08 Feb 2023 13:02:24 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2p%2BcNP4goaY6tp14UMkU1FaxHHa7d%2F4r%2FclgH92Bcq3gIbZsnXwskbSjLoKxfL8SXCd04yo4dliMhlzBDb4lrbuRufn%2BTKmIbwWM37igZO2mc0Cj1Q2vUpTjNTk9gpaQVqwN4FbqAQtA6A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79648f381eb70afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.worldwidehealth.com/css/css.css

172.67.159.227

200 OK

0 B

URL HTTP/2
www.worldwidehealth.com/css/css.css
IP
172.67.159.227:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css/css.css HTTP/1.1
Host: www.worldwidehealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.worldwidehealth.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 08 Feb 2023 13:02:24 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Wed, 15 Feb 2023 13:02:24 GMT
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 08 Feb 2023 13:02:24 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UI7OglOLnkGbUbKiHuTHeCczIFHD4h9zdaf7%2Byowc59eG%2BHiz9WC7lMhRgL5RcOTjYg0kjG%2Be%2FGOE0AlQaZk6PPK5qEdJFGz7Dl1NVW77BUglHk7KSKeOxnIukOlCF%2BXWpx2tlJbWSp6hA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79648f384eda0afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.worldwidehealth.com/layout.css

172.67.159.227

200 OK

0 B

URL HTTP/2
www.worldwidehealth.com/layout.css
IP
172.67.159.227:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /layout.css HTTP/1.1
Host: www.worldwidehealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.worldwidehealth.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 08 Feb 2023 13:02:24 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Wed, 15 Feb 2023 13:02:24 GMT
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 08 Feb 2023 13:02:24 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xpxpkjej1L5Kmiw8nuDmUOgR1gZDBUrDAkVA%2FgiUOZVDAMZV9u4v1MbaH4LSr64vQzfj2kHA9JsUoePfnoi4eHJJsZssAQ9H0qAMhZbdItGkmuS5BpejVxaWYURGXdtt5JjNCrkMpOJOEw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79648f385efd0afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.worldwidehealth.com/featuredcontentglider.css

172.67.159.227

200 OK

0 B

URL HTTP/2
www.worldwidehealth.com/featuredcontentglider.css
IP
172.67.159.227:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /featuredcontentglider.css HTTP/1.1
Host: www.worldwidehealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.worldwidehealth.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 08 Feb 2023 13:02:24 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Wed, 15 Feb 2023 13:02:24 GMT
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 08 Feb 2023 13:02:24 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hiFJXUX9QEqe16bmpRZEdWFBoRlxYvfX%2BOT%2BIeLhv9vC1FitloSSFytZDKCAXqDblL6pxxn3kwdXKnV82NEGV8QJYc8pIBRWA0LzPaZq8wl7pFyJPk1ja9yixkPSm8%2F43R8vdAwG2o1F1w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79648f387f150afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (21)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML